Re: ldap

2013-06-21 Thread Roberto Ortega Ramiro
Hi, You have 2 modules ldap, one is ldap and the other is including configuration file /etc/freeradius/modules/ldap-orig Put /etc/freeradius/modules/ldap-orig out of modules directory. The dns goes right? I'll put the ldap server's ip instead of name. 2013/6/21 Julian Macassey > On 2013-06-

Re: ldap

2013-06-21 Thread Olivier Beytrison
On 21.06.2013 22:21, Julian Macassey wrote: In another terminal window I enter: root#> radtest usern...@mydomain.com "PASSWORD" 192.168.10.14 0 sharedsecret ending Access-Request of id 231 to 192.168.10.14 port 1812 User-Name = "usern...@domain.com" User-Password = "PASSWORD"

Re: ldap

2013-06-21 Thread Julian Macassey
On 2013-06-21 at 16:41, John Dennis (jden...@redhat.com) wrote: > > Looking at this more carefully also make sure port 1812 is open That was my first guess. I asked the guy who set up the servers if they were open and he assured me they were. But my tests, just re-tried, show th

Re: ldap

2013-06-21 Thread Julian Macassey
On 2013-06-21 at 16:48, John Dennis (jden...@redhat.com) wrote: > The radius server is not seeing any client requests and your client is > not getting a response from the server, either you've got the wrong > address for the radius server or more likely your firewall is block > their communication

Re: ldap

2013-06-21 Thread John Dennis
The radius server is not seeing any client requests and your client is not getting a response from the server, either you've got the wrong address for the radius server or more likely your firewall is block their communication, this has nothing to do with ldap. Also, I don't see the rlm_ldap modul

Re: ldap

2013-06-21 Thread John Dennis
On 06/21/2013 04:34 PM, John Dennis wrote: > On 06/21/2013 04:21 PM, Julian Macassey wrote: >> I am tring to get freeradius working with ldap. >> >> The ldap server is on the same LAN as the RADIUS server. >> >> The local user test works. >> >> I have configured all files I can think are pertinent.

Re: ldap

2013-06-21 Thread Julian Macassey
On 2013-06-21 at 16:34, John Dennis (jden...@redhat.com) wrote: > > > > What am I missing? It won't complain and it won't work. > > > > You've failed to provide the complete debug output, something which is > stated as being required nearly every day on this list. This means we > can't see how

Re: ldap

2013-06-21 Thread John Dennis
On 06/21/2013 04:21 PM, Julian Macassey wrote: > I am tring to get freeradius working with ldap. > > The ldap server is on the same LAN as the RADIUS server. > > The local user test works. > > I have configured all files I can think are pertinent. > > In debug mode, I get: > > root#> freeradiu

ldap

2013-06-21 Thread Julian Macassey
I am tring to get freeradius working with ldap. The ldap server is on the same LAN as the RADIUS server. The local user test works. I have configured all files I can think are pertinent. In debug mode, I get: root#> freeradius -X } listen { type = "auth" ipaddr = 127.

Building RPMS from main branch 3.x relase

2013-06-21 Thread Divyesh Raithatha
Hello, Has anyone successfully built RPM's from the main branch 3.x? I am trying to build one but keep on running into errors. Similar to the ones I saw with the version 2.x.x branch (regarding version numbers, patches, libray file names) until the changes were pushed by Fajar on May 9th. red

Re: Mac-auth. authorized_macs file sintax

2013-06-21 Thread Roberto Ortega Ramiro
Hi, I have resolv my problem, i have create one user in users file validate hosts whose mac address are in authorized_macs and i have the users and passwords in ldap and this is my site-avaible/default file configuration in the authorize section: authorized_macs if (ok) {

Re: Mac-auth. authorized_macs file sintax

2013-06-21 Thread Roberto Ortega Ramiro
I'm not at work now, but. This wil do that i want: authorize_macs if (ok) { update control { Auth-Type := files } } else { eap ldap } Thank you. 2013/6/21 Roberto O

Re: Mac-auth. authorized_macs file sintax

2013-06-21 Thread Roberto Ortega Ramiro
¿Is it posible to do a "if sentense" for validate the MAC address in authorized_macs with one user in users file (or other site) and others users can conect with hers user and password? Thank you. 2013/6/21 Matthew Newton > On Fri, Jun 21, 2013 at 02:56:57PM +0200, Roberto Ortega Ramiro wrote:

Re: Mac-auth. authorized_macs file sintax

2013-06-21 Thread Matthew Newton
On Fri, Jun 21, 2013 at 02:56:57PM +0200, Roberto Ortega Ramiro wrote: > I'm trying to conect using AEP-TLS one host, and i was using one wrong user > and password for connect the host with his mac. > I have undertand that this is no posible. Right? You can do EAP-TLS *and* validate the MAC addres

Re: Mac-auth. authorized_macs file sintax

2013-06-21 Thread Roberto Ortega Ramiro
Hi, you are right, Arran, I didn't undestand what i was doing. I'm trying to conect using AEP-TLS one host, and i was using one wrong user and password for connect the host with his mac. I have undertand that this is no posible. Right? Thank you. 2013/6/21 Arran Cudbard-Bell > > On 21 Jun 201

Re: Mac-auth. authorized_macs file sintax

2013-06-21 Thread Arran Cudbard-Bell
On 21 Jun 2013, at 13:29, Roberto Ortega Ramiro wrote: > Hi again. > > Matthew, you are rigth, i have no Access-Accept. Your NAS is configured wrong for Mac-Auth. It's attempting to start 802.1X authentication, that EAP-Message is an Identity response for 'luna. borja'. Do you actually under

Re: Mac-auth. authorized_macs file sintax

2013-06-21 Thread Roberto Ortega Ramiro
un 21 14:18:02 2013 : Info: [reply_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d -> /var/log/radius/radacct/192.168.202.252/reply-detail-20130621 Fri Jun 21 14:18:02 2013 : Info: [reply_log] /var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d expa

Re: Mac-auth. authorized_macs file sintax

2013-06-21 Thread Arran Cudbard-Bell
On 21 Jun 2013, at 12:55, Matthew Newton wrote: > On Fri, Jun 21, 2013 at 01:23:28PM +0200, Roberto Ortega Ramiro wrote: >> Hello, I have configured freeradius for accept one host conection over host >> mac address > > On the assumtion this is an instantation of 'files', then the > format for t

Re: Mac-auth. authorized_macs file sintax

2013-06-21 Thread Roberto Ortega Ramiro
Thank you for your fast response. I have found the problem, i have insert a space before the mac address. Sorry and thank you for you time. 2013/6/21 Roberto Ortega Ramiro > Hello, I have configured freeradius for accept one host conection over > host mac address > > This is the log, at the

Re: Mac-auth. authorized_macs file sintax

2013-06-21 Thread Matthew Newton
On Fri, Jun 21, 2013 at 01:23:28PM +0200, Roberto Ortega Ramiro wrote: > Hello, I have configured freeradius for accept one host conection over host > mac address On the assumtion this is an instantation of 'files', then the format for the file would be 98-0c-82-b5-00-f2Auth-Type := Accept >

Re: Mac-auth. authorized_macs file sintax

2013-06-21 Thread Arran Cudbard-Bell
> > What's wrong? Which version of the server are you using? Arran Cudbard-Bell FreeRADIUS Development Team - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: eap sim authorization problem

2013-06-21 Thread Iliya Peregoudov
On 20.06.2013 17:56, raptor raptor wrote: my users format 1510019760806...@wlan.mnc001.mcc510.3gppnetwork.org EAP-Type := SIM EAP-Sim-Rand1 = 0x 326258E6F77C40f3866DB25DEA60AE4D, EAP-Sim-SRES1 = 0x DD287535, EAP-Sim-KC1 = 0x 7F743521EBabb000, EAP-Sim-Rand2 = 0x FD9989BD90AD4a03962E6C08C000C14B,

Mac-auth. authorized_macs file sintax

2013-06-21 Thread Roberto Ortega Ramiro
Hello, I have configured freeradius for accept one host conection over host mac address This is the log, at the end appear the error: Called-Station-Id = "00-90-0B-23-2E-BF:EquiposPortatiles" Calling-Station-Id = "98-0C-82-B5-00-F2" Framed-MTU = 1250 NAS-Port-Type = Wireless-802.1

Re: Log auth message

2013-06-21 Thread Arran Cudbard-Bell
On 21 Jun 2013, at 10:03, a.l.m.bu...@lboro.ac.uk wrote: > Hi, > >> I`m not able to debug, what does macro RAUTH do :(. Coudl you please help >> me, thx. > > ah. just noticed this is actually with 3.x - yes, the older releases logged > but current > version doesnt. I'll have to help you out w

Re: Log auth message

2013-06-21 Thread A . L . M . Buxey
Hi, > I`m not able to debug, what does macro RAUTH do :(. Coudl you please help me, > thx. ah. just noticed this is actually with 3.x - yes, the older releases logged but current version doesnt. I'll have to help you out with this as I need logging on that platform :-) alan - List info/subscr

RE: Log auth message

2013-06-21 Thread BALSIANOK, Peter
Maybe i found, where is problem ? radiusd@tdrad1test:/storage/app/radius/raddb/auth$ gdb /storage/app/radius/freeradius-3.0.0/sbin/radiusd GNU gdb (GDB) 7.4.1-debian Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later Thi

RE: Log auth message

2013-06-21 Thread stefan.paetow
> > Answer is simple, i don`t know how :) ( i don`t have propert skills ) > > http://beej.us/guide/bggdb/ Thanks for that Arran, It'll come in handy for Moonshot testing here. :-) Stefan -- This e-mail and any attachments may contain confidential, copyright and or privileged material, an

RE: Log auth message

2013-06-21 Thread BALSIANOK, Peter
Thank you for the link Arran I have tried to figure out, where is the problem I`m not able to debug, what does macro RAUTH do :(. Coudl you please help me, thx. radiusd@tdrad1test:/storage/app/radius/raddb/auth$ gdb /storage/app/radius/freeradius-3.0.0/sbin/radiusd GNU gdb (GDB) 7.4.1-debian C