Hi All,
I really do try to read the forums in full before I post, but I have seen much
out there on this, but just cant find out why this is happening.
Please see below.
The only think I dont have is sim_files entry in the sites-enabled/default, as
I assume this is now covered in the radiusd.conf
On 23 Sep 2013, at 12:32, ken.farrington ken.farring...@802.co.uk wrote:
Hi All,
I really do try to read the forums in full before I post, but I have seen
much out there on this, but just cant find out why this is happening.
Please see below.
The only think I dont have is sim_files
Hi Arran,
Im not sure if I have interpreted this right. Are you agreeing with my
statement, that it is not needed or are you saying it is needed? I seem to
recall I get an error when I put the sime_files in the default file.
Many thx indeed for the lightning fast response mate :)
Ken
On 23
Also, if I put the sim_files entry before eap in the default file I get the
following error when I try and start Radiusd -s -X
Module: Linked to sub-module rlm_eap_sim
Module: Instantiating eap-sim
Module: Checking authorize {...} for more modules to load
/usr/local/etc/raddb/radiusd.conf[643]:
Hello,
I have a problem with mschap authentication and the external program ntlm_auth.
With Freeradius 2.2 I haven't any problem but after upgrade to Freeradius 3,
the output of this
program was wrong and EAP failed.
The output is very strange :
Any ideas ?inline: 0E165810.gif-
List
nicolas@ricoh-industrie.fr wrote:
Hello,
I have a problem with mschap authentication and the external
program ntlm_auth.
With Freeradius 2.2 I haven't any problem but after upgrade to
Freeradius 3, the output of this program was wrong and EAP failed.
I am getting this error:
TLS Alert read:fatal:unknown CA
TLS_accept: failed in SSLv3 read client certificate A
SSL error error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
SSL: SSL_read failed inside of TLS (-1), TLS session fails.
TLS receive handshake failed during
Looks like a client with incorrect settings. Why would you want to add that ca
to your server? Your radius server isn't signed by it.
alan
This smartphone uses eduroam for free WiFi access around the world. Now that's
what I call smart.
-
List info/subscribe/unsubscribe? See
Matthias Nagel wrote:
Anyway, first things - check your eap {} module config, specifically
ensure that max_sessions is high enough to support your load, that
timer_expire isn't too low, and if applicable, that your TLS session
caching is ok (size, particularly).
I did not find
Hello,
sometimes I get the error
WARNING: !! EAP session for state 0xABCDEFGHIJKLMNOP did not finish!
in my log files / debug output. Before anybody says have a look at
http://deployingradius.com/documents/configuration/eap-problems.html
that will help, please read on, because I already have
On 04/10/12 16:45, Matthias Nagel wrote:
I cannot find any pattern, so I do not believe it to be a client side
issue.
Of course, one can argue to ignore the warning as it works most of
the time, but I do not like indeterministically behaving IT systems,
hence it preys on my mind.
Has anybody
Matthias Nagel wrote:
I cannot find any pattern, so I do not believe it to be a client side issue.
It's always an issue with the client, WiFi, or AP. It's not an issue
with FreeRADIUS.
Why? All of the EAP is driven by the client.
Of course, one can argue to ignore the warning as it
Hello,
Am Donnerstag 04 Oktober 2012, 17:09:35 schrieb Phil Mayers:
On 04/10/12 16:45, Matthias Nagel wrote:
I cannot find any pattern, so I do not believe it to be a client side
issue.
Has anybody an idea what the reason might be? If anybody wants to see
a full debug output or a
On 04/10/12 18:10, Matthias Nagel wrote:
That would be nice, indeed. But if the reason is signal strengh of a
WiFi, then the numbers heavily depend on your WiFi coverage. So it is
difficult to compare.
Sure.
As Alan says, it's the client that's going away.
Maybe search the logs of your
Hi,
I cannot find any pattern, so I do not believe it to be a client side
issue.
snip
One thing: that logging only happens in debug mode. Most people
don't run in debug mode all the time, so as far as I know, it could
be normal - maybe everyone sees failure rates of that order?
snip
as
Hi,
I found the entry
# fragment_size = 1024
to be commented out. Does anybody has experiences with HP E-MSM 430 APs?
Probably, this is a dummy question: I always believed that the smallest MTU
that must be supported by an ethernet devices is 1500. Are there really APs
that support
On Thu, Oct 04, 2012 at 05:45:30PM +0200, Matthias Nagel wrote:
WARNING: !! EAP session for state 0xABCDEFGHIJKLMNOP did not finish!
...
Has anybody an idea what the reason might be?
We see it a lot less since we tweaked the EAP timers on our Cisco
Wireless Controller. You don't say what APs or
= PPP
Framed-Compression = Van-Jacobson-TCP-IP
EAP-Message = 0x011800060d20
Starting EAP-TLS...
rad_recv: Access-Request packet from host 192.168.10.130 port 1812, id=147,
length=343
...
EAP-Message = 0x02180006030d
Ugh.
[eap] ERROR! Our request for tls was NAK'd
Hi,
Are you using self-signed CA certificate? Did you install it on the phone?
Of course, the certificate is a self-signed CA certificate and it is installed
on the phone.
The phone authenticates against the freeradius service without any problem.
But when I want the phone to authenticate or
! No known good password found for the user. Authentication may
fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP NAK
[eap] ERROR! Our request for tls was NAK'd with a request for tls. Skipping
having a new voip pbx (OmniPCX Enterprise 9.0) from Alcatel-Lucent, I now
try to setup 802.1x with the phones, an Alcatel-Lucent IP Touch 4028 EE.
Freeradius is 2.x on a Debian 5.0. My first attempt was with MD5, which
works without any problem.
Next step is TLS, which works at 50%. Well,
Hello again
I finally got the freeradius build 2.1.5 to initialize under SunOS 5.10
Generic_138889-02 i86pc i386 i86pc.
Here is the data
1. Got mysql from blastwave via pkg-get
2. Got openssl from blastwave via pk-get install openssl
3. downloaded freeradius-server-2.1.4.tar.gz from
Helo there Am in solaris 5.10 Generic_138889-02 i86pc
i386 i86pc I installed openssl and mysql from blastwave then
installed freeradius. I cannot get it to initialize via radiusd -X here is
the output FreeRADIUS Version 2.1.5, for host i386-pc-solaris2.10,
built on May 11 2009 at 09:54:37
t...@urugn.com wrote:
Errors initializing modules
I thot may be ad trace the problem and directly executed
/usr/local/etc/raddb/certs/bootstrap Here is the output
sh: test: argument expected
*** Error code 1
The following command caused the error:
if [ -e /dev/urandom ] ; then \
dd
@lists.freeradius.org
Envoyé le : Vendredi, 27 Avril 2007, 0h06mn 19s
Objet : freeradius eap error.
Hello, list.
I'm having some problems implementing freeradius on opensuse box.
I've followed the toturial at novell and as a test i've used the default CA and
certs that camed with the freeradius
Hello, list.
I'm having some problems implementing freeradius on opensuse box.
I've followed the toturial at novell and as a test i've used the default CA
and certs that camed with the freeradius rpm.
This worked very good the server started and every thing seamed nice.
Then i made my own CA
there is a script that comes with the freeradius source (perhaps bins
aswell) that generates you new certs.
for me the script is @
/usr/src/freeradius-1.1.6/scripts/CA.all
iirc that will generate you all the certs u need and read default
options from your openssl config file. You will have to
Hello,
I was running freeRadius version 1.1.1, and everything was working smoothly. I
then had to reformat my server, so I saved my entire raddb config directory so
that I would not need to start completely from scratch. However, I have now
installed version 1.1.2, and I cannot get it
Hi,
rlm_eap: Failed to link EAP-Type/tls: file not found
radiusd.conf[10]: eap: Module instantiation failed.
radiusd.conf[1894] Unknown module eap.
radiusd.conf[1841] Failed to parse authenticate section.
you want to use TLS or TTLS or PEAP, but have compiled the server without TLS
support.
hi,
i am new to freeradius. i am using dialways NTRadPing tool to test. i added
a new user to clients.conf file but i cannot be authenticated. from the log
file i always get
Error:rlm_eap:eap-message not found message. any ideas? thank you.
onur simsek
Fear gives me wings...
Max
onur simsek [EMAIL PROTECTED] wrote:
i am new to freeradius. i am using dialways NTRadPing tool to test. i added
a new user to clients.conf file but i cannot be authenticated. from the log
file i always get
Error:rlm_eap:eap-message not found message. any ideas? thank you.
Ignore it. It
31 matches
Mail list logo