Hi,
> Here's the relevant portion of my proxy.conf:
although old, proxying works in 1.0.1.
the bit that doesnt work here is when you say
'relevant portion' - no, its not the relevant portion
at all - you've got something else going on in proxy.conf
please supply rhe whole file - I dont care if y
>Dallas Helquist wrote:
>> Agreed, but I try to avoid using packages not included with whatever
>> distribution a machine is running. Not opposed to using src when
>> necessary, makes it more of a pita to maintain long term for me.
>
> Huh? The server comes with sample spec files. You can creat
a.l.m.bu...@lboro.ac.uk wrote:
> Hi,
>
>> Here's the relevant portion of my proxy.conf:
>
> although old, proxying works in 1.0.1.
>
> the bit that doesnt work here is when you say
> 'relevant portion' - no, its not the relevant portion
> at all - you've got something else going on in proxy.conf
Hello list,
I am trying to use some internal database function to calculate the
Session-Timeout.
If I set the value for Session-Timeout to a integer like 123, its
correctly delivered as answer to my request.
If I try to use sql xlat I will get the answer:
Error: rlm_sql: Failed to create the pai
1. How do I limit the traffic for a user?
2. How do I shape the traffic for a user once they have gone over their
limit?
3. How to I limit the time slots for a user?
4. How do I control the amount of time a user has been on?
Users log in via pptpd (--version -> PoPToP v1.1.3)
radiusd (-v -> FreeR
On Mon, 25 Oct 2004, Ilia Chipitsine wrote:
Dear Sirs,
the questions are:
1) I have samba-3 working with LDAP, objectClass=sambaSamAccount,
it has attribute: sambaNTPassword, which is exactly the password
which is needed by MSCHAP, but it is NOT in the form 0x...,
is it possible to manage
You could just add it and send it back through a bugs report in
bugs.freeradius.org
I did so.
3) how can equivalent of the following users file be implemented with
LDAP:
chel Auth-Type := MS-CHAP, NAS-IP-Address == 192.168.201.1
Service-Type = Framed-User,
Simultaneous-Use = 1,
On Tue, 26 Oct 2004, Ilia Chipitsine wrote:
You could just add it and send it back through a bugs report in
bugs.freeradius.org
I did so.
Thanks i 'll take a look at it.
3) how can equivalent of the following users file be implemented with
LDAP:
chel Auth-Type := MS-CHAP, NAS-IP-Address == 1
In ldap you have only *one* record for each user. If you need different
Framed-IP-Address attributes for each user depending on the NAS then you
need to either:
Create multiple user entries and use a filter to find them:
(&(uid=%u)(nasipaddress=%{NAS-IP-Address}))
Create multiple ldap module ins
On Wed, 27 Oct 2004, Ilia Chipitsine wrote:
In ldap you have only *one* record for each user. If you need different
Framed-IP-Address attributes for each user depending on the NAS then you
need to either:
Create multiple user entries and use a filter to find them:
(&(uid=%u)(nasipaddress=%{NAS-I
On Tue, 30 Nov 2004, LALOT Dominique wrote:
Hello,
I've changed ldap.attrmap to include:
checkItem Pool-Name supannaffectation
That item is case insensitive as an ldap search
1.
I have to check now all the values of suppannaffectation to see if it's case
sensitive. Is t
questions :
a) Why am I seeing in my radius -X output lines as the following :
++[detail] returns ok
[unix] IPv6 is not supported!
++[unix] returns noop
rlm_radutmp: IPv6 not supported!
++[radutmp] returns noop
What could trigger that "IPv6 is not supported" output
Hi all,
I am new in FreeRadius and I hope someone can kindly help me. I have several
questions:
Q1) I just setup a FreeRadius server and I want to set it as a Radius Proxy
server. I know Realm can do it but I found that to use Realm, the user needs
to append the domain @xxx.com (i.e. [EMAIL
On Wed, Jun 28, 2006 at 11:56:27AM +0300, Kostas Zorbadelos wrote:
I have a few suspicions where the problem might be.
Is there a way to define the operator in the radius check attributes
of ldap (without using the generic radiusCheckItem attribute)?
--
Kostas Zorbadelos
[EMAIL PROTECTED]
On Wed, 28 Jun 2006, Kostas Zorbadelos wrote:
On Wed, Jun 28, 2006 at 11:56:27AM +0300, Kostas Zorbadelos wrote:
I have a few suspicions where the problem might be.
Is there a way to define the operator in the radius check attributes
of ldap (without using the generic radiusCheckItem attribute)
On Wed, 28 Jun 2006, Kostas Zorbadelos wrote:
Hello to everyone.
I have a question regarding a configuration I am trying to achieve. I
have users stored in an ldap database. An example user entry looks
like this:
dn: uid=kzorba,ou=people,dc=company,dc=gr
cn: ZORBADELOS KONSTANTINOS
uid: kzorba
On Wed, Jun 28, 2006 at 02:11:00PM +0300, Kostas Kalevras wrote:
> On Wed, 28 Jun 2006, Kostas Zorbadelos wrote:
>
> >Hello to everyone.
> >
> >I have a question regarding a configuration I am trying to achieve. I
> >have users stored in an ldap database. An example user entry looks
> >like this:
On Wed, Jun 28, 2006 at 02:09:15PM +0300, Kostas Kalevras wrote:
> >On Wed, Jun 28, 2006 at 11:56:27AM +0300, Kostas Zorbadelos wrote:
> >
> >I have a few suspicions where the problem might be.
> >Is there a way to define the operator in the radius check attributes
> >of ldap (without using the gen
On Wed, 28 Jun 2006, Kostas Zorbadelos wrote:
On Wed, Jun 28, 2006 at 02:09:15PM +0300, Kostas Kalevras wrote:
On Wed, Jun 28, 2006 at 11:56:27AM +0300, Kostas Zorbadelos wrote:
I have a few suspicions where the problem might be.
Is there a way to define the operator in the radius check attrib
On Wed, Jun 28, 2006 at 04:21:14PM +0300, Kostas Kalevras wrote:
> On Wed, 28 Jun 2006, Kostas Zorbadelos wrote:
>
> >On Wed, Jun 28, 2006 at 02:09:15PM +0300, Kostas Kalevras wrote:
> >>>On Wed, Jun 28, 2006 at 11:56:27AM +0300, Kostas Zorbadelos wrote:
> >>>
> >>>I have a few suspicions where th
Kostas Zorbadelos <[EMAIL PROTECTED]> wrote:
> I saw the cvs version and indeed it contains the code you
> describe. This is a very useful feature. The feature is not contained
> in the latest stable (1.1.2) version. Will it be in the next?
Probably in 2.0, which we hope to release before the ne
On Sat, Jul 01, 2006 at 12:04:24PM -0400, Alan DeKok wrote:
> Kostas Zorbadelos <[EMAIL PROTECTED]> wrote:
> > I saw the cvs version and indeed it contains the code you
> > describe. This is a very useful feature. The feature is not contained
> > in the latest stable (1.1.2) version. Will it be in
I have a few questions about the debug output from an ultimately
successful EAP-TTLS-CHAP authentication. Consider this snippet:
...
rad_recv: Access-Request packet from host 192.168.1.228:1045, id=210,
length=166
User-Name = "anonymous"
NAS-IP-Address = 192
Hi All,
I've been setting up my College's first FreeRadius server and I've been
having a hard time wrapping my brain around the config with the
documentation that is available. If you'll bear with me here through
this super long post, I'll go into more depth.
What I'm trying to do:
I want to
"J Morgan" <[EMAIL PROTECTED]> wrote:
> I am migrating my dial-up base to a new vendor and ran into a problem with
> some of the current radius attributes causing the new vendors NAS's to choke
> and not complete the authentication process.
That's... weird. It shouldn't be happening.
> I want
Alan DeKok replied:
>> I want the migration to the new vendor to be as seamless as possible. Is
>> there a way to specify which group attributes are used in the reply,
based
>> on which radius peer is forwarding the authentication request?
>Use the Client-Ip-Address attribute to select which RADI
"J Morgan" <[EMAIL PROTECTED]> wrote:
> I hate to ask, but could you point me to any working
> examples/tutorials/configs dealing with this?
Uh right.
> I'm not even sure where to apply the Client-Ip-Address attribute,
> or how to define which MySQL radgroup is to be used once that is
> co
>>I hate to ask, but could you point me to any working
>>examples/tutorials/configs dealing with this?
> Uh right.
I'm sorry I asked. I've been working on this for a few weeks now and am at
my wits end, hence why I asked the list. Unfortunately there is no way for
you to know that I do not
"J Morgan" <[EMAIL PROTECTED]> wrote:
> > Uh right.
>
> I'm sorry I asked.
No, it's just that certain areas of the server have nothing outside
of the source code for documentation. So a request for tutorials is
often best answered by "yeah, that would be a good idea..."
Alan DeKok.
-
Christian Meutes <[EMAIL PROTECTED]> wrote:
> i have FreeRadius 0.9.3 running really fine with a big setup redundant via
> radrelay.
Hmm... you should really upgrade to 1.0.3.
> i want to know if there is the possibility to log authentication requests
> and replys via the detail directive bef
Iam very happy with 0.9.3. The setup is running stable without any problems
since 1 year. We have 300k accounting sessions and a few thousand authentication
requests a day. There a few dozens of scripts and programs cleaning and
providing this setup to get the exactingly needs of our marketing sati
"Christian Meutes" <[EMAIL PROTECTED]> wrote:
> Iam very happy with 0.9.3. The setup is running stable without any
> problems since 1 year. We have 300k accounting sessions and a few
> thousand authentication requests a day. There a few dozens of
> scripts and programs cleaning and providing this s
Hi List,
I love this best and wonderfull Radius and I found it great as compare to any
other Radius.
But I have two little problems in freeradius
1) Multiple Calling-Station-Id
I want to use more then one Calling-Station-Id, I searched whole google,
freeradius archives but
not found any solut
Hello
I'd like to manage my LDAP users with DialupAdmin Radius interface, and
here come a few questions.
1: It seems that DialupAdmin uses LDAPv2 protocol. Can it possibly use
LDAPv3 ?
2: From what I read in the /lib/ldap/create_user.php3:
$dn = 'uid=
"J.F" <[EMAIL PROTECTED]> wrote:
> 1) I notice that my server is responding to the client with the Cisco-AVPair
> attributes even if the user's authentication fails due to an incorrect
> password. Is this normal behaviour?
It's a minor bug.
> 2) In a situation where the password supplied by the
Hi all,
Have some questios about accounting.
When Acct-Start arrives, in which cases will freeradius reject or drop
that packet?
When Acct-Stop arrives, in which cases will freeradius reject or drop
that packet?
Any docs ?
The thing is this. I've read rlm_sql.c and found this ...
/*
* If ou
"Shawn K. O'Shea" <[EMAIL PROTECTED]> wrote:
> 1) I'm currently using rlm_exec to call a simple perl script that
> "decodes" the Class attribute value (from accessing %{Class}) from it's
> hex octet form back to the ASCII inside. I just wanted to make sure that
> I wasn't missing something, and tha
> > I just wanted to make
> > sure that I wasn't missing something, and that there isn't
> an easier
> > way to get at the ASCII inside the octet stream.
> Edit the dictionary, and change "octets" to "string"?
I saw discussion in a previous thread (Handling of the 'Class'
attribute, this post
"Shawn K. O'Shea" <[EMAIL PROTECTED]> wrote:
> I saw discussion in a previous thread (Handling of the 'Class'
> attribute, this post in particular,
> http://lists.freeradius.org/mailman/htdig/freeradius-users/2003-July/021
> 267.html) that implied this was frowned upon, at least when interacting
>
Hi everyone:
I have been using Freeradius v.0.9.3 for over a
year and i wish to upgrade to the latest version. Can anyone give me detailed
instructions on how to do this? I use Freeradius in a prodcution enviroment and
i can't afford to mess it up. I'm running Linux RedHat 9. Do i just do
Hi,all
I just installed the radiusd on CVS successfully.
There are two questions:
Does the radiusd server listen on IPv6 address by default?How to use the radclient in Ipv6 ?
Regards
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Collen Blijenberg wrote:
>
> if i'm right, the ippool option, is for handing out IP's to clients ?!
> (right ??)
> you could call it DHCP (right??)
No.
> how can i setup the dns gateway and proxy options in a ippool...
There is no standard RADIUS attribute to set DNS servers. And I have
no
Ehh O, ok..
that makes sense. i thought the ippool was some sort of DHCP..(hamding
out IP nrs)
but it isn't... there for the dns, gateway and proxy question is obsolete.
Thx
Collen
Alan DeKok wrote:
Collen Blijenberg wrote:
if i'm right, the ippool option, is for handing out IP's to c
Hi guys!
I have two minor problems with the radius counter. I am using the radius
counter for counting the "sessiontimeout", which works quite good.
counter sessiontimeout {
filename = ${logdir}/db.sessiontimeout
key = User-Name
count-attribute = Acct-Session-Time
e is usually around 1000 users logged into our wireless network at
any given time, however, that number continually increases.
Questions:
1. Do any of you have feedback/thoughts/experience on how our freeradius
server may handle the auth. request load given our situation?
2. Do you think th
Hello!
Plaese help me! If I create a new my attribute in raddb/dictionary with
number in 3000-4000 and when I write him in attribute for user in
users file, all is OK but I can't see him in Access-Request. Secondary:
How can I use him (my new attribute from raddb/dictionary), in example:
if
To fix your warning about mktime(), edit the file function.php3, go to
line 95 and the function should look like this.
function date2time($date)
{
list($day,$time)=explode(' ',$date);
$day = explode('-',$day);
$time = explode(':',$time);
#$timest =
mktime($time[0],$t
>1. Can I see the statistics or aren't they passed, too?
They will come up once you connect to the accounting.
>2. Is there an alternative with which I can edit the configuration files etc
>via webinterface?
You can use things like OpenOffice if it is installed and you connect via
KVM or VNC. N
Pedro Henrique Morsch Mazzoni wrote:
> Can I integrate FreeRadius with RSA securID?
Yes.
> Can I use Cisco Downloable ACL´s?
I believe so.
> Can I create group profiles?
Yes.
> Can I integrate with a TACACS server for command authorization?
No.
> Can I integrate with the SIM RSA Env
Hi,
A couple of questions on Acct-Interim-Interval
1. I wanted to know if the Acct-Interim update that comes from the NAS has
any relevance as far as the user session maintained in the radius server is
concerned. Meaning that is it treated like a keep-alive of some sort. If the
Acct-Interim
Geoffroy Arnoud wrote:
> 1/ Is it possible to run 2 FreeRADIUS servers on the
> same box, with SNMP support activated? I understand
> it's possible, using distinct values for smux_password
> parameter.
I'm not sure. FreeRADIUS tries to grab the IETF RADIUS SNMP OID
space. If there are two serv
Here might be a start...
https://github.com/alandekok/freeradius-server/tree/master/scripts/snmp-proxy
-Arran
On 12 Aug 2011, at 14:54, Tamás Becz wrote:
> Hi,
>
> I'm trying to collect some statistics about my freeradius servers with
> nagios. Before I've been doing this with some perl code
Tamás Becz wrote:
> 1) Is there some documentation on the values I got there? I of course see
> dictionary.freeradius, and the names are pretty self-explanatory, but we all
> know devil is in the details :)
The values are taken from the SNMP MIBs for RADIUS. See doc/rfc/
> 2) If I understand
, 2011 3:14 PM
To: FreeRadius users mailing list
Subject: Re: Questions about status counters
Here might be a start...
https://github.com/alandekok/freeradius-server/tree/master/scripts/snmp-proxy
-Arran
On 12 Aug 2011, at 14:54, Tamás Becz wrote:
> Hi,
>
> I'm trying t
Hi Alan,
> The values are taken from the SNMP MIBs for RADIUS. See doc/rfc/
Thanks, that'll do.
> You don't need to restart the server to update clients. See
> raddb/sites-available/dynamic-clients, and raddb/modules/dynamic_clients
I will, thanks for the pointer.
> Wait a bit for 2.1.12.
Hi ,
i've got a question :
i've set up a freeradius server with EAP/TLS.
In my configuration, i use check_cert_issuer in order to check certificate.
Is there any functions wich allows me to check client's certificate subject
(C,O,OU ??) ?
Further more, i got an other question :
when a client
Paul Stewart wrote:
> I’m trying to get an understanding on a FreeRadius installation how to
> enable the unisphere.dictionary. There are specific attributes in that
> file that we need such as “Unisphere-Ingress-Policy-Name”. By default,
> this dictionary file is commented out due to “attribute
Paul,
It means that there are conflicting definitions for an attribute number
associated with the Juniper vendor ID.
Look for an attribute with the same number as defined for
Unisphere-Ingress-Policy-Name in the Juniper dictionary file, and comment it
out.
It sounds like the conflicting attr
Hi,
>When I try to add a “Unisphere-Ingress-Policy-Name = 512k” for example in
>the users file I get “invalid integer” error.
512k isnt a valid integer - 'k' means nothing - change that to the real value
in bytes
- whether thats just 512 or 524288 would be down to the kit.
regarding the
"Paul Stewart" writes:
> I'm trying to get an understanding on a FreeRadius installation how to
> enable the unisphere.dictionary. There are specific attributes in that file
> that we need such as "Unisphere-Ingress-Policy-Name". By default, this
> dictionary file is commented out due to "attri
> I set up a testing environment with an virtual Windows Server 2008 R2
> server with Active Directory Role and a virtual freeradius server
> (v2.1.12).
> For the authentication I use ntlm_auth (followed instructions on
> http://deployingradius.com/documents/configuration/active_directory.htm
uot;
if(Ldap-Group ==
"cn=aruba.ro,ou=Groups,dc=test,dc=local" && !Ldap-Group ==
"cn=aruba.rw,ou=Groups,dc=test,dc=local") {
update reply {
Aruba-Admin-Role := read-only
}
Edgar Fuß wrote:
> Digging through the rlm_perl source, I stumbled over the following:
>
> 1. Is it on purpose that it normally checks USE_ITHREADS and only perl_xlat
> checks WITH_ITHREADS?
No. It should be fixed.
> 2. Is it also on purpose that radiusd::radog is newXS'd only after
> perl_
EF> Is it also on purpose that radiusd::radog is newXS'd only after
perl_parse()?
AdK> No idea.
I'm not familiar with the FreeRADIUS project: Is there something like a
maintainer of the rlm_perl module I could ask this question?
AdK> Well, patches are welcome.
That would be trivial: move the new
Edgar Fuß wrote:
> EF> Is it also on purpose that radiusd::radog is newXS'd only after
> perl_parse()?
> AdK> No idea.
> I'm not familiar with the FreeRADIUS project: Is there something like a
> maintainer of the rlm_perl module I could ask this question?
On this list.
Alan DeKok.
-
List in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Uwe Kastens wrote:
> Hello list,
>
> I am trying to use some internal database function to calculate the
> Session-Timeout.
>
> If I set the value for Session-Timeout to a integer like 123, its
> correctly delivered as answer to my request.
>
> If I tr
Arran,
>> If I try to use sql xlat I will get the answer:
>> Error: rlm_sql: Failed to create the pair: Unknown value %{sql:SELECT
>> disctime.time FROM `disctime` WHERE disctime.user = %{User-Name}} for
>> attribute Session-Timeout
>> Sun Apr 19 20:11:03 2009 : Error: rlm_sql (sql): Error gett
On 20/4/09 09:34, Uwe Kastens wrote:
Arran,
If I try to use sql xlat I will get the answer:
Error: rlm_sql: Failed to create the pair: Unknown value %{sql:SELECT
disctime.time FROM `disctime` WHERE disctime.user = %{User-Name}} for
attribute Session-Timeout
Sun Apr 19 20:11:03 2009 : Error:
Keith,
There is a text document in the Docs directory under the source directory
where you un-tarred the source code called "aaa.txt". It will answer some
of your questions. As for the others:
> 1. How do I limit the traffic for a user?
You dont, at least not with radius - unle
hi alan dekok:
sorry about ask questions again,for after ask questions again I seen your reply.
now I have install freeradius successful ,thanks your reply .
/could look like?
Thanks in advance.
/Mika
--
View this message in context:
http://www.nabble.com/radreply-and-proxied-packet-questions-tp25147932p25147932.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
Hi All,
I'm using freeradius2.1.6 with buffered-sql module.
Please advice on threading configuration from Radius to MySQL to determine
optimal configuration; Radius is configurred to use five threads, but we
observe only one process on the database server at any one time.
Does Radius can perform it
Panagiotis Georgopoulos wrote:
> a) Why am I seeing in my radius –X output lines as the following :
>
> [unix] IPv6 is not supported!
The "unix" module stores user login information into a "wtmp" style
file. It doesn't support IPv6.
> rlm_radutmp: IPv6 not supported!
Same thing here
Hello Alan,
Thanks for your replies, they are helpful.
Regarding the last question...
> > c) Is there a plan to get a dual stack FreeRadius? It would be
> > really advantageous to be able to run FreeRadius in both ipv4 and
> ipv6 at the same time.
>
> Uh... it's *alread
Panagiotis Georgopoulos wrote:
> I guess the emphasis on my question above is on *at the same time*.
>
> Now radiusd.conf explicitly says :
>
> # OR, you can use an IPv6 address, but not both
> # at the same time.
>
> In other words FR to listen to both an IPv4
Hi Alan,
> Panagiotis Georgopoulos wrote:
> > I guess the emphasis on my question above is on *at the same
> time*.
> >
> > Now radiusd.conf explicitly says :
> >
> > # OR, you can use an IPv6 address, but not both
> > # at the same time.
> >
> > In other words FR t
Hi,
> In other words FR to listen to both an IPv4 and an IPv6 address
> simultaneously for ipv4 and ipv6 NAS clients.
simply define another virtual server...exactly the same as default, but listing
to the IPv6 instead?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
Hello list,
I'm using freeradius since 1 month. I'm running freeradius 2.1.9 on
fedora 13 with EAP-TTLS and PAP inside the tunnel. The users are
authenticated against OpenLDAP. Even if the password is cleartext
(PAP), it should be protected by the crypted tunnel. Then the first
question is
Hi,
I'm pretty stuck in a radius/ldap 802.1x authentication.
During the authentication process the client (windows 2k through a e1
switch) sends the authentication using MD5-Challenge which is for what I
understand the easiest of all.
The FreeRadius server recevies everything but failed to authe
Dovelet wrote:
Hi all,
I am new in FreeRadius and I hope someone can kindly help me. I have several
questions:
Q1) I just setup a FreeRadius server and I want to set it as a Radius Proxy
server. I know Realm can do it but I found that to use Realm, the user needs
to append the domain @xxx.com
Dovelet <[EMAIL PROTECTED]> wrote:
> Q1) I just setup a FreeRadius server and I want to set it as a Radius Proxy
> server. I know Realm can do it but I found that to use Realm, the user needs
> to append the domain @xxx.com (i.e. [EMAIL PROTECTED]) at the end. Is it true?
No. You can have defau
ext:
http://www.nabble.com/Questions-about-FreeRadius-proxy-t1297096.html#a3526905
Sent from the FreeRadius - User forum at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Dovelet wrote:
Hi Phil Mayers,
Thank you of your reply. Do you mean the append the following into the
radius.conf or other files? I cannot start the radiusd after I append them
into the radius.conf file. Sorry, I am really new in FreeRadius. Thanks.
The entries listed are partial config fragme
Greetings,
A few more questions :)
I've now gone through the book ( I feel like such a snob reading it
on the bus ==) and have a better understanding of how Freeradius
works. I have gotten it to search for an attribute in LDAP and return
it the NAS. What I would like to do is to ha
> 1. First, what does this mean: 'module "chap" returns noop for request
> 3?' My client uses CHAP, so why doesn't "chap," here, return ok? What
> does "noop" mean?
This packet was the one coming from the client, and as such only contains the
TTLS tunnel. The "inside" of the TTLS tunnel can't be
Hi,
I have two questions about the clients.conf file:
_ when I define a client on this file, I need to
write the ip or the hostname or a network... it's possible to enable all client
to execute an AAA request (it's for testing) ?
_ it's possible to move t
So now I've moved on to setting up Dialup Admin for my freeradius
server, and it doesn't do things quite how I expected. Is there any
additional documentation besides the README file? I see nothing in
/usr/share/docs/freeradius about it. Also, I have a few questions that
may or may not
Babar Shafiq <[EMAIL PROTECTED]> wrote:
> I love this best and wonderfull Radius and I found it great as
> compare to any other Radius.
Thanks. We're hearing that more and more, and a number of
commercial companies are dropping their proprietary RADIUS servers,
and moving to FreeRADIUS.
> with
> > 2) Reject Cause (feature request)
> > Free radius is not informing when it rejects any user if found a
> > condition false in radgroupcheck or in radcheck only send reject
> > (reply:Packet-Type), is it possible to give reject with
> attributes so
> > we will know which attribute is the cau
"Lucas Aimaretto" <[EMAIL PROTECTED]> wrote:
> This is interesting. How can I use Reply-Messages?. In the radreply
> table ??? I believe this table is only used if user got an
> access-accept, is it true ?
No. It's used during authorization, before the server has decided
if the user is accepted
Mathieu Bénard wrote:
Hello
I'd like to manage my LDAP users with DialupAdmin Radius interface,
and here come a few questions.
1: It seems that DialupAdmin uses LDAPv2 protocol. Can it possibly use
LDAPv3 ?
Absolutely. I'm using it right now.
2: From what I read in the
Chris Carver a écrit :
Mathieu Bénard wrote:
2: From what I read in the /lib/ldap/create_user.php3:
$dn = 'uid=' . $login . ',' .
$config[ldap_default_new_entry_suffix];
$new_user_entry["objectclass"][0]="top";
$new_user_entry["o
On Thu, 12 May 2005, [ISO-8859-1] Mathieu B?nard wrote:
First of all thanks for your answer.
What do you mean by modifiying your schema ? What you show is the original
LDAP schema provided with freeradius. This schema cannot work with the
following statement in dialupadmin (for example): $dn = 'u
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of Lucas Aimaretto
> Sent: Friday, May 20, 2005 5:24 PM
> To: freeradius-users@lists.freeradius.org
> Subject: questions about accounting functioning
>
> Hi all,
&g
> what accounting are you thinking about? there're some
> possibilities.. I assume now mysql with the default setup..
yes, mysql ...
> > When Acct-Start arrives, in which cases will freeradius
> > reject or drop that packet?
> reject ? probably only if i.e. the client secret is wrong,
> the pa
questions (there is a lot and old info and I am confussed):
1-How can I control simultaneous logon using LDAP attributes?
2-How can I restrict the time limit in a month (I have my users in LDAP
not in MySQL, rlm_sqlcounter doesn´t work for me)?
Thanks a lot for your time.
Reggards.
Carlos
I'm attempting to get my hands around installing FreeRadius-1.0.4 on a
Debian Linux machine while also trying learn Linux better. I've been reading
through all the various documentation, but had a few general questions that I
was hoping someone would be so kind to reply on.
On Wed, 28 Sep 2005, Linda Pagillo wrote:
Hi everyone:
I have been using Freeradius v.0.9.3 for over a year and i wish to
upgrade to the latest version. Can anyone give me detailed instructions
on how to do this? I use Freeradius in a prodcution enviroment and i
can't afford to mess it up. I
Thanks for your reply. Is it really this much work to do a simple upgrade?
Is there a shortcut?
- Original Message -
From: "Dusty Doris" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list"
Sent: Wednesday, September 28, 2005 9:58 AM
Subject: Re: Questions
"Linda Pagillo" <[EMAIL PROTECTED]> wrote:
> Thanks for your reply. Is it really this much work to do a simple upgrade?
> Is there a shortcut?
Not really. Doing the upgrade slowly is less work than doing it
quickly, and then having your RADIUS server down because you missed
something.
Alan D
101 - 200 of 447 matches
Mail list logo