Thanks all.
-Danny
On Tue, Apr 23, 2013 at 11:59 PM, Matthew Newton wrote:
> Hi Danny,
>
> On Tue, Apr 23, 2013 at 11:13:46PM +0800, Danny Kurniawan wrote:
> > What you mean? Sorry i think you might mis-understand my previous 2
> > message. I mean 2 ask what is the corr
Hi,
What you mean? Sorry i think you might mis-understand my previous 2
message. I mean 2 ask what is the correct syntax for update reply
Is it exactly like what you said in previous email or else :
update reply {
Session-Timeout : = 7200
}
I will search the documentation again f
Thanks again Alex, i will try your syntax.
Thanks
Danny
On Tue, Apr 23, 2013 at 9:25 PM, wrote:
> Hi,
>
> >Thanks Alan, let me try that. So i can apply this only if the
> Wireless AP
> >is sending packet with Session-Timeout too right? I don't see this
> setting
> >in Meraki Wireles
Thanks Alan, let me try that. So i can apply this only if the Wireless AP
is sending packet with Session-Timeout too right? I don't see this setting
in Meraki Wireless AP.
I'm using ldap and all the authentication just simple username / password
from ldap. Is the the exact syntax to apply with?
o
Hi Alan,
In which config files do i need to look / edit / add the session timeout in
freeradius?
Thanks
Danny
On Tue, Apr 23, 2013 at 3:11 PM, Alan Buxey wrote:
> Controlled by the NAS and/or the RADIUS server depending on NAS settings.
> ie you should be able to set session-timeout on the NA
Hello All,
We are using EAP-MSCHAPV2 for authentication with LDAP and using version
2.2.0. So actually who control the session validity for how long the client
will be authenticate after connecting to the wireless AP? So for example i
key in my username / password in Windows popup, then how long d
i like 47, looks cool and professional :)
Thanks
danny
On Thu, Mar 21, 2013 at 7:25 AM, Marinko Tarlac wrote:
> Done
>
>
> On 3/20/2013 10:04 PM, Arran Cudbard-Bell wrote:
>
>> Currently in the final round of selecting a new logo, please vote on the
>> poll here to select your favourite, yo
Thanks a lot :)
Well i guess we just have to live with it :)
-Danny
On Tue, Mar 19, 2013 at 12:07 AM, wrote:
> hi,
>
> we would all love to be able to send a relevant error message to our
> clients if they fail to authenticate (either locally or remotely).
> but we cant. :-(
>
> alan
> -
> Lis
Hi All,
So i have been able to authenticate my wireless user using 802.1x + LDAP +
MAC address (using CallingStationID attriubute). So now for example when
user A have MAC 11:22:33 but tried to login using another device there will
be a pop up window when they try to connect - just a plain error p
ekend.
Danny
On Fri, Mar 15, 2013 at 9:56 PM, Danny Kurniawan <
danny.kurnia...@fairchildsemi.com> wrote:
> Thanks Alan. Let me try that.
>
> PS : i will prepare a hammer too, but to bad the server is in US while i'm
> in Singapore :)
>
> If this not going to work, i will gi
Thanks Alan. Let me try that.
PS : i will prepare a hammer too, but to bad the server is in US while i'm
in Singapore :)
If this not going to work, i will give up and ask to install brand new SLES
11 that support 2.1.1.
Thanks
Danny
On Fri, Mar 15, 2013 at 9:49 PM, Alan DeKok wrote:
&g
find it too.
Thanks a lot.
Danny
On Fri, Mar 15, 2013 at 1:12 AM, Alan DeKok wrote:
> Danny Kurniawan wrote:
> > So is anyone know how to do the following in the FreeRadius 1.1.7 ?
> >
> > if(control:Calling-Station-Id == ""){
> > reject
> >
Hi Alan,
I'm trying it now, compile from source and generated rpm. But now i stuck
at 2 dependencies. Hmm, can you show me how to build and install from
source? Any link? Isn't that still need dependencies?
libpcap-devel is needed by freeradius-server-2.2.0-0.x86_64
sqlite3-devel is needed by fre
read / learn, so thanks a
bunch for all the explanation and i will try this soon.
Many thanks
Danny
On Fri, Mar 15, 2013 at 9:11 AM, Fajar A. Nugraha wrote:
> On Fri, Mar 15, 2013 at 10:52 AM, Danny Kurniawan <
> danny.kurnia...@fairchildsemi.com> wrote:
>
>> Hi All,
>
to like
check account lockedOut, account disabled etc?
Thanks a bunch
Danny
On Fri, Mar 15, 2013 at 2:00 AM, Alan DeKok wrote:
> Danny Kurniawan wrote:
> > I have read some article about compiling our own rpm. I only concern
> > about the --edir integration.
>
> Add th
i, Mar 15, 2013 at 1:12 AM, Alan DeKok wrote:
> Danny Kurniawan wrote:
> > So is anyone know how to do the following in the FreeRadius 1.1.7 ?
> >
> > if(control:Calling-Station-Id == ""){
> > reject
> > }
>
> You don't. Version
reeradius comes with SLES 10 and i'm not sure how to compile the
new radius there.
Thanks
Danny
On Thu, Mar 14, 2013 at 6:53 PM, Danny Kurniawan <
danny.kurnia...@fairchildsemi.com> wrote:
> Just to add in,
>
> I have tested and i know it works to compare it by enabled the checkv
abled
notfound-reject = yes
in the checkval function, but i believe that only check the item-name and
not the check-name.
Is there any way to do this from radius 1.x? I just in the position cant
upgrade the radius at this time.
Thanks
Danny
On Thu, Mar 14, 2013 at 6:39 PM, Danny Kurniawan <
dann
PM, Danny Kurniawan <
> danny.kurnia...@fairchildsemi.com> wrote:
>
>> Thanks a lot for your reply.
>>
>> Yes i got it working. However one more question :
>>
>> what is the operator used to check if the value is empty ?
>>
>> if(control:Calling
Thanks Olivier.
yes previous message has been resolved. Thanks a lot. Let me try your
suggestion.
-Danny
On Thu, Mar 14, 2013 at 2:41 PM, Olivier Beytrison wrote:
> On 14.03.2013 07:28, Danny Kurniawan wrote:
> > Thanks a lot for your reply.
> >
> > Yes i got it work
gStationID was
not set, reject it.
Thanks
Danny
On Thu, Mar 14, 2013 at 1:52 PM, Fajar A. Nugraha wrote:
> On Thu, Mar 14, 2013 at 4:44 PM, Danny Kurniawan <
> danny.kurnia...@fairchildsemi.com> wrote:
>
>> if (control:Calling-Station-Id != "%{Calling-Stat
ent logged in.
#daily
#
# Use the checkval module
#checkval
Thanks
Danny
On Thu, Mar 14, 2013 at 1:42 PM, Danny Kurniawan <
danny.kurnia...@fairchildsemi.com> wrote:
> Hi Alan,
>
> I tried to put that command in the /siteAvailable/Default after the LDAP
> c
, 2013 at 9:40 PM, Alan DeKok wrote:
> Danny Kurniawan wrote:
> > Hi Russel,
> >
> > So we have LDAP auth here. At this time it works fine. But now we want
> > to added 2 auth, so for example like we want to check the valid user id
> > / password from LDAP and als
I'm not sure if you are using Novell product or open ldap, but you can see
the basic information on how to integrate with LDAP here
https://www.netiq.com/documentation/edir_radius/pdfdoc/radiusadmin/radiusadmin.pdf
-Danny
On Thu, Mar 14, 2013 at 11:41 AM, Arran Cudbard-Bell <
a.cudba...@freeradi
Danny
On Thu, Mar 14, 2013 at 1:38 AM, Alan DeKok wrote:
> Danny Kurniawan wrote:
> > Thanks Alan, let me try that. So basically you are also saying that i
> > don't need to enable / use checkval module in the siteavailable/default ?
>
> I fail to understand the
n
the information passed over to Radius that query the ldap for username,
password and MAC (or we called that radiusCalling StationID in the user
profile attribute)
Thanks a lot
Danny
On Wed, Mar 13, 2013 at 9:40 PM, Alan DeKok wrote:
> Danny Kurniawan wrote:
> > Hi Russel,
> >
>
would exist as user in MySQL DB or file
> 1.) Configure NAS to send MAC-Addr as username to Freeradius
> 2.) And do the following at Freeradius side.
> username="";attribute="Auth-Type";op=":=";value="Accept"
>
> Thanks / Regards
> RM --
eck-name = Called-Station-Id
>data-type = string
>notfound-reject = no
> }
>
>
> checkval nasidentifier {
> item-name = NAS-Identifier
> check-name = NAS-Identifier
> data-type = string
> notfound-reject = no
> }
>
>
> T
? For example which conf file i need to edit to put that if
else clause.
Thanks
Danny
On Wed, Mar 13, 2013 at 3:53 PM, Danny Kurniawan <
danny.kurnia...@fairchildsemi.com> wrote:
> Hi All.
>
> I found this error when enabled checkval
>
> rlm_checkval: Could not find attribute name
Hi All,
I already found a way to configure it. Thanks a lot.
http://wiki.freeradius.org/guide/Mac-Auth#Note
Thanks
Danny
On Wed, Mar 13, 2013 at 10:14 AM, Danny Kurniawan <
danny.kurnia...@fairchildsemi.com> wrote:
> Sorry for this beginner question. I have read the man_rlm pas
Hi All.
I found this error when enabled checkval
rlm_checkval: Could not find attribute named Calling-Station-Id in check
pairs
++[checkval] returns notfound
++[expiration] returns noop
What is the meaning of that error?
Thanks in advance
--
Best Regards,
Danny
-
List info/subscribe/unsubscri
at 9:13 AM, Danny Kurniawan <
danny.kurnia...@fairchildsemi.com> wrote:
> Noted. I guess using the AP to do the MAC filtering is the best options
> for me
>
> On Tue, Mar 12, 2013 at 9:19 PM, Alan DeKok wrote:
>
>> Danny Kurniawan wrote:
>> > Is that means we h
Noted. I guess using the AP to do the MAC filtering is the best options for
me
On Tue, Mar 12, 2013 at 9:19 PM, Alan DeKok wrote:
> Danny Kurniawan wrote:
> > Is that means we have to manually added the client MAC into radius one
> > by one?
>
> You need *some* method to s
Is that means we have to manually added the client MAC into radius one by
one?
-Danny
On Fri, Mar 8, 2013 at 11:00 PM, Alan DeKok wrote:
> Danny Kurniawan wrote:
> > We have successfully deploy Meraki Wireless with Radius 2.1.1 connect to
> > eDir LDAP. Everything works ju
Hi All,
We have successfully deploy Meraki Wireless with Radius 2.1.1 connect to
eDir LDAP. Everything works just fine. Now my company want to explore
whether we are able to restrict a devices, that only company devices can
connect to our wifi ssid. Is that possible using Radius? Like using cert
e
Thanks for all the reply, means i have to settle it from Client end :)
-Danny
On Wed, Mar 6, 2013 at 10:30 AM, wrote:
> > Hi,
> >
> >> Check https://supportforums.cisco.com/docs/DOC-17544
> >
> > how many 'how to configure PEAP' documents does the world need? this one
> > has fewer issues than
have to deploy netsh command using script to all PC
as its not joining AD :)
Thanks
Danny
On Tue, Mar 5, 2013 at 5:28 PM, Phil Mayers wrote:
> On 03/05/2013 01:58 AM, Danny Kurniawan wrote:
>
>> Hello,
>>
>> We are using 802.1x wireless connection from Meraki and us
Hi,
I mean eliminate it without a need to configure WLAN profile on each
Windows 7 we have or using Intel Pro software etc.. I would like to know if
anyone ever know how we can eliminate this from let say tweak the cert or
some radius config.
Thanks
Danny
On Tue, Mar 5, 2013 at 9:58 AM, Danny
Hello,
We are using 802.1x wireless connection from Meraki and using PEAP-MSCHAPv2
for authentication with our LDAP. Everything works fine, it just we want to
eliminate this pop-up at the 1st time people connect to it :
The credentials provided by the server could not be validated. We recommend
t
Noted, thanks in advance.
-Danny
On Fri, Mar 1, 2013 at 11:04 PM, Arran Cudbard-Bell <
a.cudba...@freeradius.org> wrote:
> >
> > "Or are you talking about failing over between upstream proxy servers?"
> >
> > Does this mean a setup of Radius load balancing? I mean a few Radius
> server that used
Radius load balancing? I mean a few Radius server
that used by the same AP ? So from AP point of view i just need to point to
the "master" Ip address of the first radius server?
Thanks
Danny
On Fri, Mar 1, 2013 at 3:27 PM, Danny Kurniawan <
danny.kurnia...@fairchildsemi.com> wrote:
<
a.cudba...@freeradius.org> wrote:
>
> On 1 Mar 2013, at 00:20, Danny Kurniawan <
> danny.kurnia...@fairchildsemi.com> wrote:
>
> > Out of topic : All, btw how can i make sure that when i reply in this
> mailing list it appears after the previous post ? I dont receiev
Out of topic : All, btw how can i make sure that when i reply in this
mailing list it appears after the previous post ? I dont receieve any of
your reply in my email and i have to go to the archive list to reply this.
Thanks
--
Best Regards,
Danny
-
List info/subscribe/unsubscribe? See http://ww
Hello,
This is what i want to do :
"You're asking whether you can configure FreeRADIUS to inform the access
point that it should fail over to another server server after a given
number of timeouts/retries? "
Thanks
Danny
--
Best Regards,
Danny
-
List info/subscribe/unsubscribe? See http://ww
Hi All,
Let say for example in our Wireless AP (access point) we can put 2 Radius
server in sequence, radiusA and radiusB. I know the AP will eventually look
at the 1st server, and if its not available (let say server is down) then
it will go to the 2nd radius server (I only assume this).
So is t
thank you so much .. yes it only have issue intermitenly on some user .. so
i have to set our client laptop manually for the root CA? I believe it
should be there as we use Global Sign ...
--
Best Regards,
Danny
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Oliver,
Thanks a lot. So could you please let me know how can i disabled the output
(which conf file and what need to be added). Also by saying echo it do i
need to put something into a config file or just echo command while i'm at
radiusd - X debug mode?
Thanks
Danny
--
Best Regards,
Danny
thank you for your reply. Yes i didn't just copy and paste, i did follow
the instruction on Novell support page too and from community.
So what i want to confirm here, are you saying that means in debug mode its
"normal" for me "admin" to see the user password? I mean it's normal
behaviour of radi
Hello,
I'm new to Radius. So basically i tried to setup 2 Radius server, one runs
on our SLES 10 PROD (Radius and Novell LDAP sit on the same server) - this
is works fine using eap_mschapv2 authentication. Radius version is 1.X. We
use Radius to authenticate our wireless and get LDAP authenticatio
49 matches
Mail list logo
