I don't know if I understand the process correctly : as far as I
understand, an authentication request is handled successively by the
listed modules in the authorize {} section, right ?
So, now that I figured that I have to use PAP as phase2, I can have the
cleartext password. But I don't know
On 11/24/2012 08:40 PM, Hoggins! wrote:
I don't know if I understand the process correctly : as far as I
understand, an authentication request is handled successively by the
listed modules in the authorize {} section, right ?
So, now that I figured that I have to use PAP as phase2, I can have
Hello everyone,
We're facing an issue with rlm_exec, or at least Ithink our problem
comes from there.
We use FreeRADIUS for a Wifi access point. We userlm_sql, and our
clients authenticate using 802.1x, with a certificate and a pair of
login/password credentials. Everything works just fine, and
What EAP type? eg if using PEAP, the client never sends a password, instead its
challenge-response which works because the SQL contains a copy of the password
so MSCHAP can derive an agreement. Gmhow dies your curl do this? Are you trying
thus in the authenticate section and feeding an
OK, that explains a lot. I guess I need to find a method that lets the
Cleartext-Password go through. I don't know how to do this, actually, as
our passwords are now stored hashed.
Any hint?
Le 23/11/2012 19:18, Alan Buxey a écrit :
eg if using PEAP, the client never sends a password, instead
HeinKonijn wrote:
The next thing I want and am unable to get working is is.
Client 10.1.1.1 only accepts members in LDAP group group1
Client 10.1.1.2 only accepts members in LDAP group group2
Use the unlang rules to write this logic. It's not hard.
There are examples of using LDAP-Group
in context:
http://freeradius.1045715.n5.nabble.com/Newbie-question-Multiple-cliets-and-multiple-LDAP-groups-tp5655379p5655379.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
/run/radiusd/radiusd.sock
Listening on proxy address * port 1814
Ready to process requests.
where did that NAS-IP-Address = 192.168.1.29 come from?
Thanks in advance
--- On Sat, 8/28/10, gahn ipfr...@yahoo.com wrote:
From: gahn ipfr...@yahoo.com
Subject: Re: radius newbie question
= 192.168.1.29 come from?
Thanks in advance
--- On Sat, 8/28/10, gahn ipfr...@yahoo.com wrote:
From: gahn ipfr...@yahoo.com
Subject: Re: radius newbie question
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Date: Saturday, August 28, 2010, 11:56 AM
thanks.
giraffe is the temp
Thanks. Matteo:
But I don't have this 192.168.1.29 in my network and I have not configured any
NAS yet. it was just genetic tests based on radtest...
--- On Mon, 8/30/10, mat...@crs4.it mat...@crs4.it wrote:
From: mat...@crs4.it mat...@crs4.it
Subject: Re: radius newbie question
Hi all:
I just installed a radius server on a freebsd machine. It seems to be started
properly until I am trying to test it with radtest:
host# radtest testing password localhost 10 testing123
radclient:: Failed to find IP address for giraffe
radclient: Nothing to send.
here is what is in my
Hi,
host# radtest testing password localhost 10 testing123
radclient:: Failed to find IP address for giraffe
radclient: Nothing to send.
where does giraffe come from? whats in your /etc/resolv.conf?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
wrote:
From: Alan Buxey a.l.m.bu...@lboro.ac.uk
Subject: Re: radius newbie question
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Date: Saturday, August 28, 2010, 11:46 AM
Hi,
host# radtest testing password localhost 10
testing123
radclient:: Failed to find IP
Thanks Alan:
I will be looking into the version 2. really appreciate your advice..:)
Date: Wed, 18 Feb 2009 04:37:33 +0100
From: al...@deployingradius.com
To: freeradius-users@lists.freeradius.org
Subject: Re: newbie question for freeradius
ip freak wrote:
Thanks.
1) rlm unix
--
View this message in context:
http://www.nabble.com/newbie-question-for-freeradius-tp22063719p22063719.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ipfreak wrote:
i would like to use unix file /etc/passwd to authenticate users on my
routers and somehow it always fails:
Because you broke the passwd file.
rad_recv: Access-Request packet from host 192.168.10.101:61706, id=153,
length=53
User-Name = tester
User-Password
Hi Alan,
FreeBSD's /etc/master.passwd file always has a comment at the top
starting with a # which means ignore the line.
Regards
--jm
On 17 Feb 2009, at 8:52 PM, Alan DeKok wrote:
ipfreak wrote:
i would like to use unix file /etc/passwd to authenticate users on my
routers and somehow it
Jacques Marneweck wrote:
FreeBSD's /etc/master.passwd file always has a comment at the top
starting with a # which means ignore the line.
That is non-standard...
Anyways... if you're getting that message, it's because:
1) you're using a very old version of the server
AND
a)
@lists.freeradius.org
Subject: Re: newbie question for freeradius
Jacques Marneweck wrote:
FreeBSD's /etc/master.passwd file always has a comment at the top
starting with a # which means ignore the line.
That is non-standard...
Anyways... if you're getting that message, it's
ip freak wrote:
Thanks.
1) rlm unix cache is set to 0.
2) yes, i am using FreeBSD7.1 and whatever the version the FreeBSD comes
with.
what really want to do is simple, just use /etc/passwd file for
authentication.
Then use the default configuration that comes with 1.1.X for the
unix
Jair Santos wrote:
I got it from
cvs -d :pserver:[EMAIL PROTECTED]:/source checkout radiusd
Isn't that the right one ?
No. If you read the download web page, it says that development has
moved to git.freeradius.org.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Jair Santos wrote:
Well guys, let's clarify.
You didn't click on the link for 2.1.1 on the main web page:
freeradius.org. Instead, you clicked on the download link. You
didn't click on the tar file link for 2.1.1 on that page, either. You
didn't click on the git.freeradius.org link for the
John Dennis wrote:
I'm not sure why you were having problems with the upstream spec file,
but you can use the src rpm from Fedora
libreadline is available both as a 32-bit 64-bit library. The
build system is creating a 64-bit binary, but ld tries to link to the
32-bit version of
PM
To: FreeRadius users mailing list
Subject: Re: Newbie question
Jair Santos wrote:
Well guys, let's clarify.
You didn't click on the link for 2.1.1 on the main web
page: freeradius.org. Instead, you clicked on the download
link. You didn't click on the tar file link for 2.1.1
Jair Santos wrote:
Please understand that when we, as users, go to a site to download a
program, the site structure and distribution of information is completely
new. We , (I) try to understand it but we have no time to read everything.
I believe that this is normal and yes , we make
To: FreeRadius users mailing list
Subject: Re: Newbie question
Jair Santos wrote:
Please understand that when we, as users, go to a site to
download a
program, the site structure and distribution of information is
completely new. We , (I) try to understand it but we have
no time
Jair Santos wrote:
I also recognize that you tried to help me , but Alan, just because someone
is an expert this doesn't mean that he/she have the right to criticize the
ones that are not. I am here for help not to be criticized,
Help often involves pointing out what you're doing wrong. If
: Newbie question
It is true but then you'll probably have the older version.
Centos for
example goes with FR 1.1.3
Maxim Sirenko wrote:
It is always better to install from packages that belong to your
distro. Install FreeRadius from repository of Red Hat ES
And for FreeBSD people
When running the server with
$ radiusd -X
I got
Unable to open file /usr/local/etc/raddb/snmp.conf: No such file or
directory
Errors reading /usr/local/etc/raddb/radiusd.conf
The snmp.conf is not there and in my radiusd.conf there is
snmp= no
$INCLUDE snmp.conf
So my questions are ,
To: FreeRadius users mailing list
Subject: RE: Newbie question
When running the server with
$ radiusd -X
I got
Unable to open file /usr/local/etc/raddb/snmp.conf: No
such file or
directory Errors reading /usr/local/etc/raddb/radiusd.conf
The snmp.conf is not there and in my
PROTECTED]
[mailto:[EMAIL PROTECTED]
us.org] On Behalf Of [EMAIL PROTECTED]
Sent: Monday, October 06, 2008 11:33 AM
To: FreeRadius users mailing list
Subject: RE: Newbie question
When running the server with
$ radiusd -X
I got
Unable to open file /usr/local/etc/raddb/snmp.conf
I got it from
cvs -d :pserver:[EMAIL PROTECTED]:/source checkout radiusd
Isn't that the right one ?
Jair Santos
That look fine. snmp.conf should be in there.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
.
Please can someone help me ?
Thanks
Jair Santos
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
us.org] On Behalf Of Anders Holm
Sent: Monday, October 06, 2008 11:59 AM
To: FreeRadius users mailing list
Subject: Re: Newbie question
If you want
:04 PM
To: FreeRadius users mailing list
Subject: RE: Newbie question
I got it from
cvs -d :pserver:[EMAIL PROTECTED]:/source checkout radiusd
Isn't that the right one ?
Jair Santos
That look fine. snmp.conf should be in there.
Ivan Kalik
Kalik Informatika ISP
-
List
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
us.org] On Behalf Of Anders Holm
Sent: Monday, October 06, 2008 11:59 AM
To: FreeRadius users mailing list
Subject: Re: Newbie question
If you want to help develop FreeRADIUS, that's the spot.
Otherwise, I'd
To: FreeRadius users mailing list
Subject: RE: Newbie question
Is snmp.conf in downloaded files. If it is just copy it. Should be:
/home/jsantos8890/downloads/freeradius/freeradius-server-2.1.1
/raddb/snmp.conf
Ivan Kalik
Kalik Informatika ISP
Dana 6/10/2008, Jair Santos [EMAIL
Subject: RE: Newbie question
Is snmp.conf in downloaded files. If it is just copy it. Should be:
/home/jsantos8890/downloads/freeradius/freeradius-server-2.1.1
/raddb/snmp.conf
Ivan Kalik
Kalik Informatika ISP
Dana 6/10/2008, Jair Santos [EMAIL PROTECTED] piše:
Now I am confused
Santos
Sent: Monday, October 06, 2008 1:04 PM
To: 'FreeRadius users mailing list'
Subject: RE: Newbie question
And it is not on the files downloaded from
http://freeradius.org as well.
Jair Santos
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL
Santos
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
us.org] On Behalf Of [EMAIL PROTECTED]
Sent: Monday, October 06, 2008 12:51 PM
To: FreeRadius users mailing list
Subject: RE: Newbie question
Is snmp.conf in downloaded files. If it is just copy
:54 PM
To: FreeRadius users mailing list
Subject: RE: Newbie question
It's not. But neither is that include in radiusd.conf. You
wouldn't be mixing versions? Attached is snmp.conf from 2.0.5.
Ivan Kalik
Kalik Informatika ISP
Dana 6/10/2008, Jair Santos [EMAIL PROTECTED] piše
Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
us.org] On Behalf Of [EMAIL PROTECTED]
Sent: Monday, October 06, 2008 1:54 PM
To: FreeRadius users mailing list
Subject: RE: Newbie question
It's not. But neither is that include in radiusd.conf. You
wouldn't be mixing versions
06, 2008 2:27 PM
To: FreeRadius users mailing list
Subject: RE: Newbie question
So, what version do you have now (radiusd -v).
Ivan Kalik
Kalik Informatika ISP
Dana 6/10/2008, Jair Santos [EMAIL PROTECTED] piše:
Thank you Ivan .
I just copied the file to raddb in my downloaded
Hi,
radiusd: FreeRADIUS Version 2.0.6, for host x86_64-unknown-linux-gnu, built
2.0.6 ?
well, thats not the latest available version
2.1.1 is the latest and the default config files dont mention
snmp.conf at all. if you install ver older versions then
you *will* come across wierd issues
Jair Santos wrote:
radiusd: FreeRADIUS Version 2.0.6, for host x86_64-unknown-linux-gnu, built
Gee, I thought you were building and using 2.1.1 ;-)
You need to be careful with where you install things and what your paths
are. Looks to me like you've installed your latest in /usr/local/sbin
]
[mailto:[EMAIL PROTECTED]
us.org] On Behalf Of [EMAIL PROTECTED]
Sent: Monday, October 06, 2008 3:04 PM
To: FreeRadius users mailing list
Subject: Re: Newbie question
Hi,
radiusd: FreeRADIUS Version 2.0.6, for host
x86_64-unknown-linux-gnu,
built
2.0.6 ?
well, thats
: Monday, October 06, 2008 3:04 PM
To: FreeRadius users mailing list
Subject: Re: Newbie question
Hi,
radiusd: FreeRADIUS Version 2.0.6, for host
x86_64-unknown-linux-gnu,
built
2.0.6 ?
well, thats not the latest available version
2.1.1 is the latest and the default
Sent: Monday, October 06, 2008 3:57 PM
To: FreeRadius users mailing list
Subject: Re: Newbie question
Jair Santos wrote:
Well guys, let's clarify.
I downloaded with
cvs -d :pserver:[EMAIL PROTECTED]:/source checkout radiusd
No doubt about that.
I have no control about the files
.
- Original Message -
From: Alan DeKok [EMAIL PROTECTED]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Sunday, October 05, 2008 9:27 AM
Subject: Re: Newbie question
Jair Santos wrote:
I just got into this list and I am trying to instal in a RedHat ES 5.2,
64 bits.
I
Citando Jair Santos [EMAIL PROTECTED]:
Hi all,
I just got into this list and I am trying to instal in a RedHat ES 5.2, 64
bits.
I ran ./configure and when I ran make I got the following error.
cc -o .libs/radmin .libs/radmin.o /usr/lib/libreadline.so
/usr/lib/libtermcap.so .libs/util.o
: Newbie question
Jair Santos wrote:
I just got into this list and I am trying to instal in a RedHat ES
5.2,
64 bits.
I ran ./configure and when I ran make I got the following error.
...
/usr/lib/libreadline.so: could not read symbols: File in wrong format
You have both 32-bit and 64-bit
Tarlac
Sent: Sunday, October 05, 2008 6:20 AM
To: FreeRadius users mailing list
Subject: Re: Newbie question
It is true but then you'll probably have the older version.
Centos for
example goes with FR 1.1.3
Maxim Sirenko wrote:
It is always better to install from packages that belong
Hi all,
I just got into this list and I am trying to instal in a RedHat ES 5.2, 64
bits.
I ran ./configure and when I ran make I got the following error.
cc -o .libs/radmin .libs/radmin.o /usr/lib/libreadline.so
/usr/lib/libtermcap.so .libs/util.o .libs/log.o .libs/conffile.o
Hi all,
I am new to freeradius and I want to know if it's possible to perform the
following.
I provide for multiple people access to the internet via a proxy server
with authentication (htpasswd), server is FreeBSD.
I want to deny them access after 1 month. I was wandering if freeradius
can work
http://www.freeradius.org/radiusd/doc/rlm_passwd
Deny access after one month - Expiration attribute.
Ivan Kalik
Kalik Informatika ISP
Dana 7/12/2007, Monah Baki [EMAIL PROTECTED] piše:
Hi all,
I am new to freeradius and I want to know if it's possible to perform the
following.
I provide for
Thanks for everyone's help. I have it working nicely now, but have one
more situation I just started testing.
I want to use the same radius servers to authenticate users on a
different wireless network though a captive portal to the same
eDirectory servers via LDAP.
In order for the captive
Hi,
Thanks for everyone's help. I have it working nicely now, but have one
more situation I just started testing.
I want to use the same radius servers to authenticate users on a
different wireless network though a captive portal to the same
eDirectory servers via LDAP.
In order for
Hi,
Do I then remove ldap from the authorize section so that it doesn't call
it every packet? I did a bunch of testing and it seems that I have to
do that to reduce the number of calls to our eDirectory servers.
yes - only call it from the INNER check. otherwise you are in exactly
the same
Do I then remove ldap from the authorize section so that it doesn't call
it every packet? I did a bunch of testing and it seems that I have to
do that to reduce the number of calls to our eDirectory servers.
Thanks for helping me out.
Nathan
Nathan P. Hay
Network Engineer
Computer Services
Nathan Hay wrote:
Do I then remove ldap from the authorize section so that it doesn't call
it every packet? I did a bunch of testing and it seems that I have to
do that to reduce the number of calls to our eDirectory servers.
Yes. But it has to be listed inside of a sub-block, as described
I have FreeRadius 1.1.7 installed and talking to our eDirectory servers
via LDAP to authenticate users to our wireless network. It works great,
but our eDirectory servers get hit with 11 requests each time a single
client authenticates. Running FreeRadius in debug mode, I see 10
requests of the
On Wed, 2007-10-31 at 08:59 -0400, Nathan Hay wrote:
I have FreeRadius 1.1.7 installed and talking to our eDirectory
servers via LDAP to authenticate users to our wireless network. It
works great, but our eDirectory servers get hit with 11 requests each
time a single client authenticates.
Hi!
I'm trying to set up a WLAN (5 APs) with a RADIUS Server (SuSe 10.2). RADIUS
should authenticate the MAC Adresses of the WLAN Users to grant them access
to the network. There are often new computers, which should get access to
the Network immediately and without installing anything.
RADIUS
Bernd wrote:
I'm trying to set up a WLAN (5 APs) with a RADIUS Server (SuSe 10.2). RADIUS
should authenticate the MAC Adresses of the WLAN Users to grant them access
to the network.
Do the AP's send RADIUS requests to authenticate the MAC when they see
a new machine? If not, you can't do
An: FreeRadius users mailing list
Betreff: Re: Newbie Question o.O
Bernd wrote:
I'm trying to set up a WLAN (5 APs) with a RADIUS Server (SuSe 10.2).
RADIUS
should authenticate the MAC Adresses of the WLAN Users to grant them
access
to the network.
Do the AP's send RADIUS requests
Bernd wrote:
Do the AP's send RADIUS requests to authenticate the MAC when they see
a new machine? If not, you can't do it.
How do I know if they do?
...
Unfortunately, you're being told to go read the NAS documentation.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
. Oktober 2007 12:38
An: FreeRadius users mailing list
Betreff: Re: AW: Newbie Question o.O
Bernd wrote:
Do the AP's send RADIUS requests to authenticate the MAC when they see
a new machine? If not, you can't do it.
How do I know if they do?
...
Unfortunately, you're being told to go read
Bernd wrote:
I'm sorry...I never worked with RADIUS, please consider that. I don't mind
reading documentations :) - but I don't know where I can find the NAS
documentation
We don't have copies of it. You haven't even said what kind of NAS it
is, so it's impossible for us to help you.
documentation
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Im Auftrag von Alan
DeKok
Gesendet: Mittwoch, 24. Oktober 2007 12:38
An: FreeRadius users mailing list
Betreff: Re: AW: Newbie Question o.O
Bernd wrote:
Do the AP's send RADIUS
:[EMAIL PROTECTED] Im Auftrag von Alan
DeKok
Gesendet: Mittwoch, 24. Oktober 2007 12:38
An: FreeRadius users mailing list
Betreff: Re: AW: Newbie Question o.O
Bernd wrote:
Do the AP's send RADIUS requests to authenticate the MAC when they see
a new machine? If not, you can't do
On Mon, Mar 26, 2007 at 09:23:49PM +0100, [EMAIL PROTECTED] wrote:
Did I understand you correctly? After discovering documentstion and
reading this mailing list I gueas that you meas something like this:
For 2nd category I'm using entries in 'users' file something about:
internalAuth-type
on it's own.
Ivan Kalik
Kalik Informatika ISP
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Antuan Avdioukhine
Sent: 10 April 2007 09:10
To: FreeRadius users mailing list
Subject: Re: Very Newbie question
On Mon, Mar 26, 2007 at 09:23:49PM +0100, [EMAIL
Greetings!
I'm very newbie in FreeRadius software. Now I have to setup FreeRadius
server for dialup users billing. We have three categories of dialup
users:
1. Traditional users, who authenticates itselves with login and
password; some of them must have fixed IP.
2. Internal telephony network
Best (read: simplest) thing to do is NOT to let second group use any
username and password. Have them all use the same one (for instance
username: local; password: local). Then just add Calling-Station-Id as a
check item for that user. If you need to limit the number of such users
on-line you can
Markus Krause wrote:
as far as i kno udp usually has no states so netstat can show nothing
on port 1812 (most of the time).
No. The socket is open, so netstat should show it.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/
-Original Message-
When I run radiusd, it says it is running properly, but I
check with netstat -n and I don't see anything listenning on
port 1812. The port setting in the configuration file is '0'
(which is I think 1812 by default).
Is this normal? I don't think my ap can
Hello,
I am pretty new to radius.. I have installed the latest version on Fedora Core
5. I configured my AP. But now, I can't figure out how will the wireless
clients authenticate. How will they enter their username/passwords?
Thanks,
Onur.
-
Looking for
M. Onur ERGiN wrote:
Hello,
I am pretty new to radius.. I have installed the latest version on
Fedora Core 5. I configured my AP. But now, I can't figure out how will
the wireless clients authenticate. How will they enter their
username/passwords?
This is not a radius question.
When I run radiusd, it says it is running properly, but I check with netstat -n
and I don't see anything listenning on port 1812. The port setting in the
configuration file is '0' (which is I think 1812 by default).
Is this normal? I don't think my ap can access to radius server..
Regards,
as far as i kno udp usually has no states so netstat can show nothing
on port 1812 (most of the time).
just a few guesses:
did you try radtest or radclient?
does tcpdump udp port 1812 show any attempts of the ap to connect to
the server?
did you set up clients.conf?
markus
Zitat von M.
Hey guys/gals,
I'm a newbite with freeradius and have come upon an interesting issue.
Here at my job we've been using Radiator-ODBC for quite some time and
are hoping to phase this out and begin using freeradius, along with
some more modern hardware, instead.
Here's the issue I'm coming
Wayne Hill [EMAIL PROTECTED] wrote:
Right now, I have it set up with an entry for rad_group with the
following:
passwd rad_group{
filename = /usr/local/etc/raddb/group
format=*User-Name:~Group
Don't use the Group attribute. It's for Unix groups.
The rlm_passwd man
That did it, but it's brought about some other weirdness. When I
replace Group with My-Group in some lines, I now get complaints about
an unexpected trailing comma, where there is none.
Eg. The following line returns with no error:
DEFAULT Auth-Type=System,Group==filtered,NasType=Aleron
Wayne Hill [EMAIL PROTECTED] wrote:
But this:
DEFAULT Auth-Type=System,My-Group==filtered,NasType=Aleron
Complains of an unexpected trailing comma.
Yeah, the parser is a little dumb. It should be a bit better in
1.1.2.
The solution is to list My-group as an attribute in the
dictionary.
attributes.
--
View this message in context:
http://www.nabble.com/Newbie-question-re.-dictionary-files.-t492885.html#a3121768
Sent from the FreeRadius - User forum at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Tue, 17 Jan 2006, Rich Marriner wrote:
The radacct will be empty, because your not working with accounting packets
using radtest, only Auth packets.
Fernando wrote:
Hy!
I have a dummy question...
running radtest, i get a Accept-Accept, and everything seems ok, but the
database radacct
Hy!
I have a dummy question...
running radtest, i get a Accept-Accept, and everything seems ok, but the
database radacct table doesn't get updated, in fact the table is blank
after many tests. Is it normal? Or i've mistaken something?
Thanks for the help
Fernando S.
SanInternet Systems
The radacct will be empty, because your not working with accounting
packets using radtest, only Auth packets.
Fernando wrote:
Hy!
I have a dummy question...
running radtest, i get a Accept-Accept, and everything seems ok, but the
database radacct table doesn't get updated, in fact the
on the Netscreen. If you have a chance, please post your
configuration. Thanks.
Chad
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mark
Tunnell
Sent: Friday, November 04, 2005 4:32 PM
To: FreeRadius users mailing list
Subject: Re: Newbie question re. dictionary
I'm using FreeRADIUS 1.0.5. to authenticate admin logins to a
NetScreen5. I'm able to authenticate accounts just fine. Now I'd
like to begin pulling administrative privileges from the Radius
server, but I haven't figured out how to do that. I've referenced the
dictionary.netscreen file in
Mark Tunnell [EMAIL PROTECTED] wrote:
I've referenced the
dictionary.netscreen file in my clients.conf file, nastype =
netscreen,
That isn't necessary.
I've tried various permutations like:
markt Auth-Type := Local, User=Password == testing
NS-Admin-Privilege = Read-Only-Admin
Try changing NS-Admin-Privilege = Read-Only-Admin
To
NS-Admin-Privilege = 1
Chad
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mark
Tunnell
Sent: Friday, November 04, 2005 1:23 PM
To: freeradius-users@lists.freeradius.org
Subject: Newbie question re
Can you show the debug output, as suggested in the README, INSTALL,
and FAQ?
Alan DeKok.
Here's the debug from the Radius server:
Ready to process requests.
rad_recv: Access-Request packet from host 172.17.200.13:2913, id=16,
length=51
User-Name = markt
User-Password =
Mark Tunnell [EMAIL PROTECTED] wrote:
Here's the debug from the Radius server:
Ready to process requests.
rad_recv: Access-Request packet from host 172.17.200.13:2913, id=16,
length=51
User-Name = markt
User-Password = testing
NAS-IP-Address = 172.17.200.13
Sorry, I was using an x instead of an X. Here's the full debug:
[EMAIL PROTECTED] ~]# radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
I'm using FreeRADIUS 1.0.5. to authenticate admin logins to a
NetScreen5. I'm able to authenticate accounts just fine. Now I'd
like to begin pulling administrative privileges from the Radius
server, but I haven't figured out how to do that. I've referenced the
dictionary.netscreen file in
Mark Tunnell [EMAIL PROTECTED] wrote:
users: Matched entry markt at line 2
So, what is that entry?
If it's one of the ones you posted earlier, it should send back the
attributes you've configured.
At least, it does so in my configuration.
Are you sure you're using the same names
Horton, Dave [EMAIL PROTECTED] wrote:
radius=# select * from radcheck ;
id | username | attribute | op | value
+--+---++---
1 | dhorton | Password | == | 0276
Use :=, not ==.
See the rlm_sql documentation. There's no Password in the request,
so using
jamrock [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I have done some reading re: radius in general and Freeradius in
particular.
When should one use radius?
I have read that radius is useful when one needs a centralized
user/password
database. I guess that would be good when
I have done some reading re: radius in general and Freeradius in particular.
When should one use radius?
I have read that radius is useful when one needs a centralized user/password
database. I guess that would be good when one has lots of remote access
servers.
I have read that radius is good
Hi,
I am a complete newbie with radius. I need to configure this for use
with a PPTP VPN. The end goal will be that radius is running on a
fedora box, and authenticates against a SMBPASSWD file. PPTPd needs
chap.
but I am getting ahead of myself, irst I need to get a basic system
working.
1 - 100 of 108 matches
Mail list logo