Hi,
Running the 2.1.1 version, is it possible to log the amount of time
taken (in ms) to process an accounting packet?
I figured that I can enable authentication and reply log for
authentication and write a script to calculate the time between request
coming and response going out, but for
Hi,
The RADIUS packet has a 8 bit ID field.
This ID field is used to track the requests both in the NAS and the
RADIUS server.
The question is, does the ID need to be unique between the NAS and
RADIUS Server for all packet types? So it is OK to have an ID of 102 in
an accounting packet and an
Hi Mike,
I use a similar setup (PG Functions for auth/acct) and I never had an
issue with the query ordering.
Padam
freerad...@duxtel.com wrote:
Hi Alan,
Thanks heaps for your reply! :-)
So my basic question is: Does authorize_check_query complete fully
before
starting
Alan,
Could this be some sort of a compiler optimization that may be causing
this? May be some memory barrier is required?
Padam
Alan DeKok wrote:
fabiana marvani wrote:
Why is not there a protection for null pointer to avoid this kind of
problem?
Because the design of the
Depends a lot on NASs implementation of accounting. Some NAS send
accounting packets every X minutes. Some do it based on accounting
timers per session... so bandwidth utilization is quite different.
From a live server having 2000 users online, with NASs sending
accounting updates every 5
Look at TACACS/TACACS+. Most devices support this. You will need a
TACACS server which authenticates off a RADIUS server.
For others is upto the software to implement a TACACS or direct RADIUS.
Andres Kaaber wrote:
Hello all
I'm assigned with a project to make a central admin user database
Do you even read the errors you post? Did you read config.log?
Most probably the compiler on your machine is broken!
shivashankar wrote:
hi
i am facing following problem.plz help me
freeradisu 2.1.6 on solaris10
bash-3.00# ./configure
checking for gcc... gcc
checking for C
Maybe positing on solaris lists would be better?
shiva shankar wrote:
thax for u r reply
again i have to install gcc
could u plz let me know i am new for this installation. i think this
problem with os.
2009/7/29 Padam J Singh padam.si...@inventum.cc
Do you even read
Maybe posting on solaris lists would be better?
shiva shankar wrote:
thax for u r reply
again i have to install gcc
could u plz let me know i am new for this installation. i think this
problem with os.
2009/7/29 Padam J Singh padam.si...@inventum.cc
Do you even read
Hello Ivan,
For the LDAP I am using four servers which are configured in a
master-master replication amongst them and load balanced search access
via FR.
I take your point - spending 3x the money is not going to result in 3x
the performance in this case, so what I can do is increase the
Hi,
I have the choice of selecting between two servers for deploying 802.1x
authentication off a LDAP server. The max rate of authentication is around a couple
of thousand authentications per second.
The first choice is a 2 CPU, Quad Core Nehalem 2.53Ghz based server
with 8MB cache 12Gb
Hello Ramesh,
Capacity depends a lot on how the RADIUS server is accessing
authentication stores. Are you storing these users in a LDAP or a DB?
It is these resources that generally become the bottle-neck first
rather than the RADIUS Server.
Also, are you doing authentication and accounting
Hello Ajitabh,
Does PAP work? If it does, then your overall configuration is correct.
Whenever doing a new setup, always begin with PAP Password from PPTP
and Clear-text password in Mysql, and if it works then go ahead and
change the setting on either side to suit your needs.
I think the
Eric,
NASs send Input/Output octets as an incremental value. So if you lose a
few update packets, you do not lose usage values.
Since the number will wrap at the unsigned long boundary of 4GB, the
NAS is supposed to keep a tab on how many times has the wrap around
occurred since the session
Hello,
I have a LDAP server which contains ntPassword and lmPassword attributes
like following:
dn: uid=subs, ou=accounts, dc=test, dc=com
uid: subs
userPassword:: e01ENX03MmIwMTViNDhlOTU5ZTlkYWQ3MTAxNjNiYjJhZDkyMQ==
mac:
lmPassword: {ENC}9846B736BDDA9E7CAAD3B435B51404EE
ntPassword:
Hello Ivan,
Would adding a mutex around the select-update code in the sqlippool
module solve this issue?
Padam
t...@kalik.net wrote:
The requests all came in at the same time, to the second (among others),
its like FR took 3 requests and looked at the database at the exact same
You
need to install the make utility...
yum install make
and try again.
Padam
John Williams wrote:
Hello,
Maybe someone can guide me out of this maze.
I have a new Fedora 10 install running on Dell intel platform. I installed freeradius.i386 0:2.1.3-1.fc10 package using yum
The NAS has
to implement session disconnection after the requisite time/byte limit.
What NAS are you using?
Padam
pushpraj nimbalkar wrote:
Hello All;
I just installed freeradius on fedora 10. freeradius version is
"freeradius-2.1.1-2.fc10.i386" i also installed radius mysql packages.
mode and check if correct Session-Timeout values are getting
passed or not.
On Fri, Dec 19, 2008 at 5:08 PM, Padam J Singh padam.si...@inventum.cc wrote:
The NAS has to implement session disconnection after the requisite time/byte limit.
What NAS are you using?
Padam
pushpraj
Alan DeKok wrote:
Padam J Singh wrote:
The attributes I want to send are VSAs anyway, so I fail to see how this
violates the RFC.
It doesn't. Technically. But it's a bad idea.
Can you explain why you need to send the attributes, and what the NAS
does with them?
The reason I would
Alan DeKok wrote:
Padam J Singh wrote:
The reason I would like to use this is because the NAS I am building is
a network controller which offers advance features like speed select in
the same session, add new IP filter policies applied live on an update.
I do not want to implement an out
.
Ivan Kalik
Kalik Informatika ISP
Dana 14/12/2008, Padam J Singh padam.si...@inventum.cc piše:
Hello,
Are you aware of any radius client library which also implements
CoA/Packet of Disconnect?
I have checked radiusclient-ng and its earlier version - they do not
contain any
Alan DeKok wrote:
Padam J Singh wrote:
From the RFC 2866:
Yes, I have read the RFC's. They're even in the FreeRADIUS source
tree. They'are referenced from http://freeradius.org/rfc/, which was
built by me.
The RFC doesn't categorically say that an accounting response packet SHOULD
Hello,
According to the RFC 2866, it is possible to send back attributes to an
accounting update packet sent from a NAS.
What I have done is this: The authorization and authentication queries
are basically calls to a stored procedure in postgres that returns a set
of table type which contains
the
rlm_jradius source code,
and it looks like it doesn't differentiate between accounting and authorization
responses when reading value pairs.
Thanks,
Padam
Alan DeKok wrote:
Padam J Singh wrote:
According to the RFC 2866, it is possible to send back attributes to an
accounting update
Hello,
Are you aware of any radius client library which also implements
CoA/Packet of Disconnect?
I have checked radiusclient-ng and its earlier version - they do not
contain any such feature.
I saw that CoA is on the roadmap for FR (2007 announcement), any work
done on it yet?
Thanks,
Padam
Hello,
According to the RFC 2866, it is possible to send back attributes to an
accounting update packet sent from a NAS.
What I have done is this: The authorization and authentication queries
are basically calls to a stored procedure in postgres that returns a
set of table type which
27 matches
Mail list logo