Personally i want freeradius just to work with IPhones or other devices.
But the debug mode doesnt show any try to connect to LDAP.
rad_recv: Access-Request packet from host 10.119.12.2 port 1313, id=19,
length=197
Message-Authenticator = 0xb75eef411ae5dd032df4d51d75b5174e
Service-Type =
On Tue, Sep 11, 2012 at 1:30 PM, Mihajlo Joksimovic
mihajlo.joksimo...@adfinis-sygroup.ch wrote:
Personally i want freeradius just to work with IPhones or other devices.
It should. If you don't break the configuration
But the debug mode doesnt show any try to connect to LDAP.
Have you
well i cannot update the installation because its an univention
installation.
i activated the sections in inner-tunnel like that. and radlogin will
connect properly to ldap. when someone wants to connect via access
point, it is not possible...
authorize {
...
#
# The ldap module
On Tue, Sep 11, 2012 at 2:13 PM, Mihajlo Joksimovic
mihajlo.joksimo...@adfinis-sygroup.ch wrote:
well i cannot update the installation because its an univention
installation.
Then ask them for help.
i activated the sections in inner-tunnel like that.
(sigh)
had you provided full debug log,
On Tue, Sep 11, 2012 at 3:29 PM, Mihajlo Joksimovic
mihajlo.joksimo...@adfinis-sygroup.ch wrote:
Well i started with a fresh installation and made minimal changes.
i put in the ap's in clients.conf, activated and configured ldap and copied
the certs in the correct direction.
that's a start
Mihajlo Joksimovic wrote:
Well its no univention package, its only from the univention repo. they
dont like other repos in their system.
Please edit your posts to delete unnecessary text.
ill post two more things. the output from start with -X and the
inner-tunnel.
Please do NOT post
Yes i have.
Here are the two different logs, one from radlogin on the server and the
the second from an iphone who wants to connect.
RADLOGIN:
rad_recv: Access-Request packet from host 127.0.0.1 port 46391, id=99,
length=71
Service-Type = Login-User
User-Name = Administrator
Mihajlo Joksimovic wrote:
Yes i have.
Here are the two different logs, one from radlogin on the server and the
the second from an iphone who wants to connect.
1) Learn how to edit your messages.
2) READ THE MESSAGES YOU POST
The answer to your problem is in the message you posted.
On Tue, Sep 11, 2012 at 3:54 PM, Mihajlo Joksimovic
mihajlo.joksimo...@adfinis-sygroup.ch wrote:
IPhone test:
rad_recv: Access-Request packet from host 10.119.12.2 port 1318, id=21,
length=197
Message-Authenticator = 0x24691ccd1f2040d828405d72ef7189ec
Service-Type = Framed-User
Fajar A. Nugraha wrote:
... and seriously, upgrade. There are many known bugs fixed since
2.0.x. And if you can edit the configuration freely by hand, you
should be able to upgrade.
He's also doing freeradius consulting for $$.
a) be competent at the job you get paid for
b) pay someone
I rolled and deployed an RPM of FreeRADIUS 2.2.0. As expected for RPM
packages, it left a number of *.rpmnew files in /etc/raddb.
Trouble is, FreeRADIUS reads these files as live configs and was unable
to start after the upgrade, until I had manually intervened and deleted
the .rpmnew files.
Jonathan Gazeley jonathan.gaze...@bristol.ac.uk wrote:
I rolled and deployed an RPM of FreeRADIUS 2.2.0. As expected for RPM
packages, it left a number of *.rpmnew files in /etc/raddb.
Trouble is, FreeRADIUS reads these files as live configs and was unable
to start after the upgrade, until I
Jonathan Gazeley wrote:
It seems to me that the broken behaviour is not with RPM but with
FreeRADIUS. Can the regular expression that includes config files and
modules be tweaked to exclude *.rpmnew files?
As always, patches are welcome.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
On 11/09/12 12:16, Phil Mayers wrote:
Change the modules directory to a locally-managed one:
$INCLUDE modules-active/
...and symlink from there to the files in the rpm-managed directory, or edit
locally as needed.
(In more length now that I'm back at my desk)
This approach of a separate
Using freeradius 2.1.8
The environment I am working in requires some users to be able to
authenticate from multiple ip address and others from only one. How
is this accomplished using the MySQL tables?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Tue, Sep 11, 2012 at 7:42 PM, Mihajlo Joksimovic
mihajlo.joksimo...@adfinis-sygroup.ch wrote:
No there are no other lines before that one.
I cannot update, because univention ucs2.4 is based on lenny and FR 2.2
depends on newer packets from squeeze.
Well, lenny is no longer supported.
-Original Message-
On 11/09/12 12:16, Phil Mayers wrote:
This approach of a separate available/enabled modules dir is the default
approach in the MASTER branch (to be 3.x)
Would redhat packaging policy allow the package scripts to instead
create e.g. modules.rpmnew/ and stuff its
On 09/10/2012 11:47 PM, Jennifer Mehl wrote:
Here is the output of freeradius -X showing part of the file being read but
then ignored?:
It doesn't look to me like it's ignoring it, which in any event the
server doesn't do. It looks like it's just a different file. It's not
just the
Hi,
I am playing with EAP-SIM on 2.2.0, but I am facing an issue I cannot
even understand :S Not because I don't want to, but the error messages
are not talking much.
I did compute SRES/Kc for my SIM, but after the third triplet, I just have:
rlm_perl: Added pair EAP-Sim-Rand3 =
I can authenticated successfully using a test user and the NAS but i check
on the logs and the scripts below keep re-appearing even when there is no
attempt on logging to the NAS.
rad_recv: Access-Request packet from host 10.250.0.7 port 43677, id=185,
length=70
NAS-IP-Address =
On 09/11/2012 04:37 PM, Brian Julin wrote:
-Original Message-
On 11/09/12 12:16, Phil Mayers wrote:
This approach of a separate available/enabled modules dir is the default
approach in the MASTER branch (to be 3.x)
Would redhat packaging policy allow the package scripts to instead
On 09/11/2012 07:49 PM, Francois Gaudreault wrote:
Hi,
I am playing with EAP-SIM on 2.2.0, but I am facing an issue I cannot
even understand :S Not because I don't want to, but the error messages
are not talking much.
I did compute SRES/Kc for my SIM, but after the third triplet, I just have:
Hi,
On 2012-09-11 4:05 PM, Phil Mayers wrote:
On 09/11/2012 07:49 PM, Francois Gaudreault wrote:
Hi,
I am playing with EAP-SIM on 2.2.0, but I am facing an issue I cannot
even understand :S Not because I don't want to, but the error messages
are not talking much.
I did compute SRES/Kc for
Hello,
I'm using replicate to proxy my authorization and accounting requests
to a server. I'm curious if it's possible to add some of the auth
reply attributes to the auth proxy before I send it over. That way
the proxied auth has both the request and the reply.
Thanks
-
List
24 matches
Mail list logo