Trying to setup 802.1x authentication on my home router (running OpenWRT).
http://pastebin.com/fWtNZ8FD
Above is the output of radiusd -X
I am trying to connect via my Android phone. Shouldn't the request coming
from the device include the ClearText password it is looking for? I am
simply
On 9 Mar 2013, at 20:11, Matthew Ceroni matthewcer...@gmail.com wrote:
Trying to setup 802.1x authentication on my home router (running OpenWRT).
http://pastebin.com/fWtNZ8FD
Above is the output of radiusd -X
I am trying to connect via my Android phone. Shouldn't the request coming
What we would like to do is this:
Take this request:
User-Name = 6064191...@evdo.myawi.net
CHAP-Password = 0x59db2896a9629a7a1296e8e3dc7751da58
NAS-IP-Address = 10.130.2.1
CHAP-Challenge = 0x022074534be2e8405c867f676b46b432
3GPP2-Attr-60 = 0x0001
Joseph Showalter wrote:
What we would like to do is this:
Take this request:
User-Name = 6064191...@evdo.myawi.net
CHAP-Password = 0x59db2896a9629a7a1296e8e3dc7751da58
NAS-IP-Address = 10.130.2.1
CHAP-Challenge = 0x022074534be2e8405c867f676b46b432
Thanks so much for taking a look...
See comments below:
On Jan 18, 2013, at 3:04 PM, Alan DeKok al...@deployingradius.com
wrote:
Joseph wrote:
What we would like to do is this:
Take this request:
User-Name = 6064191...@evdo.myawi.net
CHAP-Password =
Joseph Showalter wrote:
Instead of using Chap which we are getting above, we want to use the
3GPP2-Attr-61 = 0x010600010209a029275c41 value which we can convert
to the device serial number.
OK.
In our DB we store the device serial number. The devices chap info most of
them time
On Jan 18, 2013, at 3:34 PM, Alan DeKok al...@deployingradius.com wrote:
authorize {
...
if (! %{sql:SELECT ... }) {
reject
}
Can I use a userdefined variable in the select statement that the EXEC perl
script returns:
I would like to use the User-Password
Joseph Showalter wrote:
Can I use a userdefined variable in the select statement that the EXEC perl
script returns:
Only if it's returned in the Perl script.
I would like to use the User-Password below:
[evdoesn] expand: %{User-Name} - 6064191...@evdo.myawi.net
Exec-Program output:
Forget the user-password. You are not using it, you are trying to kludge it.
Just use the variable you have, or the facsimile you are making.
This is freeradius, there are at least a dozen ways of doing what you want,
Alan has given you a fine method
alan
-
List info/subscribe/unsubscribe?
Jay Ludlow wrote:
I have a working RADIUS server for localhost lookup, but when I try and
authenticate with my HP Procurve 420 Wireless Access Point using these
wireless connection methods with Ubuntu 10.04LTS:
...
I get the following result:
Found Auth-Type = EAP
WARNING: Unknown value
On Fri, Mar 30, 2012 at 03:52:50PM -0700, Jay Ludlow wrote:
Found Auth-Type = EAP
WARNING: Unknown value specified for Auth-Type. Cannot perform requested
action.
You've got eap in the authorize section of your outer (default)
virtual server, but you've removed it from the authenticate
Take the default supplied config. Add ldap to the authorize section in default
and inner-tunnel, and to the authenticate section of both. Add your AP into
clients.conf. now edit the ldap module to your requirements
That should work pretty much as is
Rinse, repeat. Ie now edit other things to
I have a working RADIUS server for localhost lookup, but when I try and
authenticate with my HP Procurve 420 Wireless Access Point using these wireless
connection methods with Ubuntu 10.04LTS:
Wireless Security: WPA WPA2 Enterprise
Authentication: Tunneled TLS | Protected EAP (PEAP)
Jay Ludlow wrote:
I am very new to radius, and I am having a problem configuring radius to
authenticate by checking my already running openldap server for
authorization and then using PAP for authentication.
I suggest formatting your post in paragraphs to clearly delineate
ideas. Right now,
Hi
I'm currently setting up a radius server to authenticate EAP based requests
against Active Directory.
Using Alan Dekok's guide I've got this authenticating mschap based EAP requests
successfully.
I also want to authenticate ttls/pap requests and I've found two ways to do
this that seem to
On 07/13/2011 06:04 PM, Axford M.F. wrote:
Hi
I'm currently setting up a radius server to authenticate EAP based requests
against Active Directory.
Using Alan Dekok's guide I've got this authenticating mschap based EAP requests
successfully.
I also want to authenticate ttls/pap requests and
Hi All,
If anyone is using JRadius client (especially via JASIG CAS) to authenticate
to a freeradius server using PAP could you contact me offlist?
Cheers,
Harry
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Dear all,
I have an ADSL modem (running PPPoE Client) connect to a Cisco PPPoE
Server.
The Cisco PPPoE Server forward PPPoE request from CPE to the Freeradius
2.1.0.
I would like to provide to CPE an IP address based on the pair:
Username/password.
Authentication used: PAP
I see the WARNING
Am 21.06.2010 um 17:24 schrieb simone.trevi...@telsey.it:
Dear all,
I have an ADSL modem (running PPPoE Client) connect to a Cisco PPPoE
Server.
The Cisco PPPoE Server forward PPPoE request from CPE to the
Freeradius
2.1.0.
I would like to provide to CPE an IP address based on the pair:
Dear All
I have added an user in /usr/local/etc/users and /etc/shadow but passwod in
both place are different.
First, I try to authenticate by pap protocol then I can login correctly by
supply shell account password but can not login by supply password which
reside in users file.
Second,I have
jittinan suwanrueangsri wrote:
It's seem that rlm_pap module select password which reside in
/etc/shadow file before /usr/local/etc/users file.
How can I change freeradius configure to select password from users file
first?
Edit raddb/sites-available/default. Look for unix, and delete
Alan DeKok wrote:
jittinan suwanrueangsri wrote:
It's seem that rlm_pap module select password which reside in
/etc/shadow file before /usr/local/etc/users file.
How can I change freeradius configure to select password from users file
first?
Edit
Greetings,
I've got a 1.1-3 FreeRadius server and trying to figure out what to do
to enable PAP authentication. CHAP is working when I use Radius Ping
but if I change the Password to
User-Password which if I understand it is supposed to enable PAP.
When I do this, I get a Access-Reject
I've got a 1.1-3 FreeRadius server and trying to figure out what to do
to enable PAP authentication. CHAP is working when I use Radius Ping
but if I change the Password to
User-Password which if I understand it is supposed to enable PAP.
When I do this, I get a Access-Reject
FreeRadius server and trying to figure out what to
do
to enable PAP authentication. CHAP is working when I use Radius Ping
but if I change the Password to
User-Password which if I understand it is supposed to enable PAP.
When I do this, I get a Access-Reject. Is there something else I
need
to do
Christophe Saillard wrote:
I'm working on upgrading from FR 1.1.7 to FR 2.1.3.
I use FR for EAP-TTLS/PAP authentication with LDAP.
FR 1.1.7 successfully authenticates users with multiple LDAPuserpassword
attributes which are stored with crypt and/or MD5 hash, the passwords
Hi,
I'm working on upgrading from FR 1.1.7 to FR 2.1.3.
I use FR for EAP-TTLS/PAP authentication with LDAP.
FR 1.1.7 successfully authenticates users with multiple LDAPuserpassword
attributes which are stored with crypt and/or MD5 hash, the passwords
are not the same (even it's better
a bug. I created users in every DB and
file all of them with own password and user entries. When I was testing with
radtest ALL worked fine, but I noticed that ONLY with PAP authentication and
MySQL user it doesn't matter if I put a clear password in radtest larger
than the original one I get
it in the few last days and I have everything working now, but
as I was testing it, I could notice a bug. I created users in every DB and
file all of them with own password and user entries. When I was testing with
radtest ALL worked fine, but I noticed that ONLY with PAP authentication and
MySQL
]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Friday, May 09, 2008 7:58 PM
Subject: Re: PAP Authentication User-Password not working properly
radiusd -X
Ivan Kalik
Kalik Informatika ISP
Dana 9/5/2008, Yago Fdez. Hansen [EMAIL PROTECTED] piše:
Hi everybody:
I
mysql select * from radcheck
- ;
++-+++---+
| id | username| attribute | op | value |
++-+++---+
| 1 | Chapsqluser | User-Password | == | chapsecret|
| 2 | Chapsqluser |
with PAP authentication and MySQL user it doesn't
matter if I put a clear password in radtest larger than the original
one I get an Access-Accept message.
Example:
radtest papsqluser papsecret localhost 0 testing123
Access-Accept
radtest papsqluser papsecret43343 localhost 0 testing123
the right information.
Bye all.
- Original Message -
From: Ivan Kalik [EMAIL PROTECTED]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Friday, May 09, 2008 10:59 PM
Subject: Re: PAP Authentication User-Password not working properly
mysql select
Richard Hesse wrote:
If I force the Mac or Windows supplicants to use TTLS-PAP, the request is
never
passed to radiusd.
The NAS is broken.
I don't know what's going on but my AP (Aruba 200) seems to be detecting that
something isn't right with its AAA server
Disable the Aruba AAA
First off, I'd like to say thanks in advance to anyone who can help me here.
I've spent the past few days searching the list archives and other sites for
information on how to accomplish this. The overwhelming message from these
searches was that it should just work and that the server will
Hello We have set PAP scheme to MD5 in "radius.conf". Now we can't authenticate users using "radclient". When configuration changes from 'MD5' to 'Clear text', every thing is good. What should we do if we want send password using MD5 method? If "radclient" doesn't support this, can you suggest
Hamzeh Motahari [EMAIL PROTECTED] wrote:
What should we do if we want send password using MD5 method?
RADIUS doesn't support sending MD5 passwords in a packet.
If radclient doesn't support this, can you suggest an open source
radius client which can do this?
No RADIUS client can do
37 matches
Mail list logo