be an
issue. Easy enough to test. If 1 and 2 don't work, try with a
non-wildcard cert +1 and 2. Post your results so we can all learn from it.
Carl Peterson
On Sep 14, 2012, at 10:44 AM, Tyller D tyll...@gmail.com wrote:
On Fri, Sep 14, 2012 at 4:07 PM, Alan DeKok al
I'm sure there are other ways to do this but I do it with a post auth
query matching a specific max all session value. If it matches, it
updates the attribute to expiration and sets the value 24hr from now.
When I wrote it, freeradius only supported one post auth query so I
use cases to match an
Hello:
Is it at all possible to access this information within these modules? I am
trying to code different behavior in my code based on IP.
Regards,
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello:
I would like to have FreeRADIUS check the user's submitted credentials
before it even allows the Tunnel to even be set up.
Is this a possibility?
Regards,
Carl
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
My lack of understanding I think, is due in part because of a
wpa_supplicant-based client I am using with PEAP/EAP-GTC.
The client asks for a username and password, sets up the tunnel and then
challenges for a Password again for the GTC stuff.
FreeRADIUS rightfully ignores the first password,
Hello:
Are there any clients that actually display the EAP-GTC challenge?
Essentially, I am trying to use EAP-GTC similarly to how PAP
Access-Challenge works:
Client: ---User/PassServer
Client: --Challenge Message-Server
Client: ---Challenge Response---Server
Hello:
I have recently been made a part of a project in which we intend to use
freeradius.
So far, FR seems to be the ideal tool except for one small issue: 2-Factor
Authentication.
Try as I might, I cannot seem to find any way to set up a multi-factor
solution using PEAP.
So I suppose my
have the config files in
/sql/mysql/.
Thanks again,
Carl
On Apr 23, 2012, at 5:54 PM, alan buxey wrote:
Hi,
The version of sql.conf found in
ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-2.1.12.tar.gz
seems to be quite different from the version found at
http
the other options. I can't find them in any other config file. Is
something amiss?
Thanks,
Carl Peterson
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi All, I have searched high and low for a Radacct Terminate cause
description for Freeradius, the terminate cause states Lost-Session ,
anyone know what it refers too?
Regards
Carl
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
the ChilliSpot-Max-Total-Octets quota and the
Idle-Timeout does not appear to work.
How does radius send a stop session command to the coovachilli router,
perhaps that's where the issues is?
Regards
Carl
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
OzSpots - Carl Sawers wrote:
The user can also go over the ChilliSpot-Max-Total-Octets quota and
the Idle-Timeout does not appear to work.
Then it's a chillispot problem. It has nothing to do with FreeRADIUS.
How does radius send a stop session command to the coovachilli router,
perhaps
Thanks for that, rather odd, I ran radius -X and found the location the
request was coming from, it was one of our pc's which must have been
running a test in the background, a reboot turned it off. cheers
Regards
Carl
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
understand what this is?
Regards
Carl
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks for the help Fajar, We wish to fix this in house so don't want to pay
for a dba BUT we are not getting much closer to the issue though
I have found that a lot of the tables are actually indexed I just didn't know
where to look.
PHPmyadmin runtime info states that Select_full_join
Thanks for the advice everyone!
I have removed scripts which caused the VERY slow queries and have now
had the slow query log on for a few days. It is still showing loads of
entry's but http access performance is not noticeably slow(on occasion
there is a small delay). The slow queries appear to
the scripts have changed
slightly this DB worked fine on the last server - could it have been
corrupted from the sql txt file import perhaps? (via phpadmin)
Regards Carl
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
(sql): There are no DB handles
to use! skipped 0, tried to connect 0
Fri Jun 3 19:39:50 2011 : Info: rlm_sql (sql): There are no DB handles
to use! skipped 0, tried to connect 0
Regards Carl
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello All,
I've been trying to get this seemingly simple implementation working for the
past week to no avail. I've been scouring the search in an attempt to find
someone with the exact same problem, yet haven't found anyone. Hopefully
someone here can help.
Here is my attempted implementation:
Well, that's a shame, but thank you very much for the reply, I appreciate
it. It'll at least save me countless hours of fiddling around with the
config to no avail.
Cheers,
Carl
From: Alan DeKok-2 [via FreeRadius]
[mailto:ml-node+4299802-2066596580-197...@n5.nabble.com]
Sent: Wednesday
hi Alan,
i was able to fix it in chillispot by uncommenting the user password
thanks a lot for your assistance
--
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
ANIAMBOSSOU Carl
NIAMS TECHNOLOGIES
tel: +229 90 04 08 58 +229 97 48 01 33
COTONOU
REPUBLIC OF BENIN
WEST AFRICA
-
List info/subscribe
how please.
thanks
--
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
ANIAMBOSSOU Carl
NIAMS TECHNOLOGIES
tel: +229 90 04 08 58 +229 97 48 01 33
COTONOU
REPUBLIC OF BENIN
WEST AFRICA
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
ANIAMBOSSOU Carl
NIAMS TECHNOLOGIES
tel: +229 90 04 08 58 +229 97 48 01 33
COTONOU
REPUBLIC OF BENIN
WEST AFRICA
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
attempt by aniams with CHAP password
rlm_chap: using clear text password carl for user aniams authentication
rlm_chap: password check failed
i've tried many options including reading faq but nothing yet.Attached is my
radiusd.conf
can somebody give a help?
thanks
i'm using fedora core 4, freeradius1.1.6
--
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
ANIAMBOSSOU Carl
NIAMS TECHNOLOGIES
tel: +229 90 04 08 58 +229 97 48 01 33
COTONOU
REPUBLIC OF BENIN
WEST AFRICA
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
someone help or give a link on how to deploy using the same linksys box.
thanks a lot
--
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
ANIAMBOSSOU Carl
NIAMS TECHNOLOGIES
tel: +229 90 04 08 58 +229 97 48 01 33
COTONOU
REPUBLIC OF BENIN
WEST AFRICA
-
List info/subscribe/unsubscribe? See http
In the users file i commented the authtype=system for user:DEFAULT
now the authentication is done through PAP but pap rejects user
look the joint file
No user can be authenticate whether in database or an account user.
--
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
ANIAMBOSSOU Carl
NIAMS
hi
now the authentication type is local with the message
user supplied user-password does not match local user-password
see attached file
thanks
--
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
ANIAMBOSSOU Carl
NIAMS TECHNOLOGIES
tel: +229 90 04 08 58 +229 97 48 01 33
COTONOU
REPUBLIC
seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 0 with timestamp 467fb396
Nothing to do. Sleeping until we see a request.
--
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
ANIAMBOSSOU Carl
NIAMS TECHNOLOGIES
tel: +229 90 04 08 58 +229 97 48 01 33
COTONOU
REPUBLIC OF BENIN
Carl aniams wrote:
...
please any suggestion
...
WARNING: Unprintable characters in the password. ? Double-check the
shared secret on the server and the NAS!
What part of that message is unclear?
Be sure that i crossed check the shared secret on my server and on the nas
(the AP) yet
I used numbers (123456) and it seems to work.seems??
when i use user:akim passwd:willy everything is allwright (redirection
authentication on radius and message response ok.) using browsing the net
but when i try to use another user (carl passwd:aniam or all the several
users i created ) i
open there are debug messages that visibly
shouldn't appear(i think).
Is it normal?
--
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
ANIAMBOSSOU Carl
NIAMS TECHNOLOGIES
tel: +229 90 04 08 58 +229 97 48 01 33
COTONOU
REPUBLIC OF BENIN
WEST AFRICA
-
List info/subscribe/unsubscribe? See http
please help
--
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
ANIAMBOSSOU Carl
NIAMS TECHNOLOGIES
tel: +229 90 04 08 58 +229 97 48 01 33
COTONOU
REPUBLIC OF BENIN
WEST AFRICA
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
i'm running a fedora core 4 linux box on which i have installed freeradius
1.1.6
when i try to test the dialupadmin i receive the message can't connect to
sql server.
help
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
that it is the content of a php3 script in the conf file
that are written
need a help please
--
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
ANIAMBOSSOU Carl
NIAMS TECHNOLOGIES
tel: +229 90 04 08 58 +229 97 48 01 33
COTONOU
REPUBLIC OF BENIN
WEST AFRICA
-
List info/subscribe/unsubscribe? See http
Hello,We are trying to get machine certificates to with freeradius for WLAN.Problem:We are using the sql user database plugin as we need to return attributes (which vlan the user belongs to, QoS etc) and it all works fine untill we install the certificates as machine certs. Windows changes the
will be in the database, and the cert will be valid.I will give Alan DeKoks solution a try tomorrow. I can see how this would work, although I'm not sure about how it will interpret the / since MS uses \ for domain names! sql_user_name = %{mschap:User-Name:-%{User-Name}}/Carl From: [EMAIL PROTECTED]To: freeradius-users
?
-Bob
Sounds like something I should take a look at. I don't think I would need
a separate entry for each cert. I would need one for each group of users
belonging to ie. an OU. Not sure if I would be able to do this with the
rlm_sql module, but I'll take a look.
/Carl
Carl Wahlin wrote
on stuff in the
certificate?
/Carl W.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks,
It works well.
Carl
On Sunday 07 August 2005 22:26, Alan DeKok wrote:
Carl Peterson [EMAIL PROTECTED] wrote:
I understand that it is not in 1.0.4. The version I got from CVS
was 1.0.4. How do I get 1.0.5 from CVS?
1) rlm_expiration is not in 1.0.5, either.
2
I understand that it is not in 1.0.4. The version I got from CVS was 1.0.4.
How do I get 1.0.5 from CVS?
Thanks,
Carl
Alan DeKok wrote ..
Carl Peterson [EMAIL PROTECTED] wrote:
radiusd.conf[1383] Failed to link to module 'rlm_expiration':
rlm_expiration.so:
cannot open shared object
. Is there a way to change
this or am I doing something wrong?
foxtrot raddb # /usr/local/sbin/radiusd -v
radiusd: FreeRADIUS Version 1.0.4, for host , built on Aug 6 2005 at 16:55:22
Thanks,
Carl Peterson
The fix is in CVS:
$ cvs -d :pserver:[EMAIL PROTECTED]:/source checkout -r release_1_0
{
reply-message = Your account has expired, %{User-Name}\r\n
}
Also, do I need to add expiration to instantiate?
Thanks for any input,
Carl Peterson
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Does it exist in an earlier version or nightly? if not, any idea when 1.0.5
will come out?
Thanks,
Carl Peterson
On Friday 05 August 2005 17:13, Alan DeKok wrote:
The expiration module does not exist in 1.0.4.
The Expiration feature doesn't work in 1.0.4. We will be releasing
1.0.5
?
Carl
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Is there another good option for checking the conf files before doing an
HUP?
On Tue, 2005-05-24 at 15:32 -0400, Alan DeKok wrote:
Carl Davis [EMAIL PROTECTED] wrote:
The FAQ says 1.6.4 and later, but the latest version that can be
downloaded is only 1.0.2?
Hmm... the FAQ is really old
Now why didn't I think of that? That should work perfectly. Thanks!
Carl
On Thu, 2005-04-14 at 08:32 -0400, Matthew Crocker wrote:
Why don't use use MRTG/RRDTOOL and poll the modem pool with SNMP?
(www.mrtg.org, www.rrdtool.org)
-Matt
On Apr 14, 2005, at 8:19 AM, Carl Davis wrote
Is there a program that will analyze out mysql accounting logs and give
us an idea if we are peaking out anywhere and need to consider order
another 24 channels?
Carl
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rlm_sqlcounter: Sent Reply-Item for user tagric15, Type=Session-Timeout,
value=99874831
modcall[authorize]: module noresetcounter returns ok for request 31
Of course the Max-All-Session attribute needs to be set for the user. My full
radiusd.conf file is available at jabali.net/~carl under
reset = never
query = SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='%{%k}'
}
I am adding my radiusd.conf file to: http://jabali.net/~carl/?link=2
as there are other entries that you need to add. You may have to compile
--with-experimental-modules so
isn't indefinite. Any ideas?
Carl
On Monday 27 December 2004 17:46, Thor Spruyt wrote:
Carl Peterson wrote:
I am working on writing it as we speak. Current release is
phpMyPrepaid-0.1.2. It actually works with a MySQL database and
inserts the users into the radcheck table. Hourly cards
that will give a user
24 hours of continuous access from first use. Is there already an attribute
for this or an easy way to enable this feature?
Carl Peterson
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
NocatSplash http://nocat.net/moin/NoCatSplash
i don`t want to force my users to authorise, i just want them to see
the news page every time they login, then everything goes normally.
Cheers,
Florin
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List
Not quite sure what you are looking for here but it sounds like you want
something like NoCat Splash, NocatAuth or Chilli.
Carl Peterson
On Saturday 18 December 2004 07:16, Florin Samareanu wrote:
anyone has any ideea how i can redirect my users the first time they
browse a web page
I had a similar problem with krb5 on FC2 so I compiled without krb5 which
worked fine.
CP
On Wednesday 15 December 2004 09:28, E. Dean Sahutske wrote:
Is there no one whose seen this or had this happen to them? Is Fedora
not an appropriate platform for Freeradius?
dean
[EMAIL PROTECTED]
I had a similar error with 1.01 on FC 2. I didn't need krb5 so I just
configured it without krb5 and it compiled fine.
CP
On Wednesday 08 December 2004 00:01, Paul Hampson wrote:
On Wed, Dec 08, 2004 at 12:53:48PM +0800, Spades wrote:
While installing Freeradius 1.0.1, i managed to run
I am doing the same thing using chilli, freeradius, and mysql. I use
Max-All-Sessions and wrote a counter for it. Of course my cards are good for
x seconds. Using Session-Timeout would mean that a session could be x
seconds long but as soon as you log back in you can have another x seconds.
On Wednesday 08 December 2004 13:08, L.C. (Laurentiu C. Badea) wrote:
I'm afraid to point the obvious, but I believe there is no need to compile
freeradius on Fedora 2, seeing as it comes with it. Am I missing something
?
SQL counters?
CP
-
List info/subscribe/unsubscribe? See
make install
- Original Message -
From: Carl Peterson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, December 09, 2004 1:52 AM
Subject: Re: installaion problem
I had a similar error with 1.01 on FC 2. I didn't need krb5 so I just
configured it without krb5
There are settings in the Cisco IOS that will
allow you to authenticate an administrator through
a freeradius server
Lim Han Shyong wrote:
Hi all:
I would like use freeradius to authenticate telnet service
into cisco. Its work after setup. So now my further questions are .
1. How i
: user xfs found in hashtable bucket 17213
HASH: user ntp found in hashtable bucket 21418
HASH: user gdm found in hashtable bucket 50360
HASH: user carl found in hashtable bucket 91900
HASH: user engt found in hashtable bucket 38574
HASH: user mailman found in hashtable bucket 53563
HASH
I found a partial answer to this in the list
archives, but it didn't help me much
I'm using a Cisco 1200 AP and freeradius 1.0.1 for
authentication. I have Radius set up fine, but I
can't get the AP to foward the packets on to the
server. Does anyone have any ideas?
-
List
I'm able to authenticate through freeradius using
a linksys router running DHCP, but when I do that,
I'm not getting an IP address. If I don't use
radius, the router provides me with an ip address.
I shouldn't have to configure freeradius to give
me an ip address should I?
-
List
I'm trying to use FreeRadius as an authentication
server to authenticate wireless network users. I
have it installed and configured, but I don't have
it configured correctly evidently. In the users
file, I have a user bob with the password bob. If
I use the command radtest bob bob
Fall-Through = 1
but that wasn't working. Any ideas?
Carl
Alan DeKok wrote:
Carl [EMAIL PROTECTED] wrote:
I'm trying to use FreeRadius as an authentication
server to authenticate wireless network users. I
have it installed and configured, but I don't have
it configured correctly evidently
anyone have any ideas how I can use the system
usernames and passwords to authenticate users?
Carl
Bryan Catlin wrote:
Carl
I read some of your post and have a web page that has an excerpt from an
O'rielly book about radius that specifically talks about setting up
Freeradius. I used this book
how did you try installing? On my fedora system I
always use yum to get and install the programs I
want
Matt wrote:
Hi,
Can anyone explain to me why I'm getting the error I am and the
aborted compile? I'm compling on a fedora core 1 system.
rlm_exec.c: In function `exec_xlat':
rlm_exec.c:124:
67 matches
Mail list logo