I understand a bit more why people were bring up plain text passwords now.
My radius server is being presented with peap ms-chapV2 credentials and I want
it to receive authentication from my openldap server.
It seems that the credentials in this format cannot be digested by openldap and
-profit such as my college is.
Chris S.
-Original Message-
From: John Dennis [mailto:jden...@redhat.com]
Sent: Tuesday, September 10, 2013 6:09 PM
To: FreeRadius users mailing list
Cc: Swenson, Chris
Subject: Re: free radius setup
On 09/10/2013 02:15 PM, Swenson, Chris wrote:
I
: free radius setup
On 10 Sep 2013, at 19:15, Swenson, Chris cswen...@curry.edu wrote:
I understand a bit more why people were bring up plain text passwords now.
My radius server is being presented with peap ms-chapV2 credentials and I
want it to receive authentication from my openldap server
Thanks for the replies:
Ok, uninstalled #1 and updated to freeradius2
radiusd started without a hitch withtesting Cleartext-Password :=
password in users file.
When I ran radtest testing password localhost 0 testing123
Received -bash: /usr/bin/radtest: No such file or directory
For
That did it,
In the version 1 the radtest must have been installed with the radius, not as a
separate package.
I have now also successfully tested.
I wonder why the in the ticket I opened with red hat support they did not
suggest the upgrade.
Thanks to all.
Chris S.
-Original Message
Hi all, I have not used radius in about 15 years and found a need recently.
I have set up the rpm on a red hat 5.6 server and when I run radius -X the
system starts fine with the expected info.
When I enter the suggested as the first line in the users file testing
Cleartext-Password
I guess I need to recycle my 2002 Shell O'Reilly book.
-Original Message-
From: freeradius-users-bounces+cswenson=curry@lists.freeradius.org
[mailto:freeradius-users-bounces+cswenson=curry@lists.freeradius.org] On
Behalf Of Swenson, Chris
Sent: Monday, September 09, 2013 1:27 PM
-bounces+cswenson=curry@lists.freeradius.org] On
Behalf Of Arran Cudbard-Bell
Sent: Monday, September 09, 2013 6:54 PM
To: FreeRadius users mailing list
Subject: Re: my Radius goal radius and openldap.
On 9 Sep 2013, at 23:00, Swenson, Chris cswen...@curry.edu wrote:
I already have functioning
am completely
reinventing the wheel.
Thanks
Chris s.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
, Swenson, Chris cswen...@curry.edu wrote:
No, they are encrypted in the ldap database in md5 hash.
Right, but you have the plaintext version from the user?
I might be too old to do bleeding edge stuff like 3.0 RC1
I will take a look and a poke at it though.
Fair enough.
Arran Cudbard-Bell
they would like to avoid.
Any comments or suggestions are welcome.
Thanks,
Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
?
Thanks,
Chris
P.s. My apologies for replying via the digest - you replied before I had time
to switch off of digests.
Date: Thu, 5 Sep 2013 19:11:35 +0100
From: Arran Cudbard-Bell a.cudba...@freeradius.org
To: FreeRadius users mailing list
freeradius-users@lists.freeradius.org
Subject
Arran - Ignore my 'What would happen to the FreeRADIUS processes… question - I
meant to delete that before sending my message.
On Sep 5, 2013, at 9:34 PM, Chris Decker csd...@psu.edu wrote:
Arran,
Thank you for taking the time to so clearly lay things out - it seems like
rlm_replicate
, at 5:50 AM, Phil Mayers p.may...@imperial.ac.uk wrote:
On 21/08/13 23:44, Chris Parker wrote:
Okay, pardon my confusion then. I had been following a howto online
and it reported that the command when run manually will produce the
key.
Either way, I'm still having a failure in MSCHAP
related to the MSCHAP process? This is just in passing
curiosity.
On Aug 22, 2013, at 10:14 AM, Chris Parker cparke...@me.com wrote:
Thank you for setting me on the right track; I have followed the directions
on http://deployingradius.com/documents/configuration/active_directory.html
-Reject of id 86 to 127.0.0.1 port 60203
Waking up in 4.9 seconds.
Cleaning up request 0 ID 86 with timestamp +6
Ready to process requests.
On Aug 21, 2013, at 3:25 AM, Phil Mayers p.may...@imperial.ac.uk wrote:
On 08/21/2013 05:11 AM, Chris Parker wrote:
Log output:
rad_recv: Access-Request
cranky. I can
never get ntlm_auth to give me that NT key, which I feel if I could resolve
that, I could continue with FR.
On Aug 21, 2013, at 8:55 AM, Chris Parker cparke...@me.com wrote:
Thank you Phil!
That resolved my first steps, and I figured there was something like that. I
have poured
...@imperial.ac.uk wrote:
On 21/08/2013 19:28, Chris Parker wrote:
So I doubt this issue is with FR, but more of that Samba is being
cranky. I can never get ntlm_auth to give me that NT key, which I
feel if I could resolve that, I could continue with FR.
No. NT_KEY is only generated by mschap
It seems that I have ntlm_auth configured to talk to Samba correctly. As it
positively works when run from the CLI and FR even shows a positive login, but
that positive login never seems to be sent to the authentication stage.
More food for thought once I tackle this, is that when I try to link
to calculate it by the difference between acctstarttime and
acctstoptime (and write it to mySQL)? Some counters are using
acctstarttime and acctstoptime directly and calculate the difference in
the SQL-query when checking if time is left.
Chris
[1] http://www.stat.ufl.edu/system/man/portmaster/RADIUS
.
#0 0x003c6c07b5bb in memcpy () from /lib64/libc.so.6
###
Thanks,
Chris
-Original Message-
From:
freeradius-users-bounces+chris.taylor=corp.eastlink...@lists.freeradius.org
[mailto:freeradius-users-bounces+chris.taylor
I think I have what you are looking for now. I have copied the whole dump from
when I start using gdb.
Chris
[root@on-radius01 raddb]# gdb /usr/sbin/radiusd
/tmp/core-radiusd-11-95-95-11609-1367435209
GNU gdb (GDB) CentOS (7.0.1-45.el5.centos)
Copyright (C) 2009 Free Software Foundation
I forgot to include my OS and kernel type.
Linux on-radius01.eastlink.ca 2.6.18-308.16.1.el5
CentOS release 5.9 (Final)
-Original Message-
From: Chris Taylor
Sent: Thursday, May 02, 2013 1:31 PM
To: 'FreeRadius users mailing list'
Subject: RE: segfault error
I think I have what you
{...}
[pap] login attempt with password bradly
[pap] Using SSHA encryption.
[pap] Normalizing SSHA1-Password from base64 encoding
Segmentation fault
Thanks,
Chris
Chris Taylor
System Administrator
Network Operations
Eastlink
chris.tay...@corp.eastlink.caT: 519.773.1287
-Original Message
have ulimit set to unlimited.
[root@on-radius01 core_dump]# ulimit -a
core file size (blocks, -c) unlimited
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
What am I doing wrong on this?
Thanks,
Chris
Thanks John, I am actually using the complied version rather than the RPM
package. I was finally able to get a core dump (a few actually), this was the
output.
I was the same failure everytime.
Thanks,
Chris
[root@on-radius01 tmp]# gdb /usr/sbin/radiusd
/tmp/core-radiusd-11-95-95-11382
to see if I could get any more details out of it, but I
could not make it crash after that.
Any ideas as to what this could be I can post my -X output but all it says at
the bottom when it stops working is segfault.
Thanks,
Chris
-Original Message-
From:
freeradius-users-bounces
=corp.eastlink...@lists.freeradius.org]
On Behalf Of Alan DeKok
Sent: Friday, April 12, 2013 3:45 PM
To: FreeRadius users mailing list
Subject: Re: segfault error
Chris Taylor wrote:
Ok I have upgraded to a compiled version of freeradius 2.2.0, and I was able
to see the same result. It crashed after
rip 2aae5b6215eb rsp 2aae660ab7c8 error 4
What should I be looking for the RADIUS logs didn't turn up anything as it
wasn't in debug mode.
Thanks,
Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
What are options do I have to use to compile freeradius with ldap support
turned on? I tried ./configure -with-ldap but that didn't seem to work I still
get an error about not being able to find rlm_ldap. I checked the mail archives
but I couldn't find anything.
Thanks,
Chris
-
List info
How do I check that I have them installed I have the openldap rpm installed. I
am trying to go from an rpm build to a source build to fix a problem.
Chris
-Original Message-
From:
freeradius-users-bounces+chris.taylor=corp.eastlink...@lists.freeradius.org
[mailto:freeradius-users
if it's possilbe.
Do you think it's possible instead to use a script (perl/bash anything
else) after the request arrive and put it in a DB?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/**
list/users.html http://www.freeradius.org/list/users.html
--
Regards,
Chris Knipe
#200=deny tcp any any eq 25,
Cisco-AVPair += ip:inacl#300=permit ip any any,
Fall-Through = No
Any help is apprecaited.
Thanks,
Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
a simpler module name e.g. ldap2 instead of
ldap2.some.dots-and.hyphens.
Phil I gave that a try but ended up with the same result.
Chris
I was able to get this working by adding that ldap instance to the instantiate
section of radius.conf. I can do a query successfully from LDAP now and pull
(check) for entry DEFAULT: expecting operator
Errors reading /etc/raddb/users
Thanks,
Chris
-Original Message-
From:
freeradius-users-bounces+chris.taylor=corp.eastlink...@lists.freeradius.org
[mailto:freeradius-users-bounces+chris.taylor=corp.eastlink...@lists.freeradius.org
a simpler module name e.g. ldap2 instead of
ldap2.some.dots-and.hyphens.
Phil I gave that a try but ended up with the same result.
Chris
Chris Taylor
System Administrator
Network Operations
Eastlink
chris.tay...@corp.eastlink.caT: 519.773.1287
-Original Message-
From:
freeradius-users
, with filter ((uid=112boy)(objectclass=posixAccount)(cn=true))
[ldap2. REALM-2.ca] object not found
rlm_ldap::ldap_groupcmp: search failed
[ldap2. REALM-2.ca] ldap_release_conn: Release Id: 0
Thanks,
Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
= Yes
I am just looking for the best way to do this.
Thanks,
Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
What way should I be going about this?
Thanks,
Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
to do it.
I setup tcpdump to dump to a file (tcpdump -i eth0 -n -s0 port radius -w
rad-capture.lpc) , but when I check it out with wireshark I am unable to see
the password (just the username). Am I going about this the wrong way?
Thanks,
Chris
-
List info/subscribe/unsubscribe? See http
?
I seem to be unable to find the answer on this -- so I m glad for any
pointers.
Aren't you looking for pre-proxy and post-proxy then ?
--
Regards,
Chris Knipe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Regards,
Chris Knipe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Bind_Type = AAA-AUTH-BIND
--
Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The radius server can only process on what the NAS sends it. Look at
the NAS and configure the NAS to send the correct/full
Calling-Station-Id.
--
Regards,
Chris Knipe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
that the user logs Ok But freeradius don't send the vsa attribute:
So put the VSA attributes in the reply details for user tom? Radius
is returning precisely what you configured it to return.
--
Regards,
Chris Knipe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
running freeradiusd -X instead of radiusd.
Yes - they changed the name of the binary... Peeves me off too.
--
Regards,
Chris Knipe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
not
subscribed to the list...
Chris Morris
Nashville, TN
--
Hi,
Thanks in advance for your time!! Please reply directly, as I am not
subscribed to the list...
no answer then...and such answers from others should also be on this list to
help
others
to the list...
Chris Morris
Nashville, TN
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
file on my system if this helps.
Thanks in advance,
Chris
gcc -m64 -O -g -I/opt/local/include -I/opt/webstack/mysql/include/mysql -Wall
-D_GNU_SOURCE -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -g -Wshadow
-Wpointer-arith -Wcast-qual -Wcast-align -Wwrite-strings -Wstrict-prototypes
-Wmissing
You have not configured ntlm_auth, see
http://deployingradius.com/documents/configuration/active_directory.html
Von:
freeradius-users-bounces+chris.schaatsbergen=aleo-solar...@lists.freeradius.org
[mailto:freeradius-users-bounces+chris.schaatsbergen=aleo-solar...@lists.freeradius.org]
Im
to you, can freeRadius work with
encrypted passwords?
Thanks in advance,
Chris Schaatsbergen
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Pretty weird. I set the Shared Secret again (in CLI) and had exactly the same
results. So I tried setting the shared secret using the Riverbed web interface
and now it works perfectly. Will write a new ticket for Riverbed support.
Sorry to have bothered you, thanks for the help.
Chris
Hi
I believe that I have setup the FR configs correctly for use with MYSQL, I got
it all working just fine when using a flat file and was able to authenticate
etc with no issues, since moving to SQL I am getting this.
rad_recv: Access-Request packet from host 10.5.5.55 port 57593, id=3,
Hi Guys
I am new to Freeradius and have got it working with Mysql , however run into an
issue whereby I am seeing this for all requests
rlm_pap: WARNING! No known good password found for the user. Authentication
may fail because of this.
++[pap] returns noop
auth: No authenticate method
-bounces+chris.schaatsbergen=aleo-
solar...@lists.freeradius.org [mailto:freeradius-users-
bounces+chris.schaatsbergen=aleo-solar...@lists.freeradius.org] Im
Auftrag von Schaatsbergen, Chris
Gesendet: Freitag, 11. Februar 2011 19:32
An: FreeRadius users mailing list
Betreff: AW: AW: AW
-users-
bounces+chris.schaatsbergen=aleo-solar...@lists.freeradius.org] Im
Auftrag von Alan DeKok
Gesendet: Montag, 14. Februar 2011 12:40
An: FreeRadius users mailing list
Betreff: Re: AW: AW: AW: Authenticating SSH login on a Cisco IOS switch
to AD
Schaatsbergen, Chris wrote:
OK, I think I
+chris.schaatsbergen=aleo-solar...@lists.freeradius.org] Im
Auftrag von Alan DeKok
Gesendet: Montag, 14. Februar 2011 12:57
An: FreeRadius users mailing list
Betreff: Re: AW: AW: AW: AW: Authenticating SSH login on a Cisco IOS
switch to AD
Schaatsbergen, Chris wrote:
That is clear, but it seems
Hi David,
In case you have not found it yet, in the lenny package somehow there is one
line missing in the radiusd.conf file. In the modules section there should be:
$INCLUDE ${confdir}/modules/
I would suggest, top of the modules section.
Then ntlm_auth should work.
Good luck,
Chris
Thanks! Actually in this case I was too early writing the mail (because I was
rather annoyed), something I should not allow myself to happen. The
radiusd.conf file is documented on the Wiki site (though the link there that
should point to the latest version is not working as it points to the
A slightly different question, does the support from http://networkradius.com
come from the active users of this mailing list? I.e. if I buy a support
contract there, do the Alans get a part of that? I am missing a donate button
on the freeradius website and I hope/expect we do not need that
users mailing list
Betreff: Re: Support
Schaatsbergen, Chris wrote:
A slightly different question, does the support from
http://networkradius.com come from the active users of this mailing
list? I.e. if I buy a support contract there, do the Alans get a part
of that? I am missing a donate
Most of the howtos assume you're running a recent version of the
server. Some systems have *old* versions of the server. We're unable
to maintain copies of the documentation for each version of the server.
This makes life harder for the average admin, but we have to draw the
line
users mailing list
Betreff: Re: AW: AW: AW: AW: AW: Authenticating SSH login on a Cisco
IOS switch to AD
Schaatsbergen, Chris wrote:
We are running a current version of the server (2.1.10), but somehow
the radiusd.conf file is not right.
The radiusd.conf file isn't over-written when
An: freeradius-users@lists.freeradius.org
Betreff: Re: AW: AW: AW: AW: Authenticating SSH login on a Cisco IOS
switch to AD
On 2011/02/14 01:50 PM, Schaatsbergen, Chris wrote:
That is clear, but it seems it is missing in the Lenny Package
somehow as http://lists.freeradius.org/pipermail/freeradius
OK, so the current problem seems to be that I cannot get the ntlm_auth to work.
I read
http://freeradius.1045715.n5.nabble.com/Freeradius-with-Active-Directory-td2747221.html
but that does not seem to apply for me as the ntlm_auth file contains the
exec.
Attached (if that works) is the
Greetings and thanks for the quick reply.
As stated in my original posting,
http://deployingradius.com/documents/configuration/active_directory.html is
what I have been working with from the beginning.
So far I have done everything there exactly as described with the same outcome.
Why?
So far I have done everything there exactly as described with the
same outcome.
No.
If you get the error Failed to link to module 'rlm_ntlm_auth':...,
it means you did something *other* than what is on the web page.
This is I believe indeed the missing piece, problem is I cannot
,
Chris
Von:
freeradius-users-bounces+chris.schaatsbergen=aleo-solar...@lists.freeradius.org
[mailto:freeradius-users-bounces+chris.schaatsbergen=aleo-solar...@lists.freeradius.org]
Im Auftrag von Gary Gatten
Gesendet: Mittwoch, 9. Februar 2011 17:11
An: 'FreeRadius users mailing list'
Betreff: RE
folder as described in the link. How should I get
that to work?
Help would be highly appreciated.
Chris Schaatsbergen
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
will continue to use one password, we only
would like the SSH login to be authenticated against AD.
I am in no hurry (going home now anyway) but would love to hear your solution a
little more detailed.
Chris
Von:
freeradius-users-bounces+chris.schaatsbergen=aleo-solar...@lists.freeradius.org
Hi Alan,
its work
great thx
Chris
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Freeradius-SQL-PEAP-Tunneled-authentication-was-rejected-tp3360430p3362708.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See
-tunnel virtual server.
In 2.1.10, you can test the inner-tunnel directly, without using PEAP.
See the comments at the top of the file.
I will try and give an answer
thx
Chris
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Freeradius-SQL-PEAP-Tunneled
to list sql in the inner-tunnel virtual server.
In 2.1.10, you can test the inner-tunnel directly, without using PEAP.
See the comments at the top of the file.
I will try and give an answer
thx
Chris
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Freeradius-SQL-PEAP
9 with timestamp +24
Ready to process requests.
Tell me if you need more information
thx
Chris
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Freeradius-SQL-PEAP-Tunneled-authentication-was-rejected-tp3360430p3360430.html
Sent from the FreeRadius - User mailing list
{
Cisco-AVPair = device-traffic-class=voice
}
}
}
}
Chris Schaatsbergen
--
aleo solar Deutschland GmbH
Chris Schaatsbergen
IT Projekte / IT Projects
Osterstr. 15, 26122 Oldenburg
T +49 441 21988-288
F +49 441 21988-150
M +49
Hi again all,
Sorry, stupid me.
Not key = %{tolower:%{Calling-Station-ID}}
But key = %{tolower:%{Calling-Station-ID}}
Now it works again properly.
Apologies,
Chris Schaatsbergen
Von:
freeradius-users-bounces+chris.schaatsbergen=aleo-solar...@lists.freeradius.org
[mailto:freeradius-users
]: pam_unix(su:session): session opened
for user chris by root(uid=1001)
Aug 20 14:57:10 debian su[11840]: pam_radius_auth: Could not open
configuration file /etc/pam_radius_auth.conf: Permission denied
Aug 20 14:57:10 debian su[11840]: pam_unix(su:session): session closed
for user chris
Aug 20 14:57
multiple users and then append to the name on the incoming request and
authenticate against multiple users who are in fact the same. Is there any
other way round this problem?
Many thanks,
Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
: ppogorzel...@gmail.com
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
Regards,
Chris Knipe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Regards,
Chris Knipe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Feb 15, 2010, at 12:26 PM, Bob Brandt wrote:
I have spent the day searching the internet for a solution, but
Nothing. I refuse to believe I am the first human being ever to run
into this problem...
Please tell me someone has an idea.
Thanks
Bob
On Feb 14, 2010, at 6:11 AM, Jeff A wrote:
Your idea is best.
I think I will modify, but for a work around till I get a chance to get
everything turned around.
I will use Alan's example..
My question is this
Can his example contain more than one realm to reject between the quotes?
bob
://www.freeradius.org/list/users.html
--
Regards,
Chris Knipe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Jan 30, 2010, at 6:39 PM, Peter Lambrechtsen wrote:
On 31/01/2010, at 11:59 AM, Mike Diggins mike.digg...@mcmaster.ca wrote:
I was able to get freeradius 2.1.3 and wireless WPA working, likely due to
the fact that FreeRadius was mostly configured for me (thanks ;) ). I’m a
little
Hi everyone,
I realise that this maybe somewhat a limitation of the PAM Radius Plugin for
OpenVPN but have searched around for a week now to find a solution.
The problem I am having is that I have an OpenVPN proxy hub that has 3
external IP addresses. I am using huntgroups to distinguish
geographical locations reporting its
accounting information to a single RADIUS server.
I am more than willing to pay someone here by the hour to give me
advice by phone.
If you're interested, please contact me off-list via email or by phone
at +1 205-401-4081.
Best regards,
Chris Brunner
-
List info
On Jun 30, 2009, at 10:43 PM, David Hobley wrote:
Chris,
When you put it like that, it does make rather a large amount of
sense. Sorry about that. Login details attached.
Cheers,
David
Still don't see any accounting packets. Did you configure a RADIUS
accounting server in your NAS
On Jun 30, 2009, at 3:29 PM, David Hobley wrote:
Hello,
I have freeradius2 configured and authenticating properly. I would
like to be able to get radwho and radlast working properly, but for
some reason the files do not get created (permission are correct in
that directory). I thought I
Alan Ivan,
I can confirm that the change made to the event.c file fixed the problem
with the robust proxy accounting.
Many thanks for you help.
Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Jun 16, 2009, at 1:37 PM, Elias Abou Zeid wrote:
Ok, I have removed encrypted-key in Redback router which was causing
issue about shared secrets.
Now the subscriber config on Radius is as follows:
a...@radius Cleartext-Password := test
Service-Type = Framed-User,
Alan,
This is the debug output using the latest release of 2.1.7 from
http://git.freeradius.org/pre.
Thanks for your help in advance.
Chris
-Original Message-
From: Chris Howley [mailto:ecl...@netserv3.leeds.ac.uk]
Sent: 15 June 2009 12:07
To: Chris Howley
Subject: radius.debug4
Ivan,
I doubled the value of cleanup delay in radiusd.conf. This change didn't fix
the problem (see below).
Thanks for your help,
Chris
++[exec] returns noop
Sending Access-Accept of id 88 to 10.12.80.109 port 32769
User-Name = isschug
MS-MPPE-Recv-Key
Alan,
Here's the output from FR2.1.7.
Thanks for you help in advance,
Chris
++[exec] returns noop
Sending Access-Accept of id 128 to 10.12.80.109 port 32769
User-Name = isschug
MS-MPPE-Recv-Key =
0x3019b4c8f9f76bb2fc4d69edbc20e98377351a661c0b412c760cd773e3b4c5f5
MS
server.
Thanks for you help.
Chris
++[exec] returns noop
Sending Access-Accept of id 67 to 10.12.80.109 port 32769
User-Name = isschrpg
MS-MPPE-Recv-Key =
0x240dd3ada2d5904bf049fc2bd7afdfc8b1a2b589b4eb3974235cf04143f138d1
MS-MPPE-Send-Key
/post-proxy policies
virtual_server = home.example.com }
# (3) Define a realm for these home servers.
# It should NOT be used as part of normal proxying decisions!
realm acct_realm.example.com {
acct_pool = acct_pool.example.com }
Chris Howley
-
List info/subscribe/unsubscribe
Alan,
Thank you for your help. I've removed the configuration from the proxy.conf and
I'm now using
the original robust-proxy-accounting file. However, the problem persists - the
detail.work
file is being erased.
Chris
-Original Message-
From: freeradius-users-bounces+c.p.howley
is available at:
http://netgrp-pc052.leeds.ac.uk/radiusd.debug.txt
Thanks,
Chris Howley
Sending proxied request internally to virtual server.
server acct_detail.leeds.ac.uk {
+- entering group accounting {...}
[detail.leeds.ac.uk] Suppressing writes to detail file as the request was just
read from
-debug/
The output of freeradius -X when I attempt a connection is like this:
rad_recv: Access-Request packet from host 10.10.10.15 port 1645, id=76,
length=150
User-Name = chris
Service-Type = Framed-User
Framed-MTU = 1500
Called-Station-Id = 00-XX-XX-XX-XX-XX
Chris Studt wrote:
I've been debugging this for awhile and I still can't find a solution to
the problems I'm having. I'm running freeradius in this pattern:
Active Directory - MS-CHAP - Freeradius - Cisco Switch - Windows
XP SP3
And Samba. Don't forget Samba.
And it's
the ubuntu intrepid
version of Samba (3.2.3-1ubuntu3.4) to the ubuntu hardy version of Samba
(3.0.28a-1ubuntu4.7) and my Windows XP clients started authenticating
right away.
Thanks guys, you saved me quite a bit of headache.
Chris Studt
-
List info/subscribe/unsubscribe? See http
1 - 100 of 369 matches
Mail list logo
