Hello, is simple & stupid.
if (Cisco-AVpair =~
/^client-mac-address=([a-f0-9][a-f0-9])([a-f0-9][a-f0-9]).([a-f0-9][a-f0-9])([a-f0-9][a-f0-9]).([a-f0-9][a-f0-9])([a-f0-9][a-f0-9])$/)
{
if (!Calling-Station-Id) {
update request {
Thanks Fajar your speedy response and really helpful for me.
Yeah..I'm pretty grateful about all contributions here for sure! And I'm
definitely not insist on desiring the best solution here.
I just want to listen some opinions or advice from all those experienced.
Anyway, I'll keep learning a
On Wed, Apr 24, 2013 at 9:34 AM, Okis Chuang wrote:
> Thanks for Alan's quick and kindly reply!
>
> Yes, I'm under this slow performance trouble now
> Actually I tried let it not going into jradius and completing my easy job
> only in FreeRADIUS yesterday. And it did it well.
> It can finish 1
Thanks for Alan's quick and kindly reply!
Yes, I'm under this slow performance trouble now
Actually I tried let it not going into jradius and completing my easy job
only in FreeRADIUS yesterday. And it did it well.
It can finish 1 auth request in 13 sec.
However, our goal is more than tha
Hi All
i use Cisco and mikrotik as Access server in my network and i need to
limit user access by MAC address.
in this case i can use Calling-Station-Id , it works for mikrotik :
AUTH Detail
Packet-Type = Access-Request
Service-Type = Framed-User
Framed-Protocol = PPP
Chuang Okis wrote:
> Have anyone test the performance about FreeRADIUS+jRadius on authentication?
Not me.
> The test was just for authentication load test from gateway to radius
> server. My jradius handler would just do some easy string splitng for
> one VSA.
Use Perl. It's integrated into
Thanks all.
-Danny
On Tue, Apr 23, 2013 at 11:59 PM, Matthew Newton wrote:
> Hi Danny,
>
> On Tue, Apr 23, 2013 at 11:13:46PM +0800, Danny Kurniawan wrote:
> > What you mean? Sorry i think you might mis-understand my previous 2
> > message. I mean 2 ask what is the correct syntax for update repl
This is indeed a very considerate design, much better than some other software,
like dhcp, that overwrites conf files every time.
Thanks,
Yu Wang
-Original Message-
From: freeradius-users-bounces+ywang10=fsu@lists.freeradius.org
[mailto:freeradius-users-bounces+ywang10=fsu@lis
...have a little test/dev server. Copy your current config onto it and run the
new version in full debug mode, see what it might complain about
Alternatively, compare your config against vanilla config and then just start
from vanilla making required changes...this can really help to clean up ol
Hi Danny,
On Tue, Apr 23, 2013 at 11:13:46PM +0800, Danny Kurniawan wrote:
> What you mean? Sorry i think you might mis-understand my previous 2
> message. I mean 2 ask what is the correct syntax for update reply
>
> Is it exactly like what you said in previous email or else :
> update reply {
>
On 04/23/2013 11:38 AM, Wang, Yu wrote:
Thanks for the advice. I'll make a backup copy as we do have some customized
scripts.
As has been stated numerous times on this list you should keep any FR
config file you modify or any file you add under source code control.
Your repository located so
Wang, Yu wrote:
> Thanks for the advice. I'll make a backup copy as we do have some customized
> scripts.
Installing a new version will *never* over-write your existing
configuration files, scripts, etc. It *will* over-write binaries and
libraries.
Alan DeKok.
-
List info/subscribe/unsubscr
Thanks for the advice. I'll make a backup copy as we do have some customized
scripts.
Yu Wang
Network Architect
Core Networking, FSU
-Original Message-
From: freeradius-users-bounces+ywang10=fsu@lists.freeradius.org
[mailto:freeradius-users-bounces+ywang10=fsu@lists.freeradius.
Hi,
>What you mean?
see bottom of email
>Is it exactly like what you said in previous email or else :
>update reply {
>Session-Timeout : = 7200
>}
no, its exactly liek I typed. if you add spaces like you have then the server
wont like it
alan
-
List info/s
Hi,
What you mean? Sorry i think you might mis-understand my previous 2
message. I mean 2 ask what is the correct syntax for update reply
Is it exactly like what you said in previous email or else :
update reply {
Session-Timeout : = 7200
}
I will search the documentation again f
Hi,
>Thanks again Alex, i will try your syntax.
do you deliberately change words?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hi,
docs/ChangeLog
* 100% configuration file compatible with 2.1.x.
The only fix needed is to disallow "hashsize=0" for rlm_passwd
so..if you havent played around with modules/passwd you'll find it just runs.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.
Thanks again Alex, i will try your syntax.
Thanks
Danny
On Tue, Apr 23, 2013 at 9:25 PM, wrote:
> Hi,
>
> >Thanks Alan, let me try that. So i can apply this only if the
> Wireless AP
> >is sending packet with Session-Timeout too right? I don't see this
> setting
> >in Meraki Wireles
Hi,
>I am planning to upgrade our FR from 2.1.10 to 2.2.0 to address increasing
>NTLM authentication failures using EAP-MSCHAPv2 in our wireless systems.
>I would welcome and appreciate advice on precautions I should take before,
>during, and after upgrade. Any issue did you run i
Wang, Yu wrote:
> I am planning to upgrade our FR from 2.1.10 to 2.2.0 to address
> increasing NTLM authentication failures using EAP-MSCHAPv2 in our
> wireless systems. I would welcome and appreciate advice on precautions
> I should take before, during, and after upgrade. Any issue did you run
>
Hello,
I am planning to upgrade our FR from 2.1.10 to 2.2.0 to address increasing NTLM
authentication failures using EAP-MSCHAPv2 in our wireless systems. I would
welcome and appreciate advice on precautions I should take before, during, and
after upgrade. Any issue did you run into in your up
Hi,
>Thanks Alan, let me try that. So i can apply this only if the Wireless AP
>is sending packet with Session-Timeout too right? I don't see this setting
>in Meraki Wireless AP.
as i said, depends on your settings and what the NAS is willing to take from
the
RADIUS server - you'll
gregoire.le...@retenodus.net wrote:
> I have actually read the documentation, and the wiki about SQL. Really.
> Otherwise, I wouldn't have sent the first email. I'm going to be more
> specific about what I don't understand.
OK. That's good.
> In my user files, I have two lines to check.
>
> F
Thanks Alan, let me try that. So i can apply this only if the Wireless AP
is sending packet with Session-Timeout too right? I don't see this setting
in Meraki Wireless AP.
I'm using ldap and all the authentication just simple username / password
from ldap. Is the the exact syntax to apply with?
o
Hi,
>In which config files do i need to look / edit / add the session timeout
>in freeradius?
that would depend on how your configuration is done and what options and methods
you are using. 'users' file is basic way, SQL tables are another, unlang is yet
another way...eg
update reply {
Hi Alan,
In which config files do i need to look / edit / add the session timeout in
freeradius?
Thanks
Danny
On Tue, Apr 23, 2013 at 3:11 PM, Alan Buxey wrote:
> Controlled by the NAS and/or the RADIUS server depending on NAS settings.
> ie you should be able to set session-timeout on the NA
Hello,
Le 2013-04-22 15:33, Alan DeKok a écrit :
gregoire.le...@retenodus.net wrote:
First, I want to check is the user has the right password. If he has
the
right password, I want to give him a configuration and if he's in
the
"one_huntgroup_name" (i.e he's from a special NAS), I want to give
Hi,
>I get something like
> 'aolnet/aol.dsl.newuser.10A50001000300010001US92C1..prod' in
>User-Name attribute .
yep
>I think it should be connect-info attribute !
why? have ou debugged the packets - that looks like what I'd expect in
a User-Name if looking at dialup k
On Tue, Apr 23, 2013 at 12:58:11PM +0430, Mehdi Ravanbakhsh wrote:
> I get something like
> 'aolnet/aol.dsl.newuser.10A50001000300010001US92C1..prod' in
> User-Name attribute .
>
> I think it should be connect-info attribute !
Check your NAS. That is what is sending the data to FreeRAD
I get something like
'aolnet/aol.dsl.newuser.10A50001000300010001US92C1..prod' in
User-Name attribute .
I think it should be connect-info attribute !
and In this case all %{connect-info} is empty (not null) .
i increase the connect-info to 150 character but nothing happens.
I am
thanks
On Tue, Apr 23, 2013 at 11:12 AM, Fajar A. Nugraha wrote:
> On Tue, Apr 23, 2013 at 1:27 PM, Mehdi Ravanbakhsh
> wrote:
> > Dear Fajar A. Nugraha
> >
> > thanks for your reply. and your guide
> >
> > i reduce the database connection and it solved :)
>
> Wow.
>
> Though I'm glad to h
Hi all,Have anyone test the performance about FreeRADIUS+jRadius on
authentication?I recently did several numbers of load test with radclient in
FreeRADIUS.I used radclient -c 1 to attack my radius server(with jradius),
and found that the results are pretty bad...The call per second was
app
Controlled by the NAS and/or the RADIUS server depending on NAS settings. ie
you should be able to set session-timeout on the NAS and then override/update
the value on the RADIUS server depending on your chosen policies...eg for
particular users/clients etc...and if proxying you may have agreeme
33 matches
Mail list logo
