Hello,
i`m
running a Freeradius Server 2.1.12 on a Ubuntu 13.04 VM. The Login
with 802.1 works perfectly. I`m using a Windows LDAP Server for the
Login and want to add a second LDAP-Server for a Fail Over. I`m
following the Tutorials to setup my Freeradius Server: *Click*. I`cant find a
suita
That did the trick perfectly.
I am only using the default virtual server.
Is there any reason I would add this to the authorize section for the
inner-tunnel?
Thanks.
--
Kevin Elliott
Network Specialist
City and Borough of Juneau, MIS
(907) 586 - 0905
> -Original Mess
.accounting_response"
key = "%{User-Name}"
}
Module: Checking session {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
} # modules
} # server
radiusd: Opening IP addresses and Ports
listen {
type = "auth"
ipaddr = *
port = 0
}
listen {
type = "acct"
ipaddr = *
port = 0
}
listen {
type = "auth"
ipaddr = 127.0.0.1
port = 18120
}
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel
Listening on proxy address * port 1814
Ready to process requests.
--
Kevin Elliott
Network Specialist
City and Borough of Juneau, MIS
(907) 586 - 0905
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
du as username.
My question is can you modify the realm behind the user's back?
(during EAP process).
Kevin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
I have to make an application using a RADIUS lib.
I want to use the freeradius-client lib, but I can't find the
documentation. I downloaded the bz2 archive as said on the wiki, and
installed it, but I don't have any help with it, neither ad in the wiki.
Is there a doc somewhere ? A example
ine
since you're not using it. It's mainly for debugging and easily
printing the entire contents of an object/array/hash/etc.
--
Kevin Ehlers
Network Engineer
University of Oregon
signature.asc
Description: OpenPGP digital signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
bandwidth for the
user, in bits per second)
As I can see the attribute itself has two subtyped values. How can I
declare them in the dictionary file?
Thank you for your help!
--
Kevin Baier
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
2010/10/4 Alan DeKok :
> Kevin Baier wrote:
>> As I can see the attribute itself has two subtyped values. How can I
>> declare them in the dictionary file?
>
> You don't.
>
> Nested subtypes are non-standard, and are not supported in 2.0.4.
> They will likely b
an test new configurations without having to worry about PKI
issues.
- --
Kevin Ehlers
Network Engineer
University of Oregon
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkyRDh4ACgkQ0l216NgIDrwtawC
has to be explicitly enabled.
This can be a barrier for un-managed and non-employee machines.
- --
Kevin Ehlers
Network Engineer
University of Oregon
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.moz
cation gateway.
- --
Kevin Ehlers
Network Engineer
University of Oregon
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkyPlnEACgkQ0l216NgIDrz+fgCbBMTmrFDjUhQlouJou4OQh0k8
DaYAoJO9fdCQotSdyBKWdv7xdUbflexR
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 9/3/10 2:30 PM, Alan DeKok wrote:
> Kevin Ehlers wrote:
>> Is it possible to modify attributes returned from ldap? E.g. We're
>> trying to do wpa-enterprise with peap-mschapv2. We store our nt hash
>> passwords as
says
that it never received a valid password hash. All authentication fails
at this point.
We store it as {nthash} because that's what our other radius servers
(radiator) expect to see.
I searched the archives, but was unable to find anything about that.
Thanks,
--
Kevin Ehlers
Network E
7;m not
really clear about how to use the virtual servers in regard to proxying.
Thanks,
--
Kevin Ehlers
Network Engineer
University of Oregon
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ation. So, if somebody can point me in the right
direction on how to set it up in FreeRADIUS. Any help will be greatly
appreciated.
Gr,
Kevin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Mon, Jun 22, 2009 at 23:08, Ivan Kalik wrote:
> > I installed freeradius 2 but my problem is still there.
> > To remember it :
> >
> > I configured Freeradius to look in openldap directory to authenticate and
> > authorize an user.
> > The authentication phase is OK
> > During the authorize ph
Hi,
I installed freeradius 2 but my problem is still there.
To remember it :
I configured Freeradius to look in openldap directory to authenticate and
authorize an user.
The authentication phase is OK
During the authorize phase, a ldap search is done : if the user is member of
a group identified
thanks for the quick answer :)
Indeed, the version installed is not the last one but the "no longer
maintained one"
I just did yum install freeradius.
I will fix this right now
Thanks again
--
KeV
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi everybody,
I have a big problem in freeradius installed in version 1.1.4 on RHEL 5, and
today it's the third day i'm looking for a solution :(
Here is the problem:
I configured Freeradius to look in openldap directory to auth and auth an
user.
The authentication phase is OK
During the auth phase
On Tue, Feb 10, 2009 at 1:54 PM, kevin leblanc wrote:
> To remember : I want only user1 can access to host1.
>
> To illustrate it:
> root
> |
> --
> ||
>
To remember : I want only user1 can access to host1.
To illustrate it:
root
|
--
||
hosts users
||
--
|||
host1 use
Hi
I have a Freeradius which checks if an user has right to connect to a
network equipment via LDAP.
For security reasons, i want to restrict access to certain users (network
administrator).
At the beginning, I wanted to do it by adding host attribute to a user, it
will contain all allowed hosts h
On Thu, 2008-12-18 at 15:05 +0100, Alan DeKok wrote:
> kevin wrote:
> > IOW, when using WISPr-Bandwidth, does that modify the client connection
> > at the client computer or does that occur at a proxy or firewall device?
>
> The RADIUS client (NAS) that receives the WISPr-B
would
probably provide pretty much the same features.
thx...
Kevin
On Wed, 2008-12-17 at 12:49 -0500, Leigh Martell wrote:
> Hello Kevin,
>
> I can't answer definitively, but I would assume that it would be done
> on your NAS(depending on your hardware these rules "could"
o bypass those controls?
Hope that made sense.
Cheers,
Kevin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ain, and it worked as expected:
> r...@server3:/home/kevin# radtest fred wilma 192.168.3.199 1812 mysecret
> Sending Access-Request of id 60 to 192.168.3.199 port 1812
> User-Name = "fred"
> User-Password = "wilma"
> NAS-IP-Address = 255.255.255.
cannot use localhost. Otherwise, I wouldn't worry about
it... Eventually, the remote location will be running covachilli or
something similar. But for security (equipment) reasons, I cannot put a
server at that end, so must do authentication remotely, at this end.
Cheers,
Kevin
On Fri, 2008
e machine:
> radtest fred wilma localhost 1812 mysecret
And it resolved localhost as 127.0.0.1 (as expected) and responded the
same as when I used 127.0.0.1
In radiusd.conf, bind_address = * and listen { } is all commented out.
Running freeradius -XXX -A provides the following output:
> r.
running properly in default config, or it would seem. I
cannot get a response when a remote authenticate is made.
When I ssh into the server, it appropriately responds to the following:
> r...@server3:/home/kevin# radtest fred wilma 127.0.0.1 1812 mysecret
> Sending Access-Request of i
>FreeRadius version is?
Version of Freeradius is 2.0.5
> That may be a side-effect of something else taking long amounts of
> time. Usually, this is SQL.
I believe this may have been a side effect of perhaps all my ldap
threads being utilized. I have increased the number of ldap thr
Have you verified that Samba was joined to your domain successfully
using wbinfo -t? You should see " checking the trust secret via RPC
calls succeeded"
If that is successful try:
[EMAIL PROTECTED] ~]# ntlm_auth --username your_user --password users_password
--domain your_ad_domain --request-nt
.
//anders
On 20/08/2008 20:45, "Kevin J" <[EMAIL PROTECTED]> wrote:
Well, that's why I am saying we used the nas simulation tool. We can hammer a
lot of traffic with this multi-threaded tool and also we tried at least three
client boxes so don't assume our tr
don’t want to be there to see it) ...
//anders
On 20/08/2008 20:18, "Kevin J" <[EMAIL PROTECTED]> wrote:
Does anybody know the performance on Sun T-1000?
Just noticed that radius cannot reach more than 20% CPU time when we ran a
heavy traffic with nas simulations. We have teste
Does anybody know the performance on Sun T-1000?
Just noticed that radius cannot reach more than 20% CPU time when we ran a
heavy traffic with nas simulations. We have tested some other programs and
could reach even more than 90% so just curious anybody experienced the similar
result.
-
that weren't available in SNMP. For more information, see:
>
> share/dictionary.freeradius
The changes sound great! I'd cutover to this if I were still at the company
that used FR and SNMP monitoring stuff...
Kevin Bonner
signature.asc
Description: This is a digi
Folks,
I need to run two different configurations on one box. I guess the only way is
to run two daemons on different ports.
Any advice or concern? I also want to hear if there is known issues, bugs, or
performance matters when more than one daemon run on the same box.
Thanks,
Kevin
Is there a way that I can use for a regular expression to validate the username
attribute?
Something like
User-Name =~ [0-9a-zA-Z.#_]
I think . or # does not work.
Be a better friend, newshound, and
I tried to compile freeradius-1.1.7 and freeradius-server-2.0.3,
but encountered the following error. Could someone help?
Kevin SZ
[EMAIL PROTECTED] ~]$ more /etc/redhat-release
Red Hat Enterprise Linux ES release 4 (Nahant Update 4)
[EMAIL PROTECTED] ~]$
ient.lo libeap/libeap.la -lnsl
it needs. If I want to implement the authentication
Using RADIUS so net boot will continue only after the
authentication succeed. I just want to know where RADIUS fit into
this model step by step.
Kevin SZ
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Hi Ivan,
Thanks for your reply. But how do DHCP know NOT to give the IP to the client
When the authentication fail on RADIUS?
Kevin SZ
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ivan Kalik
Sent: Tuesday, March 25, 2008 4:51 PM
To: FreeRadius users
Hi,
How do I configure Radius server to work with DHCP server, so the client
will authenticate with Radius first
before DHCP will assign it an IP?
Kevin SZ
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
not just the WARN
lines:
script ~/fr2-output
./configure --blah
exit
grep whatever ~/fr2-output
-Kevin
signature.asc
Description: This is a digitally signed message part.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
In ldap.c:2660, there is a condition check to see if vals_idx is zero
2660if (!vals_idx){
2661pairdelete(pairs,
newpair->attribute);
2662}
2663pairadd(&pairlist,
utput? Is the operator
correct? Does it do the same thing when you move the SQL entry to the users
file and make the same attribute name changes?
Kevin Bonner
signature.asc
Description: This is a digitally signed message part.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Does anybody know about iCHAP?
Kevin,
-
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
her place in the documentation where this should be
> suggested?
>
> Alan DeKok.
Big red letters on the front page of the website. Or below the
subscribe/unsubscribe line in the footer of every message. =)
-Kevin
signature.asc
Description: This is a digitally signed message part.
-
Li
ame, the problem is a
configuration issue. Reject usernames with a space (see email from Alan) in
the username or strip the spaces from the request.
-Kevin
signature.asc
Description: This is a digitally signed message part.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hema, that SQL query should be changed
to 'acctstoptime IS NULL'. Try this from your SQL command line and see if it
gives the desired results for both connected and disconnected users.
Kevin Bonner
signature.asc
Description: This is a digitally signed message part.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Is there a way to open two ports (1645 and 1812) for auth at the same time?
We want to find a way to open 1645, 1812, 1646, and 1813 for auth and acct in
parallel.
Thanks,
Kevin
-
Never miss a thing. Make Yahoo your homepage.-
List info/subscribe
2c -c testsnmp -m
> /etc/raddb/RADIUS-AUTH-SERVER-MIB.txt localhost radius "
> same command is working fine on the old machine.
>
> i searched for that on google but found nothing .
>
> any one can help ??
What does debug mode (-X) show? Are there any errors in your snmp
with the := operator.
lisa Cleartext-Password := "xxx", Realm == "jellico.com"
...
Or if you want to reject from a specific realm, just use this before your real
user entry:
lisa Realm == "realmY", Auth-Type := Reject
Kevin Bonner
signature.asc
Descriptio
as the secret configured in
your nas SQL table. Freeradius only reads the nas table on startup, so if
you make changes to that table, you must restart the daemon for those changes
to take effect.
Kevin Bonner
signature.asc
Description: This is a digitally signed message part.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
.org/msg34103.html
> Does anyone have an alternative to accomplish this if it's not possible
> with Radius.
TACACS+
Kevin Bonner
signature.asc
Description: This is a digitally signed message part.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ing, that is probably where the Access-Request packets are coming
from.
Kevin Bonner
signature.asc
Description: This is a digitally signed message part.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
IUS reply.
That's because you cannot list reply attributes in the hints file, but you can
add a Hint that can be checked in the users file.
Here is a short example that should work for you using the hints file:
#hints
DEFAULT User-Name =~ "@dsl.realm"
Hint = "DSL"
radiusd -X
> ...
> Module: Loaded SQL
> sql: driver = "rlm_sql_postgresql"
> sql: server = "localhost"
> sql: port = ""
> sql: login = "postgres"
The debug output shows what variable to use. I've snipped the output to make
it a li
in advance.
Kevin
-
Be a better Globetrotter. Get better travel answers from someone who knows.
Yahoo! Answers - Check it out.-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ost the actual 1.1.7 build output with errors? I have no idea what
the jradius patch is, but does the build work without that patch?
Kevin Bonner
signature.asc
Description: This is a digitally signed message part.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
e server and the NAS!
...
> any suggestions.
>
> ram
Those messages seem pretty clear to me. Have you verified the secret is the
same?
-Kevin
signature.asc
Description: This is a digitally signed message part.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok wrote:
Kevin Bailey wrote:
What are the differences between clients and NAS's? - Where should they
be defined?
A Network Access Server (NAS) is a RADIUS client. It should be
defined in "clients.conf"
I seem to have been able
used - but I've heard that there are
two things which are separate - clients and NAS's.
Also, why are there the two references in the dialupadmin app - on web
page and in naslist.conf?
Thanks,
Kevin
--
Kevin Bailey
IT Consultant
Email: [EMAIL PROTECTED]
Tel: 01752 268923
W: www
nected. You can also use checkrad to
confirm the session is active.
Kevin Bonner
signature.asc
Description: This is a digitally signed message part.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rnet from my HotSpot users?
Session-Timeout is a reply item, so it can go into the user or group reply
item tables.
Kevin Bonner
signature.asc
Description: This is a digitally signed message part.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
forget to use the ':=' operator for the Cleartext-Password attribute, in
addition to all of the above.
-Kevin
signature.asc
Description: This is a digitally signed message part.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ouble free or corruption
> (fasttop): 0x800fae98 ***
What part of Alan's message was unclear? 1.1.5 has a bug that has been beaten
to death on the users list. 1.1.6 doesn't. Use 1.1.6 or later, then try
your tests again.
Kevin Bonner
signature.asc
Description: This is a digitally signed message part.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Framed-Compression = Van-Jacobsen-TCP-IP
Since you're using such an old version of freeradius, you cannot use
Cleartext-Password here as it was available in 1.1.5 (I think) and later
versions. You can use User-Password, but you should upgrade to a newer
version.
Kevin Bonner
pgpwSTaV
are probably error
messages in the output which may assist you in resolving your problem.
Kevin Bonner
pgpuOvqj7Bku9.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ks fine, but the 'session' section never gets
> processed. Why?
>
> josh.
Because Simultaneous-Use is in the wrong place. Make it a check item and the
session section should be processed.
Kevin Bonner
pgpvI8CdFN5pf.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
validate the user.
>
> Is the 3com not sending User-Password attributes in the packets, or is
> something else wrong?
Run FreeRADIUS in debug mode (radiusd -X) to verify. We cannot guess what
your NAS/client is sending.
-Kevin
pgpzZ32ZnVcdH.pgp
Description: PGP signature
-
List i
If you meant that I have to restart radius whenever I need the statistics, I
will not do that. Is there a way that we can rotate radius.log then?
Dennis Skinner <[EMAIL PROTECTED]> wrote: Kevin J wrote:
> I am wondering if there is a tool or way to check the statistics in real
> ti
I am wondering if there is a tool or way to check the statistics in real time.
I need something that can tell me how many users got accepted and rejected so
far since Radius started.
-
Looking for a deal? Find great prices on flights and hotels with Yahoo
or Idle-Timeout is correct.
> - is this (255.255.255.254) really the IP address you want to give your
> user; client is unlikely to accept IP address above 224 subnet
The RFCs say that this IP tells the NAS to assign an IP from the dynamic pool.
-Kevin
pgpnDk4jIgQil.pgp
Description: PGP
On Friday 25 May 2007 04:11:24 Arran Cudbard-Bell wrote:
> Now which bloody wiki are you using, so I can look up the formatting
> rules :)
http://wiki.freeradius.org/Special:Version says MediaWiki: 1.8.2.
-Kevin
pgpd5qhwcXFFw.pgp
Description: PGP signature
-
List info/subscribe/unsub
les, you
must either restart the MySQL service or run "FLUSH PRIVILEGES".
Kevin Bonner
pgpVPKsiK9TTw.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Does anybody know if FreeRadius supports the MAC Authentication?
If so, how?
Thanks in advance,
Kevin
-
Building a website is a piece of cake.
Yahoo! Small Business gives you all the tools to get online.-
List info/subscribe/unsubscribe? See http
I saw some email threads about HUP.
Can we use kill -HUP pid in the latest version or is it still not stable?
Thanks,
Kevin
-
Ahhh...imagining that irresistible "new car" smell?
Check outnew cars at Yahoo! Autos.-
List info/subscribe/u
.com"
>
> And to huntgroups file
> test NAS-IP-Address == 255.255.255.255
>
> Without success. All logins are tested locally.
>
> Any clue?
> Thank you
Read what several others have posted to this thread. Proxy-To-Realm is a
_check_ item. Make Proxy-To-Realm a
On Thursday 19 April 2007 10:42:30 Jacob Jarick wrote:
> On the topic of password encryption.
> Kevin would you know how to encode a password for windows 2003 active
> directory server. I need a user with permission to do active directory
> searchs, it tries atm but fails because the
>
I almost ignored your message, as I don't parse HTML well. =)
On Wednesday 18 April 2007 18:06:28 Sebastian Firpo wrote:
> Thank you Kevin, but it didn't work now my entire users file is:
>
> sebas Crypt-Password := "(!lGOOlHaBWoQ"
>
iled to validate the user.
> Delaying request 0 for 1 seconds
>
> users file
>
> sebas Auth-Type := Local, Crypt-Password == "(!lGOOlHaBWoQ"
> Service-Type = Administrative-User,
> Cisco-AVPair = "shell:priv-lvl=15"
>
> Thanks very
On Monday 16 April 2007 07:52:43 Alan DeKok wrote:
> Kevin Bonner wrote:
> > Try http://bugs.freeradius.org/show_bug.cgi?id=150
> >
> > I doubt that patch will still apply cleanly due to the many recent
> > changes. I'll see if I can test the CVS head later to
eradius will uncover the actual problem.
-Kevin
pgpbzO8AwkkDp.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
fan Winter
I receive the same broken pipe error when the smuxpeer pass and smux_password
aren't the same, though there is probably a more complex cause. Are there
any non-standard characters in either config file?
Is Net-SNMP configured with ucd-snmp compatibility?
Kevin Bonner
pgpu99VoRvAtE.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Thursday 12 April 2007 10:32:18 Kevin Bonner wrote:
> On Thursday 12 April 2007 04:40:47 Milan Holub wrote:
> > Radius itself seems to react on radius packets; only snmp is ignored
> > after the snmp-write query. Completely same behaviour is observed when
> > doing reload
.
Try http://bugs.freeradius.org/show_bug.cgi?id=150
I doubt that patch will still apply cleanly due to the many recent changes.
I'll see if I can test the CVS head later today and submit a newer patch.
Kevin Bonner
pgpktEd5UzlPw.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
mall extension to listen sections
> to allow type snmp .
Arran,
http://wiki.freeradius.org/SNMP_HOWTO
That page should give some base info on setting up SNMP support.
Kevin Bonner
pgp4G1jfBRBqQ.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
alm if it is
defined. Since the hints file matched at line 36 here, I assume you actually
configured provider1.com instead of domain1.com in your hints file.
Is this assumption correct? If not, what is in your hints file at line 36?
Kevin Bonner
pgpAUsH7FbwDX.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan,
I noticed that more IPs I add to clients.conf and huntgroups, more steep
performance declines FreeRadius got. Guessing the linked-list. Have we
considered other data structures like hashing or btree?
-Kevin
at
should have some cisco-related info is the mailing list archives.
Kevin Bonner
[1] http://wiki.freeradius.org/Cisco
pgpE4JK3pnVC6.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
.
>
> Thinks!
I agree that verifying a session via telnet is not a scaleable solution.
Lucent probably has SNMP MIBS for the Redback, which should have a way to
confirm active sessions.
Kevin Bonner
pgpMuUVY0TsK7.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
e-User ==
> --
If this is correct, your request will not match unless you send this
particular Service-Type. Looking at the request above, I don't see this
attribute being sent in the access-request.
Kevin Bonner
pgpFB6Yq6
tat i can check throgh
> this feature
The RADIUS mibs are in the mibs/ directory of the freeradius release. You
should be able to monitor any of those values.
-Kevin
pgpdHQD20yMNo.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
re the public community has permission to
view that OID tree. I did test my local SNMP config and receive the same
results when I restrict the public community from accessing that OID.
Kevin Bonner
pgpgF2PbALtDG.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
xample of this is below. In each sql definition you can define the
different queries necessary to handle a particular realm. realm3 shows how
to allow multiple realms to use the same db/SQL queries, so you can easily
merge the databases over time and update the users file to reflect the db
Hi,
I just noticed a email thread
http://arcknowledge.com/gmane.comp.freeradius.devel/2006-11/msg00040.html
Any update on it?
Can we say FreeRadius is RFC 4590 compliant?
Kevin
Request packet from host 192.168.1.1:6001, id=91,
I've stripped out the non-relevant parts and shall repeat again. Did the
debug output show any errors when processing an _accounting_ packet?
-Kevin
pgp8Ba4ou7KZj.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See h
rver.
>
> Any comment is appreciated.
> Alex
Did you run in debug mode (-X)? If so, did the output show anything strange
when processing an accounting packet? Is the NAS configured to send
accounting records to the radius server?
-Kevin
pgpy71kZbTCgQ.pgp
Description: PGP
,
you should refer to the vendor documentation for your device.
Kevin Bonner
[1] http://wiki.freeradius.org/Disconnect_Messages
pgpR7RBkMIfgo.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
nks for any help,
> Onur.
Sounds like a permissions issue to me. Check the user/group that is
configured in radiusd.conf, then verify that the user can read the
certificates and config files.
Kevin Bonner
pgphLZ52A7c3r.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Tuesday 20 February 2007 03:10, Tomas Hoger wrote:
> > Freshly added to the Wiki FAQ as this has been covered countless times on
> > the users list.
>
> Kevin, it may be better to add a bit more info to wiki, since combining
> SysV and BSD flags of ps is usually not permitt
1 - 100 of 306 matches
Mail list logo
