Greetings experts.
I got an radius service running on my server that stores detail account
logs in files and to MySQL. Since this is redundant I would like do disable
the detail log files. Searching through the internet I've found many
questions about disabling detail log files but most people
Hi Fajar.
I think you misunderstood my question, or maybe I was unclear...
I have not seen the author of the response so I though it was an user like
you and me posting and I just wanted to confirm the modification would
resolve my question before apply it.
Sorry but I'm also not reporting a
Hello,
Im trying to minimize ldap queries to Active directory do to heavy load on
DC.
1º - Change query on LDAP module to not search group of group
Accomplish using on ldap:
filter = (samaccountname=%{Stripped-User-Name})
the problem is we can not enlist the mac addresses for users toaccess
computers right through an access point with the mac address without
entering password only with the mac address ofeach computer and have
unique access to these computers do notknow how to do it and have found as
we do on
okay I'll keep trying thanks...
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Description of my Operating system:
Ubuntu 9.10
Version 2.1.10. tar.gz of freeradius
in the user file and remove some comments to add users, I've put everything
you need, just do not know how to declare the MAC addresses to access let me
alone with them, apart from the IP
Is there some syntax or
apologize for the inconvenience, but I am doing along with some colleagues
the installation of freeradius for a school project, which is why we all
have this question, because we are beginners in the server and operating
system and want to learn how to do it and could not move because it We
hello
I have a problem, not what the syntax should I use to insert the mac
addresses of users in the users file
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello
I have Centos whit FreeRADIUS Version 2.1.7
And when run radius -X
Send the following error
/usr/local/etc/raddb/modules/exec[24]: Failed to link to module 'rlm_exec':
/usr/local/lib/rlm_exec.a: invalid ELF header
Luis Antonio Chavez P.
-
List info/subscribe/unsubscribe? See
Hi,
You need to contact the AD at the Global Catalog port 3268, otherwise
it will return results only for the current AD. Also ensure your AD is
a Global Catalog and the Replication connections are working fine.
Hope it helps,
Luis Azevedo
http://www.braceta.com
On Jul 27, 2009, at 03
and not that they need to be in the same forest.
Cheers,
Luis Azevedo
http://www.braceta.com
smime.p7s
Description: S/MIME cryptographic signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Fri, Jun 26, 2009 at 9:57 AM, Petar Marinkovic hig...@gmail.com wrote:
Sorry, I just c/p that line from other link
here is mine
exec ntlm_auth_pap {
wait = yes
input_pairs = request
shell_excape = yes
output = none
program = /usr/bin/ntlm_auth
very much for your attention and sorry for that awful English
language that I have.
Greetings
Luis M. Álvarez
--
Universidad Carlos III de Madrid
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi all,
Please accept my apologies for this complicate question.
I need make a new FR server from sources with mysql support, and I have only
two OS options: CentOS 5 or Ubuntu 8.
I used only FreeBSD, but now I have only these two options.
Any suggestions?
Thx
-
List
Yes, By focusing mainly on attributes such as
MSISDN(Calling-Station-Id) and GGSN/NAS(Called-Station-Id) as
well as by deploying an IP assignment technique(using IPPOOL
or otherwise).
If you have specific queries, would be happy to attempt to answer.
Do you know the GGSN session time
Is it use the session-timeout RADIUS attribute? Are there some other VSA to
determinate the session time or traffic amount?
No..but session-timeout RADIUS attribute
On Sun, Dec 14, 2008 at 11:11 PM, Toledo, Luis Carlos
lscrls...@gmail.com wrote:
Yes, By focusing mainly on attributes
:26 PM, Toledo, Luis Carlos
lscrls...@gmail.com wrote:
Is it use the session-timeout RADIUS attribute? Are there
some other
VSA to determinate the session time or traffic amount?
No..but session-timeout RADIUS attribute
On Sun, Dec 14, 2008 at 11:11 PM, Toledo, Luis Carlos
authenticated
from the phone line .
luis
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 33818, id=145,
length=72
User-Name = luis
User-Password = test
NAS-IP-Address = 172.16.1.11
NAS-Port = 0
+- entering group authorize
section.
}
}
Errors initializing modules
thanks in advise ,
sorry for my insistence but who don't seek , will never going to get the truth.
Luis
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hello again ,
finally my freeradius its working following all the steps from
http://deployingradius.com/documents/configuration/active_directory.html
but i have the same issue
check my radius debug ,
thanks for read
Luis.
radiusd -X
FreeRADIUS Version 2.1.1, for host x86_64-unknown-linux
for read .
Luis
Is it that difficult to follow instructions? What possesses you to do
things you haven't been told.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http
pal if you are using freeradius binary version as i was using before
you can debug typing freeradius -X
if you are using the compiled version as i did a few days ago , should work
only tipping radiusd -X
PD:
my freeradius still does not authenticating against AD :-(
--- El jue, 2/10/08,
.
Auth-Type PAP {
pap
}
}
authenticate {
ntlm_auth
}
radtest luis ..4wr123,,todoloco 127.0.0.1 0 testing123
Sending Access-Request of id 137 to 127.0.0.1 port 1812
User-Name = luis
User-Password = test
NAS-IP-Address
PROTECTED] escribió:
De: Alan DeKok [EMAIL PROTECTED]
Asunto: Re: ntlm_auth works on commandline but not in radiusd.conf
Para: [EMAIL PROTECTED], FreeRadius users mailing list
freeradius-users@lists.freeradius.org
Fecha: miércoles, 1 octubre, 2008 4:42
luis a wrote:
i believe that you saw
Hello friends, I was searching on the Internet and suggested that I upgrade
my server freeradius
and then jumped to the latest version
I have everything seemingly well-configured to authenticate against
Active Directory
but I lack the parameters under which I use the default
ntlm_auth
--- El mar, 30/9/08, [EMAIL PROTECTED] [EMAIL PROTECTED] escribió:
De: [EMAIL PROTECTED] [EMAIL PROTECTED]
Asunto: Re: freeradius compiled version (lastest) against active
directoryauthentication
Para: freeradius-users@lists.freeradius.org
Fecha: martes, 30 septiembre, 2008 2:14
I have
septiembre, 2008 3:07
luis a wrote:
I have everything seemingly well-configured to authenticate against
Active Directory
but I lack the parameters under which I use the default
ntlm_auth module
What does that mean?
Have you tried my web site (deployingradius.com) ? It has a
howto
thanks
-
radtest luis x 127.0.0.1 0 123
Sending Access-Request of id 189 to 127.0.0.1 port 1812
User-Name = luis
User-Password = x
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
rad_recv: Access-Reject packet from host 127.0.0.1:1812
luis a wrote:
hey there i have a trouble in my freeradius
im trying to autenticate user to active directory
there is my config
Perhaps part of the problem is that the documentation says very
clearly what to do: run the server in debugging mode.
i have read allready the documentation at
http
Hi!
I have a problem with my dialup users with a dynamic pool of ip addresses. My RAS provider don't send me the right
Port-id nor Cisco-NAS-Port (always send me a 0 value for all users). I use ippool module to assign dynamic ip addresses.
Then I have to change the key on my pool
Hi!
I am using freeradius 1.1.3 and I have some problems with dial-up users using
a dynamic pool of ip adresses.
When user A are logged in with ip address 1, its ip is marked as used in the
pool only for 2/3 minutes.
After that if an user B logs in, then this new user can received the same
thanks. I think that's the problem.
Luis
Ivan Kalik escribió:
Could it be a problem from the NAS params sent to radius?
It could - if NAS-Port parameter is the same for all users. If user C
logs out IP adresses will be released from the pool and B will be able
to get A's IP address.
Ivan
Why do not use proper asterisk to put accounts (CDR) in to mysql ? It´s very
simple.
Hi!
First of all, I apologize if I sent this to non-appropriate
mailing list, but nevertheless I hope that you can help me.
I installed FreeRadius because I wanted to see how it works
in conjunction
Firstly, please do not top post.
Secondly, your reply doesn't actually explain anything new
nor ask any additional questions. Maybe you should be clearer :-)
Cheers
Sorry, for my top port.
My reply was very short and not more cleared because I belive it´s not a
directly freeradius
routerOS with routerboard (Mikrotik) or x86 plataform. Centralized or mixed
environment.
On Fri 21 Dec 2007, Geoffroy ARNOUD wrote:
Hi all,
First I apologize, because the question I am about to ask is not
directly linked to FreeRADIUS.
Any feedback woul be appreciated.
Daniel
I have two load-balanced NAS with diferents networks, the users can use the
first or second NAS to gain network access from dynamic ips via rlm_ipool
(two diferents ip pools) radius module.
But now, I need to use unique fix ip from some users.
How can I force the user to use a unique NAS ? If
Thank you very much! Great job Peter !
This problem was solved using de rlm_sqlipool with sql postgres instance.
All other radius database transctions was made with another sql mysql
instance.
Thank for all
Toledo
On Wed 08 Aug 2007, Toledo, Luis Carlos wrote:
Hey all,
I have
See man unlang for details.
Is it this feature disponible in the stable 1.1.7 version ?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hey all,
I have a serius problem with non valid Nas-port received from NASes, because
a need to provide a dynamic IP (rlm_ippool).
Have anyone any suggestion?
Thx
Toledo, Luis Carlos
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hey all,
I have a serius problem with non valid Nas-port received
from NASes,
because a need to provide a dynamic IP (rlm_ippool).
Have anyone any suggestion?
http://wiki.freeradius.org/Rlm_sqlippool
I am use mysql for all radius operations and data storage, is it sqlippoll
I need to use Calling-Station-Id (or AcctSessionId) as NAS-Port and provide
dynamic Ips using rlm_ippool.
Using attr_rewrite it´s possible to make this change (Calling-Station-Id =
NAS-Port), but the freeradius/modules C code define port as int. My
calling-station-id have 15 numerics chars of
do that?
Question 2:
How can I send a different Nas-Ip-address to radius2. Now my NAS has an
ip address ip1, and I want to change the ip address of the NAS when the
request packet goes(is proxied) to radius2.
Is it possible?
Thanks.
Luis
-
List info/subscribe/unsubscribe? See http
Hello!
great!! Fantastic!!
it works!!
Thank you very much for your help. You put me in the right direction and
you help me to understand the whole thing.
You should work as a teacher :-)
I was really lost!
Thanks
Luis
Marcel De Boer escribió:
Hi!
The secret key between nas and radius1
is proxying the request of
the [EMAIL PROTECTED] with encrypted passwords to radius2.
What can I do to send the clear-text passwords to radius2?
Thanks.
Luis
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
and shared secret.
thanks.
Luis
Alan DeKok escribió:
Luis Galan wrote:
It seems that my nas is sending encrypted passwords
No. If the User-Password field is garbage in debugging mode, it's
because the shared secret is wrong. Fix it.
but radius2 only
accept clear text passwords. And my
Hello!
I need to configure freeradius as a proxy server only for users that
ends in @domain1.com. This users must be authenticated by its home
server (external proxy) but users must received an ip address from my
pool. (We give internet service to customer from another country with
its dialup
is only at the start time. Is it Right?
Is it a bug?
Do I have misconfigured anything?
Any idea?
Thanks.
Luis
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello!
Yes it can authenticate trough mysql server number 2.
But it both mysql server are down, obviously it can't.
Luis
Alan DeKok escribió:
Luis Galán wrote:
...
1.- If my mysql server 1 is down and mysql server 2 is up. And I try to
start the freeradius daemon, it returns me
Hi there,
Is there anyone with experience with FreeRadius working as proxy for the
RSA ACE Server?
Regards.
--
Luis
[EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi again,
Can anyone tell me if it is possible to control the authentication
process using the remote telephone number used by the user?
Thanks again :D
--
Luis
[EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
reject the access.
Is that possible using freeradius?
I don´t know exactly if Called-Station-Id can be used (and how) to do
that type of control.
Regards.
On Thu, 23 Nov 2006 23:16:05 +1100, James Wakefield
[EMAIL PROTECTED] said:
Luis wrote:
Hi again,
Can anyone tell me if it is possible
On Thursday 02 March 2006 00:49, Gunther wrote:
Had the same trouble with long SQL queries. It seems the RADIUS standard
only allows
up to 253 characters or so. I ended up modifying my table column names to a
shorter name.
Not nice, but it works. I also 'merged' some tables information to
Hi. I'm trying to configure a freeradius 1.1.0 [Debian testing] server with
mysql backend, and I'm having trouble with the sql counter module. When
trying to customize the query to obtain the remaining time (the default query
does not reflect my enviroment), I find mysql syntax errors.
-Original Message-
From: Luis Antonio Chavez Puebla [mailto:[EMAIL PROTECTED]
Sent: Jueves, 01 de Septiembre de 2005 08:26 p.m.
To: freeradius-users@lists.freeradius.org
Subject: 4400 switch configuration and auth_module_radius.so problem
hi
i have a 4400 switch whit free radius
and i
howto configuring it using MySQL?
Thanks.
Luis Matos
Systems Network Manager
Acelera Networks, Puerto Rico
TEL.
787.622.2666
Email:
[EMAIL PROTECTED]
Web:
www.acelerapr.com
I never think of the future. It comes soon
enough. Albert Einstein
-
List info/subscribe
Ehlo
We are usign Cisco1200 AP for roaming, but AP needs to auth into radius.
Because CISCO it must use LEAP. But it fails on this
rlm_eap: EAP/leap
rlm_eap: processing type leap
rlm_eap_leap: No User-Password or NT-Password configured for this user
rlm_eap: Handler failed in EAP/leap
why dont you try this
modules {
...
# '[EMAIL PROTECTED]'
#
realm suffix {
format = suffix
delimiter = @
}
}
and then
authorize {
preprocess
...
suffix
...
}
It should work onthe whay that DN
Le Jeudi 21 Avril 2005 07:53, Frank Bonnet a écrit :
Hello
I'm new to the list :-)
I am setting up a chillispot server to manage our future WiFi network
and I wonder if the schemas given with the lastest freeradius
ditribution as it is marqued for LDAP-v3 are OK for LDAP-v2 ?
We actually
I have just configured freeradius with ntlm, but I dont understand your
problem, Can I help you?
Le Jeudi 21 Avril 2005 12:22, Alan DeKok a écrit :
Sylvain Clerc [EMAIL PROTECTED] wrote:
So, I read all of the debugging output and I find that mschap failed
to find a nt/lm password and stop
Did you sign your certificates with OID extensions for user and server use?
Le Vendredi 15 Avril 2005 20:14, Adam Gibson a écrit :
Background:
I am utilizing CMCs Emulation Engine to perform multi-client testing on a
wireless access point, which is configured for WPA 802.1x. I am running
Helo Radiususers,
I have just setup a radius server with a LDAP backend for user auth for our
WLAN.
It auths pretty good with certs for client/server.
I was wondering, to let Radius to check if cert has not expired. So I do next
copy server.public.pem to /etc/ssl
copy server.privatekey.pem
hablas español?
Yo quieor hacer lo mismo, quizá nos podamos ayudar
Le Mercredi 06 Avril 2005 12:20, Israel Fabio Alves a écrit :
Hi,
I try to authenticate user Windows XP + PEAP + MSCHAPV2. The
authetication using user + password + domain.
Always occur de same error: rlm_eap: Identity
Helo,
Im using Freeradius 1.0.2, and when I tray tu radtest configuration it breaks
down
logs shows taht autenticacion was made, and it says : auth... correct
then, next line,
Segmentation Fault
I have configurate only LDAP, get rid of EAP, UNIX, PAM, CHAP, CHAPv2, PAP
some sugestion,
Now,
This topic has already been on list,
remember, if you try to do CHAP it wont work because crypted passwords.
Le Mercredi 16 Mars 2005 14:50, Anderson Alves de Albuquerque a écrit :
I am trying to install this:
PPTP Client (Linux/Win XP/Win 2k) RADIUS --- LDAP
I have problem with
' but nothing happen.
It´s the same with CentOS 3.4 (like RHEL3update4, freeradius-1.0.1) and
CentOS 4 (like RHEL4, freeradius 1.0.1-2), anybody has the same problem? I'm
doing something wrong ?
Thanks in advance fow any help,
Luis A. Herrero
-
List info/subscribe/unsubscribe? See http
You may want to read
http://www.linuxchange.com/opendocs/howto/authentication/radius/index.es.html
however it's on spanish
LD
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
is incorrect
...
I think I have all configurations well defined in ldap.conf
can anyone give some help?
:) thanks in advance
Jose Luis Faria
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
It's possible to make any protection to the password among the client
and the VPN's server and using LDAP ?
I know it's possible with a clear password's file, but we want to use
our server of ldap.
thanks!
Alan DeKok wrote:
jose luis faria [EMAIL PROTECTED] wrote:
- if I set require
Isn't it a seccurity problem clear tex password to permit CHAP?
Le lundi 4 Octobre 2004 09:18, Alan DeKok a écrit :
Mahesh S Kudva [EMAIL PROTECTED] wrote:
I did the same:
username Auth-Type:= CHAP, CHAP-Password == test
Service-Type = Framed-User,
I rather preffer pap, you just only put on risk one account not everibody
Le lundi 4 Octobre 2004 10:59, [EMAIL PROTECTED] a écrit :
Luis Daniel Lucio Quiroz schrieb:
Isn't it a seccurity problem clear tex password to permit
CHAP?
Depending on your configuration, it may be one
Helo all,
Well, I have just configure freeRadius using LDAP as a backend and it works
well. Radtest reports that authentication is ok. So I configurer my
PPTP/PPP vpn using radius plugin and it works (with pap).
How ever I realize taht ldap.radmap file does mapping for LDAP and Radius and
SecureW2 1.0.9 only supports PAP in inner auth.
SecureW2 2.x.x suports PAP plus EAP (whatever EAP you have registered on
your system - EAP-MSCHAPv2 is one of them)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of [EMAIL PROTECTED]
Sent: Wednesday,
You can search on the registry for EAPOL.
Delete all the entrys and reauthenticate.
lguido
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of BLANCA FERRERO RODRIGUEZ
Sent: Friday, May 28, 2004 14:20
To: [EMAIL PROTECTED]
Subject: Re: how to change
Hi Alan,
See my coments inline.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Alan DeKok
Sent: Friday, April 30, 2004 15:39
To: [EMAIL PROTECTED]
Subject: Re: Looping prevention end duplicate accounting
Luis Guido [EMAIL PROTECTED] wrote
Hi all,
I have two questions that some might have the answer.
I can't seem to find it anywhere so I'll try here! :)
1ST)
Is there a way to prevent loops on authentication/accounting?
My scenario is that I have several servers that authenticate (TTLS
PEAP) on a Realm base, and use a proxy server
Hi alll !
Of course Jean-Paul, the problem was in my LDAP, I have changed my own LDAP
configuration and freeradius works correctly with TTLS and TLS, but I have
not changed anything in my freeradius configurations. So, thanks for your
help!!
José Luis Solano
[EMAIL PROTECTED]
(+34
Hi all, I'm here again ;)
Anybody uses XSupplicant client with TTLS?
Anybody knows if XSupplicant works OK with TTLS?
Please, if there is some guy who works with XSupplicant, I need help!!!
Thanks
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL
8 ID 18 with timestamp 403b1a6c
Nothing to do. Sleeping until we see a request.
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
with timestamp 403b2146
Nothing to do. Sleeping until we see a request.
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hi jean-Paul,
have you seen the freeradius logs and my LDAP configuration?
How many attributes LDAP needs?
How freeradius get the password?
Thanks a lot and sorry if I ask a lot
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL PROTECTED]
(+34
Hi all,
I use EAP/TTLS and a LDAP to store the users.
What is the structure in my LDAP?
do I need specific attributes in my LDAP (userPassword, etc)?
do I need to change any schema files
(RADIUS-LDAP.schema,RADIUS-LDAPv3.schema,RADIUS-SQL.schema)?
Thanks in advance
José Luis Solano
SGI
.
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks, my freeradius runs.
José Luis Solano
in radiusd.conf
-users file configuration
-have you changed anything in dictionary file?
Thanks in advance
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
- Original Message -
From: Jean-Paul Chapalain [EMAIL PROTECTED
Hi Arthur,
I think Alfa·ariss client is free for your personal usage, but you can't
distribute it.
Regars.
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
- Original Message -
From: Artur Hecker [EMAIL PROTECTED
Hi lionel!
Thanks a lot, of course and please send me your radiusd.conf. You can
use my personal email [EMAIL PROTECTED]
In user file, what I need to change?
Thanks a lot again Lionel!!!
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL
Hi Arthur,
Currently there are three clients available:
**XSupplicant: Linux, I don't know if the last version works correctly with
TTLS. Free.
**SecureW2: Windows, TTLS (pap). Free for personal usage.
**AEGISClient: Windows and Linux, Not free.
Regards.
José Luis Solano
SGI - Soluciones
Thanks Alan!!!
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
- Original Message -
From: Alan DeKok [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, February 23, 2004 3:18 PM
Subject: Re: AlfaAriss Client
. Sleeping until we see a request.
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
- Original Message -
From: José Luis Solano [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, February 23, 2004 4:06 PM
Subject: Re
e =
1024
include_length =
yes
}
ttls
{
default_eap_type=md5
copy_request_to_tunnel =
no
use_tunneled_reply=no
} }
José Luis SolanoSGI - Soluciones Globales
Internet S.A.Delegación Regional Sur[EMAIL PROTECTED](+34)
954.088.060
Sorry, and my authorize and authenticate modules in
radiusd.conf are:
authorize
{
preprocess
# Read the
'users' file files
}
authenticate
{ Auth-Type PAP
{
pap }
}
José Luis SolanoSGI - Soluciones Globales Internet S.A.Delegación
Regional Sur[EMAIL PROTECTED](+34
rd. Note that packets# containing CHAP-Password
attributes CANNOT be authenticated# against /etc/passwd!
See the FAQ for details.# unix
# Uncomment it if you want to use ldap for
authentication#Auth-Type LDAP
{#ldap#}
## Allow EAP
authentication.eap}
José Luis SolanoSGI - Soluciones Globales
Internet S.A.Delegación Regional Sur[EMAIL PROTECTED](+34)
954.088.060
AP-Type/ttls: file not foundradiusd.conf[600]: eap: Module
instantiation failed.
=
---
So, I'm going to change my configuration.
Lionel, could you tell me your configuration
please, and where can I find the versions you are using?
Thanks in
{
default_eap_type=mschapv2
copy_request_to_tunnel=yes
}
}
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
- Original Message -
From: Jean-Paul Chapalain [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, February 17
})))
# groupmembership_attribute = radiusGroupName
timeout = 4
timelimit = 3
net_timeout = 1
# compare_check_items = yes
# access_attr_used_for_allow = yes
}
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación
=
izadisan
basedn =
"ou=Wireless,dc=sgi,dc=es"
filter =
"(uid=%u)"
start_tls =
no
tls_mode =
no
dictionary_mapping =
${raddbdir}/ldap.attrmap
ldap_connections_number =
5
timeout =
4
timelimit =
3
net_timeout = 1 }
José Luis SolanoSGI - Soluciones Globales
Internet S.A.Delegación Regional Sur[EMAIL PROTECTED](+34)
954.088.060
Hi Lionel,
I have your radiusd.conf file, (thanks!!).
But I have a simple question: if I have TL and TTL in my radius.conf, what
eap-type will use freeradius TLS or TTLS?
it's the client who decide the eap-type?
Thanks in advan!!!
José Luis Solano
SGI - Soluciones Globales Internet S.A
Hi Lionel,
I have your radiusd.conf file, (thanks!!).
But I have a simple question: if I have TL and TTL in my radius.conf, what
eap-type will use freeradius TLS or TTLS?
it's the client who decide the eap-type?
Thanks in advance!!!
José Luis Solano
SGI - Soluciones Globales
Do you know if Windows XP client has authentication TTLS? Where is the
option?
If Windows XP client has not TTLS, then do you know other client?
Thankss a lot!!
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegación Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
- Original
1 - 100 of 107 matches
Mail list logo