. Would need the log
and config to tell more.
No packet or anything just that oddly
There should be more in the logs, at least the full packet dump and
trail that shows which handler was chosen. Maybe the log file in the
file system has more?
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
, that is, TLS
tunnel establishment.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS
Hello,
I will be travelling next week and will be in Hong Kong for the full day
of Monday 26th. I would be pleased to meet Radiator users during the
day, so please reply to me directly to arrange a meeting if you are
interested.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator
say the two Handler approach requires you not to rearrange internals
or require any large changes.
Please let us know how it works.
PS. I've been traveling lately so unfortunately it took a bit longer
than usual to reply.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most
and does not respond.
However, if RadSec is used locally, then it might be better to rely on
ignored requests when it is known that a server will stop responding
when it has for example, lost its connection to the backend DB.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most
: this works for plain password based authentication (PAP) where no
Access-Challenges are needed.
There are other possible AuthByPolicies too. Please see the reference
manual for the details.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable
${$p}-{outerRequest}-get_attr('...') to access
RADIUS attributes from the incoming RADIUS request while inside the PEAP
inner authentication.
The second hook, PreProcessingHook, skips everything else than
accounting and has no outerRequest.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
to authenticate plain PAP
against NTLM if such requests are received by Radiator.
Also, EAPType in the outer Handler's AuthBy NTLM could be just 'PEAP,
TTLS' since 'MSCHAP-V2' is processed by the other AuthBys in the
Handlers for tunnelled PEAP and TTLS.
Thanks,
Heikki
--
Heikki Vatiainen h
1350? That is, when you have 1350 as outer
fragment size, 1250 works but 1300 does not.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus
but when EAP-TLS is the inner protocol, then the inner AuthBy requires
MaxFragmentSize.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside
configurations would not need to worry
about fragmentation issues when EAP-TLS was the tunnelled protocol.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus
automatically.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA
useful for implementing blacklisting
based on usernames (EAP inner identity). MAC address based blacklisting
could be in the outer Handler since the MAC is not included in the inner
auth information.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible
. With RequestHook the Hook
gets passed a reference, not a reference to a reference like it does for
some Hooks. Also, you need to return a suitable return value because
AuthBy INTERNAL checks what the hook returns.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable
and CP-Gaia-SuperUser-Access
were incorrectly entered in the dictionary. Reported by Jason Griffith.
Ldap.pm could crash while logging with old Net::LDAP versions. Reported
by Mauricio Montoya Bustamante.
-
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable
information about the Radiator SIM support, please see:
https://www.open.com.au/eap-sim/history.html
For the full revision history, please see:
https://www.open.com.au/eap-sim/history.html
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS
definition is also there, unchanged.
Maybe your equipment has a configuration option to use different format?
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald
times. There is no separate
assigment operator.
Or am I doomed to use hooks?
Maybe :)
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside
this change the User Role seemed to function correctly. I
hope this helps.
Hello Jason,
you are correct, the CheckPoint vendor specific attributes were entered
incorrectly in the dictionary. These will be corrected in the next patch
set.
Thanks!
Heikki
--
Heikki Vatiainen h...@open.com.au
On 04/04/2014 10:58 AM, Heikki Vatiainen wrote:
On 04/04/2014 10:44 AM, Jakob Schlyter wrote:
Are there any plans to integrate the (few) required patched needed (aka
EAP_43.patch) for the Chargeable-User-Identity hook (from the eduroam
people) into Radiator? Or perhaps ship the hooks
://community.activestate.com/node/10856
Thanks Neil. Here's a ticket related to Strawberry Perl I found:
https://rt.cpan.org/Public/Bug/Display.html?id=94531
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP
On 04/09/2014 06:01 PM, Heikki Vatiainen wrote:
Updated test.pl was going to be in the next release, but it was
unfortunately not tagged to be in the patch set meanwhile. It will be in
the next patch set.
The latest patch set was just made available. The only change is that
test.pl is now
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP
On 04/02/2014 09:49 PM, Heikki Vatiainen wrote:
PostAuthHook sub { my $rp = ${$_[1]};
$rp-changeUserName($rp-{inner_identity}); }
PEAP and TTLS both export the inner EAP identity (or TTLS inner username
when EAP is not used). The inner identity is exported to outer reply
message and can
by the
validation server.
The validation server can run on the same or a different server than
Radiator allowing flexibility in deciding where to plug in the YubiHSM.
The new AuthBy YUBIKEYVALIDATIONSERVER module is available in the latest
Radiator 4.12.1 patches.
Thanks,
Heikki
--
Heikki Vatiainen h
code into Radiator.
Hello Jakob,
can you provide me a link and other information? I can take a look at
what is needed.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password
.
***
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC
?
Yes, that would be very useful to see the details in the request.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP
)) { #
Try get_attrs() instead of get_attr(). This Diameter attribute list
works differently here, that is, get_attr does not check if the caller
expects a list or a single value.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
with RFC 5176 Dynamic Authorization Extensions.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP
these returns object references than can be again
used with get_attr to get the grouped attributes.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus
work in any case, because it fetches the
value from the Diameter message.
Thanks,
Heikk
br,
Arthur
27.03.2014 21:04, Heikki Vatiainen kirjutas:
On 03/27/2014 04:57 PM, Arthur wrote:
In my incoming Diameter Accounting message I have the following part:
...
3GPP-Service
to a
external verify daemon or call OpenSSL verify utility?
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active
will be modified to include the said
attribute and value and the authentication should then succeed.
Please let us know if this solves the problem.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files
is not documented in the
current reference manual yet, but exists to help to do any custom work
after the default conversion runs. The purpose of the hook is to help
with cases such as yours.
There's also a respective hook from going to Radius back to Diameter.
Thanks,
Heikki
--
Heikki Vatiainen h
the fd open
while supporting FarmSize and possibly something else too. I'd say
extending Log FILE may not be a good idea but to have a new logging class.
If you already have something that does what you require on the Log
... side, please get back to me directly.
Thanks,
Heikki
--
Heikki
for EAP TLS ?
It does look like a restart is needed when the CRL is refreshed. The
verify against CRL seems to work, but refreshing the CRL without restart
looks problematic.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
://www.open.com.au/mailman/listinfo/radiator
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC
would need to create a ForwardHook or something similar if
you need to get access to Hosts that were tried during proxying.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS
On 03/19/2014 09:21 PM, rohan.henry @cwjamaica.com wrote:
How can I monitor Radiator's response time when using NAS Port ID
instead of username for authentication?
Hello Rohan,
can you describe in more detail how the monitoring is done now?
Thanks,
Heikki
--
Heikki Vatiainen h
request has pointer to
Host. You could then check $host-{Address} to get the address.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside
. But when the username/password combination is wrong
the result is IGNORE and hence another authentication attempt is done
towards the second LDAP server (which of course also results in a
non-successful bind attempt).
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable
for this, but the above assumes the users
authentication and accounting is RADIUS based.
There are multiple ways to do such a configuration, but the details
depend on knowing more about what you have and what your environment is.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable
AuthBy.
Change the inner TunnelledBy* Handlers so that the Realm is not
considered when choosing the Handler.
The inner request should now have the real EAP Identity in the User-Name
and group check should work.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable
for LogOpt worked as did setting the value to cons. I'm not sure
if this difference comes from Radiator or Sys-Syslog version.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS
empty, which apparently doesn't work.
As a more permanent solution, I think an empty value can be allowed by
Radiator for LogOpt to turn off any non-default options.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
of unexpected messages. Would that be an option to explore?
Thanks,
Heikki
Thanks.
Sent with Good (www.good.com)
-Original Message-
*From: *Heikki Vatiainen [h...@open.com.au mailto:h...@open.com.au]
*Sent: *Monday, February 17, 2014 02:22 PM Coordinated Universal Time
using a version of
NX-OS that does not have the patch? A quick look tells there are not as
many different software trains as there are/were for IOS, but there are
plenty of minor releases still.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible
am definitely with you on this
one.
-Original Message-
From: Heikki Vatiainen [mailto:h...@open.com.au]
Sent: Wednesday, February 19, 2014 9:35 AM
To: Garry Shtern; 'radiator@open.com.au'
Subject: Re: [RADIATOR] (P)EAP flow
On 02/17/2014 05:16 PM, Garry Shtern wrote:
Would
/009982.html
I agree with Alan that the AP client probably does not care but the
other client does.
In addition to what has already been suggested, I'd check the Radiator
certificate to see the Extended Key Usage (EKU) is there.
http://support.microsoft.com/kb/814394
Thanks,
Heikki
--
Heikki
active
session database records to be deleted?
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP
DupInterval 0
/Client
Thanks for any advice!
--
Chad
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible
to create such systems. But this is more
of a policy and political issue and I won't move further to that area :)
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT
are running latest release.
/
Please let us know if the above helps.
Thanks,
Heikki
--
Heikki Vatiainen hvn at open.com.au
http://www.open.com.au/mailman/listinfo/radiator
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS
else your configuration
needs to be done. Without knowing the details, you might simply just use
AddToReply and separate the attributes=value pairs with commas.
About the hook code, it assigns values like 1:1, 2:2, 3:0.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most
radiuses are running latest release.
Please let us know if the above helps.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM
,
GEN3 line 2747056.
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA
id
as a part of group name. The id is then extracted from the group name
directly.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside
::Socket::INET6 or ::INET.
If you plan to test the latest patches, please let us know how it goes
without Socket6.pm
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password
is also described here:
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080c17808.shtml
I'm not sure if this relates to Steve's problem but looks exactly what
Alexander was seeing.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible
is used. Otherwise more complete
certificate chain walk would be required.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM
232string
VENDORATTR2011Huawei-GGSN-Vendor233string
Do 232 and 233 have the same name?
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald
to use EAPTLS_CertificateVerifyHook to check which CA
matched. However, I have not checked in detail if this is possible. I
would first see if the requests have any information that could help
with Handler selection.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable
/AuthBy
/Handler
regards,
Jeff
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable
, for
example, seems to support LDAP and crypt style formats:
{X-PBKDF2}HMACSHA1:AAAD6A:8ODUPA==:1HSdSVVwlWSZhbPGO7GIZ4iUbrk=
$PBKDF2$HMACSHA1:1000:4q9OTg==$9Pb6bCRgnct/dga+4v4Lyv8x31s=
We would be interested to hear if there are other formats that should be
supported.
Thanks,
Heikki
--
Heikki
to mailing lists, download procedures or other
functionality. If you see something that you think should work but does
not appear to, please let us know.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM
and
finish the work with the Dia -- Rad conversion hooks. Or just do the
whole thing with the hooks.
Later it might be possible to upgrade the code to an application that
handles just Diameter requests and does not need to go through
conversion, but it's not possible yet.
Thanks,
Heikki
--
Heikki
to go through RADIUS conversion. This applies to a number of mostly 3GPP
applications.
We would be interested to hear which Diameter applications you are
working on.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere
check the TCP
connections and the processes that use them.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active
by 0 or more bytes of salt where 0 bytes
means no salt is used.
The command line utilities produced hex ouput so that's why it's not
possible to use e.g. sha1sum output directly here.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP
be Radiator feature, we would most likely make it a
generic SQL based module. Any comments related to this would be appreciated.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS
this:
DBSource dbi:Oracle:service_name=xe;host=192.168.1.10;port=1521
This should work too if tnsnames.ora does not.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald
socket: Address
already in use' to its logfile but still started, I'd suggest that such
a fatal startup error results in Radiator dieing with this error message.
What do you thing about that change?
It sounds reasonable. I'll check about patching this.
Thanks,
Heikki
--
Heikki Vatiainen h
' and enabled='1';
/AuthBy
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX
http://www.open.com.au/mailman/listinfo/radiator
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS
be possible to
use the two alternatives described above instead of doing everything
with a hook.
Thanks,
Heikki
On Wed, Dec 18, 2013 at 5:33 PM, Heikki Vatiainen h...@open.com.au
mailto:h...@open.com.au wrote:
On 12/18/2013 09:44 AM, eliran shlomo wrote:
The attribute in the LDAP
your proof of concept does.
and then, i can set the error message in the ReplyHook with:
$p-change_attr('Reply-Message', 'DefaultSimultaneousUse error');
With the current version this should be enough. The change made in
AuthRADIUS.pm should take care of the rest.
Thanks,
Heikki
--
Heikki
rest of requests with AuthType=radius
Handler AuthType=radius
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external
-{ThisAuth}-{DefaultSimultaneousUse};
if
(Radius::SessGeneric::find($op-{Handler}-{SessionDatabase})-exceeded(
$limit, $op-{OriginalUserName}, $op))
{
$op-{RadiusResult} = $main::REJECT;
}
}
Please let us know how it works.
Thanks,
Heikki
--
Heikki Vatiainen h
requests are processed by different Handlers. This is very likely one
reason why they change the attributes differently.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT
##
main::log($main::LOG_ERR, DA: user: $usern Context big:
setting class to gamer );
}
}
}
On Dec 16, 2013 5:08 PM, Heikki Vatiainen h...@open.com.au
mailto:h...@open.com.au wrote:
On 12/16/2013 03:44 PM, eliran shlomo wrote:
I have proxy radius that receive
},\
%{Framed-Protocol},%{Service-Type}
/Handler
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible
AD groups.
That could explain why I always get messages for the user not being
found.
-Neil
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside
.
I'm not sure if LSA will tell if the username or password was incorrect.
If LSA is used with e.g., AuthBy LDAP2, then the information should be
more easily available as LDAP search result.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable
retransmissions by the server make
things a bit harder if the targeted debugging needed to cover those
cases too.
Thanks,
Heikki
Thanks.
-Original Message-
From: radiator-boun...@open.com.au [mailto:radiator-boun...@open.com.au] On
Behalf Of Heikki Vatiainen
Sent: Monday, November 25
.
The documentation regarding Socket6.pm not required for recent enough
Perls will be in the next release's documentation. We can also mention
TACACS+ too.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM
not :).
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA
configuration (no secrets or passwords
required) and tell what is the Radiator version.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS
getpeername did not make
getpeername fail so it might be caused by something that happens during
accept.
Do you have FarmSize enabled? I see accept is called a bit differently
for ServerTACACSPLUS than for the other TCP stream servers.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator
on the windows
environment, so I can not tell for sure what the status codes will tell.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside
for the new incoming TCP connection.
Do you have IPv6 connections coming in? What else could cause the listen
socket to indicate incoming connection? Which Radiator version, Perl
version and operating system you are using?
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable
switch on debugging to see what triggers
the above.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active
On 11/15/2013 09:15 PM, Heikki Vatiainen wrote:
On 11/14/2013 11:41 PM, David Zych wrote:
My problem with PacketTrace as currently implemented is that it adds packet
dumps to _every_ global logger, whereas I'd really like to control where
they go and e.g. not send them to syslog.
I
,
Heikki
--
Heikki Vatiainen h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey
::LDAP:
https://rt.cpan.org/Public/Bug/Display.html?id=90459
Hello Klara,
thanks for keeping us informed about this. I think we'll have a note in
the documentation about this too. I'll keep an eye on the ticket to see
what the maintainer says.
Thanks,
Heikki
--
Heikki Vatiainen h...@open.com.au
201 - 300 of 996 matches
Mail list logo