During debug session (radiusd -X) beside other things i can see this:
DHCP-Parameter-Request-List = DHCP-Subnet-Mask
DHCP-Parameter-Request-List = DHCP-Router-Address
DHCP-Parameter-Request-List = DHCP-NTP-Servers
DHCP-Parameter-Request-List = DHCP-Domain-Name-Server
On 19/02/13 06:53, Russell Mike wrote:
Hi Phil Moby,
I am also interested in this solution since experiencing the same
problem. I liked the solution no1.
But I have no idea where I can get that script but I can modify if I
have one.
It's a pretty simple script. Depending on your SQL
On 19/02/13 09:11, Muhammad Nadeem wrote:
Hi, everybody
I have used pre-shipped certificates of Freeradius for testing
purpose. This testing was succeed with a test user 'bob', with files
authentication.
Now in the next step I wanna authenticate a user from my Database with
Digital certificates.
On Tue, Feb 19, 2013 at 10:23 AM, Russell Mike radius@gmail.com wrote:
On Monday, February 18, 2013, Mobin Yazarlou wrote:
On Mon, Feb 18, 2013 at 9:50 PM, Phil Mayers p.may...@imperial.ac.ukwrote:
On 18/02/13 18:02, Mobin Yazarlou wrote:
Hi,
I am using freeradius v2.1.12 with
On Tue, Feb 19, 2013 at 11:08 AM, Phil Mayers p.may...@imperial.ac.ukwrote:
On 19/02/13 06:53, Russell Mike wrote:
Hi Phil Moby,
I am also interested in this solution since experiencing the same
problem. I liked the solution no1.
But I have no idea where I can get that script but I can
On Tue, Feb 19, 2013 at 11:23 AM, Mobin Yazarlou yazarlo...@gmail.comwrote:
On Tue, Feb 19, 2013 at 10:23 AM, Russell Mike radius@gmail.comwrote:
On Monday, February 18, 2013, Mobin Yazarlou wrote:
On Mon, Feb 18, 2013 at 9:50 PM, Phil Mayers p.may...@imperial.ac.ukwrote:
On
On 19/02/13 11:23, Mobin Yazarlou wrote:
Hi Mike,
Now it is an hour that I am looking for a built-in solution or a
ready-to-use script. The only thing I found was Idle-Timeout
http://freeradius.org/rfc/rfc2865.html#Idle-Timeout attribute. This
problem could be solved if RADIUS was responsible
On Tue, Feb 19, 2013 at 2:38 PM, Phil Mayers p.may...@imperial.ac.ukwrote:
On 19/02/13 06:53, Russell Mike wrote:
Hi Phil Moby,
I am also interested in this solution since experiencing the same
problem. I liked the solution no1.
But I have no idea where I can get that script but I can
On Tue, Feb 19, 2013 at 4:31 PM, Phil Mayers p.may...@imperial.ac.ukwrote:
On 19/02/13 11:23, Mobin Yazarlou wrote:
Hi Mike,
Now it is an hour that I am looking for a built-in solution or a
ready-to-use script. The only thing I found was Idle-Timeout
Mobin Yazarlou wrote:
The more I read about this, the more complicated it gets!
It's because UDP packets can be lost, and you can't realistically get
information out of the NAS. The result is that any solution ends up
being complicated, and patchy.
I also found that sometimes removing the
Igor Smitran wrote:
...
But, when i call exec script (phh for example) this array only contains
last key:
DHCP-Parameter-Request-List = DHCP-TFTP-Server-Name
It is logical that those values will be overwritten but...
Is there a way to work around this problem?
Use +=, not =
Alan
On 19/02/13 14:16, Muhammad Nadeem wrote:
[eap] EAP NAK
[eap] NAK asked for bad type 0
You've mis-configured the client. Go back and look at it again.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 19/02/13 13:28, Mobin Yazarlou wrote:
The more I read about this, the more complicated it gets!
It's quite simple in principle.
Dear Phil, the first and third solutions you provided will work great
but their implementation is not that easy. As you said above, following
the first
Johnson, Jeffrey wrote:
rlm_ldap: performing search in dc=cphc,dc=local, with filter
(sAMAccountName=jpjohnson)
rlm_ldap: ldap_search() failed: Operations error
Read the ldap module configuration. Look for operations error
Alan DeKok.
-
List info/subscribe/unsubscribe? See
On 02/19/2013 09:16 AM, Muhammad Nadeem wrote:
On 2/19/13, Phil Mayers p.may...@imperial.ac.uk wrote:
On 19/02/13 09:11, Muhammad Nadeem wrote:
Hi, everybody
I have used pre-shipped certificates of Freeradius for testing
purpose. This testing was succeed with a test user 'bob', with files
Maxim S. Denisov wrote:
Thank you for your reply. There are many NASes in many regions and
translation rules for them are different, I wanted make translation
configuration using my ERP interface. Using files for this I will have to
manage NAS configuration in two places and have a huge
Muhammad Nadeem wrote:
I suucceed to authenticate the users from a database.
But when i setup the same setup on another machine, I was failed :(
The following output is the debug output of the freeradius server. (I
think EAP NAK,, is creating problems).
Yes. Read the debug output.
[eap]
On 02/19/2013 03:41 PM, Alan DeKok wrote:
Use +=, not =
Alan DeKok.
Request from client is this:
DHCP-Parameter-Request-List = DHCP-Subnet-Mask
DHCP-Parameter-Request-List = DHCP-Router-Address
DHCP-Parameter-Request-List = DHCP-NTP-Servers
Freeradius puts everything into
Igor Smitran wrote:
Freeradius puts everything into ENV.
For running external scripts.
Because of the same key only last
value is used, other ones are overwritten.
So, ENV in this example will have only this:
Yes. So don't run a script. Use the policies in the server. Or the
Perl
On 19/02/13 16:09, Russell Mike wrote:
*A.) *Enable interim accounting
Yes
*B.)* Enable
post-auth {
update reply {
Acct-Interim-Interval = 900
}
}
Yes
C.) *You Said:* You also need to ensure the
accounting_update_query{,___alt} are configured in your sql.conf; this
is the
David Peterson wrote:
I can’t figure out where I went wrong. The auth never gets to the
inner-tunnel.
David
root@hafreeradius1://usr/local/etc/raddb# radiusd -Xxx
PLEASE use radiusd -X. The extra information with -Xxx isn't
necessary.
rad_recv: Access-Request packet from host
Adam Moffett wrote:
What I'd like to do is actually ignore the username and password they're
sedning and instead match a vendor specific attribute called
DAN-CPE-MAC-ADDRESS.
Sure. Edit the files configuration, and change the key field to
DAN-CPE-MAC-ADDRESS.
Then, use the MAC address as
On Tue, Feb 19, 2013 at 5:28 PM, Phil Mayers p.may...@imperial.ac.ukwrote:
On 19/02/13 16:09, Russell Mike wrote:
*A.) *Enable interim accounting
Yes
*B.)* Enable
post-auth {
update reply {
Acct-Interim-Interval = 900
}
}
Yes
C.) *You Said:* You also need to
Thank you guys. I've learned many useful tips in the last comments.
Now I know the idea of comparing online users in RADIUS and NAS can be a
good solution but since I use two different NAS types on my network, and I
am almost sure both of them don't have standard API to allow other apps
read
Ahh sure... the issue was that the IP address I needed to use was a secondary.
I put the listener on the IP address but got this:
Tue Feb 19 14:54:23 2013 : Info: [ttls] Authenticate
Tue Feb 19 14:54:23 2013 : Info: [ttls] processing EAP-TLS
Tue Feb 19 14:54:23 2013 : Info: [ttls] Received TLS
I have a wireless system that can talk to RADIUS to control access for
the wireless stations. The AP is a NAS and the stations can be
programmed with a username and password. The idea is you reply with
VSA's that set up QoS policies for the clients. This is all working
fine and dandy.
Sure. Edit the files configuration, and change the key field to
DAN-CPE-MAC-ADDRESS.
Awesome.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
David Peterson wrote:
Ahh sure... the issue was that the IP address I needed to use was a
secondary.
I put the listener on the IP address but got this:
Tue Feb 19 14:54:23 2013 : Info: [ttls] Authenticate
Tue Feb 19 14:54:23 2013 : Info: [ttls] processing EAP-TLS
Tue Feb 19 14:54:23
Alan,
We had tried with latest build, now it sends Access-Challenge and there is a
segmentation fault.
Please find debug log for the latest ones as below.
Sun Aug 19 02:26:20 2012 : Info: radiusd: FreeRADIUS Version 2.2.1, for host
x86_64-unknown-linux-gnu, built on Feb 19 2013 at 01:22:31
Hi every body,,
I have fallen into a serious trouble :(
I have configured a proxy server, that is proxying all incoming
requests to two backend servers. in 'proxy.conf' i have configured
'type=client-balance' so that it can work with EAP.
Now i wanna do load testing of this configuration with
30 matches
Mail list logo