Hi, It is not default virtual server). Following error occurs, when user
attempt to login with invalid password, otherwise not. is it normal? or
should be troubleshooted.
Info: WARNING: Unknown value specified for Post-Auth-Type. Cannot
perform requested action
My postauth section
post-auth
Hi,
I think Phil's diagnosis is correct; 'Auth-Type := Reject' requires the ':='
operator to reject a CHAP authentication.
Unfortunately, it's not always easy to place a live production system in
debug mode, hence the initial is this something stupid question :)
yes it is. use the control
I think Phil's diagnosis is correct; 'Auth-Type := Reject' requires the ':='
operator to reject a CHAP authentication.
Unfortunately, it's not always easy to place a live production system in
debug mode, hence the initial is this something stupid question :)
(And apologies for the lack
On 24/05/13 17:19, Alan Buxey wrote:
The only difference I can see is that the first example uses a
plain-text password, and the RADIUS on the LNS is using CHAP?
The backend database has = in the 'op' field (and not :=), so the
returned attribute is Auth-Type = Reject and not Auth-Type
the config files):
sites-available/default:
authorize {
ldap
preprocess
chap
mschap
digest
suffix
eap {
ok = return
}
expiration
logintime
pap
}
authenticate {
Auth-Type PAP {
pap
}
Auth-Type CHAP {
chap
}
Auth
On 18 Apr 2013, at 11:43, Alberto Aldrigo aaldr...@ca-tron.com wrote:
rad_recv: Access-Request packet from host 10.1.98.52 port 45105, id=139,
length=77
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = user
Calling-Station-Id = 10.1.0.136
NAS-IP-Address =
What you are doing is actually okay (its one of those exceptions where
auth-type needs to be present as the server has no idea to use krb5). I wonder
if your server has been built with kerberos support?
alan
--
This smartphone uses free WiFi around the world with eduroam, now that's what I
From http://wiki.freeradius.org/modules/Rlm_krb5:
Make sure the keytab is readable by the user that is used to run
radiusd...
On 27.03.2013 7:09, Jaap Winius wrote:
rlm_krb5: verify_krb_v5_tgt: host key not found : Permission denied
-
List info/subscribe/unsubscribe? See
up if I leave 'DEFAULT Auth-Type = krb5'
enabled in the users file.
That's interesting, but without a copy of the debug output from
radiusd -X, nobody will know where to start.
You could also put the following in your inner-tunnel, rather than
the line in your users file, which is probably
Quoting Alan Buxey a.l.m.bu...@lboro.ac.uk:
... I wonder if your server has been built with kerberos support?
Indeed it has. The machine in question not only runs Freeradius, but
also the Kerberos KDC, kadmin server and Kerberos client software.
That all works, and it still works with
works, and it still works with Freeradius as long as I use 2.1.10
instead of 2.1.12.
That's not what Alan meant.
Perhaps the FreeRADIUS rlm_krb5 didn't build properly?
Anyway - rlm_krb5 doesn't register krb5 or any other value as a valid
Auth-Type.
You need:
authenticate {
Auth-Type krb5
Quoting Iliya Peregoudov iperegu...@cboss.ru:
From http://wiki.freeradius.org/modules/Rlm_krb5:
Make sure the keytab is readable by the user that is used to run radiusd...
On 27.03.2013 7:09, Jaap Winius wrote:
rlm_krb5: verify_krb_v5_tgt: host key not found : Permission denied
You're
. But, if you think it would make a difference, I'll be sure to
include all of it next time.
You could also put the following in your inner-tunnel, rather than
the line in your users file, which is probably the tidier way:
update control {
Auth-Type := krb5
}
That's it -- it works!! I no longer
-tunnel, rather than
the line in your users file, which is probably the tidier way:
update control {
Auth-Type := krb5
}
That's it -- it works!!
Cool.
I no longer have DEFAULT Auth-Type = krb5
Possibly using
DEFAULT Auth-Type := krb5
may have fixed it, too. Auth-Type might have been
releasea have a known security issue.
As to the Auth-Type, it is likely a misconfiguraton that either
accidentally worked in older versions of the server and doesn't any
more, or broke when you upgraded and the package overwrote something.
I see from the (limited) debug output you've given
see from the (limited) debug output you've given that you're
forcing Auth-Type in a users file. This is usually a mistake, and
can cause confusing errors.
If I leave it out, 2.1.10 doesn't work for me.
What follows is a description of how I modified my Freeradius server's
default
Hi folks,
Recently my server received an in-place upgrade from Debian squeeze to
wheezy (still testing). Along with that, freeradius was upgraded from
version 2.1.10 to 2.1.12, but as a result it no longer works.
The problem is that I use DEFAULT Auth-Type = krb5 in /etc/freeradius/
users
Hello All,
Another lame ass question.
Is it possible to proxy requests based on Auth-Type?
I now have a config which terminates PEAP locally and proxies through the
inner-tunnel to an NPS using MSCHAP.
This was my original goal.
However, when I do a radtest to check what happens to an mschap
Bertalan Voros wrote:
Is it possible to proxy requests based on Auth-Type?
Yes, but you don't want to do that.
If I uncomment suffix in sites-enabled/default then it's reversed,
mschap gets proxied but PEAP requests doesn't get sent through the inner
tunnel.
You need to *conditionally
Thanks Alan,
It did fix the problem perfectly.
On 1 February 2013 14:33, Alan DeKok al...@deployingradius.com wrote:
Bertalan Voros wrote:
Is it possible to proxy requests based on Auth-Type?
Yes, but you don't want to do that.
If I uncomment suffix in sites-enabled/default then it's
Hi,
1. The Authentication issue was solved when by accident I placed in
users the name / password without any whitespace (tab or space)
before the password string. So I found that this works:
bob Cleartext-Password := hello888
while this does not:
bob Cleartext-Password :=
Just writing to advise of the strange issues I came accross.
1. The Authentication issue was solved when by accident I placed in
users the name / password without any whitespace (tab or space)
before the password string. So I found that this works:
bob Cleartext-Password := hello888
while
Beeblebrox wrote:
Just writing to advise of the strange issues I came accross.
1. The Authentication issue was solved when by accident I placed in
users the name / password without any whitespace (tab or space)
before the password string. So I found that this works:
bob
Update: I tried connection from an XP laptop and got the message:
Windows was unable to find a certificate to log you on to the network
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Update: I tried connection from an XP laptop and got the message:
Windows was unable to find a certificate to log you on to the network
Windows is telling you that its needing a certificate or doesnt know
the certificate. have you installed the CA certificate that your RADIUS
server is
Beeblebrox wrote:
Update: I tried connection from an XP laptop and got the message:
Windows was unable to find a certificate to log you on to the network
You need to follow the documentation or you will be unsubscribed, and
banned from the list. 10+ years of experience shows us that this is
Dear Alan,
First off, thanks again for your help. I fully appreciate that you are
giving of your time to answer posts, when you really have no obligation
to do so. I know you are one of the developers or project leader since
your name keeps coming up on almost every web page that posts something
Beeblebrox wrote:
First off, thanks again for your help. I fully appreciate that you are
giving of your time to answer posts, when you really have no obligation
to do so. I know you are one of the developers or project leader since
your name keeps coming up on almost every web page that posts
...and then you did comment . And added more. It's open source and the
documentation and Wikipedia is there for everyone.e to contribute. Don't like
it? Feel free to show the world how you think it should look, or add the
missing bits you have discovered.
Unfortunately , what we get is
, not doing EAP
: Info: ++[eap] returns noop
: Info: ++[files] returns noop
: Info: [pap] WARNING! No known good password found for the user.
Authentication may fail because of this.
: Info: ++[pap] returns noop
: Info: ERROR: No authenticate method (Auth-Type) found for the request:
Rejecting the user
: Info: [pap] WARNING! No known good password found for the user.
Authentication may fail because of this.
: Info: ++[pap] returns noop
: Info: ERROR: No authenticate method (Auth-Type) found for the request:
Rejecting the user
: Info: Failed to authenticate the user.
The whole point
Hi Alan and thank you so much for answering
Keeping in mind that the system in question is an OpenWRT (hence
minimal install):
The directory raddb/certs has a README
The directory is /etc/freeradius2/certs (?) and has no README, also no
man pages so as to save on space.
Anyway , I read the file
Beeblebrox wrote:
Keeping in mind that the system in question is an OpenWRT (hence
minimal install):
The web site contains documentation. As does the wiki. The
distribution tar file contains documentation.
You're not stuck with just a minimal install on a constrained box.
But this is
: Info: ++[eap] returns ok
Thu Jan 17 21:58:15 2013 : Info: Found Auth-Type = EAP
Thu Jan 17 21:58:15 2013 : Info: # Executing group from file
/etc/freeradius2/sites/default
Thu Jan 17 21:58:15 2013 : Info: +- entering group authenticate {...}
Thu Jan 17 21:58:15 2013 : Info: [eap] Request found
You've trimmed the debug, but based on what you did give, the client
isn't sending pap - it is sending chap.
The client chooses the auth method - you can't force it at the server
I'm using radtest, doesn't work with -t pap either.
Will recheck conf.
thanks
--
Lorenzo Milesi -
I'm having a problem with FR2.1.10 and MD5 Passwords with MySQL.
When I try to enable PAP I get the following:
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
[chap] Setting 'Auth-Type := CHAP'
++[chap
try to enable PAP I get the following:
# Executing section authorize from file
/etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
[chap] Setting 'Auth-Type := CHAP'
--
Sent from my mobile device, please excuse brevity and typos.
-
List info/subscribe
Lorenzo Milesi wrote:
I'm having a problem with FR2.1.10 and MD5 Passwords with MySQL.
Which won't work with CHAP.
[pap] Normalizing MD5-Password from hex encoding
[pap] WARNING: Auth-Type already set. Not setting to PAP
++[pap] returns noop
...
What's wrong? :(
Nothing. You're
Hi,
I have just untarred the 2.2.0 tarball, and added just one line the users
file: gokul Cleartext-Password:=abcde
at the top of the file...or at the bottom? If you add it to the bottom then
other
things in the file will prevent that user from being seen/used - add your test
On 11/10/2012 03:54 AM, Shravan S G wrote:
Hi all,
I am trying to configure FreeRadius 2.2.0. I am trying to test with the
radtest utility. However, when I run radtest, on my radiusd server, I
get the following error - ERROR: No authenticate method (Auth-Type)
found for the request: Rejecting
:
Hi all,
I am trying to configure FreeRadius 2.2.0. I am trying to test with the
radtest utility. However, when I run radtest, on my radiusd server, I
get the following error - ERROR: No authenticate method (Auth-Type)
found for the request: Rejecting the user. I know this is some issue
Hi all,
I am trying to configure FreeRadius 2.2.0. I am trying to test with the
radtest utility. However, when I run radtest, on my radiusd server, I get
the following error - ERROR: No authenticate method (Auth-Type) found for
the request: Rejecting the user. I know this is some issue
Il 21/09/2012 12:34, Fajar A. Nugraha ha scritto:
Sorry for being so late...
What does your full debug looks like?
Just edited passwords and trimmed clients...
FreeRADIUS Version 2.1.10, for host x86_64-pc-linux-gnu, built on Nov 24
2011 at 07:53:12
Copyright (C) 1999-2009 The FreeRADIUS
On Mon, Sep 24, 2012 at 2:09 PM, NdK ndk.cla...@gmail.com wrote:
Is it possible you DON'T have
pap in authorize section?
Nope. It's there:
authorize {
unibo_map_realms
preprocess
auth_log
chap
mschap
digest
suffix
eap {
Il 24/09/2012 09:40, Fajar A. Nugraha ha scritto:
Is this sites-available/default? Or inner-tunnel?
sites-available/default .
Your log for inner tunnel only shows this:
server inner-tunnel { # from file /etc/freeradius/sites-enabled/inner-tunnel
modules {
Module: Checking authenticate
that server... I just told him
that Auth-Type should not be manually set, so I'm now in charge of
fixing the config :(
I think I'll have to setup another machine and start from scratch, so to
minimize impact (it's a lone production server! glip!).
Once the new server is up running, I'll reformat
On 09/24/2012 08:09 AM, NdK wrote:
Ready to process requests.
That's not a full debug. There are no packets here.
Gather a full debug. *Read* it, and the answer will be in there. If you
can't spot it, then post it.
-
List info/subscribe/unsubscribe? See
version. Then add a test user, and do a simple test with radtest.
It will work without setting auth-type.
Once you get that working, start comparing it with current setup to
see what went wrong.
One way to do that is start with the working test configuration above,
then making incremental minimal
-Password = my-cleartext-password
NAS-IP-Address = 130.136.152.6
NAS-Identifier = openvpn
NAS-Port = 8302
NAS-Port-Type = Virtual
Service-Type = Authenticate-Only
But if I don't add (in users file) a line like:
DEFAULT NAS-Identifier == openvpn, Auth-Type
(in users file) a line like:
DEFAULT NAS-Identifier == openvpn, Auth-Type := PAP
FR complains:
ERROR: No authenticate method (Auth-Type) found for the request:
Rejecting the user
IIUC, Auth-Type should never be set manually, so I'm quite sure I'm
missing something...
Could you please point
NdK wrote:
We just added pam_radius to our vpn host, to authenticate vpn users
throught our (working) RADIUS server.
IIUC pam_radius is sending a PAP message:
...
But if I don't add (in users file) a line like:
DEFAULT NAS-Identifier == openvpn, Auth-Type := PAP
FR complains:
ERROR
2012 19:00'
++[expiration] returns ok
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password ?�?�??s?�B??xڧ4
[pap] Using clear text password 2i
[pap
opensou...@tigusoft.pl wrote:
On Wednesday 05 September 2012 05:16:07 Fajar A. Nugraha wrote:
Thanks, ok so here is the full log:
Which you need to read.
You also need to read Fajar's previous response.
Login incorrect (rlm_pap: CLEAR TEXT password check failed):
On 05/09/12 14:01, opensou...@tigusoft.pl wrote:
Login incorrect (rlm_pap: CLEAR TEXT password check failed):
[ddjz/\222�?�?\207s\231\264B\030\006xڧ4] (from client localhost port 1 cli
00-16-E6-35-FB-04) LOGIN ERROR
WARNING: Unprintable characters in the password. Double-check the
ok
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password ?�?�??s?�B??xڧ4
[pap] Using clear text password 2i
[pap] Passwords don't match
++[pap] returns
!
Most likely that's the problem.
If you DON'T cut the debug log, you'll be able to see what FR thinks
the shared secret should be, and you can double-check it in your NAS.
Often user edit the wrong file, thinking they've set the correct
shared secret, when in fact they haven't.
Why Auth-Type
Hello!
I'm having problems configuring freeradius with smsmotp. I did every step
according to the materials found here:
http://wiki.freeradius.org/Rlm_smsotp
The problem is that freeradius doesn't start up succesfully. According to
the logs, it can't find the smsotp Auth-type.
My default site
to the
logs, it can't find the smsotp Auth-type.
Try with 3.0 - It seems to do some magic that adds the additional values
automagically. Or you can add the additional values in the freeradius.internal
dictionary.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thank you, Arran!
For future readers: appending the following line to /etc/raddb/dictionary
solved the problem:
VALUE Auth-Type smsotp 3034
Regards,
Feri
On Wed, Jul 18, 2012 at 3:35 PM, Arran Cudbard-Bell
a.cudba...@freeradius.org wrote:
On 18 Jul 2012
On Tue, Jun 12, 2012 at 03:21:22PM -0700, Michael Gorven wrote:
On 12/06/2012 14:08 PDT, Alan DeKok wrote:
Note that everything BUT the Reply-Message belongs on the first line
with the DEFAULT. The Reply-Message belongs on the second line.
*sigh*, moving the Auth-Type :- Reject
was this:
DEFAULT Ldap-Group == employees
DEFAULT Auth-Type := Reject
But this immediately rejects the Access-Request in the outer tunnel,
because the anonymous user is not in the employees group. I then
modified it to this so that it only matches inner tunnel requests:
DEFAULT Ldap-Group == employees
DEFAULT
combinations, and
rejects everything else. The problem I'm having is with the default
reject, not the SSID/group matching.
My first attempt was this:
DEFAULT Ldap-Group == employees
This says match the LDAP group employees.
Note it *doesn't* say do anything else.
DEFAULT Auth-Type
On 12/06/2012 14:08 PDT, Alan DeKok wrote:
Note that everything BUT the Reply-Message belongs on the first line
with the DEFAULT. The Reply-Message belongs on the second line.
*sigh*, moving the Auth-Type :- Reject to the first line fixed this. I
thought that Auth-Type was a reply item
:
Auth-Type LDAP {
redundant-load-balance {
ldap1
ldap2
ldap3
}
if(fail) {
pap
}
}
So I set the network interfaces of my ldap
fail).
Why would you do this?
If SQL contains the users, just auth to SQL, surely?
If you can explain your use-case, people might be able to make better
suggestions.
For authentication I configured:
Auth-Type LDAP {
redundant-load-balance {
ldap1
ldap2
ldap3
}
if(fail) {
pap
}
}
So I set
and the first radius-request
is answered in time.
After that I changed my configuration to this:
Auth-Type LDAP {
redundant {
redundant-load-balance {
ldap1
ldap2
ldap3
Tobias Hachmer wrote:
Simply as a fallback, in case there is a maintanance on the network
where the ldap servers are conected to. In this case we need to log on
to our switches though.
Hi, I want my network to keep working when I take my network down.
That doesn't really make sense.
On 18/04/12 13:16, Tobias Hachmer wrote:
Ok, I configure the same users, these are about 10-15 users, which
are stored in Active Directory, in the sql database. The sql database
schould be used for authentication only if the ldap servers are not
available.
So the SQL server contains an
Am 18.04.2012 14:32, schrieb Alan DeKok:
Tobias Hachmer wrote:
Simply as a fallback, in case there is a maintanance on the network
where the ldap servers are conected to. In this case we need to log
on
to our switches though.
Hi, I want my network to keep working when I take my network
Am 18.04.2012 14:36, schrieb Phil Mayers:
On 18/04/12 13:16, Tobias Hachmer wrote:
Ok, I configure the same users, these are about 10-15 users, which
are stored in Active Directory, in the sql database. The sql
database
schould be used for authentication only if the ldap servers are not
ldap.atrmap.
I should point out that I had been using:
DEFAULT Auth-Type = Ldap
In the users file as well on the two older servers, despite docs that say
that
it
is almost always wrong, but it was the only way we got it working.
If you have the attribute, and the hash
On 12/03/12 15:44, u...@3.am wrote:
DEFAULT Group == FOO, Pool-Name :=FOO_pool
Group is probably empty. I can't remember what module, if any, fills
it out.
What do you *think* Group will contain? It won't contain LDAP groups.
-
List info/subscribe/unsubscribe? See
On 12/03/12 15:44, u...@3.am wrote:
DEFAULT Group == FOO, Pool-Name :=FOO_pool
Group is probably empty. I can't remember what module, if any, fills
it out.
What do you *think* Group will contain? It won't contain LDAP groups.
I was about to post about this..I just did a test with
Hi,
DEFAULT Group == FOO, Pool-Name :=FOO_pool
Group is probably empty. I can't remember what module, if any, fills
it out.
# The Group and Group-Name attributes are automatically created by
# the Unix module, and do checking against /etc/group automatically.
# This means that
Auth-type=PAM) that way with no luck...but
that
was a while ago.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 12/03/12 18:23, u...@3.am wrote:
...and you just hit on something that solved the problem. It seems that FR was
getting the group info from LDAP indirectly, through the PAM module, which was
Actually, probably not.
It probably gets the groups via nss_ldap, through nssswitch.
-
List
On Sat, Mar 10, 2012 at 10:47 AM, u...@3.am wrote:
Both hashes are supported, thanks for the link. I assume I need to define
something to map to, as well? Like this:
raddb/dictionary: ATTRIBUTE userPassword 3004 string
err... no.
raddb/ldap.attrmap: checkItem
/raddb/radiusd.conf
modules {
Module: Creating Post-Auth-Type = REJECT
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating module pap from file /usr/etc/raddb/radiusd.conf
pap {
encryption_scheme = auto
auto_header
u...@3.am wrote:
Trying to set up a new RADIUS 2.1.12 server with LDAP. It configured and
built
all the modules I need, including rlm_ldap, once I installed the
dependencies. I
took all of the same config files that I have working on servers running
2.1.9 and
2.1.10, but 2.1.12
{
preprocess
redundant LDAP{
ldap1
ldap2
}
# The ldap module will set Auth-Type to LDAP if it has not
# already been set
# ldap
authenticate {
#Auth-Type LDAP
:
authorize {
preprocess
redundant LDAP{
ldap1
ldap2
}
# The ldap module will set Auth-Type to LDAP if it has not
# already been set
# ldap
authenticate {
#Auth-Type LDAP
On Fri, Mar 09, 2012 at 10:59:46AM -0500, u...@3.am wrote:
authorize {
preprocess
redundant LDAP{
ldap1
ldap2
}
# The ldap module will set Auth-Type to LDAP if it has not
# already
On Sat, Mar 10, 2012 at 3:23 AM, Phil Mayers p.may...@imperial.ac.uk wrote:
On Fri, Mar 09, 2012 at 10:59:46AM -0500, u...@3.am wrote:
authenticate {
#Auth-Type LDAP {
redundant LDAP{
ldap1
ldap2
}
Using ldap in the authenticate
On Sat, Mar 10, 2012 at 3:23 AM, Phil Mayers p.may...@imperial.ac.uk wrote:
On Fri, Mar 09, 2012 at 10:59:46AM -0500, u...@3.am wrote:
authenticate {
#Auth-Type LDAP {
redundant LDAP{
ldap1
ldap2
}
Using ldap in the authenticate
ldap.atrmap.
I should point out that I had been using:
DEFAULT Auth-Type = Ldap
In the users file as well on the two older servers, despite docs that say
that it
is almost always wrong, but it was the only way we got it working.
If you have the attribute, and the hash is supported
On Sat, Mar 10, 2012 at 5:29 AM, u...@3.am wrote:
So to save lots of time and configuration problem: does your LDAP
store user passwords in clear text or any common hash (e.g. md5,
unix)? If yes, AND you know what the LDAP attribute is, you don't even
need an LDAP section in authenticate.
On Sat, Mar 10, 2012 at 10:47 AM, u...@3.am wrote:
Both hashes are supported, thanks for the link. I assume I need to define
something to map to, as well? Like this:
raddb/dictionary: ATTRIBUTE userPassword 3004 string
err... no.
raddb/ldap.attrmap: checkItem
09:15:15 2012 : Info: No authenticate method (Auth-Type)
configuration found for the request: Rejecting the user
Thu Feb 2 09:15:15 2012 : Info: Failed to authenticate the user.
Thu Feb 2 09:15:15 2012 : Info: Using Post-Auth-Type Reject
Thu Feb 2 09:15:15 2012 : Info: +- entering group REJECT
I find the solution.
In fact, I forgot to set Cleartext-Password in the users file...
Thanks.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/MAC-auth-with-checkval-No-authenticate-method-Auth-Type-tp5450017p5450841.html
Sent from the FreeRadius - User mailing list
= Wireless-802.11
EAP-Message = 0x020c0174657374696e67
Message-Authenticator = 0xbc498e29bfb9f44c5276dcb7d57b082e
WARNING: Empty authorize section. Using default return values.
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting
the user
Failed
Harish Mandowara wrote:
but its giving
...
WARNING: Empty authorize section. Using default return values.
You edited the default configuration and broke it. Don't do that.
Check the raddb/sites-enabled directory. Make sure that ONLY the
default and inner-tunnel servers are there.
Thank you alan,
I want to use PEAP-MSCHAP. So that i did change in eap.conf. I did not
change in raddb/sites-enabled. Even in radiusd.conf, its there.
but its giving right now
Module: Linked to module rlm_eap
Module: Instantiating module eap from file
/usr/local/etc/raddb/eap.conf
eap {
On Tue, Jan 24, 2012 at 6:48 PM, Harish Mandowara hari...@cdac.in wrote:
Thank you alan,
I want to use PEAP-MSCHAP.
Ignoring EAP-Type/peap because we do not have OpenSSL support.
See that error? Fix that.
What OS/distro are you using? if you're having problem building FR
with ssl,
Hi,
Ignoring EAP-Type/tls because we do not have OpenSSL support.
Ignoring EAP-Type/ttls because we do not have OpenSSL support.
Ignoring EAP-Type/peap because we do not have OpenSSL support.
built within OpenSSL support - install the DEVELOPMENT libraries/headers
(eg ssl-dev, openssl-devel
modules {
Module: Creating Auth-Type = digest
Module: Creating Post-Auth-Type = REJECT
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating module pap from file
/home/harish/Desktop/source/freeradius-server-2.1.12/raddb/modules/pap
On Tue, Jan 24, 2012 at 9:55 PM, Harish Mandowara hari...@cdac.in wrote:
Hi,
I installed all the these libraries.
Again build the code. and install but
No, you didn't. You either:
- didn't have development headers installed (e.g. you have libssl, but
not libssl-dev), OR
- didn't re-run
Hi,
I installed all the these libraries. Again build the code. and install but
its coming same. i am putting all debugging message over here.
outut of the ./configure stage? once again, no OpenSSL support - so you built
without the OpenSSL headers/includes for the server and/or you didnt
/modules/logintime
logintime {
reply-message = You are calling outside your allowed timespan
minimum-timeout = 60
}
}
radiusd: Loading Virtual Servers
server { # from file /usr/local/etc/raddb/radiusd.conf
modules {
Module: Creating Auth-Type = digest
Module
Stephen Kwok wrote:
I am a newbie to FreeRADIUS and I have run into a problem during the
setup. I have spent some time on researching for an answer online, but
I got no luck. I have described the problem as below. Could anyone
please let me know what went wrong? Thank you so much in
Hi,
OS: Mac OSX 10.6.8
FreeRADIUS version:�2.1.12
Steps taken:
snip
okay. so you downloaded the software, extracted it, then built it...
great. did you note what happened when you 'make install' ?
Starting�-�reading�configuration�files�...�
1 - 100 of 587 matches
Mail list logo
