Hi all
I'm trying to setup a very basic test server using FreeRADIUS (running on
Ubuntu 12.04) that uses PEAP with the example certificates generated by
FreeRADIUS.
I keep running into a variety of fairly basic problems.
After running freeradius -X I get this error message.
Couldn't open
Thanks for the fast reply.
See http://deployingradius.com It has a detailed guide for EAP / PEAP.
I'm actually following that one, it's very helpful, however I keep running into
problems that aren't covered.
You're running it as a normal user, and the file is owned by root (or
another
Hi
Thanks for all the replies!
Going through all the permissions of the various files freeradius complained
about fixed it like Phil Mayers and Alan said.
I also fixed the radtest problem. This just need to have freeradius restarted
normally.
I'm now working on PEAP with an Ubuntu client
unsubscribe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I am too much a newbie to understand what you are suggesting.
Should I replace: return RLM_MODULE_OK with: return RLM_MODULE_UPDATED
in the perl script?
On Tue, Oct 9, 2012 at 11:33 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote:
Return rlm_module_updated
alan
--
This smartphone uses free WiFi
in 4.9 seconds.
Cleaning up request 0 ID 18 with timestamp +11
Ready to process requests.
I feel we are closer.
Any Ideas on the Denied access by RADIUS
Thanks Andrew
On Wed, Oct 10, 2012 at 10:40 AM, Phil Mayers p.may...@imperial.ac.uk wrote:
On 10/10/12 18:30, Andrew Precht wrote:
Found Auth
Well I'm back...
I have changed the module line in /etc/raddb/modules/perl, from:
module = ${confdir}/example.pl
to: module = /etc/raddb/sjpl.pl
Also, in the perl file I have uncommented the line: func_authenticate
= authenticate
Next, in /etc/raddb/sites-enabled/default I added perl to the
Hi users,
I've setup a new virtual FR 2.1.12 server on centos6. I have got the
new server setup per
the docs at freeradius.org. Radtest locally and NtradPing remotely are working.
Now, I need FR to use a Perl script to authenticate against a proprietary DB.
I have put in a bit of time
Thanks Alan,
I'm off for the weekend, I will give this a try on Tuesday.
On Fri, Oct 5, 2012 at 3:04 PM, alan buxey a.l.m.bu...@lboro.ac.uk wrote:
Hi,
I've setup a new virtual FR 2.1.12 server on centos6. I have got the
new server setup per
the docs at freeradius.org. Radtest locally and
Hi users,
I'm attempting to setup a new virtual FR server on centos6, to replace
an aging FR 1.13-1.6.el5 server. I have got the new server setup per
the docs at freeradius.org.
I've run the simple test using radtest locally and I get an
Access-Accept. Also, using NTradPing remotely I get an
Hi George,
do the following:
ps -aux | grep radius
and kill all the radius related services with kill -9 process id
Andy
Date: Fri, 27 Jul 2012 10:45:03 +0300
Subject: Re: Freeradius Installation Challenges
From: ginnocentus2...@gmail.com
To: freeradius-users@lists.freeradius.org
I am not able
Hi Si St,
I don't know why you are using router but in my situation we have sites where
we installed L3 core switches and we just configure the radius ip and the
radius shared key and is working or we have sites where we install a
ZoneDirector (wireless controller) and can use as a NAS under
Hi ,
Alan is right. If you connect you pc directly to you router then you must
configure the port to accept dot1x request usually they call dot1x port control.
If you have wireless controller from the AAA settings you can test it and the
same time you can see the request from the radius ( if
Hi,
you can use the following to include all the IPs inside the clients file:
client 0.0.0.0/0 {
secret = mysecret
shortname = myNAS
}
From the router's side you need to write a command to add your radius shared
key and ip. For example if it's allied telesis
using?
The ZD and APs usualy work that if you have a trunk you also need a native
(untagged network) for them to communicate. You can also use a management VLAN
to manage all the devices. And it is also possible to use DHCP Option 43 for
dicovery and such.
Regards
2012/7/2 Andrew
of
people testing various things with the ZD in regards to a RADIUS server and it
allways worked ok so I doubt that this would be a ZD issue.
Which FW are you using on the ZD?
2012/7/2 Andrew Andonopoulos andre8...@hotmail.com
hi and thanks for your reply
From the zone director side i am
attributes.
Does that answer your question?
2012/7/2 Andrew Andonopoulos andre8...@hotmail.com
hi,
zone director details are:
Model ZD1106
Version 9.1.0.0 build 23
Date: Mon, 2 Jul 2012 11:54:26 +0200
Subject: Re: Freeradius and Zone Director
From: pmte...@gmail.com
To: freeradius-users
Solved.
Debugging with SQL is piece-meal, and an early problem will obscure later ones.
1. I had a reply item FreeRADIUS did not understand (but this only
gets logged when all else runs clean).
2. I had a check item that is likely wrong (and would appreciate an
answer on this). I had
?
Thank you
- Andrew Long
Here are the queries for the user's auth request:
[sql] sql_set_user escaped user -- 'memwg150412'
rlm_sql (sql): Reserving sql socket id: 1
[sql] expand:
SELECT id, username, attribute, value, op FROM radcheck WHERE username
= '%{SQL-User-Name}' ORDER BY id -
SELECT id
Run the queries manually, and try to sort it out.
Alan DeKok.
Thank you. Just in case, I tested a build of 2.1.12 now avail through
the stock repos on a CentOS 5.8 VM. It's working correctly, so I'm
confident I can get there (an upgrade, to boot) without much too
difficulty.
- Andrew
On Thu, Apr 5, 2012 at 12:04 PM, Andrew Long furs...@gmail.com wrote:
In case you missed it, the debug from latest test is a couple messages
previous (our messages crossed). I have looked through it and with my
limited knowledge see nothing exceptional except that processing stops
I am trying to implement two of the Nomadix VSA's, Nomadix-BW-Up and
Nomadix-BW-Down. They are included in the dictionary.nomadix that
shipped with my installed version, 2.1.8 running on CentOS.
OK.
I am using a MySQL backend and have tried adding the attributes in
radgroupreply (for user
Platfrom: CentOS 5.8
FreeRADIUS: 2.1.8
Backend: MySQL
I am unable to get FreeRadius to reply with attributes assigned in the
radgroupreply table for some groups. When the same attributes are
assigned in radreply, the server sends them as expected. Adding a
Fall-Through entry for the user in
For reference, here is a debug from another account's auth request
which successfully processes radgroupreply and sends the pairs from
that table. The attributes are different here because the NAS is
different and I don't want to confuse it by assigning another vendor's
attributes. I did
Did you set read_groups = yes in sql.conf?
What about the comments just above that configuration?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
It was commented out! Given the comments, though, do you have any idea
why it would still have
I should have said...
There is also the oddity that even though the line was commented
previously, groups were being processed as I would see in the reply
packets pairs that existed only in radgroupreply. JUST NOT THE ONES I WANT.
-
List info/subscribe/unsubscribe? See
OK, the test from an actual client behind the Nomadix fails even after
un-commenting read_groups = yes and restarting, still no group
attributes passed in reply.
This debug is rather lengthy as I thought you might want to see some
of the earlier loading (though I snipped some).
What should I
I think we crossed each other across the water...
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
In case you missed it, the debug from latest test is a couple messages
previous (our messages crossed). I have looked through it and with my
limited knowledge see nothing exceptional except that processing stops
with radgroupcheck and never moves to radgroupreply. Have you any
ideas?
- Andrew
as I'm working under a deadline.
Thank you,
Andrew Long
EscapeWire Solutions
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I am trying to implement two of the Nomadix VSA's, Nomadix-BW-Up and
Nomadix-BW-Down. They are included in the dictionary.nomadix that
shipped with my installed version, 2.1.8 running on CentOS.
I am using a MySQL backend and have tried adding the attributes in
radgroupreply (for user group)
So, to try and re-phrase my question at this point: Why would
freeradius stop processing after radusergroup and radgroupcheck,
without ever doing the query on radgroupreply to see if there are
items there?
The user is a member of only one group, and this is the only
user/group relationship I see
Thank you for any help.
- Andrew Long
Here is the existing dictionary...
# FILE: /usr/share/freeradius/dictionary.nomadix
# -*- text -*-
#
# Version: $Id$
#
VENDOR Nomadix 3309
#
BEGIN-VENDORNomadix
ATTRIBUTE Nomadix-Bw-Up
So, the question is, will the following entry in /etc/raddb/dictionary
correctly add the new attributes? I have not entered the types yet,
waiting on the OEM for some clarification.
Developer at OEM reported perfectly safe to add the attributes to the
existing site-wide dictionary.nomadix file
Hi Lily
Can you please forward me your cisco prepaid config. I have always been
interested how to do that but never had the time.
Thank you
Andrew Paternoster
[cid:image001.png@01CC87FE.F2869150]
Andrew Paternoster
Screwloose
Tel: (03) 9095-7290
Email: and...@screwloose.com.aumailto:and
-To-Realm := AL_realm
}
}
And in the accounting section in the 'default' file I have 'replicate'
entered.
Is there something I'm doing wrong?
The proxy.conf file seems fine since, Proxy-To-Realm works just fine.
Thanks and regards,
Andrew
-Original Message-
From:
freeradius-users
Thanks Fajar, it's working fine now.
Andrew
-Original Message-
From: freeradius-users-bounces+andrew.tonna=vodafone@lists.freeradius.org
[mailto:freeradius-users-bounces+andrew.tonna=vodafone@lists.freeradius.org]
On Behalf Of Fajar A. Nugraha
Sent: Thursday, August 04, 2011 1
option?
Thanks and regards,
Andrew
-
Vodafone
-
This email is intended only for the use of individuals to whom
Thanks.
Andrew
-Original Message-
From:
freeradius-users-bounces+andrew.tonna=vodafone@lists.freeradius.org
[mailto:freeradius-users-bounces+andrew.tonna=vodafone.com@lists.freerad
ius.org] On Behalf Of Alan DeKok
Sent: Tuesday, August 02, 2011 1:53 PM
To: FreeRadius users mailing
would expect 400 or at worst 600 to work. That will probably
make editting a job for root. Or make it 660 where the group is user
management.
Andrew
--
REALITY.SYS not found: Universe halted.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks Fajar,
I actually figured this out 10 minutes after posting to the list, blue
text on black terminal window :(
Thanks for your response.
Regards,
Andrew
On 7/07/2011 3:52 p.m., Fajar A. Nugraha wrote:
On Thu, Jul 7, 2011 at 10:09 AM, ahthriftandyonf...@gmail.com wrote:
I
On Sat, 18 Jun 2011 07:39:53 +0200, Arran Cudbard-Bell wrote:
As Alan says it's the NAS not including a consistent set of
Attribute and or values.
The key attributes per the config (acct_unique { key = User-Name,
Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port
}) *are* consistent
I have a curious problem with my FreeRADIUS 2.1.10 installation. I'm
using a PostgresQL backend and something close to the default config.
It seems that sometimes (judging from the value of affected sessions
this is a fairly rare occurrence) a duplicate entry is added to the
radacct table
to be hidden from the general public, maybe under the home dir for
the user running radius, which should also be 750 or more restrictive
like 710.
Andrew
--
REALITY.SYS not found: Universe halted.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Andrew Paternoster
Screwloose Software
S (03) 9095-7290 (03) 9095-7299
11-15 HighTech Place, Lilydale, Vic 3140
www.screwloose.com.au
-Original Message-
From: freeradius-users-bounces+andrew=screwloose.com...@lists.freeradius.org
[mailto:freeradius-users-bounces+andrew
Have you rebooted your LNS since you set the interim account period?
(accounting updates?) Cisco LNS' sneed a reboot after changing this settings.
Also you might want to look at Daloradius for a Freeradius front end. We use it
to manage our DSL tail from it.
Thank you
Andrew Paternoster
When I have had problem in the past. (With IAS and windows Clients) A good test
was always use the cert as a ssl cert and try and go tot the website to see if
IE errors on the cert.
Thank you
Andrew Paternoster
Screwloose Software
S (03) 9095-7290 (03) 9095-7299
11-15 HighTech Place
Hi Johan
Do you mind sharing a copy of your COA triggers?
Thank you
Andrew Paternoster
Screwloose Software
S (03) 9095-7290 (03) 9095-7299
11-15 HighTech Place, Lilydale, Vic 3140
www.screwloose.com.au
-Original Message-
From: freeradius-users-bounces+andrew=screwloose.com
On 11/30/2010 11:05 AM, John McDonnell wrote:
-Original Message-
On Behalf Of Andrew Bovill
Hi,
I'm trying to get WPA Enterprise EAP/TLS working with my wireless
router. It appears that the TLS portion of the authentication works
(valid certificates give me a working connection
On 11/30/2010 11:15 AM, Phil Mayers wrote:
On 30/11/10 16:10, Andrew Bovill wrote:
It just seems weird that nearly ALL of the suplicants I've used
*require* me to give a username/password (or at least an Identifier +
password) in addition to the unlocked certificate. Maybe a better
question
I really think the VLAN assignment problem is related to your EX4200 VC.
FreeRadius had done its job. You probably have to contact JTAC. BTW, which
version of JUNOS are you running on the EX4200 VC? The latest version JTAC
recommended is 10.0S6.1. Hope this will help.
-Original
I forgot to mention one thing. I am using VLAN name instead of VLAN ID to do
dynamic VLAN assignment. It works for me. You could try the followings.
aa7f9c90Auth-Type := EAP, Cleartext-Password == aa7f9c90
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
I'm very new to freeradius, and I need to test whether my configuration is
correctly accepting MS-CHAPv2 requests. I'm not sure exactly how to do this
with radtest (or am I using the wrong tool?)
Andrew J. Chiarello
Network Engineer
Bryn Mawr College
610-526-7966
achiare...@brynmawr.edu
Is there any cli tool I can use to send an MS-CHAPv2 test?
- Original Message -
From: Alan DeKok al...@deployingradius.com
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Wednesday, June 9, 2010 11:33:30 AM
Subject: Re: radtest with MS-CHAPv2?
Andrew
Hi Alan
I tryed tweaking a few settings and then re did the config on the ap from
scratch and it works.
Thanks for your help
Andrew Paternoster
--
Andrew Paternoster
GPK Computers Pty Ltd
T 1300 854 223
F 1300 854 228
on WPA wireless clients?
There is accounting stuff that i have setup in the cisco AP but it doesnt seems
to do anything.
Can any one please point me in the right direction?
Thanks
Andrew Paternoster
--
Andrew Paternoster
Senior System Engineer
GPK Computers Pty Ltd
T 1300 854 223
F 1300 854
Alan DeKok wrote:
Oninz Unix wrote:
I know some os the thread almost similar to my problem, but let
me send some logs from my freeradius logs.
Tue Apr 27 17:59:44 2010 : Info: WARNING: Child is hung for request 383.
Tue Apr 27 17:59:44 2010 : Info: WARNING: Child is hung for request
So what's the best way to move forward with this? It is possible for someone to
take over what jdennis was providing with his YUM resp? Or do we all have to go
back to building for the source if we want the latest ver?
Thanks
--
Andrew Paternoster
GPK Computers Pty Ltd
T 1300 854 223
F 1300
Hi List
Just wondering how to install Freeradius on Centos 5.4 using YUM now that the
Tech preview is over for redhat.
Thanks
--
Andrew Paternoster
Senior System Engineer
GPK Computers Pty Ltd
T 1300 854 223
F 1300 854 228
Did you know that you can now log faults just by sending an email
HI List
Has anyone have any hints how to not count peering traffic for a customer? E.G.
not count traffic to and from other customers on the same network. I thought
you could do this with a profile from Cisco but i cannot find the info about it
anymore.
Thanks
Andrew Paternoster
Senior
On 02/11/2010 01:48 PM, Alan DeKok wrote:
Andrew Rikhlivsky wrote:
I tried to configure COA service on my test server.
When i send coa packet:
...
server localhost-coa {
WARNING: Empty section. Using default return values.
WARNING: Empty section. Using default return
Hello all.
I tried to configure COA service on my test server.
When i send coa packet:
# echo User-Name = cisco, mpd-limit += \in#1=all rate-limit 132
15 30\,
mpd-limit += \out#2=all rate-limit 132 15 30\|radclient -d
/usr/local/share/freeradius/ -x [nas ip]:3799 coa
I just access-lists and time zones. All the config is done on the cisco
router. FreeRadius is only used to reference the policy map.
Andrew Paternoster
Senior System Engineer
[http://www.gpk.net.au/signatures/logo.jpg]http://www.gpk.net.au/
[http://www.gpk.net.au/signatures/spacer.jpg
Alan DeKok wrote:
Andrew Rikhlivsky wrote:
After downloading latest freeradius v2.1.7 sources, and configuring
(./configure --without-openssl --without-snmp) i start make and see next
messages:
# make
Use gmake. FreeRADIUS requires GNU Make.
Alan DeKok.
-
List info/subscribe
After downloading latest freeradius v2.1.7 sources, and configuring
(./configure --without-openssl --without-snmp) i start make and see next
messages:
# make
Make.inc, line 82: Missing dependency operator
Make.inc, line 85: Need an operator
Make.inc, line 87: Missing dependency operator
Thanks
I will look in to it
--
Andrew Paternoster
GPK Computers Pty Ltd
T 1300 854 223
F 1300 854 228
---
The information contained in or accompanying this e-mail is intended only for
the use of the stated recipient
Ops sorry i thought you were sending avpairs not receiving. Sorry.
Andrew Paternoster
Senior System Engineer
[cid:logo3b97.jpg]http://www.gpk.net.au/ [cid:spacer4027.jpg]
http://www.gpk.net.au2/94 Abbott Road, Hallam, VIC 3083
Phone: 1300 854 223 Fax: 1300 854 228
www.gpk.net.auhttp
HI
Does anyone have any COA policy examples? I want to use them on a cisco router
to change the traffic shaping policy at different times of the day.
Thank you
Andrew Paternoster
Senior System Engineer
[cid:logo35.jpg]http://www.gpk.net.au/[cid:spacer7cf.jpg]
http://www.gpk.net.au
What operator are you using? I have multi AVPairs and i have := on the first
one and += on the others working for me.
Andrew Paternoster
Senior System Engineer
[cid:logo1af4.jpg]http://www.gpk.net.au/ [cid:spacerecc.jpg]
http://www.gpk.net.au 2/94 Abbott Road, Hallam, VIC 3083
When I do a ./configure --help
I see the following:
--with-system-libtldl Use the libtltdl installed in your system (default=use
our own)
I believe this should be:
--with-system-libltdl Use the libltdl installed in your system (default=use
our own)
Hope this helps.
-Andrew
-
List
I was trying to dynamically limit the customers speed when they hit their
download quota. I'm doing this for DSL users connected to a Cisco NAS. Aren't
the WISPr only for wireless users?
--
Andrew Paternoster
GPK Computers Pty Ltd
T 1300 854 223
F 1300 854 228
Senior System Engineer
?
Thanks
--
Andrew Paternoster
GPK Computers Pty Ltd
T 1300 854 223
F 1300 854 228
---
The information contained in or accompanying this e-mail is intended only for
the use of the stated recipient and may contain information
Does anyone have a example of a CoA policy they could share??
Thanks
--
Andrew Paternoster
GPK Computers Pty Ltd
T 1300 854 223
F 1300 854 228
---
The information contained in or accompanying this e-mail is intended only
Hi there.
We have a network device using FreeRADIUS 1.x for authentication. This
RADIUS server in turn queries an LDAP server.
We wish to distinguish between admin and login requests but are
struggling to differentiate between the two.
At the moment we identify the device by its NAS address but
around and it works will all of them but only one at a time
and only the lowest priority.
Can anyone point out what i'm missing
Thanks
Andrew Paternoster
Mon Jun 1 22:24:46 2009 : Info: [sql] expand: SELECT id, username, attribute,
value, op FROM radcheck WHERE username
Hi Mike
Thanks you save what hair i have left. I read the document and i thought it
said to put it in radcheck and radreply. Some times it take a fresh set of
eyes. Thanks for your help.
Thank You.Andrew Paternoster,
From: freeradius-users-bounces+andrew=gpk.net...@lists.freeradius.org
is currently down
for the count. Does anyone have a copy of this patch they can send me?
Andrew
_
Share photos with friends on Windows Live Messenger
http://go.microsoft.com/?linkid=9650734
-
List info/subscribe/unsubscribe? See http
octets
ATTRIBUTEFortinet-Interface-Name5string
ATTRIBUTEFortinet-Access-Profile6string
Andrew
_
Internet Explorer 8 helps keep your personal info safe.
http://go.microsoft.com/?linkid=9655581
-
List info
a.l.m.bu...@lboro.ac.uk wrote:
chown -R radiusd:radiusd /etc/raddb
chmod -R 755 /etc/raddb/certs
Yuck - marking data files executable. I'd start with:
find /etc/raddb/certs -type d -exec chmod 755 {} \;
find /etc/raddb/certs \! -type d -exec chmod 644 {} \;
and fix any program file that
I'd just like to make other subscribers / searchers / admins pulling
their hair out aware of the FreeRADIUS LDAP HOWTO available here...
http://freeradius.org/radiusd/doc/ldap_howto.txt
For some reason it doesn't seem to be linked to on any main website or
wiki page - bizarrely including the
Arran Cudbard-Bell wrote...
Maybe because it was written 6 years ago, and very few of the
freeRADIUS 1.* examples will still work with 2
I see your point but why deny users access to this information ?
Surely all that's required is a note informing them of this.
I administer a legacy 1.x
Hi
I've trawled looking for a solution for this, but there doesn't seem
to be a clearcut answer. I am using Freeradius 1.1.7.
I'm trying to make it so that in the users file, passwords are stored
as a SHA hash.
So my users file looks like this:
asdf SHA-Password ==
Hi all.
Where I can read information about using DHCP opt. 82 in FreeRADIUS 2 ?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
understand the list is not support for Colubris, but I hope someone
with more experience can tell me how I might be misinterpreting the
instructions.
Thank you.
Andrew Long
FreeRADIUS Ver. 2.1.3
Backend: MySQL
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I'm back again trying to build the latest into rpm for our CentOS 5.x servers.
I have edited the spec file so
Name: freeradius
and repacked the tgz so it is freeradius-2.1.3.tar.gz
but I get
[al...@host SPECS]$ rpmbuild -ba --nobuild freeradius.spec
Processing files: freeradius-2.1.3-0
error:
Please ignore...
tried again a few minutes later and it works perfectly.
- Andrew Long
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[EMAIL PROTECTED] wrote:
Try attached Makefile. It has been altered so client certificates are
signed by the ca and not server certificate. I was unable to
persuade up-to-date Windows PCs to accept server certificate as an
Intermediate CA. Changing the issuer resolved the problem.
Shouldn't
Hello All,
I'm using 802.1x for authenticating users. How can I use
Framed-Ip-Address attribute to assign client ip address?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok wrote:
Thomas Fagart wrote:
I though it was a question of rights, but even when I chmod/chown it with
more rights I still get the following error.
radmin: Failed connecting to /usr/local/var/run/radiusd/radiusd.sock: No
such file or directory
shrug If that's the error being
Alan DeKok wrote:
Andrew Hood wrote:
Pardon me if I've missed something, but as far as I can tell the server
cert isn't authorised to sign client certs, so I can't see how it could
work. The CA can sign client certs.
There can be multiple levels of CA's. Verisign, your company
Alan DeKok wrote:
William Hegardt wrote:
EAP-TLS authentication fails with the fatal unknown ca message.
The server cert may need to be marked with CA:true
If I hack the Makefile like Sergio mentioned last month to sign the
client certificate with
the CA key, then authentication
Alan DeKok wrote:
Rafiqul Ahsan wrote:
Ok, I tried as follows :
...
Still ldd /usr/local/sbin/radiusd shows the shared object from
/usr/sfw/lib/*0.9.7
Then the issue is that the linker is linking against libssl.so, and
not libssl.so.0.9.8. This means that at run-time, /usr/sfw/lib
Rafiqul Ahsan wrote:
It is Solaris 10 (V210). Now I have added below Flags (as per your
previous email) :
CFLAGS=-I/usr/local/ssl/include/openssl
CPPFLAGS=-I/usr/local/ssl/include/openssl
LDFLAGS='-L/usr/local/ssl/lib -R/usr/local/ssl/lib'
export CFLAGS CPPFLAGS LDFLAGS
How else to
Rafiqul Ahsan wrote:
Hi Alan, and All,
Well, I believe I have linked Freeradius 2.0.5 with the right openssl
(0.9.8h) now by adding below env variables(my build logs also says
that linked with -L/usr/local/ssl/lib). However I still see the same
error while using sha256 encryption algorithm
Alan DeKok wrote:
Haralds Ulmanis wrote:
Just checked out from cvs .. and got compile error:
...
/root/freeradius/radiusd/src/main/listen.c:309: undefined reference to
`request_stats_reply'
Edit src/main/Makefile, and add stats.c to the SERVER_SRCS line.
It's in Makefile.in, but
--- 14,19
BEGIN-VENDOR FreeRADIUS
ATTRIBUTE FreeRADIUS-Proxied-To 1 ipaddr
+ ATTRIBUTE FreeRADIUS-Cert-Serial 2 integer
END-VENDOR FreeRADIUS
On Mon, May 5, 2008 at 2:54 PM, Alan DeKok [EMAIL PROTECTED] wrote:
Andrew Olson
Is it safe to assume that the config below is correct? If so, is FR
just not behaving in the manner that I expect.
Thanks,
Andrew
On Fri, May 2, 2008 at 3:31 PM, Andrew Olson [EMAIL PROTECTED] wrote:
On Fri, May 2, 2008 at 2:47 PM, Alan DeKok [EMAIL PROTECTED] wrote:
Andrew Olson wrote
On Mon, May 5, 2008 at 9:48 AM, Alan DeKok [EMAIL PROTECTED] wrote:
Andrew Olson wrote:
Is it safe to assume that the config below is correct? If so, is FR
just not behaving in the manner that I expect.
I suggest tracing execution to see what it's doing, and why.
Here
On Mon, May 5, 2008 at 10:40 AM, Alan DeKok [EMAIL PROTECTED] wrote:
Andrew Olson wrote:
Here is the pertinent part of the trace output. As you can see I am
able to parse the Cert SN and put it back on the request. However, my
perl module never gets called in authenticate
on other requests. Am I
missing something? If I ever get this working, I'll post the patch.
Thanks,
Andrew Olson
On Tue, Apr 29, 2008 at 3:50 AM, Alan DeKok [EMAIL PROTECTED] wrote:
Andrew Olson wrote:
Are there attributes available to get at properties of a certificate.
I want to look
1 - 100 of 274 matches
Mail list logo