Hello,
Are check lines in the users file short-circuit AND evaluated from
left to right? Extrapolating this presumption out to radgroupcheck
when using a MySQL database, are the check items evaluated simply in
order of column id value (ie. the order they are returned from the
SELECT)?
As usual, thanks Alan. I appreciate the help.
-M
On Wed, Jun 16, 2010 at 7:55 AM, Alan DeKok al...@deployingradius.com wrote:
Matt Hite wrote:
Are check lines in the users file short-circuit AND evaluated from
left to right?
Yes.
Extrapolating this presumption out to radgroupcheck
when
Hello.
I would like to log the client IP of failed successful
authentications to my RADIUS-enabled switches. Right now
failed/success show up like this:
radiusd[13877]: Login incorrect: [xyzzy] (from client SW-2745-C1.sv4 port 0)
radiusd[13877]: Login OK: [plugh] (from client SW-2745-C1.sv4
fine
with Cisco kit though.
Mystery solved!
-M
On Sun, May 9, 2010 at 1:19 AM, Alan DeKok al...@deployingradius.com wrote:
Matt Hite wrote:
It looks like I can possibly enable auth_badpass and auth_goodpass in
radiusd.conf and then set:
msg_goodpass = %{Calling-Station-Id}
msg_badpass
On Fri, Apr 9, 2010 at 8:46 AM, Rosario Lumia ery...@gmail.com wrote:
Sorry for my (very) bad english. Only for clearness: I'd want to know if
there is a way to log the end of a 802.1x session. I mean: a client turn off
his wireless card and (I think) AP can (??) send a message to freeradius
On Fri, Apr 9, 2010 at 12:11 PM, Garber, Neal
neal.gar...@energyeast.com wrote:
From what I've read, supplicants can send an EAPOL-Logoff message to
If the requirement is to determine when the user disconnects, isn't this best
handled by accounting data? That is, if the authenticator
Can you clarify this statement:
but my user still got the privilege to connect to all the routers in
the network
Do you send a specific RADIUS attribute, like a VSA? Or are you making
this statement based upon receiving an Access-Accept?
-M
On Thu, Mar 11, 2010 at 5:16 AM, Siryx XL
Did you perform step #3 in the How-To?
radiusd.conf:
update request {
Huntgroup-Name := %{sql:select groupname from radhuntgroup where
nasipaddress=\%{NAS-IP-Address}\}
}
On Wed, Mar 10, 2010 at 12:53 PM, Siryx XL djsi...@hotmail.com wrote:
I tried the huntgroups but it didn't work.
I
On Wed, Mar 3, 2010 at 10:44 AM, Phil Mayers p.may...@imperial.ac.uk wrote:
but how to set the fail VLAN and guest VLAN to Y ???
Setting the Fail and Guest VLAN by radius doesn't make any sense.
The Fail vlan is what to use when the radius server is unavailable.
The Guest vlan is what to do
Hello --
I am running freeradius2-2.1.7 with MySQL as the backend datastore.
I've got a deployment up and running supporting the admin login to
about 200 switches from a single vendor. I'm looking to expand my
deployment and thus some new requirements have surfaced.
Requirements:
- Different
10 matches
Mail list logo