hi,
On 09/14/2016 07:03 AM, Heikki Vatiainen wrote:
>
>> We use Radiator as radius server, Windows as WiFi client,
>> it looks like windows will use system name as radius’s username.
>> Can radiator return a message to client to let windows user input their wifi
>> login information instead of OS
Doing any troubleshooting by eg port mirroring is not possible anymore. That
can be a painful gotcha for macsec ports
As for clients, very few do it natively. I tested using the cisco anyconnect
client
alan___
radiator mailing list
radiator@open.com
Standard stuff? Have you given it a go? Should work pretty much like wireless
client with AP.
However, the cisco stuff with trustsec, using eap-fastv2 and provisioning keys
etc is much funkier and likely to need more code
alan___
radiator mailing l
I believe that the latest 4.16 patchsets allow all packets related to a
particular authentication to be linked/tracked - you might find that to be
useful
alan___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiato
Try putting your stuff into order - your inner stuff , handlers et al , AFTER
the realm check (where you are then asking for a particular handler).
The goodies directory provides ready to go starting recipes for this stuff (so
you can see how handlers/inner work)
alan__
Like the farmsize.cfg file in the goodies directory?
alan___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
Should be no problem with session resumption being on by default. Certainly
its a performance impact of you don't have it on. I would suspect either
wireless controller problems (eg related to 802.11k or such) or client
misconfiguration (do you have a deployment tool for the 802.1X or do users
You want my suspicions? The remote server is terminating their outer tunnel
locally and then proxying through the inner tunnel. If the client is not fully
configured with full security (only Trust your CA *and* only Trust The CN of
your RADIUS server) then this can happen. Either deliberately
Radiator works on radius datagrams (ie examines the contents) from unknown
client IPs?
alan
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/ra
What info is it that you need to log/see as you can run a Perl hook that means
you only log what you want, can run the system in non debug proper thread mode
etc and not get passwords logged ;)
alan___
radiator mailing list
radiator@open.com.au
http:/
' We use debug level 4 on all our subprocesses' - you know how much that kills
performance, right?
alan___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
You need a --obscure or such so that also shared secrets, ldap/sql details etc
are also obscured. But then I'd expect you'd hear from others who also want
the IP addresses obscured for security. .. At which point the debug is showing
what exactly? ;)
alan__
Why would you be running in this mode? Surely only debug level that high for
debugging? And how could you be sure that the issue want due to incorrect
password? ;)
alan___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/list
Test it and see? ;)
alan___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
Use status-server. Don't rely on the auth RADIUS protocol or responses/lack of.
alan___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
Your handlers need to be the other way around. The inner needs to be listed
first. See the goodies directory for example. I'd advise an upgrade too
alan
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.___
radiator mailing list
... but if the type is not available it might not even be known...and it's
number is the only thing sensible to be printed.
alan
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.___
radiator mailing list
radiator@open.com.au
http
It's usually a function of your NAS (eg wireless controller). Check its
settings for session-timeout ... which is usually an attribute that you can
send back from your RADIATOR server in the access-accept packet too (though you
may need to change your controller setting so that it honours that v
Because you are using a freeradius-ism
Cleartext-Password is an internal attribute of freeradius. The real attribute
in the request is User-Password ... Use that on other servers.
Alan
--
Sent from my Android device with K-9 Mail. Please excuse my brevity._
The AP test is very likely to be quite dumb and not care about the certs used.
It's likely that your real client. .. and I'm going to guess a windows box
here. .. its failing the PEAP TLS tunnel creation because either the supplicant
has been misconfigured or it doesn't know your certs (general
Hi
As it's complaining about dead server it makes me wonder why you think the
upstream is dead. You have 4.12.1 , ensure you have the latest patches for it
and then use the status-server option for those hosts (RADIATOR now supports
using status-server for probes rather than just handling quer
Hi
No response from the client. What do you see on the client? Windows clients
are fussy about their certificates (on that the cert needs to have particular
attributes) does your cert match the requirements?
alan
___
radiator mailing list
radiator@o
config?
alan
Original message
From: Garry Shtern
Date: 26/07/2013 22:40 (GMT+00:00)
To: "'radiator@open.com.au'"
Subject: [RADIATOR] PEAP from Radiator via Juniper switches
All,
I ran into an interesting issue. I am trying to do PEAP/MSCHAPv2 via Juniper
EX switch to R
Hi
As an end site you really shouldn't be sending invalid realms to your national
proxy... but there does seem to be something odd gong on here. . their system
should be just sending back a straight access reject. If radsecproxy doesn't
like extended proxy id (or the config doesn't allow it )
>The reason is that the Radiator config is managed in a single file that is
>pushed to multiple systems to ensure consistency of the config
We do the same thing... config created from database and then pushed. Avoids
possible human errors that could arise from editing config on several systems
Clients are defined by their IP address (apart from RADSEC clients which come
through the RADSEC clause). The server runs other services on v4 and v6 too.
alan!
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radia
What would be interesting is whether a clean install of Windows and just the
installation of the Microsoft SEP kills it
alan
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
You need to use stripfromreply and addtoreply functions
alan
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
Hi,
> If it is common knowledge to eduroam operators, then you can laugh at me
> for not paying attention, or checking this log often or carefully enough!
its there in the default dictionary (this is from 4.10)
# TERENA VSA's
#
VENDOR TERENA 25178
VENDORATTR 25178 eduroam-SP-Country 1
Hi,
> I figured out. Apparently, radpwtst command does not work for me. But my
> networking devices can authenticate using my Radiator servers.
answer for that in my previous email - your network devices are talking
to the real IP, not to 127.0.0.1 (on which the server is not listening).
point r
Hi,
>I use a generic radiaus.cfg from installation without any changes.
>Following is my radius.cfg file:
you are binding to an IPso IIRC, RADIATOR will onyl bind to that IP
(if you used 0.0.0.0 then it'll bind to all interfaces, including 127.0.0.1
(localhost)
set the server IP addr
Hi,
>I entered the correct password.
did you? All I have seen you say so far is that you used
perl radpwtst -user mikem -password fred -auth_port 1812 -trace 4
wheres the shared secret for the client to talk to the RADIUS server?
radpwst emulates a NAS rather than a real client edge devic
Providing the correct shared secret when using radpwtst may help...
alan
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
Without ANY changes? Unless your server has the IP address that's the same as
the config file you used...then that won't work.
The default config is a starting point , a basic block to build/construct from.
alan
___
radiator mailing list
radiator@open
Check your radius.cfg file for config presence and what debug value are you
running at. For initial work you might to be running at level 4 or 5
alan
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
hi,
this log looks like the client is doing
PEAPv0/EAP-MSCHAPv2 rather than PEAPv0/MSCHAPv2 - is that correct?
alan
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
..and what do the logs show on the NPS box (which is doing the auth) and
RADIATOR debug show when this just authentication is failing?
alan
--
This smartphone uses free WiFi around the world with eduroam, now that's what I
call smart.
___
radiator m
Hi,
>We've decided against using winbind / ntlm_auth. Unfortunately our AD
>environment is so sporadic and bumpy that we're desperate for another
>solution.
that really should be fixed. WHY is it dumpy and sporadic. I know
a lot of people give MS grief about their product with various
Hi,
> Mon Aug 20 15:29:40 2012: DEBUG: Finished reading configuration file
> '/etc/radiator/radius.cfg'
> Mon Aug 20 15:29:40 2012: DEBUG: Reading dictionary file './dictionary'
> Mon Aug 20 15:29:40 2012: ERR: Could not open dictionary file './dictionary':
> No such file or directory
how do yo
Hi,
> why i want to is besides the point. Because, I don't actually want to
> really. it's a matter of it already being done. It must be within the
> standard specs of the parser i guess, since it's always worked before and the
> docs probably said you could do it. But don't worry about it
Hi,
> abused? the last version said multiple lines was fine. Hasn't been a problem
> until 4.10. It more has to do with the vast configuration that I have (452K
> so far) and i organize my config like this a lot and don't feel like
> rearranging it all right now.
my config is 708K - its when
Hi,
> i found some time to try the 4.10 upgrade with patches, but i have this
> Multi-Line config issue. Seems to be related to the fact that I have a blank
> line and comments in the middle of the multi line Handler.
>
>
>
> Fri Aug 10 10:51:18 2012: ERR: Unknown keyword ' /etc/radiator/con
Hi,
> That's certainly tempting. Less packets would also mean less load for
> proxies (especially roots in federated roaming) and authenticating
> servers while the authentication would be faster too.
..exactly..thats why we are very keen on it :-)
alan
__
Hi,
> Fredrik and others, can you tell how this would be used? Do you have
> ideas how much demand for this would be and e.g., what clients there are?
its in the latest wpa_supplicant - which should mean that the next iteration of
Android will have support for it. likely (*likely*) that it might
What are the 5 weird entries at the bottom of the RADIATOR patches list page? :)
alan
--
This smartphone uses free WiFi around the world with eduroam, now that's what I
call smart.
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/
Hi,
> Hmm, I'll ask around. Looks like it's an RFC already too:
> http://tools.ietf.org/html/rfc5931
>
> Do you know which clients support this? Looks like wpa_supplicant does,
> am I correct?
leading/bleeding edge wpa_supplicant , yes
> Looks like there are requirements for fairly recent OpenS
Hi,
> The odd thing is we have 2 Wireless SSID's using the same RADIUS server (a
> local one, and eduroam). A user is having issues with a 28 character password
> on eduroam, but not on the local one. I don't see a difference in the
> Handlers for the different SSID's that would result in this
Hi,
> Some years ago I tested (successfully) a Lancom L-54g wireless Access
> Point which implemented RadSec. I dont know if it or equivalent is still
> available.
LANCOM still do such devices last time I looked - we have a very active
member of eduroam here in Europe who was involved with tha
Hi,
> sorry, dont have any info on Cisco.
we have been asking Cisco for such support in their kit (switches, wireless,
RADIUS platforms)..now
that the RFCs are out we have some more leverage. I ask all Cisco customers to
ask their local
support/sales/SE/tech-track etc about having support in th
Hi,
>However, what I actually want to do is send a usename with a realm of
>sharaz.info and have the realm stripped out of the user name. When I auth
>to radiator on a windoze platform I can use
RewriteUsername can be called in several places, globally, in the client section
or in
Hi,
> No need to go back to the AP, only in the Request direction as far as
> I can see.
enough people mess up filtering as it isleading to all sorts of issues..
so we just give the list - rather than cause more confusion with what direction
the attributes should be left in. so long as the '
Hi,
>I use a PEAP ,MSCHAPV2 auth set up , going to an AD server. I will send on
>config file if needed , but hopefully it’s a simple fix
sending the obfuscated config might help.. type 26 is EAP MS-CHAP-V2 (a slightly
different beast to plain MSCHAPv2) - your config needs to be configured
I can give you some RADSEC info for an organisation configuration... the info
is in ref.pdf document and goodies/ directory,
alan
--
eduroam UK, JANET roaming service
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listin
Hi,
> Thanks for the response.
>
> I'm not sure how to determine that; can you give me a nudge in the
> right direction?
you can use the 'openssl' tool to view your certificates details eg
openssl x509 -in yourcert.der -text -noout (or such...)
alan
___
Hi,
PEAPv0 is the standard method that everyone uses that was created by
RSA/Microsoft/Cisco
(I think Intel had some say as well...but cant recall)
its the usual one in almost all clients when you choose 'PEAP'
Cisco went ahead to 'fix' things and, using GTC as the inner method helped
push for
Hi,
> WARNING: Bad authenticator received in reply to ID 153
incorrect shared secret or badly munged UDP packets, or packets
received after your local RADIUS server has already decided to forget
about them (timeout)
> I've confirmed the secret is the same between the proxying radius servers
> an
Hi,
> It was there since the first version 3.12. I just tried with 3.12 client
> and server config against 4.9 server and client config and they were
> able to talk when Secret was changed to radsec.
>
> With 3.12 you have to enable UseTLS explicitly. That was the other
> change apart from port n
hi,
having issues with an older version of RADIATOR - seems to not be liking
the 'Secret' being setthe old version (and current version) have 'mysecret'
as default..which doesnt match the current drafts etc - which is now 'radsec'
my servers (4.9) are very happy with Secret being definedbu
Hi,
> On Jan 12, 2012, at 6:31, Hugh Irvine wrote:
>
> >
> > Hello Everyone -
> >
> > I have been asked by one of our customers to suggest good monitoring
> > solutions for Radiator.
> >
> > Some suggestions I have heard include our own Radar tool, Solarwinds,
> > Splunk, Cactii and whateve
Hi,
> Is this is a known issue with Radiator 3.16? Does anyone have Radiator
> 3.16 successfully authenticating against an AD2008 domain? [I realize
> that 3.16 is a little dated ... ]
3.16 is hideously outdatedand came out years before AD2008 was even a
twinkle
int he eye of MS - I wouldn
Hi,
> > Attribute number 3 (vendor 9967)
>
> 9967 is Bluesocket, for which I have a local dictionary:
>
> ## Bluesocket
> VENDOR Bluesocket 9967
> VENDORATTR 9967BlueSocketRole 100 string
> VENDORATTR 9967Bluesocketap101
hi,
I'm suspecting that the lack of dictionary entries is causing
some proxying issues for end sites that are being peppered by these
attributes coming through and being munged or mishandled
It would be great if we could get the details for the following
Attribute number 1 (vendor 6139)
(had
hi,
okay, thanks to someone with Aruba kit, have updated details
for dictionary.
the info was collected with:
(Master-Primary) #show aaa radius-attributes | include Aruba
we now have
#
# Aruba vendor specific radius attributes
#
VENDOR Aruba 14823
VENDORATTR 14823 Aruba-User
Hi,
> But I can add:
>
> VENDORATTR 14823 Aruba-Template-User 8 string
>
> courtesy of wireshark to your list.
cool :-) thanks for that one though I believe its officially
ATTRIBUTE Aruba-MMS-User-Template 8 string
so,
VENDORATTR 14823 Aruba-MMS-User-Template
hi,
I believe this is what is needed in RADIATOR for the aerohive
wireless kit as a starting dictionary.
anyone care to confirm/agree/reject or differ? :-)
#
# Aerohive vendor specific radius attributes
#
VENDOR Aerohive 26928
VENDORATTR 26928 AH-HM-Admin-Group-Id1
hi,
any updated dictionary entries for Aruba? I dont run the kit
myself and have no service support or contact/contract ...i just proxy
packets between sites that do... i note that I have many entries
such as this in my RADIATOR logs...
Mon Aug 15 12:13:15 2011: ERR: Attribute number 10 (vendor
Hi,
> (As an aside, what do the numbers in the "Handling with EAP: code 2, 11,
> 76, 176" line each represent anyway?)
the joy of RADIATOR is you have the code. in EAP.pm theres this
"Handling with EAP: code $code, $identifier, $length, $type"
where $type is the EAP type/class - you've got so
Theres a a lot of external shell stuff going on there. Personally I would be
using built in perl functions and perl modules for handling the strings and
dealing with that URL. It's then also easier to do sanity checks , as this
stands you could get some very interesting results with the correctl
Hi,
>How am I going to execute an external script when Radiator receives an
>Access-Request? This script will actually do an HTTP API request from an
use hooks. see the goodies/* directory for some examples - you can have a
pre-handler,
posthander etc hook that will call your code.
alan
hi,
got this error:
Insecure dependency in eval while running setuid at
/usr/local/lib/perl5/site_perl/5.12.2/Radius/Configurable.pm line 73
checked that Configurable.pm file and it appears to be doing a nice
eval on the $_[2] parameter - this could be used by a cracker if its
not checked/sani
Look in the supplied goodies directory for all the eap examples, check your
radiator debug for anything that shows you don't have retitled libraries/perl
functions installed
Alan
- Reply message -
From: "agnel varghese"
Date: Mon, Jun 13, 2011 11:25
Subject: [RADIATOR] Configure radi
Hi,
>But there doesn't seem to be any way to do variable substitution using the
>client identifier. Please prove me wrong.
%{Client:Identifier} ??
alan
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/rad
hi,
I can confirm exactly the same behaviour on Linux boxes here. hardcoded
is the only way to have both working. Solaris can have both on single line
and it works. a nice patch for 4.8 to arrive? :-)
alan
___
radiator mailing list
radiator@open.com.a
Hi,
> > BindAddress 0.0.0.0,ipv6:::
its horribly broken on Linux isnt it? on Solaris this works fine in this
incantation.
alan
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
Hi,
> So this should make it listen for all IPv4 and IPv6:
>
> BindAddress 0.0.0.0,ipv6:::
on Solaris thats certainly true
> I heard that this might caused problems with Linux kernels?
BindAddress 0.0.0.0
BindAddress ipv6:::
that works on the few Linux boxes that I've tested
alan
_
Hi,
> Could it be the same as other apps, '::' ?
>
>
> I have now configured the hard coded addresses as a work aroudn.
goodies/ipv6.cfg
BindAddress ipv6:::
(this is basically saying, use ipv6: and bind to :: - like other daemons do)
please note that you must use ipv6: as the prefix to ho
Hi,
Grrr. ascend dictionaries stomp all over IANA space - attributes
126-132 are also munged up (used by IANA assign Operator-Name space
stuff - which we in eduroam would like to use widely)
alan
___
radiator mailing list
radiator@open.com.au
http://www
Hi,
> We add to all our peers handler configurations a “NoReplyHook”
> (Paul Dekkers from Surfnet is also helping us on this problem)
okay - thats pretty much similar to what I have and recommend too :-)
one question though - what is our FarmSize set to? how many threads
are you running - and a
Hi,
>If this was a problem related to the client running out of ID REQUEST
>where can I look on the logs for a warning or something alerting that this
>is happening?
welcome to the party. in the UK we have seen this issue to - and it doesnt take
that much until the server is all backl
Hi,
> Never mind, if the external script contains errors, the hook isn't
> processed. It is displayed in the log at startup.
oh, okay. handy - it'd be nice if it reported that ... eg
'ERR: Dodgy PostAuthHook script, so not running it" :-)
alan
___
radi
Hi,
what version are you running - i know in much older versions there
was a small b ug with PostAuthHook and handlers... however, are you sure
that this handler is the one being called (your debug doesnt fully show)
..and what happens if you put the PostAuthHook *inside* the group
AuthBy loop ins
Hi,
> Access rejected for vwa\elabbadi.ossama: No AuthBy found ". Have anyone an
> idea how I can authenticate via Radiator and Active Directory. I have found
> many half solutions in a mail archive but not really HowTo. I cannot believe
> it can be difficult.
based on the snipper of config you po
Hi,
> Here the output from my last log file. And I found this entry:
the important bit is this - Can't locate Net/SSLeay.pm
you havent installed all the required dependencies for RADIATOR
and EAP.
as per the docs:
# Requires Net_SSLeay.pm-1.21 or later from CPAN.
# Requires openssl 0.9.7bet
Hi,
> -
> root@radius:~# ntlm_auth --username="vwa\elabbadi.ossama"
> password:
> NT_STATUS_OK: Success (0x0)
> -
>
> But the log file from radiator cannot work or find with
> "vwa\elabbadi.ossama".
you've got to define your handlers. your @blahblah one worked because
you
Hi,
>Hi,
>I have a accounting handler as below.
>OBA-easynet|OBA-smartnet|"OBA Hotspot Service">
>
>As you see one of the value strings "OBA Hotspot Service" contains blanks.
>This string is not recognized, the others work well.
>What is wrong with the specification of
hi,
just wondering what the current status or implementation level
of Status-Server in RADIATOR for remote proxy AuthBy handlers?
I know the server can send stuff back to a Client (which may use Status-Server
to detect if the RADIATOR is alive rather than just relying on a
response to a packet se
Hi,
> My SQL connection is OK, for other reasons the connection between the SQL
> server and Radiator is not been use for 20 seconds, the SQL servers drops it
> down.
>
> On the other hand, I have stated before that the secret is not the problem;
> the config of the secret at radius:
garbled
Hi,
> Which attribute does radiator use for comparison when using MAC-filtering on
> a client block? Trying to pin down why one of our clients isn't being picked
> up by the client block we have set:
>
>
> Secret SeekritKey
thats right.run the server in full debug to see whats coming
thr
hi,
just wondering what the impact on a RADIATOR server is for RADSEC clients
that are running in persistant TCP connection mode (as they seem to do by
default)...
how many of them can I operate in such a fashion against RADIATOR (4.7 with
patches)
or should they not be run in this mode?
will
Hi,
> EAP/TTLS, EAP/TLS or PEAP configurations are heavily used in eduroaming
> institutions. Would be very helpfull if we could monitor our federation config
> via cron with the help of a scriptable radius checker.
are your users using those methodsor is this a case of checking that
your ins
Hi,
> I already saw this discussion but I don't understand if it's possible
> to do the machine authentication with Radiator.
yes
> >> dont' work
> >>
> >> Identifier MACHINEAD
> >> NtlmAuthProg /usr/sfw/bin/ntlm_auth
> >> --helper-protocol=ntlm-server-1 --workstation="Works
Hi,
> But there is no ServerHTTP configured, instead there is a ServerRADSEC
> configured.
aye - I got this to when I started to use RADSEC.
its the enabling of SSL/TLS in StreaServer.pm,
if theres a problem with it loading the Radius::StreamTLS it just
chucks out that preformatted error mess
hi,
the root CA could be added to the server bundlebut that wont help
as the root CA needs to be known and trusted by the client. in this case,
windows 7.
rather than supplying certs, it seems like microsoft is supplying them 'on
demand'
in some cases...to keep fresh versions around rather
Hi,
> the users file supplied with RADIATOR is filled with rather special
> users and purposes. it would probably make life easier to create
> a nice clean users file for your usage. with eg 'test-user-1'
> and other required parts (password, return attributes etc) rather
> then deal with th
hi,
the users file supplied with RADIATOR is filled with rather special
users and purposes. it would probably make life easier to create
a nice clean users file for your usage. with eg 'test-user-1'
and other required parts (password, return attributes etc) rather
then deal with the interest
hi,
is there a quick hack for the status-server for client so that it just sends
an 'UP' or 'OKAY' back rather than try authentication or send back server
details?
alan
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listi
Hi,
> I currently have version 2.9 installed and would like to upgrade it.
>
> Could you guys lend me a hand and tell me what are the implications of
> such measure, regarding configurations?
personal advice would be to ensure that you have a full backup of your current
system, config and RADIA
Hi,
> Does anyone have suggestion on how to reject a user if there outer identity
> doesn't match their inner identity ?
why should it? thats why the outerid can be anonymous (granted, Windows have
only
just added that feature in Vista and 7 - but anonymous outer ID has been in most
EAP clients
Hi,
> Hey guys
>
> I have been using Radioator for the past years (from 2006) and it is
> mainly used to get calls, validating them and then saving them in a
> database.
sounds very much like a database speed issue. what engine are you using
with your MySQL ? InnoDB or the stock myISAM? have
Hi,
> I'm getting the following error relating to REJECT: Authentication type not
> supported.
> Can anyone point me in the right direction as to what I have done wrong?
you've tried to use HOTP for an MSCHAPv2 challenge method...which, as Hugh says
isnt possible.
the debug log tries to hel
1 - 100 of 102 matches
Mail list logo
