On 10/18/2013 11:00 AM, Alan DeKok wrote:
Bertalan Voros wrote:
I have one question, I would like to log a message in radius.log when a
device is rejected based on its mac address.
I would like to put a message saying that the device was unauthorised
and the Calling-Station-Id into the radius.lo
can learn from (server
performance tweaks, optimizations, etc?). I've optimized as best I can
the SQL component. This all seems related to the samba/winbind/ntlm_auth.
- John Douglass, Sr. Systems IT/Architect, Georgia Institute of Technology
-
List info/subscribe/unsubscribe? See
= 0
FreeRADIUS-Total-Auth-Dropped-Requests = 1824
FreeRADIUS-Total-Auth-Unknown-Types = 0
After finding some messages on the devel list, I saw some reference to
memory clean up but that was a while ago so not sure how valid that
comment/problem is in the 2.2.0 version.
How should I
Elizabeth,
We have had mixed results with Ubuntu's default network manager from
12.04 until the current. Have you tried an alternative wireless manager
like WICD?
http://www.lawn.gatech.edu/help/gtwifi/ubuntu_troubleshooting.html
- John Douglass, Sr. Systems IT/Architect, Georgia Inst
the mysql
connections break for some reason) I want a full restart of the service.
Just testing authentication doesn't give me a full radius stack picture.
- John Douglass
Georgia Institute of Technology
Sr. Systems Architect
On 05/06/2013 12:25 PM, Phil Mayers wrote:
On 06/05/2013 14:40, John
On 5/6/2013 9:24 AM, Phil Mayers wrote:
On 04/29/2013 11:03 PM, FreeRadius List wrote:
Thank you I'll check with the samba people and get a better
understanding of how ntlm_auth works.#
(Sorry for the late reply)
The short version here is: badly.
ntlm_auth talks to winbind. Winbind maintains
_server radius1 {
type = auth
ipaddr = 10.10.10.10
port = 1818
secret = testing123
}
Now...I am not sure how to apply this to a single virtual server. All I
really want to do is redirect the requests and respond.
Any tips would be appreciated,
- John Douglass, Georgia Institut
If you have any additions that you have found at your
implementation/institution, we are always looking to head off potential
problems and improve our documentation/troubleshooting.
I have seem some recent queries about client configuration information
so hopefully these might be helpful to some.
- Jo
I am running freeradius-2.1.10 and ntlm_auth Version 3.0.33-3.29.el5_6.2.
Because our AD is managed by a different area (and we rely upon this for
user authentication), I am looking for ways to assist our customer
support area with appropriate logs to help debug AD issues. Sometimes,
due to ba
created, managed, and applied to the subsequent
session/authentications. I'll be running some experiments on this early
next week but figured I might ask if anyone has any ideas on how/when
the caching is applied (as configured by the eap.conf variables).
Thanks in advance,
- John Douglass
I am apparently using the Caching improperly in regards to configuration
in eap.conf. The first authentication works great (EAP-PEAP-MSChapv2)
and DB lookups. The second time (with caching enabled) it appears to
only be adding the User-Name attribute to the reply. I see the comments
in the file
in an SQL database. The schema of the database is meant to
mirror the "users" file.
sqlwpa
}
# Authentication.
authenticate {
# MSCHAP authentication.
Auth-Type MS-CHAP {
mschap
}
# Allow EAP authentication.
eap
}
Thanks in advance,
- John Douglas
Here at Georgia Tech, I had to design a system to do VLAN steering based
on a number of criteria (including hashing based on MAC). Because I know
MySQL and the like MUCH better than freeradius configuration, that's
where we moved the logic to by using stored functions.
This system also has the
I have built some WPA configuration guides as well as some troubleshooting
documentation on our build out at:
http://www.lawn.gatech.edu/help/gtwpa
There is pretty much always some form of cert acceptance for most OS.
- John Douglass, Systems Engineer
Sent from my iPad
On Jan 21, 2011, at 9
87/] (from client localhost port
0 cli 02-00-00-00-00-01)
} # server wpa
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> jd187
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Thanks in advance,
- John Douglass, Georgia Institute of Technology
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
15 matches
Mail list logo