Re: Help with 802.1x Certificate

2012-09-14 Thread Carl Peterson
be an issue. Easy enough to test. If 1 and 2 don't work, try with a non-wildcard cert +1 and 2. Post your results so we can all learn from it. Carl Peterson On Sep 14, 2012, at 10:44 AM, Tyller D tyll...@gmail.com wrote: On Fri, Sep 14, 2012 at 4:07 PM, Alan DeKok al

Re: Set expiry timeout after first login

2012-08-08 Thread Carl Peterson
I'm sure there are other ways to do this but I do it with a post auth query matching a specific max all session value. If it matches, it updates the attribute to expiration and sets the value 24hr from now. When I wrote it, freeradius only supported one post auth query so I use cases to match an

Accessing nas ip with rlm_python and rlm_perl

2012-07-25 Thread Carl Pierre
Hello: Is it at all possible to access this information within these modules? I am trying to code different behavior in my code based on IP. Regards, - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

PEAP Password

2012-07-13 Thread Carl Pierre
Hello: I would like to have FreeRADIUS check the user's submitted credentials before it even allows the Tunnel to even be set up. Is this a possibility? Regards, Carl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: PEAP Password

2012-07-13 Thread Carl Pierre
My lack of understanding I think, is due in part because of a wpa_supplicant-based client I am using with PEAP/EAP-GTC. The client asks for a username and password, sets up the tunnel and then challenges for a Password again for the GTC stuff. FreeRADIUS rightfully ignores the first password,

PEAP/EAP_GTC

2012-07-11 Thread Carl Pierre
Hello: Are there any clients that actually display the EAP-GTC challenge? Essentially, I am trying to use EAP-GTC similarly to how PAP Access-Challenge works: Client: ---User/PassServer Client: --Challenge Message-Server Client: ---Challenge Response---Server

2 Factor Authetication and EAP-GTC

2012-07-08 Thread Carl Pierre
Hello: I have recently been made a part of a project in which we intend to use freeradius. So far, FR seems to be the ideal tool except for one small issue: 2-Factor Authentication. Try as I might, I cannot seem to find any way to set up a multi-factor solution using PEAP. So I suppose my

Re: Different versions of sql.conf

2012-04-24 Thread Carl Peterson
have the config files in /sql/mysql/. Thanks again, Carl On Apr 23, 2012, at 5:54 PM, alan buxey wrote: Hi, The version of sql.conf found in ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-2.1.12.tar.gz seems to be quite different from the version found at http

Different versions of sql.conf

2012-04-23 Thread Carl Peterson
the other options. I can't find them in any other config file. Is something amiss? Thanks, Carl Peterson - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

[no subject]

2011-10-14 Thread OzSpots - Carl Sawers
Hi All, I have searched high and low for a Radacct Terminate cause description for Freeradius, the terminate cause states Lost-Session , anyone know what it refers too? Regards Carl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

terminate session

2011-10-13 Thread OzSpots - Carl Sawers
the ChilliSpot-Max-Total-Octets quota and the Idle-Timeout does not appear to work. How does radius send a stop session command to the coovachilli router, perhaps that's where the issues is? Regards Carl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list

RE: terminate session

2011-10-13 Thread OzSpots - Carl Sawers
OzSpots - Carl Sawers wrote: The user can also go over the ChilliSpot-Max-Total-Octets quota and the Idle-Timeout does not appear to work. Then it's a chillispot problem. It has nothing to do with FreeRADIUS. How does radius send a stop session command to the coovachilli router, perhaps

RE: radius.log test?

2011-07-18 Thread OzSpots - Carl Sawers
Thanks for that, rather odd, I ran radius -X and found the location the request was coming from, it was one of our pc's which must have been running a test in the background, a reboot turned it off. cheers Regards Carl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list

radius.log test?

2011-07-17 Thread OzSpots - Carl Sawers
understand what this is? Regards Carl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Slow Mysql Queries

2011-06-07 Thread OzSpots - Carl Sawers
Thanks for the help Fajar, We wish to fix this in house so don't want to pay for a dba BUT we are not getting much closer to the issue though I have found that a lot of the tables are actually indexed I just didn't know where to look. PHPmyadmin runtime info states that  Select_full_join  

RE: Slow Mysql Queries

2011-06-06 Thread OzSpots - Carl Sawers
Thanks for the advice everyone! I have removed scripts which caused the VERY slow queries and have now had the slow query log on for a few days. It is still showing loads of entry's but http access performance is not noticeably slow(on occasion there is a small delay). The slow queries appear to

RE: Slow Mysql Queries

2011-06-05 Thread OzSpots - Carl Sawers
the scripts have changed slightly this DB worked fine on the last server - could it have been corrupted from the sql txt file import perhaps? (via phpadmin) Regards Carl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Slow Mysql Queries

2011-06-04 Thread OzSpots - Carl Sawers
(sql): There are no DB handles to use! skipped 0, tried to connect 0 Fri Jun 3 19:39:50 2011 : Info: rlm_sql (sql): There are no DB handles to use! skipped 0, tried to connect 0 Regards Carl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

EAP-PEAP-GTC User-Password never set

2011-04-12 Thread Carl Anderson
Hello All, I've been trying to get this seemingly simple implementation working for the past week to no avail. I've been scouring the search in an attempt to find someone with the exact same problem, yet haven't found anyone. Hopefully someone here can help. Here is my attempted implementation:

RE: EAP-PEAP-GTC User-Password never set

2011-04-12 Thread Carl Anderson
Well, that's a shame, but thank you very much for the reply, I appreciate it. It'll at least save me countless hours of fiddling around with the config to no avail. Cheers, Carl From: Alan DeKok-2 [via FreeRadius] [mailto:ml-node+4299802-2066596580-197...@n5.nabble.com] Sent: Wednesday

Chap password to user password

2007-08-21 Thread Carl aniams
hi Alan, i was able to fix it in chillispot by uncommenting the user password thanks a lot for your assistance -- -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ ANIAMBOSSOU Carl NIAMS TECHNOLOGIES tel: +229 90 04 08 58 +229 97 48 01 33 COTONOU REPUBLIC OF BENIN WEST AFRICA - List info/subscribe

customise dialup admin

2007-08-21 Thread Carl aniams
how please. thanks -- -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ ANIAMBOSSOU Carl NIAMS TECHNOLOGIES tel: +229 90 04 08 58 +229 97 48 01 33 COTONOU REPUBLIC OF BENIN WEST AFRICA - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Chap-password to User-password

2007-08-20 Thread Carl aniams
-- -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ ANIAMBOSSOU Carl NIAMS TECHNOLOGIES tel: +229 90 04 08 58 +229 97 48 01 33 COTONOU REPUBLIC OF BENIN WEST AFRICA - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

chap password reject

2007-08-19 Thread Carl aniams
attempt by aniams with CHAP password rlm_chap: using clear text password carl for user aniams authentication rlm_chap: password check failed i've tried many options including reading faq but nothing yet.Attached is my radiusd.conf can somebody give a help? thanks

problem with dialup admin, php

2007-08-09 Thread Carl aniams
i'm using fedora core 4, freeradius1.1.6 -- -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ ANIAMBOSSOU Carl NIAMS TECHNOLOGIES tel: +229 90 04 08 58 +229 97 48 01 33 COTONOU REPUBLIC OF BENIN WEST AFRICA - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

using EAP instead of chilli

2007-07-07 Thread Carl aniams
someone help or give a link on how to deploy using the same linksys box. thanks a lot -- -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ ANIAMBOSSOU Carl NIAMS TECHNOLOGIES tel: +229 90 04 08 58 +229 97 48 01 33 COTONOU REPUBLIC OF BENIN WEST AFRICA - List info/subscribe/unsubscribe? See http

Re:users authentication failed

2007-06-26 Thread Carl aniams
In the users file i commented the authtype=system for user:DEFAULT now the authentication is done through PAP but pap rejects user look the joint file No user can be authenticate whether in database or an account user. -- -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ ANIAMBOSSOU Carl NIAMS

re: users authentication failed

2007-06-26 Thread Carl aniams
hi now the authentication type is local with the message user supplied user-password does not match local user-password see attached file thanks -- -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ ANIAMBOSSOU Carl NIAMS TECHNOLOGIES tel: +229 90 04 08 58 +229 97 48 01 33 COTONOU REPUBLIC

users authentication failed

2007-06-25 Thread Carl aniams
seconds... --- Walking the entire request list --- Cleaning up request 0 ID 0 with timestamp 467fb396 Nothing to do. Sleeping until we see a request. -- -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ ANIAMBOSSOU Carl NIAMS TECHNOLOGIES tel: +229 90 04 08 58 +229 97 48 01 33 COTONOU REPUBLIC OF BENIN

Re:users authentication failed

2007-06-25 Thread Carl aniams
Carl aniams wrote: ... please any suggestion ... WARNING: Unprintable characters in the password. ? Double-check the shared secret on the server and the NAS! What part of that message is unclear? Be sure that i crossed check the shared secret on my server and on the nas (the AP) yet

Re:users authentication failed

2007-06-25 Thread Carl aniams
I used numbers (123456) and it seems to work.seems?? when i use user:akim passwd:willy everything is allwright (redirection authentication on radius and message response ok.) using browsing the net but when i try to use another user (carl passwd:aniam or all the several users i created ) i

debug messages on dialupadmin interface

2007-06-08 Thread Carl aniams
open there are debug messages that visibly shouldn't appear(i think). Is it normal? -- -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ ANIAMBOSSOU Carl NIAMS TECHNOLOGIES tel: +229 90 04 08 58 +229 97 48 01 33 COTONOU REPUBLIC OF BENIN WEST AFRICA - List info/subscribe/unsubscribe? See http

still can't find db_mysql.sql

2007-06-06 Thread Carl aniams
please help -- -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ ANIAMBOSSOU Carl NIAMS TECHNOLOGIES tel: +229 90 04 08 58 +229 97 48 01 33 COTONOU REPUBLIC OF BENIN WEST AFRICA - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

my dialupadmin page can't connect to sql

2007-05-27 Thread Carl aniams
i'm running a fedora core 4 linux box on which i have installed freeradius 1.1.6 when i try to test the dialupadmin i receive the message can't connect to sql server. help - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

dialupadmin not displaying menu

2007-05-26 Thread Carl aniams
that it is the content of a php3 script in the conf file that are written need a help please -- -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ ANIAMBOSSOU Carl NIAMS TECHNOLOGIES tel: +229 90 04 08 58 +229 97 48 01 33 COTONOU REPUBLIC OF BENIN WEST AFRICA - List info/subscribe/unsubscribe? See http

EAP identity - username check

2006-08-09 Thread Carl Wahlin
Hello,We are trying to get machine certificates to with freeradius for WLAN.Problem:We are using the sql user database plugin as we need to return attributes (which vlan the user belongs to, QoS etc) and it all works fine untill we install the certificates as machine certs. Windows changes the

RE: AW: EAP identity - username check

2006-08-09 Thread Carl Wahlin
will be in the database, and the cert will be valid.I will give Alan DeKoks solution a try tomorrow. I can see how this would work, although I'm not sure about how it will interpret the / since MS uses \ for domain names! sql_user_name = %{mschap:User-Name:-%{User-Name}}/Carl From: [EMAIL PROTECTED]To: freeradius-users

Re: set 'Tunnel Private Group ID' based on OU in certificate?

2006-02-23 Thread Carl Wahlin
? -Bob Sounds like something I should take a look at. I don't think I would need a separate entry for each cert. I would need one for each group of users belonging to ie. an OU. Not sure if I would be able to do this with the rlm_sql module, but I'll take a look. /Carl Carl Wahlin wrote

set Tunnel Private Group ID based on OU in certificate?

2006-02-22 Thread Carl Wahlin
on stuff in the certificate? /Carl W. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: expiration

2005-08-16 Thread Carl Peterson
Thanks, It works well. Carl On Sunday 07 August 2005 22:26, Alan DeKok wrote: Carl Peterson [EMAIL PROTECTED] wrote: I understand that it is not in 1.0.4. The version I got from CVS was 1.0.4. How do I get 1.0.5 from CVS? 1) rlm_expiration is not in 1.0.5, either. 2

Re: expiration

2005-08-07 Thread Carl Peterson
I understand that it is not in 1.0.4. The version I got from CVS was 1.0.4. How do I get 1.0.5 from CVS? Thanks, Carl Alan DeKok wrote .. Carl Peterson [EMAIL PROTECTED] wrote: radiusd.conf[1383] Failed to link to module 'rlm_expiration': rlm_expiration.so: cannot open shared object

Re: expiration

2005-08-06 Thread Carl Peterson
. Is there a way to change this or am I doing something wrong? foxtrot raddb # /usr/local/sbin/radiusd -v radiusd: FreeRADIUS Version 1.0.4, for host , built on Aug 6 2005 at 16:55:22 Thanks, Carl Peterson The fix is in CVS: $ cvs -d :pserver:[EMAIL PROTECTED]:/source checkout -r release_1_0

expiration

2005-08-05 Thread Carl Peterson
{ reply-message = Your account has expired, %{User-Name}\r\n } Also, do I need to add expiration to instantiate? Thanks for any input, Carl Peterson - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: expiration

2005-08-05 Thread Carl Peterson
Does it exist in an earlier version or nightly? if not, any idea when 1.0.5 will come out? Thanks, Carl Peterson On Friday 05 August 2005 17:13, Alan DeKok wrote:   The expiration module does not exist in 1.0.4.   The Expiration feature doesn't work in 1.0.4.  We will be releasing 1.0.5

radiusd -C

2005-05-24 Thread Carl Davis
? Carl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radiusd -C

2005-05-24 Thread Carl Davis
Is there another good option for checking the conf files before doing an HUP? On Tue, 2005-05-24 at 15:32 -0400, Alan DeKok wrote: Carl Davis [EMAIL PROTECTED] wrote: The FAQ says 1.6.4 and later, but the latest version that can be downloaded is only 1.0.2? Hmm... the FAQ is really old

Re: Determine modem utilization?

2005-04-17 Thread Carl Davis
Now why didn't I think of that? That should work perfectly. Thanks! Carl On Thu, 2005-04-14 at 08:32 -0400, Matthew Crocker wrote: Why don't use use MRTG/RRDTOOL and poll the modem pool with SNMP? (www.mrtg.org, www.rrdtool.org) -Matt On Apr 14, 2005, at 8:19 AM, Carl Davis wrote

Determine modem utilization?

2005-04-14 Thread Carl Davis
Is there a program that will analyze out mysql accounting logs and give us an idea if we are peaking out anywhere and need to consider order another 24 channels? Carl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: How to restrict total usage time.

2005-04-10 Thread Carl Peterson
rlm_sqlcounter: Sent Reply-Item for user tagric15, Type=Session-Timeout, value=99874831 modcall[authorize]: module noresetcounter returns ok for request 31 Of course the Max-All-Session attribute needs to be set for the user. My full radiusd.conf file is available at jabali.net/~carl under

Re: Prepaid card module/software

2004-12-28 Thread Carl Peterson
reset = never query = SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{%k}' } I am adding my radiusd.conf file to: http://jabali.net/~carl/?link=2 as there are other entries that you need to add. You may have to compile --with-experimental-modules so

Re: Prepaid card module/software

2004-12-27 Thread Carl Peterson
isn't indefinite. Any ideas? Carl On Monday 27 December 2004 17:46, Thor Spruyt wrote: Carl Peterson wrote: I am working on writing it as we speak. Current release is phpMyPrepaid-0.1.2. It actually works with a MySQL database and inserts the users into the radcheck table. Hourly cards

one day accounts

2004-12-23 Thread Carl Peterson
that will give a user 24 hours of continuous access from first use. Is there already an attribute for this or an easy way to enable this feature? Carl Peterson - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Redirect users to a web page

2004-12-20 Thread Carl Peterson
NocatSplash http://nocat.net/moin/NoCatSplash i don`t want to force my users to authorise, i just want them to see the news page every time they login, then everything goes normally. Cheers, Florin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List

Re: Redirect users to a web page

2004-12-18 Thread Carl Peterson
Not quite sure what you are looking for here but it sounds like you want something like NoCat Splash, NocatAuth or Chilli. Carl Peterson On Saturday 18 December 2004 07:16, Florin Samareanu wrote: anyone has any ideea how i can redirect my users the first time they browse a web page

Re: krb5 errors when compiling on Fedora Core 3

2004-12-15 Thread Carl Peterson
I had a similar problem with krb5 on FC2 so I compiled without krb5 which worked fine. CP On Wednesday 15 December 2004 09:28, E. Dean Sahutske wrote: Is there no one whose seen this or had this happen to them? Is Fedora not an appropriate platform for Freeradius? dean [EMAIL PROTECTED]

Re: installaion problem

2004-12-08 Thread Carl Peterson
I had a similar error with 1.01 on FC 2. I didn't need krb5 so I just configured it without krb5 and it compiled fine. CP On Wednesday 08 December 2004 00:01, Paul Hampson wrote: On Wed, Dec 08, 2004 at 12:53:48PM +0800, Spades wrote: While installing Freeradius 1.0.1, i managed to run

Re: Freeradius installation problem

2004-12-08 Thread Carl Peterson
I am doing the same thing using chilli, freeradius, and mysql. I use Max-All-Sessions and wrote a counter for it. Of course my cards are good for x seconds. Using Session-Timeout would mean that a session could be x seconds long but as soon as you log back in you can have another x seconds.

Re: installaion problem

2004-12-08 Thread Carl Peterson
On Wednesday 08 December 2004 13:08, L.C. (Laurentiu C. Badea) wrote: I'm afraid to point the obvious, but I believe there is no need to compile freeradius on Fedora 2, seeing as it comes with it. Am I missing something ? SQL counters? CP - List info/subscribe/unsubscribe? See

Re: installaion problem

2004-12-08 Thread Carl Peterson
make install - Original Message - From: Carl Peterson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, December 09, 2004 1:52 AM Subject: Re: installaion problem I had a similar error with 1.01 on FC 2. I didn't need krb5 so I just configured it without krb5

Re: Cisco Command authorization

2004-12-06 Thread Carl
There are settings in the Cisco IOS that will allow you to authenticate an administrator through a freeradius server Lim Han Shyong wrote: Hi all: I would like use freeradius to authenticate telnet service into cisco. Its work after setup. So now my further questions are . 1. How i

Problem with FreeRadius

2004-12-04 Thread Carl
: user xfs found in hashtable bucket 17213 HASH: user ntp found in hashtable bucket 21418 HASH: user gdm found in hashtable bucket 50360 HASH: user carl found in hashtable bucket 91900 HASH: user engt found in hashtable bucket 38574 HASH: user mailman found in hashtable bucket 53563 HASH

Help with Cisco 1200 AP and FreeRadius

2004-12-03 Thread Carl
I found a partial answer to this in the list archives, but it didn't help me much I'm using a Cisco 1200 AP and freeradius 1.0.1 for authentication. I have Radius set up fine, but I can't get the AP to foward the packets on to the server. Does anyone have any ideas? - List

IP Problem

2004-11-05 Thread Carl
I'm able to authenticate through freeradius using a linksys router running DHCP, but when I do that, I'm not getting an IP address. If I don't use radius, the router provides me with an ip address. I shouldn't have to configure freeradius to give me an ip address should I? - List

Problem configuring freeradius

2004-10-20 Thread Carl
I'm trying to use FreeRadius as an authentication server to authenticate wireless network users. I have it installed and configured, but I don't have it configured correctly evidently. In the users file, I have a user bob with the password bob. If I use the command radtest bob bob

Re: Problem configuring freeradius

2004-10-20 Thread Carl
Fall-Through = 1 but that wasn't working. Any ideas? Carl Alan DeKok wrote: Carl [EMAIL PROTECTED] wrote: I'm trying to use FreeRadius as an authentication server to authenticate wireless network users. I have it installed and configured, but I don't have it configured correctly evidently

Re: Problem configuring freeradius

2004-10-20 Thread Carl
anyone have any ideas how I can use the system usernames and passwords to authenticate users? Carl Bryan Catlin wrote: Carl I read some of your post and have a web page that has an excerpt from an O'rielly book about radius that specifically talks about setting up Freeradius. I used this book

Re: Problem Compiling

2004-10-20 Thread Carl
how did you try installing? On my fedora system I always use yum to get and install the programs I want Matt wrote: Hi, Can anyone explain to me why I'm getting the error I am and the aborted compile? I'm compling on a fedora core 1 system. rlm_exec.c: In function `exec_xlat': rlm_exec.c:124: