W dniu 2011-12-01 23:51, James J J Hooper pisze:
On 01/12/2011 22:41, Piotr wrote:
This is debug from l2tp/ipsec connection:
CHAP-Password = 0x01972f0886c4e5e2f30e32053dbcf67504
[chap] login attempt by tom3 with CHAP password
[chap] Cleartext-Password is required for authentication
On Sun, Dec 4, 2011 at 5:49 PM, Piotr piotr.1...@interia.pl wrote:
I changed type of authentication,on cisco asa, to PAP:
ASA(config)# sh run all | begin tunnel-group l2tp-ipsec ppp-attributes
tunnel-group l2tp-ipsec ppp-attributes
authentication pap
no authentication chap
no
define the attribute yourself?
And even if you did, the problem is on the NAS. Fix it so it sends
CHAP. This isn't a FreeRADIUS problem.
FR try to authenticate via CHAP.
ABSOLUTELY NOT.
FreeRADIUS *receives* a request with CHAP password. The NAS sends it.
I have no idea why
Hello
I have two kind of remote access on cisco asa, first ovia ssl vpn and
second via l2tp/ipsec (for mobile phones with androids). Both access are
made on the same cisco and both autorizen on the same freeradius server
with motp ( mobile one time password). Access via ssl vpn works correct
On 01/12/2011 22:41, Piotr wrote:
This is debug from l2tp/ipsec connection:
CHAP-Password = 0x01972f0886c4e5e2f30e32053dbcf67504
[chap] login attempt by tom3 with CHAP password
[chap] Cleartext-Password is required for authentication
++[chap] returns invalid
Failed to authenticate the
Hi
On 27 August 2010 23:06, Alan DeKok al...@deployingradius.com wrote:
Jean-Yves Avenard wrote:
You seem to miss the point that the issue occurs *only* with Win 7
clients. All other clients are fine.
I don't really care which client it is. All that matters is:
a) what data is in the
On Mon, Aug 30, 2010 at 9:25 PM, Jean-Yves Avenard jyaven...@gmail.com wrote:
This is from a Win 7 client, using default configuration settings that
is just username / password and that Authentication is PEAP:MSCHAPv2
rad_recv: Access-Request packet from host 192.168.0.20 port 65513, id=112,
Hi
On 31 August 2010 02:04, Fajar A. Nugraha fa...@fajar.net wrote:
I think what Alan is saying is look at what User-Name being sent by
the CLIENT. Your Win7 client log says the client is sending User-Name
= host/ramon. If you want it to be something like, change the
client configuration. At
Jean-Yves Avenard wrote:
As requested.
Here is the log from the Win 7 client, when it is configured in
Advanced Settings - 802.11X Settings - Specify authentication mode:
user authentication
The first debug log shows the user being found by the unix module.
i.e. the User-Name has an entry
Hi
On Tuesday, August 31, 2010, Alan DeKok al...@deployingradius.com wrote:
The first debug log shows the user being found by the unix module.
i.e. the User-Name has an entry in /etc/passwd, or the Apple equivalent.
The second debug log shows that the user is *not* found by the unix
On Tue, Aug 31, 2010 at 10:41 AM, Jean-Yves Avenard jyaven...@gmail.com wrote:
Looking at the log, I don't think that when win7 sent the computer
name as the login, the user's name is sent anywhere, so configuration
change can only be done on the win7 client
So did you finaly manage to get it
Hi
On 31 August 2010 13:58, Fajar A. Nugraha fa...@fajar.net wrote:
On Tue, Aug 31, 2010 at 10:41 AM, Jean-Yves Avenard jyaven...@gmail.com
wrote:
Looking at the log, I don't think that when win7 sent the computer
name as the login, the user's name is sent anywhere, so configuration
change
Hi
On 26 August 2010 23:35, Alan DeKok al...@deployingradius.com wrote:
Jean-Yves Avenard wrote:
I am running freeradius that comes installed and configured with MacOS
10.6 server.
A Windows XP can connect just fine using Microsoft Protected EAP.
iPhone, mac os client connect just fine
Jean-Yves Avenard wrote:
Here are some logs...
...
rlm_opendirectory: The host 192.168.0.20 does not have an access group.
And... what does this message mean? It's an OpenDirectory error
message, so find out what it means, and how to fix it.
rlm_opendirectory: Could not get the user's
Hi
On 27 August 2010 20:46, Alan DeKok al...@deployingradius.com wrote:
Jean-Yves Avenard wrote:
Here are some logs...
...
rlm_opendirectory: The host 192.168.0.20 does not have an access group.
And... what does this message mean? It's an OpenDirectory error
message, so find out what it
On 27/08/10 13:38, Jean-Yves Avenard wrote:
You seem to miss the point that the issue occurs *only* with Win 7
clients. All other clients are fine.
Please post the debug output of freeradius, obtained by running:
radiusd -X
...for a working and failing case.
-
List
Jean-Yves Avenard wrote:
You seem to miss the point that the issue occurs *only* with Win 7
clients. All other clients are fine.
I don't really care which client it is. All that matters is:
a) what data is in the packet
b) what you configure the server to do with that data
You have
Following on an earlier thread:
http://lists.freeradius.org/pipermail/freeradius-users/2010-June/msg00116.html
Of which I couldn't get any answer unfortunately..
I am experiencing a similar problem.
I am running freeradius that comes installed and configured with MacOS
10.6 server.
A Windows
Jean-Yves Avenard wrote:
I am running freeradius that comes installed and configured with MacOS
10.6 server.
A Windows XP can connect just fine using Microsoft Protected EAP.
iPhone, mac os client connect just fine using EAP-TTLS
Windows 7 will connect fine using Securew2 EAP-TTLS
Hi
On Thursday, August 26, 2010, Alan DeKok al...@deployingradius.com wrote:
Jean-Yves Avenard wrote:
I am running freeradius that comes installed and configured with MacOS
10.6 server.
A Windows XP can connect just fine using Microsoft Protected EAP.
iPhone, mac os client connect just fine
check the capitalization of username. I have seen instances where xp clients
sends all lower, and win7 capitalised the first two characters.
nolan
--
Nolan King
Moulton Niguel Water District
27500 La Paz Rd.
Laguna Niguel, CA 92677
(949) 425-3542
24hr: (949) 831-2500
On 8/26/2010 at 11:44
On 27 August 2010 05:19, Nolan King nk...@mnwd.com wrote:
check the capitalization of username. I have seen instances where xp clients
sends all lower, and win7 capitalised the first two characters.
What do you do in this case then?
Have a script run by freeradius putting all characters as
Hello all,
my fraternity has been using freeradius for quite some time. However,
there were two problems: the default certificate was used and EAP-PEAP
MSCHAPv2 doesn't work, only EAP-TTLS PAP. This requires users to
install a supplicant (we recommend SecureW2). We would also enable
users to use
On Sat, Jun 05, 2010 at 12:50:59AM +0200, David wrote:
connecting with Window 7 the following gets written to radius.log:
Sat Jun 5 00:00:59 2010 : Info: rlm_eap_md5: Issuing Challenge
Sat Jun 5 00:00:59 2010 : Info: rlm_eap_mschapv2: Issuing Challenge
As opposed to EAP-TTLS, then the
Hello all,
my fraternity has been using freeradius for quite some time. However,
there were two problems: the default certificate was used and EAP-PEAP
MSCHAPv2 doesn't work, only EAP-TTLS PAP. This requires users to
install a supplicant (we recommend SecureW2). We would also enable
users to use
Hi,
I didn't yet running any program excepted radtest user localhost
1812 testing123 as root.
And it reported rad_recv: Access-Reject packet from host
127.0.0.1:1812, id=172, length=20.
Do you have any clue ?
That's the client side. Your server is configured to run a program with
Hello,
I use ancient Free Radius 1.1.7 packages (from Ubuntu 8.04/Hardy) on
Ubuntu Server 9.10. I use ancient Free Radius, because the
requirement from Radius Manager we buy from
http://www.radius-manager.com/.
But after finish setting up the configuration for Free Radius, I've
got some problem.
On Fri, Feb 12, 2010 at 06:42:02PM +0700, Teguh Kurniawan wrote:
But I've got another problem, my testing is rejected. What should I do ?
cfg.c, line 175: no permission for configfile
Exec-Program output:
Exec-Program: returned: 1
Delaying request 0 for 1 seconds
Finished request 0
You're
I didn't yet running any program excepted radtest user localhost
1812 testing123 as root.
And it reported rad_recv: Access-Reject packet from host
127.0.0.1:1812, id=172, length=20.
Do you have any clue ?
Thank's
Teguh Kurniawan
On Fri, Feb 12, 2010 at 10:26 PM, Josip Rodin
On 11/17/2009 11:25 PM, Alan Buxey wrote:
hi,
its not a peap/ttls/eap problem - its a problem with linking
to your SQL libraries. i guess you want to use postgresql?
have you got the psqgl devel libraries etc installed?
and 2.0.4 is very very old now
alan
-
List info/subscribe/unsubscribe?
Hi guys,
have some problems with compiling freeradius with eap-tls/peap/ttls support.
configure running:
./configure --prefix=/usr \
--exec-prefix=/usr \
--mandir=$(mandir) \
--sysconfdir=/etc \
--libdir=$(libdir) \
--datadir=/usr/share
hi,
its not a peap/ttls/eap problem - its a problem with linking
to your SQL libraries. i guess you want to use postgresql?
have you got the psqgl devel libraries etc installed?
and 2.0.4 is very very old now
alan
-
List info/subscribe/unsubscribe? See
matthew wyath wrote:
I am trying to configure my freeradius to work with FortiMail
antispam/antivir solution (so that people can automatically log into
their webmail quarantine).
Fortimail part is done and it was easy. Then I moved to freeradius and I
came across problems. Just to clarify
hi Alan,
Yes of course I have this user: test with password testtest in /etc/shadow
(I am able to download/send an email by using these credentials + log into
linux shell). The problem is that I am still not able to log in through my
NAS (fortimail). What I can see
in wireshark is that username
matthew wyath wrote:
. What I can see
in wireshark is that username test is sent in clear text + password is
sent encrypted.
Yes, that is how RADIUS works.
My assumption is that freeradius can't read /etc/shadow
for some reason. Freeradius version I am using is 1.1
Then this is a Unix
Yes of course I have this user: test with password testtest in /etc/shadow
(I am able to download/send an email by using these credentials + log into
linux shell).
/etc/shadow on which device? Radius server (where freeradius is looking
for it) or on mail server (which is probably a different
On 09/27/2009 04:13 AM, Ivan Kalik wrote:
Yes of course I have this user: test with password testtest in /etc/shadow
(I am able to download/send an email by using these credentials + log into
linux shell).
/etc/shadow on which device? Radius server (where freeradius is looking
for it) or on
Hi All,
I am trying to configure my freeradius to work with FortiMail
antispam/antivir solution (so that people can automatically log into their
webmail quarantine).
Fortimail part is done and it was easy. Then I moved to freeradius and I
came across problems. Just to clarify freeradius was
I installed FreeRadius on the Windows machine. I started JRadius as well. I
started the client. The JRadius sends back to the FreeRadius the access
accept packet, but Free Radius always sends to the client the Access Reject
packet. Only the Reply-Message is read correctly from the returned packet.
[EMAIL PROTECTED]
Subject: Jradius FreeRadius problem!
To: freeradius-users@lists.freeradius.org
Message-ID: [EMAIL PROTECTED]
Content-Type: text/plain; charset=iso-8859-2
I installed FreeRadius on the Windows machine. I started JRadius as well. I
started the client. The JRadius sends back
, 2008 8:16 AM
To: freeradius-users@lists.freeradius.org
Subject: Re: Jradius FreeRadius problem!
If you are trying to change an AccessReject into an AccessAccept in the
post-auth section, then you must have the following option configured for
the rlm_jradius module:
jradius
I installed FreeRadius on the Windows machine.
Is freeradius.net up again? This looks like 1.1.x debug of seriously
edited radiusd.conf. I would try adding jradius to the default
configuration without deleting everything else.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe?
Hi,
I have problem with freeradius and MySQL.
I run successfully freeradius using users file, but I wanted to
migrate to MySQL,and from then I have a lot of problems.
First of all, I got errors in radius.log that I not understand:
Thu Aug 14 16:16:17 2008 : Error: rlm_radutmp: Logout for NAS
Igor Sawczuk wrote:
Hi,
I have problem with freeradius and MySQL.
I run successfully freeradius using users file, but I wanted to
migrate to MySQL,and from then I have a lot of problems.
First of all, I got errors in radius.log that I not understand:
Thu Aug 14 16:16:17 2008 : Error:
Hi there,
I would like to ask if where in my cisco configuration has a problem. First
i used MPD as my LNS and no encountered problem authenticating to the
freeradius but when i change my LNS to Cisco it seems i can't log in. What
are possible problem in my configuration? Is it in the Cisco or
You've misconfigured your FreeRadius server to send attribute the Cisco
can't obey, specifically the Filter-Id
The cisco sees the reply:
*May 22 15:43:52.088: RADIUS: Filter-Id [11] 9
then says
*May 22 15:43:52.088: RADIUS/DECODE: invalid ACL type; FAIL
and sure enough, the ACL
Phil,
YES! it works
Thank you very much.
--coroy
On 7/11/07, Phil Mayers [EMAIL PROTECTED] wrote:
You've misconfigured your FreeRadius server to send attribute the Cisco
can't obey, specifically the Filter-Id
The cisco sees the reply:
*May 22 15:43:52.088: RADIUS: Filter-Id
.
==
Benjamin K. Eshun
- Message d'origine
De : elmalhi abdelghani
À : FreeRadius users mailing list
Envoyé le : Lundi, 26 Mars 2007, 15h16mn 17s
Objet : RE : Re: freeradius problem : need help
hi ,
always no way ?
any tips!
thanks
hi ,
always no way ?
any tips!
thanks
Goke Aruna [EMAIL PROTECTED] a écrit : satish patel wrote:
check radwatch is runing or not is runing then kill radwatch it is for
watching radiusd deamon for monitoring radius process
*/elmalhi abdelghani /* wrote:
what means plaese this :
[EMAIL PROTECTED]
À : FreeRadius users mailing list freeradius-users@lists.freeradius.org
Envoyé le : Lundi, 26 Mars 2007, 15h16mn 17s
Objet : RE : Re: freeradius problem : need help
hi ,
always no way ?
any tips!
thanks
Goke Aruna [EMAIL PROTECTED] a écrit : satish patel wrote:
check radwatch
17s
Objet : RE : Re: freeradius problem : need help
hi ,
always no way ?
any tips!
thanks
Goke Aruna [EMAIL PROTECTED] a écrit : satish patel wrote:
check radwatch is runing or not is runing then kill radwatch it is for
watching radiusd deamon for monitoring radius process
*/elmalhi
satish patel wrote:
check radwatch is runing or not is runing then kill radwatch it is for
watching radiusd deamon for monitoring radius process
*/elmalhi abdelghani [EMAIL PROTECTED]/* wrote:
what means plaese this :
There appears to be another RADIUS server running on the
check radwatch is runing or not is runing then kill radwatch it is for watching
radiusd deamon for monitoring radius process
elmalhi abdelghani [EMAIL PROTECTED] wrote: what means plaese this :
There appears to be another RADIUS server running on the authentication port
1812
and if I typ for
what means plaese this :
There appears to be another RADIUS server running on the authentication port
1812
and if I typ for example the command:' ps a ' i don't found radiusd ?
regards.
-
Découvrez une nouvelle façon d'obtenir des réponses à
Hi!
elmalhi abdelghani said the following, On 22-Mar-07 15:31:
what means plaese this :
There appears to be another RADIUS server running on the authentication
port 1812
and if I typ for example the command:' ps a ' i don't found radiusd ?
Try 'ps auxf'
Bye, Ian
-
List
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ian van Marwijk wrote:
what means plaese this error :
There appears to be another RADIUS server running on the authentication
port 1812
It means that you already have an instance of radiusd running on the
daemon port.
Whats the output of
Whats the output of 'ps auxf' on your box?
Netstat will tell you what's using which port.
Do instead:
# netstat -tnp | grep 1812
example output:
tcp0 0 192.168.30.107:49182192.168.30.1:5222
ESTABLISHED 5938/gaim
And better if you have the lsof binary installed,
Hi,
so i have tryed with ps auxf but no way ! so too with grep.
what means plaese this error :
There appears to be another RADIUS server running on the authentication
port 1812
-
Découvrez une nouvelle façon d'obtenir des réponses à toutes
Hi!
elmalhi abdelghani said the following, On 22-Mar-07 15:49:
Hi,
so i have tryed with ps auxf but no way ! so too with grep.
what means plaese this error :
There appears to be another RADIUS server running on the authentication
port 1812
It means that you already have an instance
You can do:
netstat -an | grep 1812
or
netstat -a | grep radius
Qui, 2007-03-22 às 11:16 -0400, Martin Gadbois escreveu:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ian van Marwijk wrote:
what means plaese this error :
There appears to be another RADIUS server running on the
hi , output of ps auxf:
[EMAIL PROTECTED] radius]# ps auxf
USER PID %CPU %MEMVSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.2 2032 620 ?Ss 10:13 0:02 init [5]
root 2 0.0 0.0 0 0 ?S10:13
Hi,
i'm trying to use freeradius+chillispot (in proxy mode)+ wpa.
When i try to connect with a client, autentication fails.
This is the log, if you need my config, please tell me.
Thanks in advance.
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config:
Giuseppina Venezia [EMAIL PROTECTED] wrote:
i'm trying to use freeradius+chillispot (in proxy mode)+ wpa.
When i try to connect with a client, autentication fails.
No, it doesn't. The request was rejected because you configured the
server to reject the request.
*Read* the debug log.
Excuse me,
I have mistaken to send you the log,tomorrow I will send you the correct log.
Excuse me again
Giusy
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Database query failed: Table 'radius.radacct' doesn't exit.
Database query failed: Table 'radius.usergroup' doesn't exit.
Database query failed: Table 'radius.radgroupcheck' doesn't exit.
I have tried looking for where I setup these tables and values with no
luck. I read somewhere that there is a
I am currently running Suse 10.x Linux with Freeradius 1.0.4-42.,
dailupAdmin 2.7, and apache2.
I believe I have everything installed correctly as I can check my
info.php page, phpmyadmin, and dialupadmin.
Freeradius also rejects my request so I know it is running and working.
Here is my issue
Eric Hilden wrote:
My tables currently under the Radius Database that I have created are as
follows:
badusers
mtotacct
totacct
userinfo
Why would you expect FreeRADIUS even look at those tables unless you
tell it to?
Database query failed: Table 'radius.radacct' doesn't exit.
Yep, that
=?gb2312?B?zfXR0g==?= [EMAIL PROTECTED] wrote:
Hi, I want to use freeradius1.0.4 to auth and acct mpd_3.18_2 PPTP VPN (on
FreeBSD).
But I have a problem.
In the log file, it displayed the following messages:
Jul 13 10:32:53 vpn mpd: [pptp1] RADIUS: using
/usr/local/etc/raddb/radiusd.conf
Hi, I want to use freeradius1.0.4 to auth and acct mpd_3.18_2 PPTP VPN (on
FreeBSD).
But I have a problem.
In the log file, it displayed the following messages:
Jul 13 10:32:53 vpn mpd: [pptp1] RADIUS: using /usr/local/etc/raddb/radiusd.conf
Jul 13 10:32:53 vpn mpd: [pptp1] RADIUS: rad_config:
Hi,
We're running Freeradius to authenticate a bunch of old Cisco AS5200s on a
MySQL backend. We were previously using icradius and everything worked
great for years.
However, every once in a while now, we get a user who is successfully
authenticated (they show up as Login OK in radius.log),
rlm_sql (sql): Attempting to connect to [EMAIL PROTECTED]:/radius
rlm_sql (sql): starting 0
rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
rlm_sql_mysql: Starting connect to MySQL server for #0
rlm_sql_mysql: Couldn't connect socket to MySQL server
[EMAIL PROTECTED]:radius
Hi guys maybe someone can give me a hand on that.
i setup freeradius to work with mysql .
when i run radiusd -X
i receive :
---
sql: simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName, NASIPAddress, NASPortId, FramedIPAddress, CallingStationId, FramedProtocol
[EMAIL PROTECTED] wrote:
To: [EMAIL PROTECTED], Alan DeKok [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
That's just unnecessary. I read the list, so please don't CC me.
And sending the same message to the list twice is annoying.
Mon May 10 22:00:54 2004 : Info: The maximum number of threads
73 matches
Mail list logo