On 19 Apr 2013, at 18:25, Mehdi Ravanbakhsh wrote:
> Dear Aran
>
> i use it but i get somthing like " 0x01d05f68bae38dd2c96c5ede1b62a15efc"
>
> I need password that user input in connection... what is that parameter ?
You can't retrieve the Clear-Text password from a CHAP-Password attribute
Dear Aran
i use it but i get somthing like " 0x01d05f68bae38dd2c96c5ede1b62a15efc"
I need password that user input in connection... what is that parameter ?
Best regards
On 4/20/13, Mehdi Ravanbakhsh wrote:
> many thanks aran
>
> On 4/20/13, Arran Cudbard-Bell wrote:
>>
>> On 19 Apr 2013,
many thanks aran
On 4/20/13, Arran Cudbard-Bell wrote:
>
> On 19 Apr 2013, at 16:30, Mehdi Ravanbakhsh wrote:
>
>> Hi All
>>
>> how i can access chap password in site-available ?
>>
>> i use %{%{User-Password}:- Chap-Password} but if user use chap for
>> AUTH i just get "Chap-Password" .
>
> *
On 19 Apr 2013, at 16:30, Mehdi Ravanbakhsh wrote:
> Hi All
>
> how i can access chap password in site-available ?
>
> i use %{%{User-Password}:- Chap-Password} but if user use chap for
> AUTH i just get "Chap-Password" .
*sigh*
%{%{User-Password}:-%{Chap-Password}}
Arran Cudbard-Bell
F
Hi All
how i can access chap password in site-available ?
i use %{%{User-Password}:- Chap-Password} but if user use chap for
AUTH i just get "Chap-Password" .
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi All
how i can access chap password in site-available ?
i use %{%{User-Password}:- Chap-Password} but if user use chap for
AUTH i just get "Chap-Password" .
Best regards.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Fri, Apr 19, 2013 at 10:42:04PM +0530, Chitrang Srivastava wrote:
> Ok I will try that out, ntlm_auth module is already configured and works
> for radtest and wifi.
In the mschap/eap modules using mschap keys.
> So ntlm_auth with captive portal , is that the way to go , as told by you
> ? All
Beltramini Francesco wrote:
> Ok I see what you mean.
> However, in my first mail I've also specified that:
>
> openssl x509 -in beltraminif.cer -noout -ocspid -ocsp_uri
> returns
> http://crl.ema.europa.eu/ocsp (which is the correct url)
>
> Do you know what kind of parsing is radius asking
Ok I will try that out, ntlm_auth module is already configured and works
for radtest and wifi.
So ntlm_auth with captive portal , is that the way to go , as told by you
? All other captive portal portal server we have to do like that ?
On Fri, Apr 19, 2013 at 9:56 PM, Matthew Newton wrote:
> O
On Fri, Apr 19, 2013 at 08:59:57PM +0530, Chitrang Srivastava wrote:
> I am using Microsoft 2003 Active Directory Server , the way wifi (MSCHAPv2)
> works is with ntlm_auth , which does the authentication.
OK, finally the information that's needed.
> The way it works with wifi or radtest is , Aut
Thanks a lot guys!
Both methods work. Finally I used the regex in the Authorize section.
Best regards.
Andrés
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I am using Microsoft 2003 Active Directory Server , the way wifi (MSCHAPv2)
works is with ntlm_auth , which does the authentication.
- your LDAP module isn't setting Auth-Type for some reason
This is happening because of
http://lists.freeradius.org/pipermail/freeradius-users/2008-May/027962.html
Ok I see what you mean.
However, in my first mail I've also specified that:
openssl x509 -in beltraminif.cer -noout -ocspid -ocsp_uri
returns
http://crl.ema.europa.eu/ocsp (which is the correct url)
Do you know what kind of parsing is radius asking to openssl ?
Thanks,
Francesco Beltrami
On 19 Apr 2013, at 10:14, "Lakshmi Narayana Baliah"
wrote:
> Hi All,
>
> I want to configure the free radius to connect remote machine(where
> database installed).
> Getting below error.
>
> rlm_sql (sql): starting 0
> rlm_sql (sql): Attempting to connect rlm_sql_oracle #0
> rlm_sql_oracle:
Hello,
I'm translating a flat file configuration into a MySQL configuration,
but I have some difficulties with huntgroups.
An example of what I have in my flat file :
21 example@domain>⋅⋅⋅>⋅⋅⋅Cleartext-Password := "password"
22 >⋅⋅⋅>⋅⋅⋅>⋅⋅⋅Service-Type = Framed-User,
Hi All,
I want to configure the free radius to connect remote machine(where
database installed).
Getting below error.
rlm_sql (sql): starting 0
rlm_sql (sql): Attempting to connect rlm_sql_oracle #0
rlm_sql_oracle: Couldn't init Oracle OCI environment (OCIEnvCreate())
rlm_sql (sql): Failed to co
On Fri, Apr 19, 2013 at 06:15:09PM +0530, Chitrang Srivastava wrote:
> tried what Matthew suggest , in authorize section and it worked. Whole
> issue is captive portal is sending a non-EAP message with User-Password set
> , in this case we have to set auth type as ldap.
It's obvious from your deb
LDAP server or AD , has password stored as NTLM-Hash, and that's why I set
PEAP-MSCHAPv2 as auth type (finally using ntlm_auth to authenticate), All
this works fine when a wifi acces point is configured to do MSCHAPv2 or
even with radtest it worked.
Only when access point is open and captive portal
Chitrang Srivastava wrote:
> After that it started working i.e. auth by binding to the ldap server
So... the LDAP server is probably active directory. Or, there are
security settings on it which means FreeRADIUS can't read the password
from LDAP.
Which one is it?
> But my question is auth
Beltramini Francesco wrote:
> Alan: does the change log refer to certificates without the proper extensions
> defined ? Because my situation is slightly different, the clients present a
> certificate that does contain the OCSP properties.
See the debug log. OpenSSL doesn't think so. It was
On 19.04.2013 10:35, pramod kulkarni wrote:
> Thanks for the reply.
>
> I am new to FreeRadius and doing analysis on how to remove The
> "identity" and "password" attributes of LDAP module in
> radiusd.config and still be able to authenticate and authorize LDAP users.
Is that really an issue for
Thanks for the reply.
I am new to FreeRadius and doing analysis on how to remove The "identity"
and "password" attributes of LDAP module in radiusd.config and still be
able to authenticate and authorize LDAP users.
Is there any other option/configuration to avoid usernames and plain
text password
Thanks for your feedback.
I don't think either that the override_cert_url = no works properly since the
ocsp extension in the client certificate is not parsed anyway.
Alan: does the change log refer to certificates without the proper extensions
defined ? Because my situation is slightly differe
On Thu, 2013-04-18 at 16:54 +0100, Nick Lowe wrote:
> Agreed, the main concern for me would be leakage via wireless.
>
> I see the main purpose of identity privacy with PKI EAPs being to
> protect the identity from being trivially snooped by an outsider.
>
> With federations, I think it would be
Thanks ,
setting *set_auth_type =yes* still not setting Auth-Type-ldap_secondary ,
to solve this I followed the solution suggested in this thread
http://lists.freeradius.org/pipermail/freeradius-users/2008-May/027962.html
After that it started working i.e. auth by binding to the ldap server
But
25 matches
Mail list logo
