ary wrote:
> Hi Harry
> radius server and nas ping no problem each other.
> checking firewall no problem.
> the OS is Fedora 12.
>
> Best Regards
> Gary
>
> BROWAN COMMUNICATIONS INC.
> Tel:886-3-600-6899 ext.4842
> Fax:886-3-597-2970
> e-mail:gary.y...@browan
Did you open your firewall? Redhat-like distros send dest-prohib by default
for ports blocked by iptables.
Cheers,
Harry
gary wrote:
>Hi All
>I have trouble about freeradius+mysql.
>I configured freeradius(2.1.10) +mysql(5.5.14) and selftest by radtest
>everything is okay.
>But when I try ex
Either a version of freeradius is already running or something else is
running on that port or you are trying to start the program as a
non-root user.
As root run this command and paste the output:
lsof -i :1812
Cheers,
Harry
On 07/24/2011 09:29 AM, Its Me wrote:
> Hi,
> I am new user in Linux,
Hi All,
If anyone is using JRadius client (especially via JASIG CAS) to authenticate
to a freeradius server using PAP could you contact me offlist?
Cheers,
Harry
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Yum install freeradius2-ldap
Cheers,
Harry
From:
freeradius-users-bounces+hhoffman=ip-solutions@lists.freeradius.org
[mailto:freeradius-users-bounces+hhoffman=ip-solutions.net@lists.freeradius.
org] On Behalf Of Usuário do Sistema
Sent: Wednesday, March 09, 2011 2:39 PM
To: freeradius-
Hi All,
I see a similar thing mentioned in the mailing list but I'm unsure why this
is happening.
In my eap.conf I see the following:
# This parameter is used only for EAP-TLS,
# when you issue client certificates. If you do
# not use client cer
Right, I do understand the distinction which is why I asked the
question.
I didn't know if the tutorial just assumed everyone was authorized and
then granted access as long as the userid/password matched AD or if
there's something missing that should be addressed in authorize.
Cheers,
Harry
On
Hi All,
I'm trying to find out what to use (if anything) in the authorize
section when authenticating clients via MSCHAP-v2 and AD credentials.
The how-to at deployingradius.com only speaks to the authentication
section.
If I only want to ensure that the username/password credentials are
valid d
Hi,
I'm trying to figure out how to merge log messages when T(T)LS is in
use.
Right now both the outer (anonymous) identity and the inner (real)
identity are logged:
Oct 14 09:35:14 siteone.some.edu: radiusd[28928]: Login OK: [hhoffman]
(from client wifi-ap port 0 via TLS tunnel)
Oct 14 09:35:1
,
Harry
On Wed, 2010-10-13 at 14:56 +0100, Phil Mayers wrote:
> On 13/10/10 14:40, Harry Hoffman wrote:
> > Hi Alan,
> >
> > Thanks for the help! This works well and lessens the confusion on my
> > part.
> >
> > I do have one question. When using ldap as the
: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 6 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 6
Sending Access-Reject of id 14 to 127.0.0.1 port 38806
Waking up in 4.
Hi All,
I'm following along with the docs for Autz-Type in freeradius-2.1.8,
specifically the section about selecting between multiple instances of a
module.
In users.conf I have:
DEFAULT Realm == "siteone.edu", Autz-Type := siteone_ldap, Auth-Type :=
siteone_ldap
In sites-enabled/default I have
Hi All,
I'm running freeradius 2.1.8 on a Redhat 5.x box. We're setup to
authenticate against LDAP and AD using the how-tos and wiki on the
freeradius website. Users might be in LDAP, or AD, or both.
I've stuck with the default config and enabled both ldap and ntlm_auth
(after making sure that bo
I would probably go with syslog myself.
Natr Brazell wrote:
I have 3 geographically distributed Radius servers. I'd like all audit
logs to go to a central log server. What is the best way? How do you
all accomplish this? Please provide valid feedback or references.
Thanks,
N
--
Well, stderr in a foreground process is normally stdout.
-Original Message-
From: Johan Meiring
Sent: Thursday, April 22, 2010 1:09 PM
To: FreeRadius users mailing list
Subject: Re: radiusd does not logging while debug
On 2010/04/22 06:45 PM, Alan DeKok wrote:
> kes-...@yandex.ru wrote:
Maybe (so you both see and log):
Radiusd -X | tee -a /var/log/radius/radius-debug.log
-Original Message-
From: Alan DeKok
Sent: Thursday, April 22, 2010 12:45 PM
To: ??? ??? ; FreeRadius users mailing list
Subject: Re: radiusd does not logging while debug
kes-...@yandex.ru wrot
Hi Larry,
I am doing this same thing...
I've modified the PAP and LDAP sections, in
/etc/raddb/sites-enabled/{default,inner-tunnel}, to do this and it works
well.
authenticate {
#
# PAP authentication, when a back-end database listed
# in the 'authorize' section su
Hi All,
I keep seeing this in the logs:
[ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang"
for details
I assume it's from this filter:
[ldap] expand:
(&(uid=%{Stripped-User-Name:-%{User-Name}})(!(inetCOS=802.1x_disabled)))
-> (&(uid=hh52)(!(inetCOS=802.1x_disabled)))
Alan,
Thanks so much!!! It was indeed the group{} that I was missing. I really
appreciate your help, all is working now.
Cheers,
Harry
Alan Buxey wrote:
Hi,
I've tried doing the following to have a "continue on fail"
authenticate{
...
Auth-Type LDAP{
ldap
if(reject){
ntlm_a
Hi,
So, I'm trying to get multiple sources of authentication (i.e. LDAP and
Active Directory via ntlm_auth) working from a Cisco ASA to freeradius-2.x.
The username and password come over in clear text. The Auth-Type is
being set to LDAP and works with ldap. If I switch from ldap to
ntlm_aut
Hi all,
I'm trying to setup freeradius-2.x to provide authentication for a Cisco
ASA VPN.
When the packet comes in I'd like to first check the LDAP database to
see if the user/pass combination work and if it not then check against
Active Directory (using ntlm_auth).
Both LDAP and AD (via n
21 matches
Mail list logo