On Fri, Jun 1, 2012 at 8:05 AM, Tim Raphael raphael.timo...@gmail.com wrote:
Thanks for your prompt replies.
I have checked the double checked my config files for both radius and mpd
(pppoe daemon).
client raph-firewall {
secret = 123456789
}
mpd.conf
pppoe_standard:
ajay shekhar wrote:
Does setting Service-Type AVP to Authorize-Only in a RADIUS REQUEST make
FreeRADIUS do only the authorization part?
No. You still need to set 'Auth-Type := Accept' in order to return an
Access-Accept.
I do not know much about of how freeRADIUS works, but I am looking to
-proxy-detail-%Y%m%d
- /var/log/freeradius/radacct/10.0.91.203/pre-proxy-detail-20120601
[pre_proxy_log]
/var/log/freeradius/radacct/%{Client-IP-Address}/pre-proxy-detail-%Y%m%d
expands to /var/log/freeradius/radacct/10.0.91.203/pre-proxy-detail-20120601
[pre_proxy_log] expand: %t - Fri Jun
fab junkmail wrote:
I have tried filtering out Proxy-State attribute for proxied CoA in
pre.proxy section but it does not seem to work for me. Debug mentions
the following which makes me think it is not using the DEFAULT section
of attrs.pre-proxy:
You can't filter out Proxy-State. It's
Alan DeKok al...@deployingradius.com writes:
fab junkmail wrote:
I have tried filtering out Proxy-State attribute for proxied CoA in
pre.proxy section but it does not seem to work for me. Debug mentions
the following which makes me think it is not using the DEFAULT section
of attrs.pre-proxy:
Bjørn Mork wrote:
Huh? The following works for us:
Hmm... OK. I learn something every day. :)
Well, that is on my todo-list for some rainy day. But I must admit that
it's easier to work around the problem than trying to break through the
support barrier...
Yeah. The benefit I have
Greetings list,
I am trying to configure PAM on my remote Linux servers to authenticate
via FreeRADIUS to Active Directory. I have followed the instructions at
http://deployingradius.com/documents/configuration/active_directory.html
to the letter and am able to successfully run radtest
Hi,
Simple question here :
I have an LDAP xlat query to populate the Ldap-Group attribute in order
to do crazy stuff with the group membership (out of scope to explain you
what kind of crazy stuff). The issue I have is that the query may
return multiple group membership lines.
update
-Oorspronkelijk bericht-
Van: freeradius-users-
bounces+p.kaagman=atlascollege...@lists.freeradius.org
[mailto:freeradius-users-
bounces+p.kaagman=atlascollege...@lists.freeradius.org] Namens Peter
Kaagman
Verzonden: donderdag 31 mei 2012 13:52
Aan:
Jonathan van der Wat wrote:
When attempting to ssh to the test box as an Active Directory user I
receive the following debug output:
rad_recv: Access-Request packet from host 172.16.132.140 port 32768,
id=12, length=95
User-Name = jonathanv
User-Password = \010\n\r\177INCORRECT
Francois Gaudreault wrote:
I have an LDAP xlat query to populate the Ldap-Group attribute
No.
You can't do that.
LDAP-Group is a *comparison* operator. It's meaning and behavior is
defined. It does LDAP queries to check group membership against the
string you return.
DO NOT use it
Alan,
I've been searching the lists for most of the day but haven't been able
to come right. What I've noticed recently is that if I add the user on
the test box with no password, and then try to sign on via ssh I see the
following in the radiusd debug output:
User-Password = /*mypassword*/
On 06/01/2012 09:08 AM, Peter Kaagman wrote:
But it seems to be a bumpy road and ran into yet another problem:
rlm_perl will not let me load modules.
I found reference to this problem on the list in December 2009 in
which Alan replied:
Looking at het examples on the Wiki it seems other
Jonathan van der Wat wrote:
Alan,
I've been searching the lists for most of the day but haven't been able
to come right. What I've noticed recently is that if I add the user on
the test box with no password, and then try to sign on via ssh I see the
following in the radiusd debug output:
On Thu, May 31, 2012 at 3:45 PM, Brian Julin bju...@clarku.edu wrote:
Kaya Saman wrote:
I will perform a wireshark and tcpdump packet capture this evening in
order to try to debug more clearly what is going on between the
devices however, in the mean time I was wondering if there was some
Hi,
Right now, the Ldap-Group will only contain the first group of the list.
(1) use a different attribute. Using LDAP-Group is wrong.
(2) the %{ldap:...} query returns a one-line string. You *cannot*
have it return more data. You *cannot* automatically create multiple
attributes
Kaya Saman
Sent: Friday, June 01, 2012 10:05 AM
To: FreeRadius users mailing list
Subject: Re: Cisco phones loosing connectivity with VMPS and IOS upgrade to
15.0(1)SE2
On Thu, May 31, 2012 at 3:45 PM, Brian Julin bju...@clarku.edu wrote:
Kaya Saman wrote:
I will perform a
One question relating to this is about the /etc/raddb/users file- It doesn't
seem to work as it's documented, If I have a group set to be rejected based
on its membership like this:
DEFAULT Group=disabled, Auth-Type:=Reject
radius doesn't even check for group membership. The only way it seems
g17jimmy wrote:
One question relating to this is about the /etc/raddb/users file- It doesn't
seem to work as it's documented,
Well... no.
If I have a group set to be rejected based
on its membership like this:
DEFAULT Group=disabled, Auth-Type:=Reject
radius doesn't even check for
Cool, thanks for pointing that out. My brain filtered out the '==', been
staring at this screen too long.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Radius-authentication-against-LDAP-question-tp5713463p5713505.html
Sent from the FreeRadius - User mailing list
Hi,
I'm trying to test FreeRADIUS on FreeBSD which is the easy part
however, I need a web ui and so Dialup Admin directly comes with the
port on FreeBSD.
Trying to get it running I am having difficulty with php it seems??
I get a green screen saying Dialup Admin and that's it. On the left
On Fri, Jun 01, 2012 at 04:58:20PM +0100, Kaya Saman wrote:
Hi,
I'm trying to test FreeRADIUS on FreeBSD which is the easy part
however, I need a web ui and so Dialup Admin directly comes with the
port on FreeBSD.
Trying to get it running I am having difficulty with php it seems??
On 2012-06-01 11:58 PM, Kaya Saman wrote:
Hi,
I'm trying to test FreeRADIUS on FreeBSD which is the easy part
however, I need a web ui and so Dialup Admin directly comes with the
port on FreeBSD.
Trying to get it running I am having difficulty with php it seems??
I get a green screen
Hi,
?php
$auth_user = $HTTP_SERVER_VARS[PHP_AUTH_USER];
if ($auth_user){
if (is_file(../html/buttons/$auth_user/buttons.html.php3))
include(../html/buttons/$auth_user/buttons.html.php3);
else{
if (is_file(../html/buttons/default/buttons.html.php3))
yes, that was the idea. It will be too much of a long story to explain why I
needed it to behave that way :)
Date: Thu, 31 May 2012 19:50:33 +0100
From: a.l.m.bu...@lboro.ac.uk
To: freeradius-users@lists.freeradius.org
Subject: Re: help on proxy
Hi,
1. If the server sends
W dniu 2012-05-31 13:16, Alan DeKok pisze:
Jarosław Kłopotek wrote:
I've got a problem with freeradius configuration:
I've to build a login to D-Link 3526 using FreeRadius Server
I've run freeradius -X my output is:
#v+
++[preprocess] returns ok
++[chap] returns noop
So... you've deleted
26 matches
Mail list logo
