Am 15.06.2012 14:32, schrieb Alan DeKok:
Ivan De Masi wrote:
The access to the ldap server is secured with ssl (not TLS!), so
openladp is listening on port 636.
When I try
# radtest user "mypassword" localhost 1 testing123
I get the following message:
Reply-Message = "TLS: ho
checking to none.
OK, thanks for the hints. I'll give it a try and report.
And if there is no other way at all, I'll generate the future
certificates for the host.
Regards,
Ivan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
t match with the openldap hostname. But I need to
fetch the data...
What can I change to get it working? Is the only way to generate new
certificate files?
Thanks!
Regards,
Ivan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ok thank you very much
On Sat, Nov 5, 2011 at 6:23 AM, Fajar A. Nugraha wrote:
> On Sat, Nov 5, 2011 at 6:01 PM, Ivan Matala wrote:
>> looks like i figured the problem. i think my freeradius has upograded
>> to version 2
>> (more advanced, yet its confusing. cant get pam a
On 2011/11/05 01:41 AM, Ivan Matala wrote:
>>
>> freeradius runs if i use this
>>
>> radiusd -x -f
>>
>> pls help
>>
>
> http://www.lmgtfy.com/?q=fix+unix+permissions
>
> --
>
>
> Johan Meiring
> Cape PC Services CC
> Tel: (021) 88
yes. i already set user = root
group = root
and i still get permission denied. tnx
On Sat, Nov 5, 2011 at 2:25 PM, Fajar A. Nugraha wrote:
> On Sat, Nov 5, 2011 at 6:41 AM, Ivan Matala wrote:
>> freeradius runs if i use this
>>
>> radiusd -x -f
>
> In debug mode F
freeradius runs if i use this
radiusd -x -f
pls help
On Fri, Nov 4, 2011 at 4:27 PM, Ivan Matala wrote:
> how to fix permission problem?
>
> On Fri, Nov 4, 2011 at 3:38 PM, Tim Sylvester
> wrote:
>>> rlm_sql (sql): Connected new DB handle, #79
>>> Module: Ins
how to fix permission problem?
On Fri, Nov 4, 2011 at 3:38 PM, Tim Sylvester
wrote:
>> rlm_sql (sql): Connected new DB handle, #79
>> Module: Instantiated sql (sql)
>> Failed creating PID file /root/radiusd.pid: Permission denied
>
> Maybe you have a permissions problem?
>
> Tim
>
>
> -
> List in
rlm_sql (sql): Connected new DB handle, #79
Module: Instantiated sql (sql)
Failed creating PID file /root/radiusd.pid: Permission denied
pls help. tnx
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ok tnx
On Fri, Nov 4, 2011 at 2:24 AM, Alan DeKok wrote:
> Ivan Matala wrote:
>> i have a server A with freeradius installed. is there anyway to use
>> the pam of it to be use as authentication medium of freeradius?
>> (instead of using Auth Type = System, Local, SQL
>
i have a server A with freeradius installed. is there anyway to use
the pam of it to be use as authentication medium of freeradius?
(instead of using Auth Type = System, Local, SQL
The pam module
(http://linuxexplore.wordpress.com/how-tos/pam-with-radius-authentication/)
connects to another radiu
Hi Phil,
Now is working as expected . You are a good man.
Thank You
From: Phil Mayers
To: freeradius-users@lists.freeradius.org
Sent: Sunday, 8 May 2011, 18:17
Subject: Re: ldap group filter
On 05/08/2011 04:19 PM, crzrobot wrote:
> Hi Phil,
> Thank You for
Hello, I use Freeradius as proxy server. Is it possible to cache
authenticated users on the proxy and resend access-accept to these
users, if home server fails?
Ivan Luska
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ts.
I suspect I also have to put the reference to that new file (ntlm_rick
in this case) into inner-tunnel as well? And in the virtual server
config? In both the authorize{} and authenticate {} sections?
Just authenticate and default virtual server. Inner tunnel is for peap.
Ivan Kalik
-
List i
o
just use AD security groups
Configure AD as ldap server in ldap module (.raddb/modules/ldap). Then
add to users file:
DEFAULT Ldap-Group == "max_priv_level" or whatever is your group called
Service-Type = NAS-Prompt-User,
cisco-avpair = &qu
.
It would be helpful to see what the module file would look like.
There are dozens of them there. Just save what is quoted in the guide
(with adjusted text) as a file into raddb/modules directory.
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Wagner Pereira wrote:
Dear colleagues,
I am introducing now a new information. Below is what is declared into my IOS -
Cisco 6500. Is this correct?
Why don't you just read the cisco wiki page.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See
0002], fatal unknown_ca
> TLS Alert write:fatal:unknown CA
And what is unclear about that message?
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
arate server sections
> one authenticating against AD and the other against SQL and I would like
> the end-client to be able to use MSCHAPv2 to use both.
http://wiki.freeradius.org/Combining_authentication_of_AD_accounts_(ntlm_auth)_with_accounts_stored_elsewhere
Ivan Kalik
Kalik Informatika IS
> Need to know if there's a script that allows users to clean their
> session has been connected by a long period in the table raddact.
DELETE FROM radacct WHERE AcctStartTime< whatever
Why would you allow users to do anything with their accounting records?
Ivan Kalik
Kalik I
; steve Auth-Type := Local, User-Password == " Testing" etc.
>>
>> I also see notations like Jonathan Password = Unix-PW.
>> In the end my config seems to work but I'm wondering if i'm missing
>> out on
>> something important.
O'Reilly's book i
he nas. Giving the appearance in the
>>> radacct table, the the user disconnected and reconnected, keeping all
>>> data records for that month, within that month.
>>>
>>Don't do that.
>
>
> Im curious as to why not?
Because it doesn't make sense t
k at default queries in counter.conf.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ld somebody point to where I can find any documentation about it?
> Also, should I use system passwords or keep them in the postgres to make
> it
> working?
You can't use system (crypted) passwords with mschap.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Auth-Type := Reject
>
> ...
>
> but, that is not a backend mysql :(
So? It's not hard to translate user file entries into sql entries:
what's on yhe first (check) line goes into radcheck table
what's on reply lines goes into radreply
Ivan Kalik
Kalik Informatika
file.
>>
>
> I was reading about rlm_sql_log.
Why? That has nothing to do with anything you would want.
> I mean I don't want to rely on sql
> for authorization and authentication.
So don't. Use it just for accounting.
> Can I use that module only for
> easiest log handling *only* ?
What does that mean?
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
any
> server clauses or listen in sites-enabled directory.Should I just put
> listen clause in one of the files remove the default file there and
> remove listen from radiusd.conf ?
It's documented in raddb/sites-available/README.
Ivan Kalik
Kalik Informatika ISP
-
List info/subsc
d to check the terminal server for user 'usertr2048'.
> ++[sql] returns fail
> +- entering group post-auth {...}
> ...
>
> So it says checkrad: Net::Telnet 3.00+ CPAN module not installed.
> Meanwhile the radutmp line in session section of
> /sites-available/defa
cctStopTime IS NULL
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ll stopping the packets.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
a look at
> it, and point me to the problem source.
This is usually a Samba issue. Several people have resolved it by
downgrading Samba from 3.2.x to 3.0.x.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ts to authenticate my "clients"?
Probably. Does your PPPoE server support radius? It probably does.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
id 48 to XXX.XXX.236.1 port 59561
> Finished request 399
>
> Radacct:
> | 453321 | 811025bf | 7b21431a8e07e896 | t...@test.com | |
> XXX.XXX.236.1 | 1557829 | Ethernet| 2009-06-30 15:54:46 | 2009-10-29
> 18:33:36 | 95216 | RADIUS| |
>|34048624 |190022963 | PPPoE-Camping |
> 00:10:10:AD:F7:7B | User-Request | Framed-User | PPP|
> 0.0.0.0 | 0 | 0 | |
>
Now find the start record for that session and see what happened to the
Framed-IP-Address there. Stop record doesn't update IP. Start and updates
do.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
wall, but radius.
>
> i only has encountered openbsd as pppoe client and i would like to
> give AAA for my users.
And the problem is ...?
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
else ...
There is no difference in using any sql server. All that is different is
what you put as database in sql.conf. Everything else is the same
whichever database server you use.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Sergio Belkin wrote:
2009/10/29 Ivan Kalik :
Sergio Belkin wrote:
Hi,
Sorry for the stupid question, but I'd want to get how many time every
user is connected, please could you provide some kind of guideliness?
Using Version 2.1.1.
SELECT Count(*) FROM radacct WHERE Use
Framed-Filter-Id :=
"Enterasys:version=1:policy=Mitarbeiter"
Any ideas ?
Enable use_tunneled_reply in peap section of eap.conf.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
?
Don't use Auth-Type in radgroupcheck at all. Replace Password and ==
with Cleartext-Password and := and things will work.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Sergio Belkin wrote:
Hi,
Sorry for the stupid question, but I'd want to get how many time every
user is connected, please could you provide some kind of guideliness?
Using Version 2.1.1.
SELECT Count(*) FROM radacct WHERE UserName='some_username'
Ivan Kalik
Kalik Informa
on/active_directory.html
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
er to get attributes.
You should really test NAS rather than radius for that. If you really want
to use radius records look into the radius database (radacct table).
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
erver. My clients are all Mikrotiks, with 3.13
> version.
Post the debug of one accounting packet when such error happens. And don't
use HTML email.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ment a line in the chilli.conf file to have it do mac authentication.
> Would this be the right way to do this?
Probably. That's the question for ChilliSpot list.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ests will be
accepted.
> One more quick question, how can we set timeout for different users, so if
> the connection is ideal for say 4 hrs, it should get disconnected.
See Session-Timeout attribute.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.f
t 0
>
> I checked my radius db and radacct table and there are many indexed and
> nothing I could found is the problem. It only append when I enable radius
> accounting in SQL.
Run server in debug mode and see which queries are failing.
Ivan Kalik
Kalik Informatika ISP
-
List info
PS. No, default virtual server looks more like it. Won't hurt to try both.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> Is this the option?
> EAP-TLS-Require-Client-Cert = Yes
> I'm not sure where I should place it.
Authorize section of inner-tunnel virtual server I think. Use unlang
(update control ...).
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freer
Don't know about that version. It should say how to require certificates
for peap in eap.conf above peap section. At least it does in the current
version. If it doesn't - it probably isn't supported, so upgrade.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
tlm_auth line and replaced
Stripped-User-Name with mschap:User-Name and now you are wondering why is
it not using Stripped-User-Name???
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
piration} (I think that it will be on the
control list).
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
e or wipe clean your hard drive. It just might not work as expected.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radgroupreply queries.
That is because there is no requirement to use sql in authorize (that's
when sql module test group membership) - you can use SQL-Group without
listing sql there (if it's not listed anywhere you need to list sql in
instantiate).
Ivan Kalik
Kalik Informatika ISP
-
List
ation date.
Where do you store expiration date? If it's in a database you can make a
query that checks if Expiration value is less then now() and then calls
the script.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Max-All-Session then.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Don't use User-Password at all. See man rlm_pap.
Ivan Kalik
Kalik Informatika ISP
> user password i guess is same as System?
>
> On Mon, Oct 19, 2009 at 11:49 AM, Alan Buxey
> wrote:
>
>> Hi,
>>
>> > But I still got small problem, when i run in de de
d a DHCP server. Sending IP addresses
> to the NAS in a RADIUS packet won't work.
>
> You can configure FreeRADIUS to be a DHCP server, but that involves
> creating a DHCP configuration, not a RADIUS configuration.
Ivan Kalik
Kalik Informatika ISP
-
List info
ain.name. Whenever I try I only get
> the
> Realm name not domain.name. (i.e. I want it to pick up from the first .
> character not the last )
So put prefix not suffix as format. But that will break down if you allow
dots in usernames, like:
Sam.Body.domain.name
Ivan Kalik
Kalik Informati
So what does it do? Post the
debug.
> Another thing, if I call the script like the following, then the script is
> executed and takes myusername as an argument. With freeradius it should to
> automatically the same?
Yes. But perl module already makes all request attributes available i
l allways ignore Framed-IP-Address you are sending via radius and go
to dhcp. That's how wireless works.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
need to
proxy.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
erName of one customer if I have alot of customers with one
> NASIpAddress?
NAS-IP-Address + NAS-Port should be unique per online user (without
simultaneous logins) but there are plenty devices using same NAS-Port for
everybody (usually 0). You can try NAS-IP-Address + Calling-Station-Id in
id in my ldap, but this won't do as I don't want to rename
>> all the uids.
You can't. Altering User-Name breaks EAP.
> I have checked again, files are uncommented in my inner-tunnel
> configuration and hints is reprocessed.
>
> Thanks for any suggestions.
Alter
er that is handling the request) in order to differentiate from
> which virtual server is the authorization log coming from?
Yes in 2.1.7 (port is already logged). See msg_goodpass/msg_badpass in
radiusd.conf.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
late DEFAULT entries in users
file. If check doesn't match reply is ignored but user is not rejected. If
you want to reject the user not matching NAS-IP-Address for this group you
need to add:
if(SQL-Group == "dialup-freedom") {
if(NAS-IP-Address !~ "^111.222.333.(1|2|3|4|5|6)$") {
ok
}
else {
reject
}
}
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> There's no such path in /etc/raddb
> I'm running version 1.1.3
Upgrade. That version is many years out of date. In 1.1.3 module will be
in radiusd.conf.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=168
You have removed realm LOCAL from proxy.conf.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
in the request to distinguish cached credentials from
those entered by the user. That's the whole point of cacheing them.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
sult in hung child processes (as seen in
> the gdb output after the radius log file)?
You should look into the detail file and see what is wrong with the
packets that were stuck (or did the queries fail for some reason), like:
WARNING: Unresponsive child for request 165616, in module sql compon
.101']
> Sat Oct 17 02:00:18 2009 : Error: [sql] stop packet with zero session
> length. [user 'use...@realm1', nas '192.168.1.101']
> Sat Oct 17 02:00:18 2009 : Error: [sql] stop packet with zero session
> length. [user 'use...@realm1', nas '192.16
> hey all
> we keep upgrading FR servers and i got stuck with problem where I need PAP
> (I think) well i need clear text password and its not working for my user.
> When i send request through NTRAdping w/ CHAP all works well but when I'm
> using device as NAS nothing works :(
>
> I hope some one
for accounting) I need to reference
> Tmp-String-0, is this possible ?
Yes. Make an entry in acct_users file:
u1 Tmp-String-0 := "pppoe25"
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
orary attribute like Tmp-String-0.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
(to avoid overhead for connecting to the database in perl) and
result (counted gigawords and octets) passed to perl for some very basic
calculations. You will need more knowledge to construct counter queries
oin sql than for programming in perl.
> Any advise on what ISP's use as a radius s
ng the README file inside the sites-available directory, it seems
> that it is not possible to define a 'log' section in a virtual server.
It's documented in log section. Only requests line is below debug enabling
example. It should be above.
Ivan Kalik
Kalik Informatika ISP
-
> I am trying to build a version of 2.1.7 without threads (trying to debug
> an abandoned child process issue). on a redhat AS5 Linux system
You don't build it without threads, you start it without threads. See man
radiusd.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsub
.name" ) {
> pool = adradius
> nostrip
> }
> }
You can't use unlang in proxy.conf file. Use it in virtual server
configuration (authorize section).
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
combining
> groups that will not allow this to occur? Currently I'm running
> freeradius
> 2.1.6 on freebsd 7.2 and windows 2003.
Yes. Configure AD as ldap server in raddb/modules/ldap and use group
membership queries (Ldap-Group).
Ivan Kalik
Kalik Informatika ISP
-
List in
or the request:
> Rejecting the user
> Failed to authenticate the user.
>
>
> I was just trying to setup PAP (testuser) on the radius
>
> Would you know what the error could be ?
Where is your password supposed to be?
Ivan Kalik
Kalik Informatika ISP
-
List info/subsc
> configure this, if there is one? I have read the documentation, the wiki
> and the configuration files and I couldn't figure it out.
Configure two ldap instances and use them in virtual servers listen
sections point to.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscrib
/LM-Password.
> Cannot perform authentication.
> Tue Oct 13 12:00:45 2009 : Debug: rlm_mschap: FAILED: MS-CHAP2-Response
> is incorrect
Where is your password? Ldap didn't pass it back.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
tration opportunity.
>
>
>
> I'll post all my confs (2.1.6) and -X output if needed, but just looking
> for some hints to help determine why when the process fails through to
> PAP, it won't use ntlm_auth - it will only use "files"
Post the debug.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ec:/usr/local/sbin/acctstop.sh}",
> Fall-Through = no
>
>
> What have I done wrong? It seems to be ok, and be doing what I
> desire. but I want the config to be CLEAN.
> All I really want is to run a script when an accounting STOP record is
> received. A
r request 5
> modcall: group authorize returns ok for request 5
> rad_check_password: Found Auth-Type System
> auth: type "System"
...
You are using much outdated freeradius version that has Auth-Type System
enabled by default in users file. Comment that DEFAULT line out.
How does that ldap-group check look like and where is it? BTW I don't see
ntlm-auth on that debug either.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
user can call from
a list of (all) known callerIDs? Solution will depend on the policy.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
blem comes from outside
database (sql, ldap). Post a debug with timestamps (radiusd -Xx) that will
show where is the delay.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
for broadband
aggregation. They work fine together. Just don't trust Cisco claims about
numbers device can handle. Divide it by 10. If brochure says device can
handle 10,000 connections it will handle about 1,000 in a realistic case.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ll just be re-sending accounting
packets.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
some problems? It's a simple python script that
> update a field in db (online/offiline flag).
Do you need that at all? Instead of calling the database to see if the
flag (wherever you are using it) is set you can make a query that checks
if user is online.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
listen section but not in
accounting one as well.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
st. How do you think that
adjusting that 1 second interval is going to help *your* case???
Stop hacking the server and start looking at your perl code. Do you really
need to use it for authentication? Can you get all the data in authorize
script and let freeradius default modules do the authenticati
as caught earlier by
>>> "Discarding conflicting packet", in which case the _new_ duplicate
>>> request is aborted, which is more correct.
>>
>> No. You do not understand how RADIUS works. The code will NOT be
>> changed to discard the new packet
-X) and see what causes the error. Maybe some queries
are failing.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> but this problem is on radius or db?
Database, network between radius and sql or incorrect data in sql.conf.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> but this problem is on radius or db?
>
> 2009/10/9 Alan DeKok
>
>> Alisson wrote:
>> > ok.. but what I need to do on my DB?
>> >
>> > Repair? Create another DB? alter some variable?
>>
>> Ask the people who wrote and support the DB.
>>
>> Asking DB questions on a RADIUS list isn't the best wa
ine? Have you created radius
database? Does user configured in radius have permissions to run queries
on radius database? Is there a firewall stopping traffic? Do you see
radius handles connected to the database server when you start radius
server?
Should I go on?
Ivan Kalik
Kalik Informatika
; server starts up without complaint.
>
> Any suggestions?
Vendor number must be smaller than 32K. 32766 is max.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rrors reading dictionary: dict_init: /etc/raddb/dictionary.myvendor[1]:
> dict_init: /etc/raddb/dictionary.myvendor[1]: dict_init: /etc/
Check stuff like permissions on the file.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
p == "some_group", Expiration := when
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
connection time which will be incremented until the disconnection time ).
For that you will need to enable accounting updates on your NAS. If your
NAS supports Acct-Interim-Interval you can send it in the Access-Accept.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See h
1 - 100 of 1461 matches
Mail list logo
