Thanks for the reply.
First, adding an else to the if statement doesn't really help. As that is
in the authorize section that simply queries AD via LDAP to check for
groups of the user. It uses an admin DN to bind and query, not the actual
user credentials (as this is a PEAP) request. So I actuall
Hi,
>elsif (Ldap-Group == "netCoreClass-finance") {
>update reply {
>Tunnel-Private-Group-Id:1 := 124
>}
>}
>Authentication is against Active Directory. So while a user may get
>assigned to a VLAN b
hi,
..thats the startupand when a request comes in (the one that segfaults
the server.) ?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
In my authorize section I am matching LDAP groups to set VLAN attributes as
such:
if (Ldap-Group == "netCoreClass-IT") {
update reply {
Tunnel-Private-Group-Id:1 := 102
}
}
elsif (Ldap-Group == "netCoreClass-engineering")
Thanks a lot Alan for the quick response and change again :-).
The new fix works like charm :-). We see the 2 classifier in the same AVP.
Here is the packet capture:
AVP: l=125 t=Vendor-Specific(26) v=WiMAX(24757)
VSA: l=119 t=WiMAX-Packet-Flo
Sorry my bad, was sharing the info with my internal team and accidently added
the users mail list.
Sorry again
-Hanu
Buxey Wrote:
> huh? why did you repost this? we've just SEEN that info from Alan directly
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Cholleti, Hanumantha wrote:
> Thanks a lot for the quick response and putting in the fix under 2.x.x branch.
It's what I do. :)
> We configured the FreeRadius using this new 2.x.x branch from git;
>
> The length of the AVP comes correct, but the 2nd classifier is showing in a
> separate AVP.
Hi Alan,
Thanks a lot for the quick response and putting in the fix under 2.x.x branch.
We configured the FreeRadius using this new 2.x.x branch from git;
The length of the AVP comes correct, but the 2nd classifier is showing in a
separate AVP.
Here is the packet capture (2.x.x git branch):
Hi,
> I did some more debugging and I always seem to get a segfault at the same
> place. Is there something I should be looking at on the LDAP backend?
i'd like to knwo what you are doing, how you have this configured.and why
your server thinks '45270' or
'bradly' or SSHA encrypted, its lik
Hi,
> FYI...
huh? why did you repost this? we've just SEEN that info from Alan directly
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I really did not mean any trouble. I realize that I am not only too in
a hurry to read the proper documentation, but my questions also
reflect how rushed I want to get this part over with. Regardless of my
last comment, I realized that I should take a step back, go through
the documentation, and pu
Chris Taylor wrote:
> I have tried a few times but I can't get a core dump.
See doc/bugs. It contains instructions for debugging a live server.
If you can't get core dumps, use the instructions in Section 3 of that file.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradiu
Nick Khamis wrote:
> Thank you guys so much for your time.
If you care to look, good questions get good answers.
Bad questions get bad answers.
People who ask questions and ignore the answers get ignored in turn.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.o
Thanks John, I am actually using the complied version rather than the RPM
package. I was finally able to get a core dump (a few actually), this was the
output.
I was the same failure everytime.
Thanks,
Chris
[root@on-radius01 tmp]# gdb /usr/sbin/radiusd
/tmp/core-radiusd-11-95-95-11382-13674
On 05/01/2013 01:36 PM, Chris Taylor wrote:
I have tried a few times but I can't get a core dump. After radius dies I run " gdb
/usr/sbin/radiusd /tmp/core_dump/test.dump" but I get the following output.
#
[root@on-radius01 core_dump]# gdb /usr/sbin/radiusd /tmp/cor
I have tried a few times but I can't get a core dump. After radius dies I run "
gdb /usr/sbin/radiusd /tmp/core_dump/test.dump" but I get the following output.
#
[root@on-radius01 core_dump]# gdb /usr/sbin/radiusd /tmp/core_dump/test.dump
GNU gdb (GDB) CentOS (7.0.1-4
Thank you guys so much for your time.
Kind Regards,
N.
On 5/1/13, Alan DeKok wrote:
> Nick Khamis wrote:
>> No calls to stored procedures do not work? Or no. that is not correct?
>
> Q: Is this correct?
> A: No.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradiu
FYI...
-Original Message-
From:
freeradius-users-bounces+hanumantha.cholleti=viasat@lists.freeradius.org
[mailto:freeradius-users-bounces+hanumantha.cholleti=viasat@lists.freeradius.org]
On Behalf Of Alan DeKok
Sent: Wednesday, May 01, 2013 8:18 AM
To: FreeRadius users mailing l
Chris Taylor wrote:
> I did some more debugging and I always seem to get a segfault at the same
> place. Is there something I should be looking at on the LDAP backend?
See doc/bugs
That should help.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.ht
I did some more debugging and I always seem to get a segfault at the same
place. Is there something I should be looking at on the LDAP backend?
[files] users: Matched entry DEFAULT at line 214
++[files] returns ok
[pap] Normalizing SSHA1-Password from base64 encoding
[pap] WARNING: Auth-Type alr
Raithatha, Divyesh wrote:
> When does the release of 2.21 come out? How about 3.0?
We hope to have both out by June.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
When does the release of 2.21 come out? How about 3.0?
Thanks
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Nick Khamis wrote:
> No calls to stored procedures do not work? Or no. that is not correct?
Q: Is this correct?
A: No.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
No calls to stored procedures do not work? Or no. that is not correct?
Thanks in Advance,
N.
On 5/1/13, Alan DeKok wrote:
> Nick Khamis wrote:
>> It seems that the sql module of freeraedius does not support calls
>> to stored mysql procedures. Is this correct?
>
> No.
>
> Alan DeKok.
> -
>
Nick Khamis wrote:
> It seems that the sql module of freeraedius does not support calls
> to stored mysql procedures. Is this correct?
No.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
It seems that the sql module of freeraedius does not support calls
to stored mysql procedures. Is this correct?
PS Sorry for the noise.
Cheers,
Nick
On 5/1/13, Alan DeKok wrote:
> Nick Khamis wrote:
>> Thanks so much for your response. I can provide a specific example.
>> In the client we have
Cholleti, Hanumantha wrote:
> Version 2.1.2 and 2.20
>
> --
>
> In both FreeRadius versions 2.1.2 and 2.20 on RedHat, the 2^nd
> Uplink-Classifier (permit in ip src any dst any 69-65535 priority 3) is
> showing up in a separate VSA on its own as shown below;
Yeah, that'
Tyller D wrote:
> The process I'm using is as follows. User connects to landing page,
> landing page sends access-request to server with users details.
> FreeRADIUS then sends a COA to the NAS to change the state and apply
> attributes. However when FreeRADIUS gets the accounting-start packet, it
>
Nick Khamis wrote:
> Thanks so much for your response. I can provide a specific example.
> In the client we have defined:
>
> modparam("acc", "aaa_extra", " Sip-From-Tag=$si;
> Sip-To-Tag=$tt;
> .
Hi,
>sorry alan, perhaps I'm mixing up my examples in an attempt to get this
>working...
run your freeradius is full debug mode. LOOK at what is going on
>1. where (or in which file) do I add the unlang code?
as you have
>2. how do i update the reply?
by updating the reply
>
On Tue, Apr 30, 2013 at 3:09 PM, wrote:
> Hello,
>
>
>> It pretty much said that:
>> - you need to add an entry to radgroupcheck, so that when
>> Huntgroup-Name matches a value (site_a), an SQL group (site_a_admins)
>> will be assigned
>> - you add entries to radgroupreply to return
>> whatever-a
sorry alan, perhaps I'm mixing up my examples in an attempt to get this
working...
1. where (or in which file) do I add the unlang code?
2. how do i update the reply?
I currently have the following code in my proxy-inner-tunnel file :-
post-proxy {
eap
if (proxy-reply:Access-Acc
++? if (control:IMS-UserData < 0) -> FALSE
> ++? if (control:IMS-UserData > 0)
> ? Evaluating (control:IMS-UserData > 0) -> FALSE
> ++? if (control:IMS-UserData > 0) -> FALSE
> ++[reply] returns noop
> } # server ims
> Sending Access-Accept of id 79 to 127.0.0.1 port
Hi,
why are you now talkign about users file? use unlang - as you originally
stated
and then update the reply
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, May 1, 2013 at 11:15 AM, wrote:
> Hi,
>
> if you look at freeradius running in debug mode, you can see what bits of
> the
> server are being hit and where you can do the required changes. so
> post-proxy
> would be okay - but you update the reply
>
when running in debug mode, I can s
Hi,
>If we configure the FreeRadius using the "Master" branch, we get the 2nd
>Uplink-Classifier in the same VSA as expected (as shown in the first
>packet capture)
so likely a bug fixed
>For our production implementation, don't want to go to the "master" branch
>if possible.
Hi,
if you look at freeradius running in debug mode, you can see what bits of the
server are being hit and where you can do the required changes. so
post-proxy
would be okay - but you update the reply
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rapeze-Qos-Profile = "MB100"
Mikrotik-Total-Limit = 1048576
Acct-Interim-Interval = 120
# Executing section pre-proxy from file /etc/freeradius/sites-enabled/ims
+- entering group pre-proxy {...}
[detail]expand:
/var/log/freeradius/radacct/%{Client-IP-Address}/detail-
We have configured FreeRadius 2.1.12 on RedHat ;
Requirement
==
In a given WiMax-Packet-Flow-Descriptor VSA, we want to have following multiple
WiMAX-Uplink-Classifier (attribute 9) as shown in the below packet capture:
WiMAX-Uplink-Classifier:
===
1. permit in ip
39 matches
Mail list logo
