Hello Allan DeKok,

but failover where, my users are defined like
this:

nameuser User-Password == "passowrd", Pool-
Name := "main_pool"
        Service-Type = Framed-User,
        Framed-Protocol = PPP,
        Framed-Compression = 0,
        Port-Limit = 1,
        Idle-Timeout = 0,
        Session-Timeout = 0

main_pool
range-start = X.X.X.128
range-stop = X.X.X.151

second_pool 
range-start = X.X.X.200
range-stop = X.X.X.251
 
i have tried failover in radius.conf,
post-auth {
          redundant{
                main_pool
                second_pool
}
}

But i must be doing something bad.

Thank you

----- Original Message -----
>From :
[EMAIL PROTECTED]
To   : [EMAIL PROTECTED]
Date : Monday, 17 May, 2004 01:41 PM
Sub  : Freeradius-Users digest, Vol 1 #3220 - 12
msgs

> Send Freeradius-Users mailing list submissions
to
>       [EMAIL PROTECTED]
> 
> To subscribe or unsubscribe via the World Wide
Web, 
visit
> 
        http://lists.freeradius.org/mailman/listinfo/fre
eradius-users
> or, via email, send a message with subject or 
body 'help' to
>       [EMAIL PROTECTED]
> 
> You can reach the person managing the list at
>       [EMAIL PROTECTED]
> 
> When replying, please edit your Subject line so
it is 
more specific
> than "Re: Contents of Freeradius-Users
digest..."
> 
> 
> Today's Topics:
> 
>    1. Re: Reg configuring challenge response
(Alan 
DeKok)
>    2. Re: Moving away from Safeword (Robert 
Szelepcsenyi)
>    3. Re: freeradius with dhcp (ro0ot)
>    4. Re: Moving away from Safeword (Alan DeKok)
>    5. About Radius Attributes (Lara Adianto)
>    6. Freeradius with MySQL and
Exec-Program-Wait 
(Joe Borg)
>    7. Re: Freeradius with MySQL and
Exec-Program-Wait 
(Paul Hampson)
>    8. Re: About Radius Attributes (Alan DeKok)
>    9. pool with two ranges (Juan)
>   10. Re: pool with two ranges (Alan DeKok)
>   11. RE: Freeradius with MySQL and
Exec-Program-Wait 
(Joe Borg)
>   12. Re: Freeradius with MySQL and
Exec-Program-Wait 
(Milver S. Nisay)
> 
> --__--__--
> 
> Message: 1
> From: "Alan DeKok" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: Reg configuring challenge response 
> Date: Mon, 17 May 2004 05:45:13 -0400
> Reply-To: [EMAIL PROTECTED]
> 
> Barath kumar <[EMAIL PROTECTED]> wrote:
> > How to configure the free RADIUS server to
send an 
Challenge response to 
> > an access request. In other words, what are
the 
configurations to be 
> > done on the free RADIUS server such that it
sends 
an challenge response 
> > to an access request.  By default, will the
free 
RADIUS server send an 
> > challenge response ? or any special
configurations 
needs to be done for 
> > the same.
> 
>   The server will send a challenge when the
protocol 
demands it.
> e.g. EAP.
> 
>   If you don't know what the challenge will be,
or 
why the server
> should send a challenge, you probably don't want

challenge-response.
> 
>   Alan DeKok.
> 
> 
> 
> --__--__--
> 
> Message: 2
> Date: Mon, 17 May 2004 11:48:04 +0200
> From: Robert Szelepcsenyi <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: Moving away from Safeword
> Reply-To: [EMAIL PROTECTED]
> 
> Hi,
> 
> 
> Sorry, I was not precise enough in my query. I
am 
looking for a system of *synchronous* dynamic 
passwords, which use tokens with an internal
counter 
without any chalenge. The password has to be
entered 
before a call is made (either VPN or dialup), so
there 
is no opportunity to recieve a chalnge and act
upon it. 
Moreover, X9.9 is insecure.
> 
> I did some research some time ago, andif I
remember 
correctly, freeradius support at least one such a 
system.
> 
> 
> Robert Szelepcsenyi
> 
> 
> On Mon, May 17, 2004 at 05:44:05AM -0400, Alan
DeKok 
wrote:
> > Robert Szelepcsenyi <[EMAIL PROTECTED]> wrote:
> > > Due to licensing policy of Secure Computing,

which forced me to
> > > upgrade to deploy a separate machine running
just 
their AAA server,
> > > I have decided to move away from their
product 
Safeword Premier
> > > Access. I am looking for some replacement
for 
their system of
> > > dynamic passwords and tokens. Freeradius
supports 
several systems of
> > > dynamic passwords. An ideal solution would
be to 
have some sort of a
> > > software token that I could install into a
mobile 
phone or a PDA. Is
> > > there such an aption with freeradius?
> > 
> >   It's more of a client side issue than a
server 
side.
> > 
> >   FreeRADIUS does include an "X9.9" module,
which 
will do DES-based
> > challenge/response.  It's been tested to work
with 
CRYPTOCard's
> > tokens, which include a software-based token. 
See
> > http:/www.cryptocard.com for details.
> > 
> >   Alan DeKok.
> > 
> > - 
> > List info/subscribe/unsubscribe? See 
http://www.freeradius.org/list/users.html
> 
> -- 
> 
> 
> --__--__--
> 
> Message: 3
> Date: Mon, 17 May 2004 17:54:01 +0800
> From: ro0ot <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: freeradius with dhcp
> Reply-To: [EMAIL PROTECTED]
> 
> Yep, thats what I mean...thanks Alan DeKok, :)
> Probabily I have to find another solution, :-(
> 
> Regards,
> ro0ot
> 
> 
> Alan DeKok wrote:
> 
> >M Singh <[EMAIL PROTECTED]> wrote:
> >  
> >
> >>Why not ?
> >>    
> >>
> >
> >  Because "freeradius working with dhcp" 
means "freeradius knows about dhcp".
> >
> >  
> >
> >>My university implements something that looks
like 
that. A laptop first 
> >>gets a DHCP lease, and can address a single IP

which is presumably the 
> >>address of the server. Then I fire up the
Cisco VPN 
client that 
> >>authenticates via an encryption algorithm and
then 
the laptop can access 
> >>the internet.
> >>    
> >>
> >
> >  In that case, the dhcp server and FreeRADIUS
don't 
talk to each
> >other, and don't know that the other one
exists.
> >
> >  
> >
> >>What kind of a server do you think my
university is 
using ?
> >>    
> >>
> >
> >  Two independent servers, which don't
communicate.
> >
> >  The original poster was asking about making 
FreeRADIUS talk to a
> >DHCP server, in order to allocate IP addresses
it 
would give out in
> >RADIUS packets.
> >
> >  Alan DeKok.
> >
> >
> >- 
> >List info/subscribe/unsubscribe? See 
http://www.freeradius.org/list/users.html
> >
> >  
> >
> 
> 
> 
> 
> 
> --__--__--
> 
> Message: 4
> From: "Alan DeKok" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: Moving away from Safeword 
> Date: Mon, 17 May 2004 06:01:22 -0400
> Reply-To: [EMAIL PROTECTED]
> 
> Robert Szelepcsenyi <[EMAIL PROTECTED]> wrote:
> > Sorry, I was not precise enough in my query. I
am 
looking for a
> > system of *synchronous* dynamic passwords,
which 
use tokens with an
> > internal counter without any chalenge. The
password 
has to be
> > entered before a call is made (either VPN or 
dialup), so there is no
> > opportunity to recieve a chalnge and act upon
it. 
Moreover, X9.9 is
> > insecure.
> 
>   X9.9 is insecure?  How?
> 
>   In any case, CRYPTOCard does offer a
synchronous 
mode for their tokens.
> 
>   As for any othe synchronous token method, I'm
not 
aware of it being
> implemented in the server.
> 
>   Alan DeKok.
> 
> 
> --__--__--
> 
> Message: 5
> Date: Mon, 17 May 2004 02:57:21 -0700 (PDT)
> From: Lara Adianto <[EMAIL PROTECTED]>
> Subject: About Radius Attributes
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Reply-To: [EMAIL PROTECTED]
> 
> Hello,
> 
> I need some information about the following
> 'service-type' attribute:
> - Outbound
> - Administrative
> - NAS Prompt
> - Call Check
> - Callback NAS Prompt
> 
> 1. In which case will a radius client request
for the
> above service type or which radius clients
usually
> request for the above service-type ? 
> 2. What attributes are usually returned in the
> access-accept packet for the above service type
?
> 
> For Service-type PPP / SLIP requested, is there
any
> MANDATORY attributes that need to be returned by
the
> radius server in the access-accept packet
> (Framed-IP-Address, Framed-MTU, etc) ? If the
> Framed-IP-Address is not a mandatory attribute
to be
> returned for service-type PPP, how will the NAS
decide
> the IP Address assigned to the user ?
> 
> Thank you for any replies,
> lara
> 
> =====
>
------------------------------------------------------
------------------------------ 
> La vie, voyez-vous, ca n'est jamais si bon ni si

mauvais qu'on croit
>                                                 
     
                  - Guy de Maupassant -
>
------------------------------------------------------
------------------------------
> 
> 
>       
>               
> __________________________________
> Do you Yahoo!?
> SBC Yahoo! - Internet access at a great low
price.
> http://promo.yahoo.com/sbc/
> 
> 
> --__--__--
> 
> Message: 6
> From: "Joe Borg" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Subject: Freeradius with MySQL and
Exec-Program-Wait
> Date: Mon, 17 May 2004 12:14:40 +0200
> Organization: DataStream Ltd.
> Reply-To: [EMAIL PROTECTED]
> 
> This is a multi-part message in MIME format.
> 
> ------=_NextPart_000_0001_01C43C08.8AF8C2A0
> Content-Type: text/plain;
>       charset="us-ascii"
> Content-Transfer-Encoding: 7bit
> 
> Hi,
> I'm in the process of seeting up a new RADIUS
server 
using Freeradius. I
> intend using MySQL for Authorisation and
Accounting. 
As a result, I will
> not be making use of the 'users' file (since
MySQL is 
configured for use
> in Radiusd.conf, thereby bypassing the use of
the 
users file). My
> problem is that I would like to make use of
Exec-
Program-Wait to execute
> a script in order to process some additional 
authentication parameters.
> Is there anyway I can do this since I'm using
MySQL 
for authorisation?
>  
> Thanks,
>  
> Joe
>  
> 
> ------=_NextPart_000_0001_01C43C08.8AF8C2A0
> Content-Type: text/html;
>       charset="us-ascii"
> Content-Transfer-Encoding: quoted-printable
> 
> <html xmlns:o=3D"urn:schemas-microsoft-
com:office:office" =
>
xmlns:w=3D"urn:schemas-microsoft-com:office:word"
=
> xmlns=3D"http://www.w3.org/TR/REC-html40";>
> 
> <head>
> <META HTTP-EQUIV=3D"Content-Type" 
CONTENT=3D"text/html; =
> charset=3Dus-ascii">
> 
> 
> <meta name=3DProgId content=3DWord.Document>
> <meta name=3DGenerator content=3D"Microsoft Word
10">
> <meta name=3DOriginator content=3D"Microsoft
Word 10">
> <link rel=3DFile-List 
href=3D"cid:[EMAIL PROTECTED]">
> <!--[if gte mso 9]><xml>
>  <o:OfficeDocumentSettings>
>   <o:DoNotRelyOnCSS/>
>  </o:OfficeDocumentSettings>
> </xml><![endif]--><!--[if gte mso 9]><xml>
>  <w:WordDocument>
>   <w:SpellingState>Clean</w:SpellingState>
>   <w:GrammarState>Clean</w:GrammarState>
>   <w:DocumentKind>DocumentEmail</w:DocumentKind>
>   <w:EnvelopeVis/>
>   <w:Compatibility>
>    <w:BreakWrappedTables/>
>    <w:SnapToGridInCell/>
>    <w:WrapTextWithPunct/>
>    <w:UseAsianBreakRules/>
>   </w:Compatibility>
>   
<w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLev
el>
>  </w:WordDocument>
> </xml><![endif]-->
> <style>
> <!--
>  /* Font Definitions */
>  @font-face
>       {font-family:Verdana;
>       panose-1:2 11 6 4 3 5 4 4 2 4;
>       mso-font-charset:0;
>       mso-generic-font-family:swiss;
>       mso-font-pitch:variable;
>       mso-font-signature:536871559 0 0 0 415 0;}
>  /* Style Definitions */
>  p.MsoNormal, li.MsoNormal, div.MsoNormal
>       {mso-style-parent:"";
>       margin:0cm;
>       margin-bottom:.0001pt;
>       mso-pagination:widow-orphan;
>       font-size:12.0pt;
>       font-family:"Times New Roman";
>       mso-fareast-font-family:"Times New Roman";
>       mso-ansi-language:EN-GB;
>       mso-no-proof:yes;}
> h1
>       {mso-style-next:Normal;
>       margin-top:0cm;
>       margin-right:0cm;
>       mso-margin-bottom-alt:auto;
>       margin-left:0cm;
>       text-align:justify;
>       line-height:120%;
>       mso-pagination:widow-orphan;
>       page-break-after:avoid;
>       mso-outline-level:1;
>       font-size:16.0pt;
>       font-family:Verdana;
>       mso-bidi-font-family:Arial;
>       mso-font-kerning:16.0pt;
>       mso-ansi-language:EN-GB;
>       font-weight:normal;
>       mso-bidi-font-weight:bold;
>       text-decoration:underline;
>       text-underline:single;}
> a:link, span.MsoHyperlink
>       {color:blue;
>       text-decoration:underline;
>       text-underline:single;}
> a:visited, span.MsoHyperlinkFollowed
>       {color:purple;
>       text-decoration:underline;
>       text-underline:single;}
> p
>       {mso-margin-top-alt:auto;
>       margin-right:0cm;
>       mso-margin-bottom-alt:auto;
>       margin-left:0cm;
>       mso-pagination:widow-orphan;
>       font-size:12.0pt;
>       font-family:"Times New Roman";
>       mso-fareast-font-family:"Times New Roman";}
> p.Command, li.Command, div.Command
>       {mso-style-name:Command;
>       margin-top:0cm;
>       margin-right:0cm;
>       mso-margin-bottom-alt:auto;
>       margin-left:0cm;
>       text-align:justify;
>       line-height:120%;
>       mso-pagination:widow-orphan;
>       font-size:10.0pt;
>       mso-bidi-font-size:16.0pt;
>       font-family:"Courier New";
>       mso-fareast-font-family:"Times New Roman";
>       mso-bidi-font-family:Arial;
>       mso-font-kerning:16.0pt;
>       mso-ansi-language:EN-GB;
>       mso-no-proof:yes;}
> span.EmailStyle19
>       {mso-style-type:personal-compose;
>       mso-style-noshow:yes;
>       mso-ansi-font-size:10.0pt;
>       mso-bidi-font-size:10.0pt;
>       font-family:Arial;
>       mso-ascii-font-family:Arial;
>       mso-hansi-font-family:Arial;
>       mso-bidi-font-family:Arial;
>       color:windowtext;}
> @page Section1
>       {size:612.0pt 792.0pt;
>       margin:72.0pt 90.0pt 72.0pt 90.0pt;
>       mso-header-margin:35.4pt;
>       mso-footer-margin:35.4pt;
>       mso-paper-source:0;}
> div.Section1
>       {page:Section1;}
>  /* List Definitions */
>  @list l0
>       {mso-list-id:379935782;
>       mso-list-type:hybrid;
>       mso-list-template-ids:268756658 -682957304 
67698713 67698715 67698703 =
> 67698713 67698715 67698703 67698713 67698715;}
> @list l0:level1
>       {mso-level-tab-stop:36.0pt;
>       mso-level-number-position:left;
>       text-indent:-18.0pt;}
> @list l0:level2
>       {mso-level-number-format:alpha-lower;
>       mso-level-tab-stop:72.0pt;
>       mso-level-number-position:left;
>       text-indent:-18.0pt;}
> ol
>       {margin-bottom:0cm;}
> ul
>       {margin-bottom:0cm;}
> -->
> </style>
> <!--[if gte mso 10]>
> <style>
>  /* Style Definitions */=20
>  table.MsoNormalTable
>       {mso-style-name:"Table Normal";
>       mso-tstyle-rowband-size:0;
>       mso-tstyle-colband-size:0;
>       mso-style-noshow:yes;
>       mso-style-parent:"";
>       mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
>       mso-para-margin:0cm;
>       mso-para-margin-bottom:.0001pt;
>       mso-pagination:widow-orphan;
>       font-size:10.0pt;
>       font-family:"Times New Roman";}
> </style>
> <![endif]-->
> </head>
> 
> <body lang=3DEN-US link=3Dblue vlink=3Dpurple =
> style=3D'tab-interval:36.0pt'>
> 
> <div class=3DSection1>
> 
> <p class=3DMsoNormal><font size=3D2 
face=3DArial><span lang=3DEN-GB =
> style=3D'font-size:
> 10.0pt;font-
family:Arial'>Hi,<o:p></o:p></span></font></p>
> 
> <p class=3DMsoNormal><font size=3D2 
face=3DArial><span lang=3DEN-GB =
> style=3D'font-size:
> 10.0pt;font-family:Arial'>I’m in the process of 
seeting up a new =
> RADIUS
> server using Freeradius. I intend using MySQL
for 
Authorisation and =
> Accounting.
> As a result, I will not be making use of the
‘users’ 
file =
> (since
> MySQL is configured for use in Radiusd.conf,
thereby 
bypassing the use =
> of the
> users file). My problem is that I would like to
make 
use of =
> Exec-Program-Wait
> to execute a script in order to process some 
additional authentication
> parameters. Is there anyway I can do this since
I’m 
using MySQL =
> for authorisation?<o:p></o:p></span></font></p>
> 
> <p class=3DMsoNormal><font size=3D2 
face=3DArial><span lang=3DEN-GB =
> style=3D'font-size:
> 10.0pt;font-
family:Arial'><o:p> </o:p></span></font></p>
> 
> <p class=3DMsoNormal><font size=3D2 
face=3DArial><span lang=3DEN-GB =
> style=3D'font-size:
> 10.0pt;font-
family:Arial'>Thanks,<o:p></o:p></span></font></p>
> 
> <p class=3DMsoNormal><font size=3D2 
face=3DArial><span lang=3DEN-GB =
> style=3D'font-size:
> 10.0pt;font-
family:Arial'><o:p> </o:p></span></font></p>
> 
> <p class=3DMsoNormal><font size=3D2 
face=3DArial><span lang=3DEN-GB =
> style=3D'font-size:
> 10.0pt;font-
family:Arial'>Joe<o:p></o:p></span></font></p>
> 
> <p class=3DMsoNormal><font size=3D3
face=3D"Times New 
Roman"><span =
> lang=3DEN-GB
> style=3D'font-
size:12.0pt'><o:p> </o:p></span></font></p>
> 
> </div>
> 
> </body>
> 
> </html>
> 
> ------=_NextPart_000_0001_01C43C08.8AF8C2A0--
> 
> 
> 
> 
> --__--__--
> 
> Message: 7
> Date: Mon, 17 May 2004 20:35:54 +1000
> To: [EMAIL PROTECTED]
> Subject: Re: Freeradius with MySQL and
Exec-Program-
Wait
> From: [EMAIL PROTECTED] (Paul Hampson)
> Reply-To: [EMAIL PROTECTED]
> 
> On Mon, May 17, 2004 at 12:14:40PM +0200, Joe
Borg 
wrote:
> 
> > I'm in the process of seeting up a new RADIUS 
server using Freeradius. I
> > intend using MySQL for Authorisation and 
Accounting. As a result, I will
> > not be making use of the 'users' file (since
MySQL 
is configured for use
> > in Radiusd.conf, thereby bypassing the use of
the 
users file). My
> > problem is that I would like to make use of
Exec-
Program-Wait to execute
> > a script in order to process some additional 
authentication parameters.
> > Is there anyway I can do this since I'm using
MySQL 
for authorisation?
> 
> You can use Exec-Program-Wait just like you
would in 
a users file, as a
> reply attribute in mySQL. Or consider its
successor, 
rlm_exec.
> 
> -- 
> Paul "TBBle" Hampson, on an alternate email
client.
> 
> 
> --__--__--
> 
> Message: 8
> From: "Alan DeKok" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: About Radius Attributes 
> Date: Mon, 17 May 2004 07:07:15 -0400
> Reply-To: [EMAIL PROTECTED]
> 
> Lara Adianto <[EMAIL PROTECTED]> wrote:
> > 1. In which case will a radius client request
for 
the
> > above service type or which radius clients
usually
> > request for the above service-type ? 
> 
>   http://www.freeradius.org/rfc/attributes.html
> 
>   Click on "Service-Type", and it will tell you
what 
those values
> mean, and when they're used.
> 
> > 2. What attributes are usually returned in the
> > access-accept packet for the above service
type ?
> 
>   It depends on your local configuration.
> 
> > For Service-type PPP / SLIP requested, is
there any
> > MANDATORY attributes that need to be returned
by the
> > radius server in the access-accept packet
> > (Framed-IP-Address, Framed-MTU, etc) ?
> 
>   See the RFC's, and your NAS vendor
documentation.
> 
> > If the
> > Framed-IP-Address is not a mandatory attribute
to be
> > returned for service-type PPP, how will the
NAS 
decide
> > the IP Address assigned to the user ?
> 
>   See the NAS documentation.  It depends on the
NAS.
> 
>   Alan DeKok.
> 
> 
> 
> 
> --__--__--
> 
> Message: 9
> Date: Mon, 17 May 2004 13:15:30 +0200
> To: [EMAIL PROTECTED]
> From: "Juan" <[EMAIL PROTECTED]>
> Subject: pool with two ranges
> Reply-To: [EMAIL PROTECTED]
> 
> Hello,
> 
> i have freeradius with various pools, but now i
> need 
> that one Pool have two diffrents ranges. Can i
do
> it 
> with freeradius?
> 
>        ippool main_pool {
>                 range-start = X.X.X.128
>                 range-stop = X.X.X.151
>                 netmask = 255.255.255.255
>                 cache-size = 23
>                 session-db = ${raddbdir}/db.main
>                 ip-index =
> ${raddbdir}/db.maindindex
>                 override = yes
>         }
> I need that main_pool have too this range :
> 
>                 range-start = X.X.X.200
>                 range-stop = X.X.X.251
> 
> 
> Thank you.
> 
> 
> 
> 
> 
> 
> --__--__--
> 
> Message: 10
> From: "Alan DeKok" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: pool with two ranges 
> Date: Mon, 17 May 2004 07:26:39 -0400
> Reply-To: [EMAIL PROTECTED]
> 
> "Juan" <[EMAIL PROTECTED]> wrote:
> > i have freeradius with various pools, but now
i 
need that one Pool
> > have two diffrents ranges. Can i do it with 
freeradius?
> 
>   Yes and no.  Each pool can have only one
range.  
But you can create
> & use two pools, and fail over to the secon done
if 
the first one is
> full.
> 
>   Alan DeKok.
> 
> 
> --__--__--
> 
> Message: 11
> From: "Joe Borg" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Subject: RE: Freeradius with MySQL and
Exec-Program-
Wait
> Date: Mon, 17 May 2004 13:40:08 +0200
> Organization: DataStream Ltd.
> Reply-To: [EMAIL PROTECTED]
> 
> Hi Paul,
> Thanks for the tip. By any chance, would you be
able 
to refer me to some
> documentation/information on how to go about
doing 
this? I'm still
> somewhat green to MySQL. Thanks.
> Joe
> 
> -----Original Message-----
> From:
[EMAIL PROTECTED]
>
[mailto:[EMAIL PROTECTED]

On Behalf Of Paul
> Hampson
> Sent: 17 May 2004 12:36
> To: [EMAIL PROTECTED]
> Subject: Re: Freeradius with MySQL and
Exec-Program-
Wait
> 
> On Mon, May 17, 2004 at 12:14:40PM +0200, Joe
Borg 
wrote:
> 
> > I'm in the process of seeting up a new RADIUS 
server using Freeradius.
> I
> > intend using MySQL for Authorisation and 
Accounting. As a result, I
> will
> > not be making use of the 'users' file (since
MySQL 
is configured for
> use
> > in Radiusd.conf, thereby bypassing the use of
the 
users file). My
> > problem is that I would like to make use of
Exec-
Program-Wait to
> execute
> > a script in order to process some additional 
authentication
> parameters.
> > Is there anyway I can do this since I'm using
MySQL 
for authorisation?
> 
> You can use Exec-Program-Wait just like you
would in 
a users file, as a
> reply attribute in mySQL. Or consider its
successor, 
rlm_exec.
> 
> -- 
> Paul "TBBle" Hampson, on an alternate email
client.
> 
> - 
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> 
> 
> 
> 
> 
> --__--__--
> 
> Message: 12
> From: "Milver S. Nisay"
<[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Subject: Re: Freeradius with MySQL and
Exec-Program-
Wait
> Date: Mon, 17 May 2004 12:39:18 +0100
> Reply-To: [EMAIL PROTECTED]
> 
> This is a multi-part message in MIME format.
> 
> ------=_NextPart_000_00BE_01C43C0B.F851BE30
> Content-Type: text/plain;
>       charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> 
> 
>   ----- Original Message -----=20
> 
>   Hi,
> 
>   I'm in the process of seeting up a new RADIUS 
server using Freeradius. =
> I intend using MySQL for Authorisation and 
Accounting. As a result, I =
> will not be making use of the 'users' file
(since 
MySQL is configured =
> for use in Radiusd.conf, thereby bypassing the
use of 
the users file). =
> My problem is that I would like to make use of
Exec-
Program-Wait to =
> execute a script in order to process some
additional 
authentication =
> parameters. Is there anyway I can do this since
I'm 
using MySQL for =
> authorisation?
> 
>   =20
> 
>   YES
> 
> 
> ------=_NextPart_000_00BE_01C43C0B.F851BE30
> Content-Type: text/html;
>       charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> 
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 
Transitional//EN">
> <HTML xmlns=3D"http://www.w3.org/TR/REC-html40"; 
xmlns:o =3D=20
> "urn:schemas-microsoft-com:office:office"
xmlns:w 
=3D=20
> "urn:schemas-microsoft-com:office:word"><HEAD>
> <META http-equiv=3DContent-Type
content=3D"text/html; 
=
> charset=3Diso-8859-1">
> <META content=3DWord.Document name=3DProgId>
> <META content=3D"MSHTML 6.00.2737.800" 
name=3DGENERATOR>
> <META content=3D"Microsoft Word 10" 
name=3DOriginator><LINK=20
> href=3D"cid:[EMAIL PROTECTED]" 
rel=3DFile-List><!--[if gte =
> mso 9]><xml>
>  <o:OfficeDocumentSettings>
>   <o:DoNotRelyOnCSS/>
>  </o:OfficeDocumentSettings>
> </xml><![endif]--><!--[if gte mso 9]><xml>
>  <w:WordDocument>
>   <w:SpellingState>Clean</w:SpellingState>
>   <w:GrammarState>Clean</w:GrammarState>
>   <w:DocumentKind>DocumentEmail</w:DocumentKind>
>   <w:EnvelopeVis/>
>   <w:Compatibility>
>    <w:BreakWrappedTables/>
>    <w:SnapToGridInCell/>
>    <w:WrapTextWithPunct/>
>    <w:UseAsianBreakRules/>
>   </w:Compatibility>
>   
<w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLev
el>
>  </w:WordDocument>
> </xml><![endif]-->
> <STYLE>@font-face {
>       font-family: Verdana;
> }
> @page Section1 {size: 612.0pt 792.0pt; margin:
72.0pt 
90.0pt 72.0pt =
> 90.0pt; mso-header-margin: 35.4pt;
mso-footer-margin: 
35.4pt; =
> mso-paper-source: 0; }
> P.MsoNormal {
>       FONT-SIZE: 12pt; MARGIN: 0cm 0cm 0pt; FONT-
FAMILY: "Times New Roman"; =
> mso-style-parent: ""; mso-pagination:
widow-orphan; =
> mso-fareast-font-family: "Times New Roman";
mso-ansi-
language: EN-GB; =
> mso-no-proof: yes
> }
> LI.MsoNormal {
>       FONT-SIZE: 12pt; MARGIN: 0cm 0cm 0pt; FONT-
FAMILY: "Times New Roman"; =
> mso-style-parent: ""; mso-pagination:
widow-orphan; =
> mso-fareast-font-family: "Times New Roman";
mso-ansi-
language: EN-GB; =
> mso-no-proof: yes
> }
> DIV.MsoNormal {
>       FONT-SIZE: 12pt; MARGIN: 0cm 0cm 0pt; FONT-
FAMILY: "Times New Roman"; =
> mso-style-parent: ""; mso-pagination:
widow-orphan; =
> mso-fareast-font-family: "Times New Roman";
mso-ansi-
language: EN-GB; =
> mso-no-proof: yes
> }
> H1 {
>       MARGIN-TOP: 0cm; FONT-WEIGHT: normal; FONT-
SIZE: 16pt; MARGIN-LEFT: =
> 0cm; LINE-HEIGHT: 120%; MARGIN-RIGHT: 0cm; FONT-
FAMILY: Verdana; =
> TEXT-ALIGN: justify; TEXT-DECORATION: underline;
mso-
pagination: =
> widow-orphan; mso-ansi-language: EN-GB;
mso-style-
next: Normal; =
> mso-margin-bottom-alt: auto; mso-outline-level:
1; 
mso-bidi-font-family: =
> Arial; mso-font-kerning: 16.0pt; mso-bidi-font-
weight: bold; =
> text-underline: single
> }
> A:link {
>       COLOR: blue; TEXT-DECORATION: underline; text-
underline: single
> }
> SPAN.MsoHyperlink {
>       COLOR: blue; TEXT-DECORATION: underline; text-
underline: single
> }
> A:visited {
>       COLOR: purple; TEXT-DECORATION: underline;
text-
underline: single
> }
> SPAN.MsoHyperlinkFollowed {
>       COLOR: purple; TEXT-DECORATION: underline;
text-
underline: single
> }
> P {
>       FONT-SIZE: 12pt; MARGIN-LEFT: 0cm; MARGIN-
RIGHT: 0cm; FONT-FAMILY: =
> "Times New Roman"; mso-pagination: widow-orphan;
=
> mso-fareast-font-family: "Times New Roman"; mso-
margin-bottom-alt: auto; =
> mso-margin-top-alt: auto
> }
> P.Command {
>       MARGIN-TOP: 0cm; FONT-SIZE: 10pt; MARGIN-LEFT: 
0cm; LINE-HEIGHT: 120%; =
> MARGIN-RIGHT: 0cm; FONT-FAMILY: "Courier New";
TEXT-
ALIGN: justify; =
> mso-pagination: widow-orphan; mso-fareast-font-
family: "Times New =
> Roman"; mso-ansi-language: EN-GB; mso-no-proof:
yes; =
> mso-margin-bottom-alt: auto;
mso-bidi-font-family: 
Arial; =
> mso-font-kerning: 16.0pt; mso-style-name:
Command; 
mso-bidi-font-size: =
> 16.0pt
> }
> LI.Command {
>       MARGIN-TOP: 0cm; FONT-SIZE: 10pt; MARGIN-LEFT: 
0cm; LINE-HEIGHT: 120%; =
> MARGIN-RIGHT: 0cm; FONT-FAMILY: "Courier New";
TEXT-
ALIGN: justify; =
> mso-pagination: widow-orphan; mso-fareast-font-
family: "Times New =
> Roman"; mso-ansi-language: EN-GB; mso-no-proof:
yes; =
> mso-margin-bottom-alt: auto;
mso-bidi-font-family: 
Arial; =
> mso-font-kerning: 16.0pt; mso-style-name:
Command; 
mso-bidi-font-size: =
> 16.0pt
> }
> DIV.Command {
>       MARGIN-TOP: 0cm; FONT-SIZE: 10pt; MARGIN-LEFT: 
0cm; LINE-HEIGHT: 120%; =
> MARGIN-RIGHT: 0cm; FONT-FAMILY: "Courier New";
TEXT-
ALIGN: justify; =
> mso-pagination: widow-orphan; mso-fareast-font-
family: "Times New =
> Roman"; mso-ansi-language: EN-GB; mso-no-proof:
yes; =
> mso-margin-bottom-alt: auto;
mso-bidi-font-family: 
Arial; =
> mso-font-kerning: 16.0pt; mso-style-name:
Command; 
mso-bidi-font-size: =
> 16.0pt
> }
> SPAN.EmailStyle19 {
>       COLOR: windowtext; FONT-FAMILY: Arial;
mso-bidi-
font-family: Arial; =
> mso-bidi-font-size: 10.0pt; mso-style-type:
personal-
compose; =
> mso-style-noshow: yes; mso-ansi-font-size:
10.0pt; =
> mso-ascii-font-family: Arial;
mso-hansi-font-family: 
Arial
> }
> DIV.Section1 {
>       page: Section1
> }
> OL {
>       MARGIN-BOTTOM: 0cm
> }
> UL {
>       MARGIN-BOTTOM: 0cm
> }
> </STYLE>
> <!--[if gte mso 10]>
> <style>
>  /* Style Definitions */=20
>  table.MsoNormalTable
>       {mso-style-name:"Table Normal";
>       mso-tstyle-rowband-size:0;
>       mso-tstyle-colband-size:0;
>       mso-style-noshow:yes;
>       mso-style-parent:"";
>       mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
>       mso-para-margin:0cm;
>       mso-para-margin-bottom:.0001pt;
>       mso-pagination:widow-orphan;
>       font-size:10.0pt;
>       font-family:"Times New Roman";}
> </style>
> <![endif]--></HEAD>
> <BODY lang=3DEN-US style=3D"tab-interval:
36.0pt" 
vLink=3Dpurple =
> link=3Dblue=20
> bgColor=3D#ffffff>
> <DIV><FONT face=3DTahoma size=3D2></FONT> </DIV>
> <BLOCKQUOTE dir=3Dltr=20
> style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; 
MARGIN-LEFT: 5px; =
> BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT:
0px">
>   <DIV style=3D"FONT: 10pt arial">----- Original

Message ----- =
> <BR></DIV>
>   <DIV class=3DSection1>
>   <P class=3DMsoNormal><FONT face=3DArial 
size=3D2><SPAN lang=3DEN-GB=20
>   style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
> Arial">Hi,<o:p></o:p></SPAN></FONT></P>
>   <P class=3DMsoNormal><FONT face=3DArial 
size=3D2><SPAN lang=3DEN-GB=20
>   style=3D"FONT-SIZE: 10pt; FONT-FAMILY:
Arial">I=92m 
in the process of =
> seeting up a=20
>   new RADIUS server using Freeradius. I intend
using 
MySQL for =
> Authorisation and=20
>   Accounting. As a result, I will not be making
use 
of the =91users=92 =
> file (since=20
>   MySQL is configured for use in Radiusd.conf, 
thereby bypassing the use =
> of the=20
>   users file). My problem is that I would like
to 
make use of =
> Exec-Program-Wait=20
>   to execute a script in order to process some 
additional authentication =
> 
>   parameters. Is there anyway I can do this
since 
I=92m using MySQL for=20
>   authorisation?<o:p></o:p></SPAN></FONT></P>
>   <P class=3DMsoNormal><FONT face=3DArial 
size=3D2><SPAN lang=3DEN-GB=20
>   style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
> Arial"><o:p> </o:p></SPAN></FONT></P>
>   <P class=3DMsoNormal><FONT face=3DTahoma 
size=3D2><SPAN lang=3DEN-GB=20
>   style=3D"FONT-SIZE: =
> 
12pt"><o:p>YES</o:p></SPAN></FONT></P></DIV></BLOCKQUOTE
></BODY></HTML>
> 
> ------=_NextPart_000_00BE_01C43C0B.F851BE30--
> 
> 
> 
> 
> 
> --__--__--
> 
> - 
> List info/subscribe/unsubscribe? See 
http://www.freeradius.org/list/users.html
> 
> 
> End of Freeradius-Users Digest
> 





- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to