On Tue, 28 Jul 2009, Kaz Zurad wrote:
Thank you. I meant RHEL 4. I will try to install and implement it.
I am using CentOS 4 which is the 'free' version of RHEL 4,
You should be able to install the freeradius rpm package via yum (or
perhaps already installed with initial install). You don't
On Tue, 28 Jul 2009, Kaz Zurad wrote:
Than you, John, for the clue.
But I have another question.
For RHEL4 is only available version 1.0.1. Can I use version dedicated
for Fedora from this site http://koji.fedoraproject.org?
You should find your version sufficient for simple needs.
Otherwise,
On Thu, 25 Jun 2009, Francisco wrote:
I'd like our radius proxy server to allow an A/V pair, but, cannot find any
examples where I can apply any regex type rules to allow a range of values.
For example, I received the following from a remote radius server :
Cisco-AVPair =
On Wed, 17 Jun 2009, a.l.m.bu...@lboro.ac.uk wrote:
abcUser-Password == test
that is wrong. wrong and wrong
Okay, this isn't just my favorite quibbler jumping on me. So I have to
ask, even if there is a 'better' syntax, or a 'preferred' way of doing
things, why is this
On Wed, 17 Jun 2009, Elias Abou Zeid wrote:
Just out for sake of completeness. On FreeRADIUS Version 1.1.7
I tried both User-Password == test and Cleartext-Password := test.
They both work fine when the user entry is before default setting in
users file.
Just to let you know.
Elias
Thank you,
On Wed, 17 Jun 2009, Stefan Kuegler wrote:
/etc/freeradius/users
-
DEFAULT Auth-Type = MOTP
Exec-Program-Wait = /usr/local/bin/otpverify.sh '%{User-Name}'
'%{User-Password}' '%{Secret}' '%{PIN}' '%{Offset}',
Fall-Through = yes
user1
I notice it matching multiple 'DEFAULT' entries in your 'users' file.
Make sure that one of them doesn't enforce an 'auth-type' other than
the one you want to use here.
- Charles
On Wed, 17 Jun 2009, Filipe Scalioni wrote:
I'm new to FreeRadius, and I'm having some hard time to put it
On Mon, 15 Jun 2009, a.l.m.bu...@lboro.ac.uk wrote:
it would be much beter if there was a full delineation between
1.x and 2.x docs - the web is full of older resources that dont
say what version their tweaks and info is good for.
(nod) I don't know enough about the differences between 1.x and
On Tue, 16 Jun 2009, Elias Abou Zeid wrote:
I am trying a simple authenticate pppoe subscriber in radius server (v
1.188.2.4.2.11) for subscribers coming through Redback SmartEdge 800
router. As I am new to this I am looked for some examples for users
configuration on RADIUS but could not
On Tue, 16 Jun 2009, Elias Abou Zeid wrote:
I tried the different suggestions but I still get authentication login
incorrect eventhough the username and password passed by the Redback
router are correct and as filled in subscribers record
On Radius server.
a...@radius User-Password :=
On Tue, 16 Jun 2009, a.l.m.bu...@lboro.ac.uk wrote:
abc User-Password == passwd
huh?
abc Cleartext-Password := passwd
thats true for 1.1.6 (iirc) upwards
My turn to 'huh?'.
According to the 'users' man page (man 5 users):
Attribute := Value
Always matches as a
On Tue, 16 Jun 2009, Elias Abou Zeid wrote:
a...@radius Cleartext-Password := test
Service-Type = Framed-User,
Framed-Protocol = PPP
Why do you specify a realm (@RADIUS)? Try removing it, or, as suggested
by others, specift a default realm.
users:
On Tue, 16 Jun 2009, Elias Abou Zeid wrote:
Sorry for the :=, == confusion. I was doing it right using ==.
Neither is 'right' or 'wrong'. You just need to be sure what you want to
achieve with them. I'm not a complete expert on this, so if in doubt,
try it *both* ways. (smile) One of them
On Mon, 15 Jun 2009, a.l.m.bu...@lboro.ac.uk wrote:
one of the main issues is using a distro version of the code.
(nod) Once John mentioned a folder I just didn't have, the light came on
(so to speak) :)
...they might have been dumped into somewhere like /usr/share/doc/radiusd
or
On Mon, 15 Jun 2009, a.l.m.bu...@lboro.ac.uk wrote:
Charles, this is an unpaid community support list. you are coming
across as a very angry person with no regard that the people
on this list arent paid to give you informaation which is probably
essential for you to actually do your work, get
On Mon, 15 Jun 2009, Arran Cudbard-Bell wrote:
See the thing is a lot of the documentation pitfalls aren't there in 2.*, a
lot of the inconsistencys aren't there in 2.*. I know, because I regularly
play the dumb user and pester Alan about niggly bits of syntax and
documentation.
I try to be
On Mon, 15 Jun 2009, a.l.m.bu...@lboro.ac.uk wrote:
I think the initial idea would be to document what/how you've used
exec module to define an attribute - rlm_exec is quite bare on the wiki
;-)
Uh, yeah, almost forgot, that was actually one of the places I looked
before I posted on the
On Mon, 15 Jun 2009, Stefan Kuegler wrote:
exec motp {
wait = yes
program = /usr/local/bin/otpverify.sh %{User-Name}
%{User-Password} %{reply:Secret} %{reply:PIN} %{reply:Offset}
input_pairs = request
output_pairs = config
}
Silly thought:
The exec is
On Sun, 14 Jun 2009, Alan DeKok wrote:
Charles Gregory wrote:
Five or six huh? Quote them.
1) Read my messages.
That's rich coming from you.
The text you *deleted* pointed you to documentation for the
users file, and the SQL module.
Speaking of 'not reading' didn't you catch my
On Sat, 13 Jun 2009, Alan DeKok wrote:
No... I had NO IDEA what you were trying to do.
I had gotten the impression that you don't read posts thoroughly,
and this only reinforces that perception. My very first post said:
I've been cruising the archives and pages and don't quite see
what
On Sat, 13 Jun 2009, Ivan Kalik wrote:
. I'm really thinking that CentOS screwed up some documentation
Could be. They might have packaged server core without examples. ..
If you want you can download and unpack your version tarball from the
freeradius site
Just because I am
On Sat, 13 Jun 2009, Alan DeKok wrote:
and yet you're frustrated that I'm explaining the *reasons* behind my
opinions.
No, I'm offended that you can say things like you have NO IDEA when
clearly anyone who read my first post would know what I was asking.
It's one step short of outright
On Fri, 12 Jun 2009, Alan DeKok wrote:
Charles Gregory wrote:
But CentOS is supposedly still a 'supported' OS, so I think it's fair
to ask simple 'how to' questions for that environment.
Centos supports their OS. This list answers questions about FreeRADIUS.
Quite right. CentOS supports
On Fri, 12 Jun 2009, John Dennis wrote:
BTW, the philosophy of RHEL (why it's older), the philosophy of Fedora (why
it's bleeding edge) and CentOS is explained on the FreeRadius FAQ under Red
Hat (http://wiki.freeradius.org/Red_Hat_FAQ). It's incumbent upon you when
selecting an OS to install
On Fri, 12 Jun 2009, Alan DeKok wrote:
The CentOS people answer questions about CentOS on the CentOS mailing
list. That is the limit of their support.
Similarly, the FreeRADIUS people answer questions about FreeRADIUS on
the freeradius-users list.
What do you mean by people? What *I* mean
On Fri, 12 Jun 2009, Ivan Kalik wrote:
Work what out?
Finally got my 1.x Session-Time script working (as an exec module). The
really strange thing is that it is working *exactly* as I first thought
I should be doing it!!! (see below) I can only guess that somewhere along
the way I had a
Sure. We'll wait.
Alan DeKok.
(smile)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Well, keeping in mind that this is now a philosphical discussion...
On Fri, 12 Jun 2009, Alan DeKok wrote:
Charles Gregory wrote:
I did try to follow the oft-quoted (almost shoved down my throat)
example, right from the comments within the config file
postauth {
Session-Timeout
On Fri, 12 Jun 2009, Ivan Kalik wrote:
Nothing to give. You already have it in scripts/exec-program-wait.
I do not have a directory named 'scripts'. And the only reference to
'exec-program-wait' is in the comments of 'experimental.conf' as something
that a 'perl' rlm can 'replace'. I'm really
On Thu, 11 Jun 2009, Fajar A. Nugraha wrote:
If I'm reading Alan's post correctly, freeradius supports CoA packets,
but you need to write your own rule/policy to send it. For
over-bandwidth scenario, the rule should be while examining
interim-update acct packets...
I've never heard of these...
On Thu, 11 Jun 2009, Ivan Kalik wrote:
http://freeradius.org/rfc/rfc2869.html#Acct-Interim-Interval
Interesting, but I agree I don't like the bandwidth implications.
I would only have used them if they were already occuring by default.
You would normaly use radius *client* to send CoA for
Okay, I'm banging my head up against the expected proverbial wall.
Please remember I'm stuck with old 1.x version. on Centos
I'm trying to get a script to execute and set the 'Session-Timeout'
value. I've defined the script thusly:
exec timecalc {
wait = yes
On Thu, 11 Jun 2009, John Dennis wrote:
No you're not stuck with an old 1.x.
See: http://wiki.freeradius.org/Red_Hat_FAQ
Go read the thread Version... Version..
I posted that thread partly in anticipation that when I started to ask
for help with my 'standard' CentOS FreeRadius, people
Hello again!
Sorry, maybe I should take 'pseudo' out of the subject line...
Firstly, MY BAD. I forgot to post that I'm on CentOS 4, and therefore
limited to whatever syntax applies to freeradius-1.0.1-3.RHEL4.5
Hopefully what I want to do is so 'basic' it doesn't change :)
Secondly, anyone
Greetings!
I've been cruising the archives and pages and don't quite see
what I am looking for. I am hoping someone can point me to a nice
simple HOWTO or MAN page for specifying an 'exec' script
in radiusd.conf that will set the Session-Timeout and return
it to the NAS.
I'm thinking:
35 matches
Mail list logo
