Re: FreeRADIUS as auth server for OpenVPN

2013-03-15 Thread bino
> Hi, > > Can anybody please advise tutorial/howto ar good documentation on how to > configure subj (FreeRADIUS as auth server for OpenVPN)? > http://blog.hongens.nl/guides/setting-up-openvpn-using-radius-on-freebsd/ -bino- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/use

Re: FreeRADIUS as auth server for OpenVPN

2013-03-15 Thread Deepti kulkarni
There is a pam plugin for openvpn - openvpn-auth-pam.so Deepti On Fri, Mar 15, 2013 at 4:17 PM, Dmitry Korzhevin < dmitry.korzhe...@stidia.com> wrote: > Hi, > > Can anybody please advise tutorial/howto ar good documentation on how to > configure subj (FreeRADIUS as auth server for OpenVPN)? > >

FreeRADIUS as auth server for OpenVPN

2013-03-15 Thread Dmitry Korzhevin
Hi, Can anybody please advise tutorial/howto ar good documentation on how to configure subj (FreeRADIUS as auth server for OpenVPN)? Freeradius server is already configured, i'm trying to configure openvpn to auth from freeradius. Should i use pam_radius (http://freeradius.org/pam_radius_au

Re: Proxy.conf realms

2013-03-15 Thread Matthew Ceroni
Well I found something that appears to work. I used the hints file. And it correctly stripped off the host/ and domain.local. However now I get the error [eap] Identity does not match User-Name, setting from EAP Identity [eap] Failed in handler On Fri, Mar 15, 2013 at 3:29 PM, Matthew Ceroni

Proxy.conf realms

2013-03-15 Thread Matthew Ceroni
When doing 802.1x authentication from a Windows computer it initially sends the request with the computer credentials. The username comes across as host/E4310-D7SZZN1.domain.local. I then query LDAP in authorize and do authentication against AD. In order to do both steps the username needs to be s

Question about radwho/radutmp dates

2013-03-15 Thread Sergio Belkin
Hi folks, How long time does radwho/radutmp store accounting information? Thanks in advance -- -- Sergio Belkin http://www.sergiobelkin.com Watch More TV http://sebelk.blogspot.com LPIC-2 Certified - http://www.lpi.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.

Re: What cert import to Windows Clients

2013-03-15 Thread Usuário do Sistema
> Add that to the suse files. Look for the script running "configure". > > > > > So is there any input for me whether after i upgrade using the rpm > > > that > > > i build my self, can i still using it with edir? As i saw somewhere > > > article that sa

Re: Freeradius-Users Digest, Vol 95, Issue 72

2013-03-15 Thread Bertrand Poulet
Le 15/03/2013 12:00, freeradius-users-requ...@lists.freeradius.org a écrit : > hi, > > add 'preprocess' to top of your authorize section in inner-tunnel ? > > alan > Thanks Alan, it works . Couldn't it be a default behavior ? I'm doing migration from FR 1.x and user-password had the syntax user-p

Re: How to use checkval

2013-03-15 Thread Danny Kurniawan
Update : It works like charm :) I removed the sql3lite and libpcap, and i can compile and install it just fine. And the Radius is works.. *well i haven't really testing it in PROD, but at least it can accept connecting and unlang. Thanks Alan, really2 appreciate that. Have a good weekend. Danny

Re: How to use checkval

2013-03-15 Thread Danny Kurniawan
Thanks Alan. Let me try that. PS : i will prepare a hammer too, but to bad the server is in US while i'm in Singapore :) If this not going to work, i will give up and ask to install brand new SLES 11 that support 2.1.1. Thanks Danny On Fri, Mar 15, 2013 at 9:49 PM, Alan DeKok wrote: > Danny Ku

Re: How to use checkval

2013-03-15 Thread Alan DeKok
Danny Kurniawan wrote: > I already tried install / compile but a lot of dependencies i cant find > it at the DVD / ISO and also from Novell repo i could not find it too. $ grep pcap suse/* suse/freeradius.spec:BuildRequires: libpcap-devel Edit that file, and delete the line. FreeRADIUS doesn't

Re: Add LDAP groups as extra attributes

2013-03-15 Thread Arran Cudbard-Bell
On 15 Mar 2013, at 08:43, Robin Helgelin wrote: > On 14 mar 2013, at 18:44, Arran Cudbard-Bell wrote: >> >> That'd be the LDAP-UserDN attribute… > > I know, but that attribute isn't presented to the python function call. Is > there another way such as an environmental variable or just "please

Re: How to use checkval

2013-03-15 Thread Fajar A. Nugraha
On Fri, Mar 15, 2013 at 8:47 PM, Danny Kurniawan < danny.kurnia...@fairchildsemi.com> wrote: > Hi Alan, > > I'm trying it now, compile from source and generated rpm. But now i stuck > at 2 dependencies. Hmm, can you show me how to build and install from > source? Any link? Isn't that still need de

Re: ldap connection status

2013-03-15 Thread Olivier Beytrison
On 15.03.2013 12:08, Chitrang Srivastava wrote: > Hi, > > I want to do something like this in *authorize* section > ldap { fail = return } if(fail) { files_local } else { files } something like that should work. The ldap module will fail if the servers are unreachable. Olivier -- O

Re: Add LDAP groups as extra attributes

2013-03-15 Thread Robin Helgelin
On 14 mar 2013, at 18:44, Arran Cudbard-Bell wrote: > > That'd be the LDAP-UserDN attribute… I know, but that attribute isn't presented to the python function call. Is there another way such as an environmental variable or just "please update the source"? :) regards, Robin - List info/subscri

Re: ldap connection status

2013-03-15 Thread Yann Fouillat
Hi, I think you should take a look at this : http://wiki.freeradius.org/config/Fail%20over - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: How to use checkval

2013-03-15 Thread Danny Kurniawan
Hi All, i just wanted to know, is there anyway i can still use 1.1.7 and have the ability to check empty Calling-Station-Id? It can used any method as long it worked. I already tried install / compile but a lot of dependencies i cant find it at the DVD / ISO and also from Novell repo i could not

Re: How to use checkval

2013-03-15 Thread Danny Kurniawan
Hi Alan, I'm trying it now, compile from source and generated rpm. But now i stuck at 2 dependencies. Hmm, can you show me how to build and install from source? Any link? Isn't that still need dependencies? libpcap-devel is needed by freeradius-server-2.2.0-0.x86_64 sqlite3-devel is needed by fre

Re: errors when check with huntgroup

2013-03-15 Thread A . L . M . Buxey
hi, add 'preprocess' to top of your authorize section in inner-tunnel ? alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: How to use checkval

2013-03-15 Thread Alan Buxey
Do you need RPM? Can you not just build and install from the source? alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: errors when check with huntgroup

2013-03-15 Thread Bertrand Poulet
Hi, > Subject: Re: errors when check with huntgroup > > > hi, > > you've edited a whole lot of stuff out of your debug log...including > the stuff which actually matters where the failure actually occurs > (you just kept the part where the end result was recorded). > > alan > Below the full outpu