Le mardi 12 mars 2013 à 18:08 +0100, Staffan Meijer a écrit :
I uncommented the eth0 line in the configuration file when radtest did
not work with the original.
Using the original configuration file I get;
Listening on authentication address * port 1812
and
linux-vdis:/etc/raddb #
checkout v2.x.x ?
Does a tar cvfj could be OK ?
Best regards ,
Fred MAISON
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi freeradius-user,
Is it possible to use my gmail account to authenticate on the wiki
using openid ?
If yes, howto do it ?
Best regards,
Fred MAISON
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Just a little remark :
CentOS 5.8 has up-to-date freeradius 2.1.12 (binary and sources)
CentOS 6.2 only has freeradius 2.1.10 from upstream (redhat 6.2).
Best regards,
Fred MAISON
Le 6 mars 2012 13:06, Fajar A. Nugraha l...@fajar.net a écrit :
On Tue, Mar 6, 2012 at 6:13 PM, Martin Mielke mmie
:
Fred,
I don't know for git source, my spec is targeted for 2.1.x sources.
On 11-10-27 10:57 AM, Fred wrote:
Hi Francois,
Thanks a lot for your last post, I will try to build with your spec.
It seems to be far more intelligent than mine (sompe builrequire I
don't have, etc ...)
Regarding
Hi,
He are my libtool versions :
libtool-2.2.6-15.5.el6.x86_64
libtool-ltdl-2.2.6-15.5.el6.x86_64
libtool-ltdl-devel-2.2.6-15.5.el6.x86_64
regards,
Fred MAISON
Le lundi 07 novembre 2011 à 13:23 -0500, Francois Gaudreault a écrit :
Hi,
It works for me on CentOS 6, I am using the same .spec
, Francois Gaudreault a écrit :
I just tested using my spec, and it works perfectly (I have the same
libtool packages).
Did you change something in the spec?
On 11-11-07 3:36 PM, Fred MAISON wrote:
Hi,
He are my libtool versions :
libtool-2.2.6-15.5.el6.x86_64
libtool-ltdl-2.2.6-15.5.el6
1°) , the
build reports missing radrelay.conf in
/var/tmp/freeradius-2.2.0./etc/raddb
Any idea ?
note 1° = %attr(640,root,radiusd) %config(noreplace)
/etc/raddb/radrelay.conf
Best regards,
Fred MAISON
2011/10/26 Francois Gaudreault fgaudrea...@inverse.ca:
Hi,
See Below (I won't put
Hi Francois,
As you did not gave any linl to your SRPM, could you share your spec ?
I still have some trouble with radrelay using my own spec with git
2.1.x, which is not version 2.2.0 ...
Best regards,
Fred
2011/10/25 Francois Gaudreault fgaudrea...@inverse.ca:
Hi,
The spec is a bit buggy
2011/10/25 Fred fred.mai...@gmail.com:
Phil,
Yes, I am sure, but I don't have traces on hand...
I will try to get some radiusd -X on 2.1.11 ASAP, as I can't do it now
because I try to find a solution as I have to restart production in
the next few hours ...
Anyway, Thank a lot for your kind
Hi all,
I have a configuration with 2 wifi instances :
* default inner-tunnel for internal users
* partners partners.inner-eap for partners users.
for internal user, I have an eap.conf for outer and inner.eap.conf for inner
for partners, I have a partners.eap. with eap partners.eap
loopback IPs refer to a proxy listen or to
inner-tunnels author and authent listen IPs ?
Best regards,
Fred
2011/10/25 Alan DeKok al...@deployingradius.com:
Phil Mayers wrote:
Ugh. OpenSSL really is a horrible, horrible piece of software.
Yup.
I'll roll a patch up for the underlying issue
Hi Phil,
Unfortunately, shortening eap module instance name to eap2 seems to
give same result.
Best regards,
Fred
2011/10/25 Phil Mayers p.may...@imperial.ac.uk:
On 25/10/11 14:25, Fred wrote:
Hi Alan,
While waiting for a fix on github, (I will not be able to rebuild my
servers today) I try
/default[30]: Errors parsing authenticate section.
2011/10/25 Fred fred.mai...@gmail.com:
Hi Phil,
Unfortunately, shortening eap module instance name to eap2 seems to
give same result.
Best regards,
Fred
2011/10/25 Phil Mayers p.may...@imperial.ac.uk:
On 25/10/11 14:25, Fred wrote:
Hi Alan
Phil,
Yes, I am sure, but I don't have traces on hand...
I will try to get some radiusd -X on 2.1.11 ASAP, as I can't do it now
because I try to find a solution as I have to restart production in
the next few hours ...
Anyway, Thank a lot for your kind help attempts.
Fred
2011/10/25 Phil Mayers
Hi all,
Is there any way to select proxying or not based on client ip ?
I would like to have
* some nas authenticated locally (in fact via ldap)
* some other nas proxyied to another radius.
Does home_server parameter in clients.conf could help ?
Best regards,
Fred
-
List info/subscribe
.
It seems this cannot be used in users file ...
Instead, you can use $INCLUDE in radiusd.conf ...
Regards,
Fred
2011/10/20 Krzysztof Grobelak kgrobe...@airspeed.ie:
Hello,
I am having some troubles creating templates with wimax attributes for
users. I created files with atributes in them
%{client:my-realm} or
something like that.
so :
if ( %{client:my-realm} ) {
But in fact, I don't know how specifying a virtual server in
clients.conf could do a part of the job ...
2011/10/20 Phil Mayers p.may...@imperial.ac.uk:
On 10/20/2011 05:10 PM, Fred wrote:
Hi all,
Is there any way
}
}
Then, for example at end of authorize section in you config or in
post-auth section :
if ( some condition ) {
$template updateWimax1
}
Fred
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
7 string
+ATTRIBUTE Trapeze-URL 8 string
+
+END-VENDOR Trapeze
Best regards,
Fred MAISON
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Sorry Alan, I made a cut/paste of another dict format.
I will post the dictionary in freeradius format ASAP...
Best regards,
Fred
2011/10/6 Alan DeKok al...@deployingradius.com:
Fred wrote:
he all,
Here is some possible enhancement on dictionary.trapeze
Huh The VENDORATTR text was never
Alan,
As you can see, some new attributes are not part of freeradius 2 nor 3
dictionary.trapeze defs.
Best regards,
Fred
# -*- text -*-
#
# dictionary.trapeze
#
# For use with FreeRadius and Trapeze Networks MSS software 1.1
# or greater.
#
# For assistance, email supp
regards
2011/10/6 Arran Cudbard-Bell a.cudba...@freeradius.org:
On 6 Oct 2011, at 14:15, Fred wrote:
he all,
Here is some possible enhancement on dictionary.trapeze
Shouldn't this be dictionary.juniper now anyway? Can someone to check whether
the rebranded juniper stuff uses the same
# OID
2.16.840.1.113730.3.1.692
access_attr_deny_value = inactive
With this setup, if inetUSerStatus is set to inactive in ldap
directory for a particular user, this user will be rejected early
during authorization.
Best regards,
Fred MAISON
value :
access_attr_deny_value = inactive|deleted
Best regards,
Fred Maison
2011/10/3 Fred fred.mai...@gmail.com:
Hi all,
This patch is an attempt to have a more generic custom access_attr
support, by introducing a new ldap module configuration parameter
named access_attr_deny_value allowing
Ho Phil,
Could you explain the interest of un-named server ?
Best regards,
Fred
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
this :
export PATH=${PATH:+$PATH:}/usr/sbin:/sbin ### this is present in original
export HOSTNAME=`hostname` ### this has to be added to access $ENV{HOSTNAME}
Please note : other debian base distro as Ubuntu show same issue.
Best regards
Fred
-
List info/subscribe/unsubscribe? See http
)
without making a new ldap call because of Ldap-Group == xxx
conditional ?
Best regards,
Fred
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
(/bin/bash)
SHLVL (2)
HOSTNAME(radius3.nsslab)
Best regards,
Fred
2011/9/29 Ben Brown bbr...@plus.net:
It seems environment passed to freeradius at startup does not have
HOSTNAME defined.
Which version of debian are you using?
In squeeze /bin/sh is provided by dash, rather
No, HOSTNAME is not used in default config, as Alan stated before.
I believe this is a plateform-specific issue and not really a
freeradius issue...
Fred
2011/9/29 Ben Brown bbr...@plus.net:
It seems environment passed to freeradius at startup does not have
HOSTNAME defined.
Which version
);
if (!strncmp(vals[0],
inst-access_attr_deny_value,
sizeof(inst-access_attr_deny_value))) {
RDEBUG(dialup access disabled);
.
##
Best regards,
Fred
2011/9/23 Fred fred.mai...@gmail.com:
Hi all,
I am using FR 2.1.11 and I try
Hello,
Could someone explain difference between a home_server and a virtual_server
in freeradius 2 (2.1.10+) ?
Best regards
Fred
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
:54:05 2011 : Info: [files] users: Matched entry user_sps at
line 1
Fri Sep 23 12:54:05 2011 : Info: ++[files] returns ok
Best regards,
Fred MAISON
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Configure freeradius with his ldap module and a ldap server as openldap.
http://wiki.freeradius.org/Rlm_ldap could be a good start.
Fred,
2011/9/20, Rajkumar balaji rajkumar.balaj...@gmail.com:
Hi All,
I just want to store user details like, The user name is ABC and the user
belongs
http://wiki.freeradius.org/Clients.conf
2011/9/20, Dagia Dorjsuren dagmi...@yahoo.com:
Hello all,
How to configure
multiple NAS (NAS-IP-Address) in freeradius? Which radius database's
table should I add NAS-IP-Address attributes?
Anyone advise me?
-
List info/subscribe/unsubscribe?
cat /usr/share/freeradius/dictionary.juniper
Best regards,
Fred MAISON
2011/7/15, Igor Smitran si...@blic.net:
It is my first time to setup Juniper ERX-1440 with freeradius. All my
other NAS's are cisco.
I was trying to setup checkrad to check for simultaneous connections and
realized
with default
settings to /usr/local, but I can't create installable RPMs for
upgrade my CentOS/RedHat servers to 2.1.11
Here is the script i use to create build environment, followed with
errors at the end of the rpmbuild.
Best regards,
Fred
#
#!/bin/sh
#
RPMBUILDDIR
at 0038 rip 0040fde8 rsp
7fff3b994e50 error 4
Unfortunately, I have not been able to find the date of the issue ...
Does this seems to you a known issue ?
If not, what may I do to further investigate ?
Best regards
Fred MAISON
-
List info/subscribe/unsubscribe? See http
CentOS5.5 x86_64.
Best regards
Fred MAISON
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
I would appreciate to get an account on the wiki.
Best regards,
Fred MAISON
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
son I can rsync configurations between my differents servers, just
excluding local.conf in rsync ...
So, this is not a freeradius problem.
Thanks anyway for you help.
Best regards,
Fred MAISON
Le mercredi 02 juin 2010 à 13:25 -0400, John Dennis a écrit :
On 06/02/2010 12:54 PM, Fred MAISON wrote
to proxy to for a particular real.
Best regards,
Fred MAISON
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
regards,
Fred MAISON
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello all,
I encounter difficulties to check for a radiusgroupname via LDAP by not
using file /etc/raddb/users, as this seems to be difficult to avoid ldap
checks for anonymous identities if default config is modified.
I must service eap-peap and eap-ttls with mschapv2.
How can i make checks on
) - TRUE
++- entering if (Ldap-Group != wireless) {...}
+++[control] returns noop
+++[reject] returns reject
++- if (Ldap-Group != wireless) returns reject
} # server inner-tunnel
[peap] Got tunneled reply code 3
Le mardi 01 juin 2010 à 15:23 +0200, Alan DeKok a écrit :
Fred MAISON wrote:
How can
{
if ( !(Ldap-Group == wireless )) {
fail
}
Le mardi 01 juin 2010 à 16:03 +0200, Alan DeKok a écrit :
Fred MAISON wrote:
I surely misunderstand something : in my test :
User is found on ldap in group wireless, but (Ldap-Group != wireless)
evaluates to TRUE
Fred MAISON wrote:
Yes, JUAC is an inner EAP protocol, inside ttls or peap.
Then you should be able to proxy it by just proxying the inner tunnel
data.
Yes, how can I do that ? May I activate proxy-inner-tunnel site along
with inner-tunnel site ?
EAP-JUAC EAP-Type seems to be 254. May
ftp://ftp.freeradius.org/pub/radius/
Le mardi 25 mai 2010 à 10:43 +0200, Bjørn Mork a écrit :
Hmm, this release doesn't seem to be tagged in the v2.1.x branch on
git://git.freeradius.org/freeradius-server.git
Am I looking at the wrong repository (again)?
Bjørn
-
List
Software) tunneled to a
Juniper UAC device.
I try to avoid my actual proxy setup where a specific real is tunneled
to UAC. The problem is that end-users can bypass UAC proxying by simply
changing their domain identity ...
Best regards
Fred MAISON
-
List info/subscribe/unsubscribe? See http
Le lundi 24 mai 2010 à 11:49 +0200, Alan DeKok a écrit :
Fred MAISON wrote:
Is there any way to proxy freeradius unsupported eap-type to an external
radius ?
EAP does not allow this.
By the time EAP has decided on an EAP type, the EAP conversation is
well underway. Changing it mid
Pull update spec files, etc. from RedHat into the redhat/ directory.
Does this mean freeradius 2.1.9 can now been rebuild again from your
standard 2.1.9 source tree, thus making Freeradius RedHat FAQ a bit
obsolete ?
Best regards,
Fred MAISON
-
List info/subscribe/unsubscribe? See http
port = 1813
ipaddr = 10.1.1.2
}
.
best regards,
Fred
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Great !
Thanks, Alan.
Le jeudi 20 mai 2010 à 13:39 +0200, Alan DeKok a écrit :
Fred MAISON wrote:
Is there any way to reference hostname (in fact hostname -s) in
configuration files, in order to have identical configuration files tree
on both a normal and a backup freeradius 2.1.8 server
logged as well as access-accept ?
Best regards,
Fred MAISON
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Le lundi 03 mai 2010 à 16:58 +0200, Alan DeKok a écrit :
Fred MAISON wrote:
With this setup, access-accept are logged, but access-reject does not
seems to be logged.
Is this the normal behaviour ?
Yes. See Post-Auth-Type Reject. This is documented in the same file:
sites
Hello freeradius-users,
In many cases, when there is no attributes in request to differenciate
the kind of NAS and if we need to build a reply with NAS-Dependant
(AVPAIR) attributes, the only solution is to affect the huntgroup by
checking again the NAS-IP-Address in preprocessing.
I would like
Le lundi 03 mai 2010 à 18:29 +0100, Alexander Clouter a écrit :
Fred MAISON fred.mai...@gmail.com wrote:
[snipped[
For example :
dictionnary :
ATTRIBUTE My-Nas-Type 3000string
clients.conf :
client c1 {
ipaddress = 10.1.1.1
My-Nas-Type
(anonymous
or other fancy id encoutered in customer's freeradius v1 production
auth_logs ...)
I have eapol_test log and freeradius -X available.
Would you have some guideline to achieve this ?
Best regards
Fred
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
instead
of /var/log/radius/c4france.20100312...
Is the any way to achieve this setup ?
Best regards
Fred
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
OK, Alan, It's clear.
Unfortunately, logrotate version on last RedHat/CentOS does not support
MMDD dateext function I can find on Debian ...
I will have to write a postrotate script to do it.
Thanks a lot.
Fred
Date: Fri, 12 Mar 2010 14:04:03 +0100
From: Alan DeKok al
Le vendredi 12 mars 2010 à 10:30 -0500, John Dennis a écrit :
On 03/12/2010 09:12 AM, Fred MAISON wrote:
OK, Alan, It's clear.
Unfortunately, logrotate version on last RedHat/CentOS does not support
MMDD dateext function I can find on Debian ...
I will have to write a postrotate
Thanks a lot, Alan,
Do you have any readmap infos available or any idea of 2.2
availability (some month, this year ) ?
Best regards,
Fred
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
before
sites instanciation, I found no way to dedicate huntgroup and users
file to each server instance, as done previously for clients...
Is there any way to achieve this without having to launch many radiusd
in differents location ?
Best regards,
Fred MAISON
-
List info/subscribe/unsubscribe? See
Thanks, Alan, I will check.
Bye.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
: Creating new attribute ldap2-Ldap-Group
Best regards,
Fred MAISON
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi James,
Thank you for your reply!
I tried many aaa configurations but it does not solve the problem for me
Using 'debug radius' and 'debug isakmp error' on the CISCO, I can see that
it complains about Unknown attr 0x4E24, 0x4E25, ... and then ISAKMP also
complains with the same attributes
.
I am also wanting to know how the calculate the new specs for the new
servers.
Many thanks in advance.
Regards
Fred
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
directory `/home/fredz/freeradius-1.1.7'
make: *** [all] Error 2
I have no idea what to look for or where to look.
Any comments would be helpful
Regards
Fred
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I have just discovered that if I just proceed and do a sudo make
install it obviously fails. But I then go back and do a make and it
has no errors, then I do the sudo make install again and it works.
Have I still done something wrong and can I trust the install?
Regards
Fred
Hi everyone
the client can logout. The small web window also shows information
about the current session, ie. Time online, data in/out and the like.
It is this information I am refering to.
I hope this is clear.
Regards
Fred
-Original Message-
From: Alan DeKok [EMAIL PROTECTED]
To: [EMAIL PROTECTED
is updated as expected,
only thye clock cycles over.
This is a hotcakes install.
I have no idea on what to look for.
Any comments would be most helpfull
Regards
Fred
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
:
--with-rlm-sqlcounter-include-dir=/usr/include/sqlcounter \
But again this doesn't exist on the build machine.
I look forward to your comments.
Regards
Fred
-Original Message-
From: Matt Garretson [EMAIL PROTECTED]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Date
freeradius-1.1.7/redhat/freeradius.spec
$ cp freeradius-1.1.7/redhat/freeradius.spec ~/rpmbuild/SPECS/
$ cd ~/rpmbuild/RPMS/i386
$ rpm -Uvh freeradius-1.1.7-0.i386.rpm
No mods to the spec file (information required).
Regards
Fred
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
Nothing is wrong.
If you are installing freeradius from RPM on Fedora and you want to use
an SQL backend then you need both freeradius and freeradius-mysql
(complete with dependencies).
Regards
Fred
-Original Message-
From: zahra bahar [EMAIL PROTECTED]
To: FreeRadius users mailing
Fred
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The FramedIPAddress
sql.php?lang=en-utf-8server=1collation_connection=utf8_general_cidb=radiustable=radacctpos=0session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2AFROM+%60radacct%60++ORDER+BY+%60FramedIPAddress%60+ASC
are showing up in my accounting
I'm running Fedora (FC4) with the Oracle Instantclient 10g rpms
(basic,devel,sqlplus,jdbc) and I'm trying to compile freeradius 1.1.0
with oracle support but the oracle module doesn't compile at all. It
seem like the rlm_sql_oracle configure and makefile are buggy as hell or
they only support
weeks now,
searched gallaxies far away for info, god is now refusing to take my
calls,and my wife has threatened to lock me in my room so she doesn't
have to put up with me. I have also learned some very colorful words.
Someone please save me.
Fred
-
List info/subscribe/unsubscribe? See http
78 matches
Mail list logo