I really appreciate your thoughts - it seems to me whatever I am admin or
root this surely cant be a normal output for debugging.
Does it seem likely that you would have to activate a root user level on a
mac to run a Radius server?
Have others had to do that that you know of?
Without root I
Hello, I have configured Freeradius2 with MySQL and also setup DaloRadius.
I am using it to authenticate PPPoE requests from a Pfsense firewall box.
I have set the shared secret for the Authentication side of things, however
I keep getting the following error:
Received Accounting-Request
Hi,
Starting - reading configuration files ...
including configuration file /private/etc/raddb/radiusd.conf
Unable to open file /private/etc/raddb/radiusd.conf: Permission denied
Errors reading /private/etc/raddb/radiusd.conf
sometimes its not permissions, but the code reading the
Hi,
Thanks, this is indeed interesting.
Cheers,
tamas
-Original Message-
From: freeradius-users-bounces+tamas.becz=ericsson@lists.freeradius.org
[mailto:freeradius-users-bounces+tamas.becz=ericsson@lists.freeradius.org]
On Behalf Of Arran Cudbard-Bell
Sent: Friday, August 12,
Hi Alan,
The values are taken from the SNMP MIBs for RADIUS. See doc/rfc/
Thanks, that'll do.
You don't need to restart the server to update clients. See
raddb/sites-available/dynamic-clients, and raddb/modules/dynamic_clients
I will, thanks for the pointer.
Wait a bit for 2.1.12.
I
Hi Alan, David
Looks like the type of quote used just might be the issue...
“password” is pretty in MS Word, but UNIX prefers password
Kind regards
Marius Pesé
Mindspring Computing
-Original Message-
From: freeradius-users-bounces+marius=mindspring.co...@lists.freeradius.org
On 15 Aug 2011, at 06:31, Doug Hardie wrote:
The root user in OS-X is not easily accessible. Its there, just like in
FreeBSD, but you can't login or su to it normally.
You can sudo to root... sudo -s to get a root shell.
-Arran
On 14 August 2011, at 20:11, Sallee, Stephen (Jake)
Łukasz Kostka wrote:
thx for your reply. any idea when 2.1.12 will be available ?
Hopefully before september.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Eugene Vihman wrote:
The problem persists with quoted username (it's Administrator in UTF-8
in russian and it looks correct in logs):
Does it work when you run that exact command from the command line?
The error being returned is coming from ntlm_auth. My guess is that
it's not UTF-8
Hi,
2 things doesn't fit. secret and FreeRADIUS-Client-Virtual-Server =
something
umm, yes, its an example to work from. you either use the default
static entries in update control - in which case you need to modify
the secret and server - after all, WE dont know what your NAS shared
secret
Jacob Dawson wrote:
So, according to the docs in proxy.conf and Arran's comment here, the regex
stuff should work fine…but in 2.1.11, we're not seeing that behavior. Right
now, requests are only getting proxied properly if it's an exact match on the
realm name ( realm hokies { or realm
Does it work when you run that exact command from the command line?
Yes. It returns NT_KEY.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
The problem persists with quoted username (it's Administrator in UTF-8
in russian and it looks correct in logs):
Does it work when you run that exact command from the command line?
The error being returned is coming from ntlm_auth. My guess is that
it's not UTF-8 compatible.
Peter Lambrechtsen wrote:
No arguments here with that... I'll have a read through the RFC's and
escalate to our hardware vendor.. But I don't like my chances :(
If they don't follow the RFCs, then all bets are off. Who the heck
are these people?
Is there any limit on the file size of the
Hi,
I am new to FreeRadius and trying to migrate from radiator to FreeRadius for
our broadband solution.
We are using SQL for subscriber aaa. As It'is stated in the documentation
radreply is expecting the return data in form of multiple rows per users
which each one includes one attribute, value
On Mon, Aug 15, 2011 at 9:35 PM, denizaydin deniz.ay...@turknet.net.tr wrote:
Hi,
I am new to FreeRadius and trying to migrate from radiator to FreeRadius for
our broadband solution.
We are using SQL for subscriber aaa. As It'is stated in the documentation
radreply is expecting the return
Just installed v 2.1.11 on a mac (OSX 6.3) . Freeradius is working with
clear text passwords and radtest. According to the wiki, I should be
able to authenticate local users accounts without changing anything on
the config. That's the way I understood it anyway. However, I am
getting
Raymond Norton wrote:
Just installed v 2.1.11 on a mac (OSX 6.3) . Freeradius is working with
clear text passwords and radtest. According to the wiki, I should be
able to authenticate local users accounts without changing anything on
the config.
No, it doesn't do that any more.
That's the
On Mac OS X Server, configure the opendirectory module.
Do you mean just enable the module? The module itself says:
# This module is only used when the server is running on the same
# system as OpenDirectory. The configuration of the module is hard-coded
# by Apple, and cannot
Raymond Norton wrote:
Do you mean just enable the module? The module itself says:
And then list it in the authorize section.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Adrian Hall wrote:
Where do I set the shared secret in freeradius2 config for the
accounting side?
By default, the client definitions are global across all socket types.
If you want to define different clients for auth/acct, see the
clients entry in the listen section.
Alan DeKok.
-
Thanks Alan Buxey and Marius Pesé - definite progress!!
Alan - I think you were right to include the around the
NAS-Prompt-User” it was not there in my version download from the internet
And you were both right about the type of quotation marks
“webvpn:user-vpn-group=SLRgroup1”
vs
Thanks Jake Sallee Hmmm … are you sure you are root? Despite
seeming to me unlikely you were right - (i still hate logging in as root but
it was necessary)
Thanks Arran Cudbard-Bell You can sudo to root... sudo -s to get a root
shell thanks for got that. From a bash prompt the
Is there any way to declare a time availability of NASs.such as a Login-Time
attribute for NASs? I'd like to globally control when (time of day, time of
week) all users can login through a certain wireless access point on my
802.1X network.
Thanks,
Eric
-
List info/subscribe/unsubscribe?
hi all,
how to setup url-redirect with cisco 3550? I tried it with:
EAP-MD5,cisco 3550,freeradius 2.1.11, but failed;
my users:
testuser Cleartext-Password := testuser
cisco-avpair = url-redirect=http://10.32.9.41;,
cisco-avpair += url-redirect-acl=redirect_acl
DavidS wrote:
/private/etc/raddb/users[220]: Parse error (check) for entry Service-Type:
Invalid octet string NAS-Prompt-User??? for attribute name
Errors reading /private/etc/raddb/users
/private/etc/raddb/modules/files[7]: Instantiation failed for module files
Does anyone happen to know if consumer-level Wi-Fi routers typically
transmit the NAS-IP-Address or NAS-Identifier (or maybe both) in the
Access-Request?
Would be great if there was a central place to look up the exact attributes
and formats vendors use.
Thanks, Eric
-
List
27 matches
Mail list logo