# If you want the inner tunnel request to be proxied, delete
# the next few lines.
#
# update control {
# Proxy-To-Realm := LOCAL
# }
Thanks,
Robert
From: freeradius-users-bounces+robert.roll=utah@lists.freeradius.org
[
appreciated..
Thanks,
Robert
09:31:25.451223 IP WC.32769 > FR-2.10.radius: RADIUS, Access Request (1), id:
0x72 length: 229
09:31:25.452467 IP FR-2.10.radius > WC.32769: RADIUS, Access Challenge (11),
id: 0x72 length: 64
09:31:25.454469 IP WC.32769 > FR-2.10.radius: RADIUS, Access Reques
s it
comes back, I will run and capture the debug and see if I can see the
EAP-message AVP's ?
I will also post the debug
Thanks,
Robert
07:03:51.354527 IP FR-2.10.1814 > ISE-proxy.radius: RADIUS, Access Request (1),
id: 0xde length: 246
07:03:51.371848 IP ISE-proxy.radius > FR
at ISE-proxy is expecting 0xdf ?..
I'll admit I'm still pretty confused about much of the EAP, stuff.. but maybe
I'm missing
something simple in the config ? Any ideas would be greatly appreciated..
Thanks,
Robert
07:03:51.286831 IP WC.32769 > FR-2.10.radius: RADIUS, Access Request
On 28 Aug 2013, at 23:39, Andrej wrote:
> I would like f_ticks to write out a single line into syslog that
> contains the inner and outer
> identity of an authentication request, the station ID and MAC address.
>
> In case of a successful authentication or rejection I'd like to have
> the inner
. Setting the vlan for the
switch is no problem I do that already, I just need an accept. ;-)
I hope it's clear what I want/need. ;-)
Robert
-Ursprüngliche Nachricht-
Von: freeradius-users-bounces+robert.penz=tirol.gv...@lists.freeradius.org
[mailto:freeradius-users-bounces+robert
nge a Reject to Accept in Post-Auth .. at least that's what I
read. Can you show me what I should to? I don't need to change VLANs .. just
need an accept, the VLAN is already correct (set in authorize already as it's
the same as for MAC authentication)
Robert
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ificate unknown): [host/x/]
(from client port cli xxx)
Mon May 27 15:17:55 2013 : Info: Using Post-Auth-Type Reject
I hope someone can help me. Thx!
Mit freundlichen Grüßen
Robert Penz
--
Dipl.Inf.
@lists.freeradius.org
[mailto:freeradius-users-bounces+robert_chen=favite@lists.freeradius.org
] On Behalf Of Phil Mayers
Sent: Monday, May 20, 2013 5:51 PM
To: freeradius-users@lists.freeradius.org
Subject: Re: Does freeradius support EAP PEAP/TLS or EAP PEAP/EAP-TLS ?
On 20/05/13 09:02, Robert wrote
Hi
I use freeradius v2.1.10 in Debian Squeeze 6.0.1.
I want to know if freeradius supports the following methods :
l EAP PEAP/TLS
l EAP PEAP/EAP-TLS
?
The client I use is wpa_supplicant v0.6.9.
Regards,
Robert
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
On 8 Feb 2013, at 16:31, Phil Mayers wrote:
> Was it Aruba who we had all the issues with terminating PEAP/TTLS locally on
> the controller, then transforming the inner EAP-MSCHAPv2 to plain MSCHAPv2
> and mangling it? I seem to recall a flurry of posts to the list that were
> solved by turnin
...@lists.freeradius.org]
Im Auftrag von PENZ Robert
Gesendet: Dienstag, 11. Dezember 2012 16:30
An: FreeRadius users mailing list
Betreff: AW: AW: AW: EAP-TLS Failed in handler question
Hi!
Phil, Really BIG THANKS for your help! I'll talk to Extreme Networks.
Robert
-
List info/subs
Hi!
Phil, Really BIG THANKS for your help! I'll talk to Extreme Networks.
Robert
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
@PhilMayers: Did you get the Mail with the full logfile? do you need more?
Mit freundlichen Grüßen
Robert Penz
Dipl. Inf. Robert Penz
DVT-Daten-Verarbeitung-Tirol GmbH
Adamgasse 22, 6020 Innsbruck
Tel: +43 512 508 3334 / Fax: +43 512 508 3355
> > There is no other packet between this two and only 5 seconds, server has
> > not been restarted.
> Weird.
> But we need the *full* debug please!
some special option or the full log file? The second I send you in a private
mail.
Robert
-
List info/subscribe/uns
AP-response to an unknown EAP-request
[eap] Failed in handler
++[eap] returns invalid
There is no other packet between this two and only 5 seconds, server has not
been restarted.
Robert
-Ursprüngliche Nachricht-
Von: freeradius-users-bounces+robert.penz=tirol.gv...@lists
> > With first packet I meant first packet the radius server saw in some time
> > ... the switch forces a reauthentification every 2h
> A re-auth is a fresh EAP session. So even on a re-auth, the first packet
> would not have a "State" attribute, absent software bugs.
ok
> >> It *could* be that
re a way to request a new full eap/tls
handshake from the client?
> > Is this a client problem or a misconfiguration on my part?
> It's probably a client or NAS problem, unless you've set timer_expire
> too low.
> However: I guess this could also happen right after the server is
> restarted. Could that be it - is a cron job restarting it maybe?
no the server is running for > 10 days
but if I would restart the server I would reject all clients to the guest vlan
on reauthentication after that ... that can't be the designed way.
Robert
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[eap] Failed in handler
++[eap] returns invalid
Invalid means I return a reject ... should I return something else? Is this a
client problem or a misconfiguration on my part? Thx for your help!
Mit freundlichen Grüßen
Robert Penz
------
D
Hi!
We've found the problem und fixed it together with the Microsoft support and
here is the link to the Hotfix, if other FreeRadius users have the same
problem: http://support.microsoft.com/kb/2481614
Robert
-Ursprüngliche Nachricht-
Von: freeradius-users-bounces+robert
e and it works perfect with Aerohive?
Many thanks,
Robert
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
What do you mean by editing the passwd module?
As for the users lines, here is what is in that file (first line is
169 and the last one is 186):
DEFAULT Auth-Type == System
Fall-Through == 1
DEFAULT Service-Type == Framed-User
Framed-IP-Address == 255.255.255.254,
Framed-
I am running Freeradius 2.1.12 on a Centos box. I am able to
authenticate from the server command line, and from a Cisco ASR1k BRAS
via the command line. However, when I attempt to authenticate
customers from the DSL network, I get a reject, even though the
crypt'd passwords match! Here is a sample
> > The problem now is that in 1/3 of the clients boots (done over 40 times
> > with a tap devices running as sniffer) the Windows Client sends an
> >
> > response: Legacy Nak (Response only) [RFC3748] with the wish for PEAP.
> > After this the freeradius Server sends a reject ([eap] NAK asked for
uninstalled anti-virus, behavior detection software
In the 2/3 of the cases it works the Client does not send a NAK, so I believe
it is a client problem but it's Windows 7 ... there must be thousands of
installs with Windows 7 and 802.1x EAP/TLS. Would it help i
Yes, I do believe this is the bug in question.
I did find this yesterday and noticed that while
the problem may not happen 100% of the time,
There are reports of it still happening. Even as
late as version 3.5.10.. I am planning on
adding my incident to the list...
Thanks Much,
Robert
ly
remotely
located. This and other potential real time uses start to scare me a bit ??? I
know
that these devices should have some other backup capabilities for transmitting
the data, but..
Thanks,
Robert
Robert Roll
Computer Professional
University of Utah
(801) 581-7655
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
%{TLS-Client-Cert-Subject}" as I don't see a possible to get this variable in
the python module to do the compare there. Thx for your help.
Mit freundlichen Grüßen
Robert Penz
------
Dipl.Inf. Robert Penz
DVT - Daten-Verarbe
. How should I try to
solve this? Or is there an even better way without a comment variable to do
something like this?
Thx for your help.
Mit freundlichen Grüßen
Robert Penz
Dipl. Inf. Robert Penz
DVT-Daten-Verarbeitung-Tirol GmbH
Adamgas
eundlichen Grüßen
Robert Penz
-Ursprüngliche Nachricht-
Von: freeradius-users-bounces+robert.penz=tirol.gv...@lists.freeradius.org
[mailto:freeradius-users-bounces+robert.penz=tirol.gv...@lists.freeradius.org]
Im Auftrag von Matthew Newton
Gesendet: Donnerstag, 22. März 2012 15:48
An:
sql fails,
another server will take over
}
if (ok) {
update control {
Auth-Type := Accept
}
# 'handled' does not work here
ok = return
}
}
Mit freundlichen Grüßen
Robert Penz
---
Below is my pre-proxy paragraph.. Below that is some output..
It just continues to loop..
It looks like the the test is working..
I don't know if it is meaningful or not, but..
+++[control] returns noop
Does this mean it did NOT set the value local in Proxy-To-Realm ?
Thanks,
Robert
re would be a loop...
Thanks,
Robert
From: freeradius-users-bounces+robert.roll=utah@lists.freeradius.org
[freeradius-users-bounces+robert.roll=utah@lists.freeradius.org] On Behalf
Of Arran Cudbard-Bell [a.cudba...@freeradius.org]
Sent: Thursda
cancel the proxy.
What I really want to do is test some variables (unlang) and based
on the outcome, I want to actually handle the request locally
rather than proxy. Maybe this is obvious, but I am not seeing it ?
Thanks,
Robert
-
List info/subscribe/unsubscribe? See http://www.freeradiu
nnel-private-group-ID(#81)=noc
Currently, I use a GENERIC attribute for replyItem, so even though the
documentation seems to indicate an operator might be defined in lap.attrmap
for the particular replyitem, I don't think I want to do this ?
Thanks,
Robert
__
common to need
to define many of them ? Is there a way to get them all returned ?
Currently running 2.1.10 ..
Thanks,
Robert
i.e.
# Seem to be found in Directory ##3
[ldapADutVLANs] looking for reply items in directory...
[ldapADutVLANs] extracted attribute Airespace
p] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> CAD08862\ldapuser
attr_filter: Matched
The host name are not domain names, there are computers account name, and we
have hundreds of them . We only use the MS Domain to authenticate the
computers account, not the users.
-Message d'origine-
De :
freeradius-users-bounces+robert-mccready=cspi.qc...@lists.freeradiu
101c92
< copy.user-name
< remove-domain-name
< add-dollar-sign
< strip-realm-name
< ntdomain
---
> # ntdomain
151c142
< ldap
---
> # ldap
239,241c230,232
< Auth-Type LDAP {
< ldap
< }
---
> # Auth-Type LDAP {
> # ldap
> # }
29
http://www.cspi.qc.ca/sinfrmc/windowsxp.htm
Windows 7 debug: http://www.cspi.qc.ca/sinfrmc/windows7.htm
On 05/07/2011 07:50 PM, Robert Mc Cready wrote:
> The "MS-CHAP-Use-NTLM-Auth := no" did the job but I still have one
> problem with Windows XP clients, I get a " [mscha
Windows XP debug: http://www.cspi.qc.ca/sinfrmc/windowsxp.htm
Windows 7 debug: http://www.cspi.qc.ca/sinfrmc/windows7.htm
On 05/05/11 15:17, Robert Mc Cready wrote:
> We use Novell eDirectory and DSFW (Directory Services for Windows)
> which is kind of a Windows domain ins
It's working now.
Thanks for the help.
-Message d'origine-
De :
freeradius-users-bounces+robert-mccready=cspi.qc...@lists.freeradius.org
[mailto:freeradius-users-bounces+robert-mccready=cspi.qc.ca@lists.freeradius
.org] De la part de Phil Mayers
Envoyé : 5 mai 2011 11:03
À :
gured):
http://www.cspi.qc.ca/sinfrmc/ldap_only.htm
Working Windows computer account authentication:
http://www.cspi.qc.ca/sinfrmc/mschap_only.htm
User account getting rejected debug (with ntlm_auth configured):
http://www.cspi.qc.ca/sinfrmc/mschap_and_ldap.htm
Thanks,
R
That seemed to do the trick...
Thanks Much,
Robert
From: freeradius-users-bounces+robert.roll=utah@lists.freeradius.org
[freeradius-users-bounces+robert.roll=utah@lists.freeradius.org] On Behalf
Of James J J Hooper [jjj.hoo...@bristol.ac.uk
Message = 0x03090004
Message-Authenticator = 0x
User-Name = "tstRad9"
[peap] Tunneled authentication was successful.
Thanks,
Robert
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ent based on shortname
worked ?
Thanks,
Robert
From: freeradius-users-bounces+robert.roll=utah@lists.freeradius.org
[freeradius-users-bounces+robert.roll=utah@lists.freeradius.org] On Behalf
Of Robert Roll [robert.r...@utah.edu]
Sent: Tuesd
rtname}" == WCSmgmt ) -> FALSE
}
Yet in clients.conf:
client 155.97.142.192 {
secret = doesntmatter
shortname = WCSmgmt
}
The request does seem to be coming from the correct client ?
rad_recv: Access-Request packet from host 155.97.142.19
I'd like to test and see which particular client was responsible for a request.
I found two attributes Client-Shortname and FreeRADIUS-Client-Shortname, but
when I try and use this in unlang they do not seem to have values ? Any
suggestions...
Thanks,
Robert
-
List info/subs
idea of
sort of "subroutines" defined there...
Thanks Much,
Robert
From: freeradius-users-bounces+robert.roll=utah@lists.freeradius.org
[freeradius-users-bounces+robert.roll=utah@lists.freeradius.org] On Behalf
Of Phil May
on their realm.
>--
>Fajar
Yes, I do agree... As I said earlier, some of what I am doing is just to
try and experiment and see what is possible. I'm actually quite impressed
with Freeradius and right now, we are still a ways from what I would consider
any kind of final configuration..
r radiusReplyItem to return the correct VLAN...
Note that in the above the Realm is quite useful, but there is NO need to
actually do proxy, so really no "REAL" need to get into the proxy.conf ?
Thanks,
Robert
From: freeradius-users-bounces
So, I thought that if
I really wanted
ALL usernames "stripped" into their component parts, I would just change the
example.com realm
in the proxy.conf file to be "DEFAULT" ? This then seemed to send the request
into some sort of
endless loop ?
Thanks,
Robert
ent-mac addresses we
encountered over about a 3 month period. That came to 28,874.
Doing a test with balancing off of the client-mac addresses, the hash
seems to create nearly equal "buckets". My test was with 4 backend
servers behind a load bala
Thanks,
I put the update Load-Balance-Key right at the top of the authorize section in
the ../sites-enabled/default...
that seems to be working pretty well...
I'll look more at the client-port-balance ...
thanks,
Robert
From: freeradius-
;m honestly not sure where to put the update
of the
Load-Balance-Key.. Does it go in the proxy.conf ?
Thanks,
Robert
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
queries in any case...
Thanks,
Robert
From: freeradius-users-bounces+robert.roll=utah@lists.freeradius.org
[freeradius-users-bounces+robert.roll=utah@lists.freeradius.org] On Behalf
Of Phil Mayers [p.may...@imperial.ac.uk]
Sent: Wednesday, March 23
look someone up in the
directory in the user tree, but also then require they be in a
particular group. The group would actually have a specific
replyItem attribute that would return a VLAN if the user
was part of the group...
There are other ways of accomplishing this
Thanks,
Robert
ant to test for Ldap_Group, I want to be able to actually
set it so it is used within the ldap module ?
Thanks,
Robert
From .../share/doc/freeradius/rlm_ldap
GROUP SUPPORT: The module sup
=UofURadius,dc=ad,dc=utah,dc=edu"
}
ldapADut {
notfound = reject
}
Looking at the debug, it seems that there is no attempt to actually do any
group checking ?
What am I doing wrong ?
Thanks,
Robert
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ldap2 (
notfound = reject
}
}
is this the correct way to do this ?
Thanks,
Robert
From: freeradius-users-bounces+robert.roll=utah@lists.freeradius.org
[freeradius-users-bounces+robert.roll=utah@lists.freeradius.org]
actually a PEAP/MSCHAPV2... Therefore,
the ldap modules are ONLY used for authorization...
Is there somewhere that discusses the various options on how to control the
behaviour
when multiple authorization modules are involved ?
Thanks,
Robert
Robert Roll
Computer Professiona
University of Utah
Sorry,
I thought I was emailing the squid lists.
Rob
-Original Message-
From: freeradius-users-bounces+robert=saq.co...@lists.freeradius.org
[mailto:freeradius-users-bounces+robert=saq.co...@lists.freeradius.org]
On Behalf Of Alan DeKok
Sent: 18 February 2011 11:43
To: FreeRadius
helper twice pointing
to two different config files?
TIA
Rob
-Original Message-
From: freeradius-users-bounces+robert=saq.co...@lists.freeradius.org
[mailto:freeradius-users-bounces+robert=saq.co...@lists.freeradius.org]
On Behalf Of Alan DeKok
Sent: 17 February 2011 14:39
To: FreeRadius
again,
Rob
-Original Message-
From: freeradius-users-bounces+robert=saq.co...@lists.freeradius.org
[mailto:freeradius-users-bounces+robert=saq.co...@lists.freeradius.org]
On Behalf Of Alan DeKok
Sent: 17 February 2011 14:39
To: FreeRadius users mailing list
Subject: Re: Corrupted Secret
I was wondering if anyone knew of a fix for the corrupted secret issue
with squid_radius_auth under 64bit OS?
I have the exact same issue as the user in the link below but am using
Radiator (Works fine with other Radius clients):
http://freeradius.1045715.n5.nabble.com/Issues-with-squid-radius
p] performing search in ou=,dc=,dc=XXX, with filter
(&(sAMAccountName=lab$))
[ldap] object not found
Is it possible to remove the "$" from the sAMAccountName in the LDAP
module without breaking the User Authentication?
Thanks
Robert Graham
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
be facing a Samba bug. After upddating to the
latest release 3.5.6 and adding winbind:forcesamlogon to the smb.conf file
it started working.
Now I am off to adding LDAP for group membership and configure for dynamic
vlans and acls.
-Robert
--
View this message in context:
http://freeradius
/cert.jpg
Are you referring to the Debugging it yourself section? I am in the process
of installing screen and going through those steps.
Thanks
-Robert
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/FW-Problem-with-PEAP-MS-ChapV2-against-AD-tp3340563p3340698.html
Sent
Thanks for everyone's help on this. We got it to work, now using eap-peap. We
truly believe it was using mschapv2 before, but cannot prove that to ourselves.
Everytime something changes we learn much more than we knew before, so I guess
that's a good thing.
thanks again.
rober
thanks, I'll try that.
robert
Robert Koskey,
Systems and Network Manager
Rocky View Schools
Telephone: 403-945-4080
Cell: 403-988-4640
>>> Gary Gatten 12/10/2010 7:59 AM >>>
Look in the configure script, or maybe try ./configure --help. Else the
config options are
Not too sure. We've looked thru all the conf's. Where would I look?
robert
Robert Koskey,
Systems and Network Manager
Rocky View Schools
Telephone: 403-945-4080
Cell: 403-988-4640
>>> Gary Gatten 12/10/2010 7:37 AM >>>
It’s a configure flag no?
From:free
lease shed some light.
thanks,
Robert Koskey,
Systems and Network Manager
Rocky View Schools
Telephone: 403-945-4080
Cell: 403-988-4640
>>> Peter Lambrechtsen 12/9/2010 3:48 PM >>>
You may need to comment out the logintime and pap sections, since this isn't a
pap a
I actually just edited the files without copying. But thanks. We are
trying to hold onto Novell as long as we can.
robert
Robert Koskey,
Systems and Network Manager
Rocky View Schools
Telephone: 403-945-4080
Cell: 403-988-4640
>>> Gary Gatten 12/9/2010 3:46 PM >>>
nd Post-Auth-Type Reject
+- entering group REJECT
expand: %{User-Name} -> jordanhkaltenbruner
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Sending Access-Reject of id 218 to 10.215.10.100 port 34806
Finished request 0.
Robert Koskey,
Systems and Network Manager
Rock
Sent: Wednesday, 8 December 2010 11:20 AM
To: FreeRadius users mailing list
Subject: Re: Oracle OID and FreeRadius
On Wed, Dec 8, 2010 at 9:50 AM, Robert Masters
wrote:
> An alternate path would be to convince FreeRadius to obtain the
> user-supplied password via EAP-GTC *before* connectin
Okay, so we've got the whole ancient version thing sorted out, and we
now have things working - sort of.
To recap: We've been working on using Freeradius on RHEL5.4 to link a
Motorola RFS6000 with Oracle OID.
We now have the following situation - and fair warning this is something
of an edge-case
010 11:41, Robert White wrote:
> I want to log all replies from Radius to my NAS so I edited my
> sites-enabled file and uncommented 'reply_log'. I then went to
> modules/detail and added:
>
> detail reply_log {
> detailfile = ${radacctdir}/%{C
I want to log all replies from Radius to my NAS so I edited my sites-enabled
file and uncommented 'reply_log'. I then went to modules/detail and added:
detail reply_log {
detailfile = ${radacctdir}/%{Client-IP-Address}/reply-detail-%Y%m%d
detailperm = 0600
}
Now if i go to my l
: FreeRadius users mailing list
Cc: Alexander Clouter
Subject: Re: eap-gtc error in authentication
On 11/24/2010 03:51 AM, Alexander Clouter wrote:
> Hi,
>
> Robert Masters wrote:
>>
>> We've been working on using Freeradius on RHEL5.4 to link a Motorola
>> RFS6000 wi
We've been working on using Freeradius on RHEL5.4 to link a Motorola
RFS6000 with Oracle OID.
We've had a number of hiccoughs along the way, and solved most of them -
mainly thanks to the archives of this list.
We are now getting the following error:
"rlm_eap_gtc: ERROR: Clear-test User-Password
always upper case as
it would not work with the switches which send the mac lower case. I hope this
makes sense.
Mit freundlichen Grüßen
Robert Penz
-Ursprüngliche Nachricht-
Von: freeradius-users-bounces+robert.penz=tirol.gv...@lists.freeradius.org
[mailto:freeradius-users-bounces
enticate the user.
Hope someone can help me. Thx!
Mit freundlichen Grüßen
Robert Penz
----
Dipl. Inf. Robert Penz
DVT-Daten-Verarbeitung-Tirol GmbH
Adamgasse 22, 6020 Innsbruck
Tel: +43 512 508 3334 / Fax: +43 512 508 3355
eMail: robert.p...@ti
Hi!
Ah, did not know about the default extreme config. I just went along the
official Howto from Extreme Networks and it stated that I need to put the lines
into the dictionary... Thx for the Info ;-)
Mit freundlichen Grüßen
Robert Penz
-Ursprüngliche Nachricht-
Von: freeradius
abled 1
which seems ok for me but the freeradius thinks otherwise as I get
including dictionary file /etc/raddb/dictionary
Errors reading dictionary: dict_init: /etc/raddb/dictionary[37]: unknown option
"Extreme"
Does anyone know the problem with my config? thx!
Mit freundliche
tch) if he cannot reach its mysql db
(on the same machine). Currently I get a reject reply for the authentication
request. How can I configure that?
Thx!
Mit freundlichen Grüßen
Robert Penz
Dipl. Inf. Robert Penz
DVT-Daten-Verarbeitung-
Our AD team recently upgraded their servers from Windows 2003 to 2008 and broke
the Samba 3.0.34 installation we had been using for ntlm_auth. We couldn't get
this version of Samba to join the upgraded servers, so we were forced to look
into patching Samba 3.5.4 (latest) to fix the issue where
On 21 Jun 2010, at 19:53, John Dennis wrote:
> A (FreeRADIUS) virtual server does not have a different IP address nor would
> it have different subject names nor subject alt names.
>
> I'm not getting the feeling you understand how PKI works, it might be
> worthwhile to read up on it.
When tes
of the switches so far as it is a running "public
tendering procedure" (hope that's the correct English term for it) where I was
not able to require it as MUST feature, but I need to make the planning for
migration and implementation of dynamic VLANs now. ;-(
Robert
-
List info/s
is encoded as a string.
So what is the recommended solution if I can use only the numerical IDs. Thx
for your help!
Mit freundlichen Grüßen
Robert Penz
Dipl. Inf. Robert Penz
DVT-Daten-Verarbeitung-Tirol GmbH
Adamgasse 22, 6020 Innsbruck
Tel: +
Freeradius-dialupadmin Check Server page only shows:
(test user dummy)
Does this indicate that it isn't working correctly?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
i get this message from the bad users page:
Database query failed: Unknown column 'incidentdate' in 'where clause'
Is this something that is critical or concerning?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
in turn help others along.
I would like to thank the two Alans for your fine work.
Please contact me if there are any additional matters that you think
might be useful in increasing the knowledge base.
Kind Regards,
Robert Wilkinson
ps I still have a few issues with sql but I am certainly going
On Wed, 2010-05-26 at 19:58 +0100, Alan Buxey wrote:
> hi,
>
> your output doesnt show SQL being loaded up as the daemon startsits very
> obvious when it does use SQL as there'll be a lot of SQL stuff shown in the
> startup
> eg sockets connecting to the SQL etc.
>
Just realised that the s
Hello.
After lots of reading and time testing I have been unable to get sql to
authenticate with using radtest. Am I having issues with the the DB
setup? I am having no problems with the "users" file. But there seems to
be nothing to pursue with the SQL issues. I am almost moved to tears..
and tear
issions. I dont know what was responsible for that.
Such is life. Thank you for your support.
On 05/25/2010 02:51 AM, James J J Hooper wrote:
On 25/05/2010 06:30, Robert Wilkinson wrote:
I feel defeated. I was able to get an access-accept result. During my
attempt to use MySQL it appears that
reject for request 1
Sending Access-Reject of id 126 to 127.0.0.1 port 54343
Waking up in 4.9 seconds.
Cleaning up request 1 ID 126 with timestamp +1574
Ready to process requests.
I have spent 2 days on this with little reward. Please help.
Thank you.
Robert Wilkinson
--
Chief Geek
Open Technology Group Bermuda
Please visit www.otgb.net.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 18 March 2010 19:07, Alan DeKok wrote:
> Robert Gabriel wrote:
>> Hello all,
>>
>> Our network had some change somewhere and now all MySQL insert queries
>> are failing
>> with the last field been truncated and the character count is always
>> 4097
Hello all,
Our network had some change somewhere and now all MySQL insert queries
are failing
with the last field been truncated and the character count is always
4097 from the CDRs
been sent by our NAS (Acme Packet SBC).
Having looked at the source we see:
src/modules/rlm_sql/conf.h
src/modules
ck?
Thanks,
Rob
2009/11/18 Alan DeKok
> Robert White wrote:
> > No problem!
> >
> > Anyone else have any thoughts?
>
> $ man unlang
>
> See the section on VARIABLES
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.fr
...@lists.freeradius.org[mailto:
> freeradius-users-bounces+andrew =
> gpk.net...@lists.freeradius.org] *On Behalf Of *Robert White
> *Sent:* Tuesday, 17 November 2009 6:33 PM
>
> *To:* FreeRadius users mailing list
> *Subject:* Re: Accessing a second AV Pair
>
>
>
> My
1 - 100 of 300 matches
Mail list logo
