Hi.
I need to perform several queries on radacct to make statistics about user
connection, duration and so on.
Since executing some queries can be time consuming it's not advisable that I
run them on the radius database, so I'm considering copying all or some
informations from radacct
Lorenzo Milesi wrote:
I need to perform several queries on radacct to make statistics about user
connection, duration and so on.
Since executing some queries can be time consuming it's not advisable that I
run them on the radius database, so I'm considering copying all or some
informations
Hi,
I try to use the DHCP virtual server. I`m using DEFAULT configuration.
After start of the Freeradius/DHCP server, i can see WARNING message in the
dhcp section.
Is it correct ?
radiusd -X
...
server dhcp { # from file /usr/local/etc/raddb/sites-enabled/dhcp
modules {
} # modules
} #
On Thu, Mar 29, 2012 at 4:29 PM, Peter Balsianok
peter.balsia...@orange.sk wrote:
Hi,
I try to use the DHCP virtual server. I`m using DEFAULT configuration.
After start of the Freeradius/DHCP server, i can see WARNING message in the
dhcp section.
Is it correct ?
Yes :)
Hi,
I am Ricardo and i am also having the same problem.
Is there any solution for this problem?
Best Regards
Ricardo
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Windows-7-prompting-several-times-tp5538046p5603214.html
Sent from the FreeRadius - User mailing list
Hi Ricardo,
I am still yet to find a solution, however I have sent logs to Microsoft as
they requested and they suggested that the problem was with the Cisco switch
asking for the credentials several times, rather than it being the Windows
supplicant, or freeradius being the problem.
Are you
Hi,
I'm fairly new to the topic but I got the assignment to find out if the fact
that the shared secrets for user logins are in plain-text could be a problem
security-wise.
Isn't there a way do encrypt them or make the password encryption more
secure? I've been researching for some hours now and
Hi,
I try to use the DHCP functionality of the Freeradius server. Server is
unable to parse somethink.
Could you please help me, thx.
*Configuration:*
1. interface eth1 net 192.168.0.1 mask 255.255.255.0
2. the newest version of freeradius ( from git )
3. configuration
*
sites-available/dhcp:*
Hi Andy,
and thanks for your early reply.
Our wireless infrastructure is 3com. When we noticed this issue, and to
discard the possibility of being a problem of the hardware, we tested with a
Linksys/cisco wireless access point and the issue persisted.
In order to understand the problem, we
On 29/03/12 11:46, Heilz wrote:
Hi,
I'm fairly new to the topic but I got the assignment to find out if the fact
that the shared secrets for user logins are in plain-text could be a problem
security-wise.
Do you really mean shared secrets? This is a term normally applied to
the RADIUS secret
Hi,
freeradius. Then we discovered that must be some kind of difference between
the messages exchanged between a windows supplicant and a freeradius server
and a windows supplicant and a windows server 2003 running the internet
authentication server, because in the first case, when the
Hello Everybody,
I have two questions for my understanding. I set up FreeRADIUS to authenticate
against our Active Directory. I read in the readme that this couldn´t be done
with the ldap module, so I did it with SAMBA. It works fine for MSCHAPv2. But
nowhere stands why it couldn't be done
Hi,
I have two questions for my understanding. I set up FreeRADIUS to
authenticate against our Active Directory. I read in the readme that this
couldn´t be done with the ldap module, so I did it with SAMBA. It works
fine for MSCHAPv2. But nowhere stands why it couldn’t be done
On 29/03/12 13:24, Heinrich, Sebastian wrote:
Hello Everybody,
I have two questions for my understanding. I set up FreeRADIUS to
authenticate against our Active Directory. I read in the readme that
this couldn´t be done with the ldap module, so I did it with SAMBA. It
works fine for MSCHAPv2.
Hi Alan,
thanks for your reply.
We are running freeradius 2.1.10, and therefore we need to update our radius
version that we will gladly do. Will this update solve the initial issue of
sometimes, a user needs to enter his credentials more than one time before
the server accepted them?
Best
Peter Balsianok wrote:
I try to use the DHCP functionality of the Freeradius server. Server is
unable to parse somethink.
Could you please help me, thx.
Read raddb/dictionary. You need to enable the DHCP dictionary.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Hi,
The second question isn't answered so that I could understand it. I created
the certificates as told in the readme in the subdirectory /etc/certs. When I
use Windows XP and uncheck the checkbox checking certificate it works. So
as I understand the certificate of the server isn't
Hi,
We are running freeradius 2.1.10, and therefore we need to update our radius
version that we will gladly do. Will this update solve the initial issue of
sometimes, a user needs to enter his credentials more than one time before
the server accepted them?
shrug I dont know your setup...i
Hi Alan,
thanks for your reply.
Until so far, seems like the update for the last version reduce the number
of occurrences of the problem which is that sometimes users in windows 7
entered their correct credentials, but that credentials doesn’t reached the
server, therefore the user was asked to
Hi again Alan.
For the record my authentication mechanism is Ldap and the EAP type is
EAP-PEAP with MSCHAP v2.
Best regards
Ricardo Cardoso
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Windows-7-prompting-several-times-tp5538046p5604237.html
Sent from the FreeRadius
Hello,
I have a propiertary radius client which I want to authenticate against
freeradius the following way:
- User types is username: directory\Administrator password:secret
- Freeradius authenticates against active directory.
This already works
- From the documentation
Hi Ricardo,
I will be very interested in your findings should you resolve this. I stopped
looking down the freeradius route for this particular problem as I found it was
also happening on a network that we authenticate using Microsoft IAS, but still
using Cisco hardware, therefore ruling out
Hi,
For the record my authentication mechanism is Ldap and the EAP type is
EAP-PEAP with MSCHAP v2.
okay , is 'peap' set as the default EAP type at top of eap.conf
(to remove a couple of packets...the NAK )
is your ldap auth in inner-tunnel protected from all EAP stuff going
on or do you
Hi Andi.
Can you tell me which version of freeradius on your server?
Here when I use Internet Authentication Server the problem occurs less times
than when a I used the obsolete version of freeradius. Now that i update my
freeradius to version 2.11.12 the problem occurrences apparently reduced.
Hello Alan,
Which authentication method? This matters a lot.
I configured it to use MSCHAPv2 (but they also support PAP, CHAP and
MSCHAPv1)
After authenticating to RADIUS, you may get another prompt if
the RADIUS server responded with a supported Access Challenge.
Thomas Glanzmann wrote:
Hello Alan,
Which authentication method? This matters a lot.
I configured it to use MSCHAPv2
So when I said it was impossible, what did you think that meant?
a) keep working on it
b) try something else
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Hello Alan,
MSCHAPv2
So when I said it was impossible, what did you think that meant?
a) keep working on it
b) try something else
your e-mail arrived after I did the 'progress'. Can you tell me for
which other authentication (pap, chap, mschapv1) methods it works?
Cheers,
Thomas
Thomas Glanzmann wrote:
your e-mail arrived after I did the 'progress'. Can you tell me for
which other authentication (pap, chap, mschapv1) methods it works?
PAP. And only PAP. And sometimes not even there.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Hello Alan,
your e-mail arrived after I did the 'progress'. Can you tell me for
which other authentication (pap, chap, mschapv1) methods it works?
I configured it to use pap, and I have now the same behaviour using pap,
mschapv1 and mschapv2. The client sends a 'Access Request' the server
Thomas Glanzmann wrote:
I configured it to use pap, and I have now the same behaviour using pap,
mschapv1 and mschapv2. The client sends a 'Access Request' the server
answers with a 'Access Challenge', I get a prompt, but no further
communication when I press OK.
See rlm_example for how to
Hi,
On 29.03.2012 14:07, Alan Buxey wrote:
well, configure your FreeRADIUS to send the 'your passwords was wrong, retry'
message.this is on by default in Windows servers as its Microsoft stuff.
[..]
oh, you'll need to be running FR 2.1.11 or higher
oh, good to know this. I just looked in
Many thanks, I will test it when available.
Thomas
Le 28/03/2012 17:15, Alan DeKok a écrit :
Thomas Fagart wrote:
Here's the debug output this happens specialy when we add a virtual
server as a fallback server.
OK... it looks like the proxy_reply doesn't exist. I'll push a patch.
Hello,
As we've got some bad ISPs or maybe because they use other radius than
freeradius :-), we would like, when their home server does not work
properly (bad response time or completely down), to continue
authenticating wimax users on our proxy. (So that users does not get
disconnected
On Fri, Mar 30, 2012 at 4:22 AM, Thomas Fagart tfag...@brozs.net wrote:
As I was not very familiar with MS-CHAP, I've google a little and it seems
to me that my goal (ie ms chapv2 welcome server without having user/passwd
of users) is not reachable as the home server MUST have users/passwd to
On Fri, Mar 30, 2012 at 7:26 AM, Fajar A. Nugraha l...@fajar.net wrote:
On Fri, Mar 30, 2012 at 4:22 AM, Thomas Fagart tfag...@brozs.net wrote:
As I was not very familiar with MS-CHAP, I've google a little and it seems
to me that my goal (ie ms chapv2 welcome server without having user/passwd
On Mon, Mar 26, 2012 at 6:03 AM, Mutheu mut...@lavabit.com wrote:
snip
pfsense/Monowall have 'reauthentication' feature and contrary to what many
people think, the user is only presented the login screen once and the NAS
'remembers' the infor and each minute, it resends the infor to
On Fri, Mar 30, 2012 at 6:54 AM, Timothy White timwhit...@gmail.com wrote:
Is it possible on the proxy server, to catch the challenge and
response when the normal server is running, store them, and then issue
the same challenge and same chap-success from the welcome server
when another request
37 matches
Mail list logo