hai friends,
I have installed free radius and radtest commands working fine locally.
The OS used is RedHat 8.0 . But When i am trying this command from other servers, it
is not responding. Also when i am dialing, i am getting authentication failed message.
The same configuration i have done in
Am Die, 2003-10-28 um 17.59 schrieb Bruno Gianelli Braido:
Hello all,
I'd like to use the Dialup_Admin, I tried use the example from
http://kstadler.ch/index.php?topgroupid=1subgroupid=14groupid=11
but not success.
Who knows where I get a good example???
My equipament is a
Am Mit, 2003-10-29 um 12.57 schrieb Bruno Gianelli Braido:
Thanks for your help Uli,
So my FR is working with Mysql, my problem is configure the Dialup
Admin, I used the help come with DialupAdmin but not work.
Where I get a example to configure the Dialup Admin
[...]
Most important
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Sorry if this is a dumb question or if it has been answered before but I've
looked through the RADIUS book and back through the emails I have received
from the list and found nothing relevant.
I've been using FreeRADIUS 0.9.2 to authenticate
Hi,
I'm new to radius in general, and wonder if anyone can provide me with
good a nod in the right direction. I installed freeradius 0.9.2 from
source on RedHat advance server 2.1. Initial testing as described in
INSTALL went fine.
We will be getting Apple Airport Extreme base stations (
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sorry for the self reply but there's a bit more info...
I'm using the same user entries for PAP authentication using System and
MS-CHAPv2 authentication with a locally defined User-Password. The
lower_user = after appears to work fine for PAP but
Hello Mr. Kalevras, i already look @ rad_counter.pl
and i understand the flow of this script. It open the
database as READONLY, print the information where u
can specify the db filename, user, how the counter
will be shown, second (default), minutes, hours and
match. My problem is i dont have any
Artur
I made a mistake editing that mail last night.
200.193.87.129 has no relation to problem related. It's another server
for tests.
my problem is: the proxy server doesn't send acct (accounting) packets
to 200.180.55.65 server.
Justo know:
200.180.22.15 is the RAS that consult only
I have a problem where I continue to get unknown host
rad_recv: Access-Request packet from host 10.64.254.8:40001, id=25,
length=89
Ignoring request from unknown client 10.64.254.8:40001
I have defined the host in my clients.conf and I have set up my naslist
correctly.Any pointers?
I am
Hi all:
Sorry if this question has been asked million times. I'm new to
FreeRadius and now working on a project
migrating Radiator to Freeradius. I've been using Radiator for years and
the first thing that concerns me
about the migration is the realms.
I now have about over 10 realms in
On Oct 29, 2003, at 6:21 AM, Jan van Rensburg wrote:
Hi,
I'm new to radius in general, and wonder if anyone can provide me with
good a nod in the right direction. I installed freeradius 0.9.2 from
source on RedHat advance server 2.1. Initial testing as described in
INSTALL went fine.
We will
ok
looking at your radiusd.conf file, i wonder if you have to add a preacct
section with a suffix module in it in order to look up the realms.
otherwise it seems ok to me.
ciao
artur
I made a mistake editing that mail last night.
realm dimapel.com.br {
type= radius
Guy Davies [EMAIL PROTECTED] wrote:
I've been using FreeRADIUS 0.9.2 to authenticate users using MS-CHAPv2 and,
up to now, everything has been working fine. However, I have several users
who use a username in Uppercase so I thought I'd use the lower_user
after function to make everything
I have to believe that this topic has come up so frequently that most
members of this list are sick of hearing about it... Unfortunately, my
search of the archives did not result in a definitive answer for me - so I
am compelled to bring up this question once again. Please forgive me.
Is it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-Original Message-
From: Alan DeKok [mailto:[EMAIL PROTECTED]
Sent: 29 October 2003 17:11
To: [EMAIL PROTECTED]
Subject: Re: lower_user with MS-CHAPv2...
Guy Davies [EMAIL PROTECTED] wrote:
I've been using FreeRADIUS 0.9.2 to
Jan van Rensburg [EMAIL PROTECTED] wrote:
I see the Airport supports Cisco's LEAP, do I
need to configure freeradius with LEAP support, or is this not
necessary if Cisco equipment aren't used?
Configuring FreeRADIUS to use LEAP is required if you are going to
authenticate users via LEAP.
Woods, Bryan [EMAIL PROTECTED] wrote:
Is it possible to have freeRADIUS communicate directly to an NT domain
controller for the purpose of authenticating and/or authorizing users?
See rlm_smb. It's experimental, so you'll have to do some minor
work to build it, but it works for me.
Alan
Am Mit, 2003-10-29 um 17.37 schrieb Leon Li:
Hi all:
Sorry if this question has been asked million times. I'm new to
FreeRadius and now working on a project
migrating Radiator to Freeradius. I've been using Radiator for years and
the first thing that concerns me
about the migration is
Alan,
Could you please give us a starting point? I just compiled the rlm_smb.
Is there any radiusd.conf file?
Thanks,
Marios
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok
Sent: Wednesday, October 29, 2003 7:20 PM
To: [EMAIL PROTECTED]
Hello Gurus,
Iam a Research Assistant at George Mason University trying to set up freeradius server for cisco aironet 1200 APs (MAC based auth). Though I have been googling for almost 3 days I dont get the big picture. Its been hard to find documentation or configuration steps. Iam to install
Hi
Many time ago I compiled freeradius with some configure parameter but, I
forgot what.
I'vo got binary files and I wonder if there's a way to know parameters I
used on compile time with this binary.
Is there a way to know what parameters I used ??? just like php do with
phpinfo().
-
Sorry Alan,
I found one after the build --with-experimental-modules=yes.
Thanks,
Marios
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marios
Karagiannopoulos
Sent: Wednesday, October 29, 2003 7:37 PM
To: [EMAIL PROTECTED]
Subject: RE: authenticating
I just tried to be authenticated from open1x client.
I got the following:
rlm_smb: Attribute User-Password is required for authentication.
What's next modification of radiusd.conf?
Thanks,
Marios
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marios
Marios Karagiannopoulos [EMAIL PROTECTED] wrote:
I just tried to be authenticated from open1x client.
I got the following:
rlm_smb: Attribute User-Password is required for authentication.
rlm_smb can only do PAP. I don't think you said you were doing
wireless authentication...
Alan
Right. So, there is no way of wireless auth through rlm_smb?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok
Sent: Wednesday, October 29, 2003 8:33 PM
To: [EMAIL PROTECTED]
Subject: Re: authenticating directly from NT domain controller
Marios Karagiannopoulos [EMAIL PROTECTED] wrote:
Right. So, there is no way of wireless auth through rlm_smb?
It would help to actually say which wireless authentication method
you're using.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Title: Message
Alan,
Alternatively, I'm
trying to wireless authenticate through MS-CHAPV2 and etc_smbpasswd. I dumped
the
password from Domain
Controller to a file /etc/smbpasswd but unfortunately I'mgetting rejected
!!
auth: type "MS-CHAP"modcall: entering group
Auth-Type for request 1
- MSCHAPv2
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok
Sent: Wednesday, October 29, 2003 8:58 PM
To: [EMAIL PROTECTED]
Subject: Re: authenticating directly from NT domain controller
Marios Karagiannopoulos [EMAIL PROTECTED] wrote:
Marios Karagiannopoulos [EMAIL PROTECTED] wrote:
Alternatively, I'm trying to wireless authenticate through MS-CHAPV2
MS-CHAPv2 is not a wireless authentication protocol.
auth: type MS-CHAP
modcall: entering group Auth-Type for request 1
rlm_mschap: Found LM-Password
rlm_mschap:
Is there any doc on rlm_smb ?
-Original Message-
From: Alan DeKok [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 29, 2003 10:20 AM
To: [EMAIL PROTECTED]
Subject: Re: authenticating directly from NT domain controller
Woods, Bryan [EMAIL PROTECTED] wrote:
Is it possible to
Alan
I send some usefull information (I think).
Could you help me (when you have time)???
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ok Alan. You are always right. Let's say that I need to authenticate
wireless users from
Open1x through freeradius. These users are not in a local file (for
example users) but
in an Active Directory Server (my PDC). What methods should I use? I've
spent over 3 days to do that.
Thanks again,
Ron Wahler [EMAIL PROTECTED] wrote:
Is there any doc on rlm_smb ?
raddb/experimental.conf
The SMB module is so simple stupid, that there's little to
configure, and little to get right (or wrong).
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Marios Karagiannopoulos [EMAIL PROTECTED] wrote:
Ok Alan. You are always right.
sigh I don't want you to be nice to me. I want you to READ the
available documentation, and to DESCRIBE what you're doing when you
post to the list. So far, you've done poorly on both.
Let's say that I need to
What does it use for the authentication method? PAP to what?
Does it bind to a database?
-Original Message-
From: Alan DeKok [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 29, 2003 12:27 PM
To: [EMAIL PROTECTED]
Subject: Re: authenticating directly from NT domain controller
Ron Wahler [EMAIL PROTECTED] wrote:
What does it use for the authentication method? PAP to what?
Does it bind to a database?
PAP to SMB, similar to what any client would do when mounting
network shares.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Hi all,
Got a FreeRadius installation working fine for analog modem users. A
client is now trying to send through loads of ISDN traffic, and he's
getting the following:
691: username/password declined (windows errors message)
radius.log shows his test username as Login: ok. Yet Radius isn't
First of all Try a debug with radiusd -x
then check configuration may be the user is trying to use the second
ISDN channel and your radius doesnt let him use it..
May be there is some issue with the NAS and nothing with the radius
itself..
On Wed, 2003-10-29 at 14:43, James Green wrote:
Hi
If I need to do the following, how do I setup the dictionary to be correct?
3Com Vendor Specific Attribute
The default user levels on the Switch (monitor, manager, admin) are
supported by a 3Com Vendor Specific Attribute (VSA). The Vendor-ID for
3Com is 43. You must configure the RADIUS server to
gmake[10]: Leaving directory
`/root/download/freeradius-snapshot-20031029/src/modules/rlm_eap/types/rlm_eap_tls'
gmake[9]: *** [common] Error 1
gmake[9]: Leaving directory
`/root/download/freeradius-snapshot-20031029/src/modules/rlm_eap/types'
gmake[8]: *** [static] Error 2
gmake[8]: Leaving directory
Jonathan Richard Brockmeier [EMAIL PROTECTED] wrote:
If I need to do the following, how do I setup the dictionary to be correct?
Read the other dictionary files, and 'man dictionary', it should be
pretty straightforward.
Also when I am trying to get 802.1x working against mysql data (since
Thanks for the help.
I tried according to doc/Autz-Type, still no luck. What it mentions
seems to be clear and easy.
I added something like
DEFAULT
Realm == companyA.com,
Autz-Type := sql_a
into users file and
Autz-Type sql_a {
sql2
}
into authorize
Matt Sapp [EMAIL PROTECTED] wrote:
On the Centrino laptop, logging into the domain, wireless also comes up.
However, the laptop with the Atheros card in it, when logging into
the domain rather than locally to the laptop, I get this when running
with -X:
If one works and the other doesn't,
Alan,
Upon setting with_ntdomain_hack = no, of course now my wireless users cannot be
found in ldap, so the systems that did work before do not now:
radius_xlat: '(uid=MNU.EDU\\Matt)'
radius_xlat: 'dc=mnu,dc=edu'
ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=mnu,dc=edu, with
I am trying to set up a wireless network with WPA security, using a SMC 2804
AP and a SMC 2835 card with a XP laptop and MS WPA patch.
Does anyone have details on how to set up the freeradius environment for WPA
(including generating the certificates)?
I have tried to follow the EAPTLS document
Alan,
Your pointer to the MS-CHAP issue with usernames got me thinking. I looked closely at
the logs and one machine was sending usernames in lowercase, and the other was sending
them partially upper-cased (which, after some research, i found they were in our
Active Directory with some
Hello.
I have FreeBSD 4.8R-p13 with freeradius.
After upgrade to 0.9.2 i have noticed warnings on radiusd start,
when starting from /usr/local/etc/rc.d/radiusd.sh as usual, e.g.
without flags, there is couple of messages radiusd in free():
warning: junk
Hello freeradius-users,
Is there a possibility to pool range of IP addresses for NAS
while NAS is not in that range? For example, if i try to pool
192.168.253.0/24 network for NAS with address 192.168.3.3 - it
says that nas/port not found for that NAS address
Matt,
How did you synchronize the Active Directory with OpenLDAP. Are you
Keeping passwords in the clear on OpenLDAP or in NTpassword form?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Sure you can.
But if you do that you cant get routed to any place.
You need a gateway address within the same logical network.
On Wed, 2003-10-29 at 19:29, Alexander Lunyov wrote:
Hello freeradius-users,
Is there a possibility to pool range of IP addresses for NAS
while NAS is
Hello Gustavo,
Wednesday, October 29, 2003, 8:42:51 AM, you wrote:
GAL Sure you can.
GAL But if you do that you cant get routed to any place.
GAL You need a gateway address within the same logical network.
What do you mean? NAS in the same logical network or radius server in the
You need an address in the RAS to act as a gateway...
You can configure any pool in whatever RAS but for example if the RAS is
a cisco you will need to do something like:
interface eth0 ip add xxx.xxx.xxx.1 secondary
interface eth0 ip add yyy.yyy.yyy.1 secondary
..
...
and now you can
52 matches
Mail list logo