jan.gnep...@t-systems.com wrote:
Cisco Nexus with NXOS Version older than 4.2 (4.0 and 4.1) don´t like
the entry Vendor-Specific = 9.
What does that mean?
It seems that freeradius add this automatically if it´s not within the
config.
No. FreeRADIUS adds almost nothing automatically.
Thanks you Alexander for the reply. Yes I had all the configuration done for
the modules and they worked fine independently.
For using multiple modules, in users file I was trying to do
DEFAULT Auth-Type := Perl
Auth-Type := EAP
Which was giving me error because I
I have and EAP-TLS with rlm_perl scenario where I am authenticating users
with their certificate and then use a perl script to do other checks from
database.
My perl script is trying to access the TLS-client* and TLS-cert*
attributes(by enabling run time TLS variable in sites-available/default)
Hi Arran,
I think i have managed to make the datacounter working. It may not be
the best counter but it is the best i have ever done in freeradius.
Below posted is the configs :
Post-Auth {
sql
# Unlang Data-Counter. Sends Mikrotik-Recv-Limit to NAS
update control {
Mrinal K wrote:
The statement does not give any output and just gets bypassed in the
debug output. However if I change the right hand side with a string, it
gets printed in the debug.
Is there any problem with accessing variables in my implementation ?
Trimmed output from radiusd -X
Hi Allen,
Thank you for the reply. I have 2.1.10 which I believe does support it.
-Mrinal
On Tue, Aug 9, 2011 at 8:59 AM, Alan DeKok al...@deployingradius.comwrote:
Mrinal K wrote:
The statement does not give any output and just gets bypassed in the
debug output. However if I change the
Cisco Nexus with NXOS Version older than 4.2 (4.0 and 4.1) don?t like
the entry Vendor-Specific = 9.
What does that mean?
It seems that freeradius add this automatically if it?s not within the
config.
No. FreeRADIUS adds almost nothing automatically.
But, when i put it in the
Hi
In FreeRadius 2.1.11, we have created a module name ws which authenticate
and authorize the user request through the web-service call, exposed as a
WSDL.
In the successful scenario when both Radius server and web service are up,
we are able to authenticate and authorize the user request and
I've set up latest version of FreeRadius from source on Ubuntu, and I cannot
get EAP-TLS and PEAP to work when the option Validate server certificate
is on. We're using Windows CA to be able to auth users on the domain. I saw
this old article
I believe you need to install the server cert and any intermediate certs on the
client before the validate server cert option will work.
Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor
900 College St.
Belton, Texas
76513
Fone: 254-295-4658
Phax: 254-295-4221
Windows clients are on the domain, so the user cert and the CA are added by
default when you join the machine to the domain
On Tue, Aug 9, 2011 at 18:29, Sallee, Stephen (Jake)
jake.sal...@umhb.eduwrote:
I believe you need to install the server cert and any intermediate certs
on the client
Windows clients are on the domain, so the user cert and the CA are added by
default when you join the machine to the domain
That is true so long as you are using a self-signed cert assigned by your
enterprise CA. We had this same issue and we had to manually import the cert
to get it to
They are, it's part of our default domain policy.
On Tue, Aug 9, 2011 at 20:29, Sallee, Stephen (Jake)
jake.sal...@umhb.eduwrote:
Windows clients are on the domain, so the user cert and the CA are
added by default when you join the machine to the domain
That is true so long as you are
Moe, John j...@hatch.com.au wrote:
3) How much/what options do I need to configure in the ldap module
config? I've configured server, basedn, filter, groupname_attribute,
groupmembership_filter and groupmembership_attribute, but all I get
is Operations error. If I add identity and
Ankur G anku...@globallogic.com wrote:
But If the exposed web-service is down, Radius server simply reject the
authentication request with the response message as Access_Rejected.
We want Radius server instead of rejecting, simply discard the
authentication request which will allow the
Mrinal K wrote:
Thank you for the reply. I have 2.1.10 which I believe does support it.
Well, the examples in raddb/sites-available/default work. I don't
know what you're doing differently
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
jan.gnep...@t-systems.com wrote:
test Auth-Type := Pap, Huntgroup-Name == nexus, MD5-Password :=
098f6bcd4621d373cade4e832627b4f6
Login-Service = Telnet,
Vendor-Specific = Cisco,
What the HECK is that last line? Why is it there? What do you think
it's doing?
*Nothing*
Moe, John j...@hatch.com.au wrote:
So I've gone back to FR's LDAP module and thought I'd give ldap_debug a
try,
despite the warning. Surprisingly, it spit out one extra line in my debug:
rlm_ldap: performing search in dc=my,dc=domain,dc=name, with filter
(sAMAccountName=username)
Ankur G wrote:
We want Radius server instead of rejecting, simply discard the
authentication request which will allow the RADIUS *client* to failover
to another RADIUS server.
Read raddb/policy.conf. Look for do not respond
Alan DeKok.
-
List info/subscribe/unsubscribe? See
My last try make the job!
Thanks to all.
El mar, 09-08-2011 a las 07:47 +0200, aceror escribió:
Thank you, at the end I use this
A small note if you really want to do this: in 2.0, this will only
match for the exact address 0.0.0.0, and not for all IP addresses
anymore, like it does in
20 matches
Mail list logo