maybe you can't get what you want.
i think the begin is reading RFC2865.
and then you can download the freeradius' source code.
reading src/README, FAQ. etc.
doc/README, aaa.txt, configurable_failover, module_interface,
processing_users_file.
t
q+
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Artur,
Thanks for the info about the EAPOL packets. I've installed the latest
drivers both for the AP and the pcmcia card.
It seems that the AP340 has a bug(?:(
Is there any website of Cisco where I can post my question?
Thanks,
Marios
-Original Message-
From: [EMAIL PROTECTED]
Hi to all,
I want to ask this:
using freeradius, can you have users in LDAP and mysql so doing
authentication from both simultaneous?
Thanks a lot
Costas A. Christonis
Networking Communications Centre
Gallos Campus - University of Crete
email: [EMAIL PROTECTED]
http://www.ucnet.uoc.gr/
Hi all,
maybe a totally stupid question
when I read the RFC 2865 RADIUS- then there is a section about CLASS
attribute stateing :
5.25. Class
Description
This Attribute is available to be sent by the server to the client
in an Access-Accept and SHOULD be sent unmodified by the
On Wed, 19 Nov 2003, ylei wrote:
maybe you can't get what you want.
i think the begin is reading RFC2865.
and then you can download the freeradius' source code.
reading src/README, FAQ. etc.
doc/README, aaa.txt, configurable_failover, module_interface,
On Wed, 19 Nov 2003, Costas Christonis wrote:
Hi to all,
I want to ask this:
using freeradius, can you have users in LDAP and mysql so doing
authentication from both simultaneous?
In general yes. Though you will probably need to play with Autz-Type and
Auth-Type to get that working ok
From dictionary.tunnel...
ATTRIBUTE Tunnel-Type 64 integer has_tag
what is mean by has_tag??
I'm currently working on RADIUS - MPLS-VPN project, and from example
given by cisco.. Some of attributes needed for doing L2TP tunnelling
are as below:
Tunnel-Type =
hi
Thanks for the info about the EAPOL packets. I've installed the latest
drivers both for the AP and the pcmcia card.
It seems that the AP340 has a bug(?:(
Is there any website of Cisco where I can post my question?
i've been using an AP340 with the 12T release for a quite a while now
and i
Michael Kopp [EMAIL PROTECTED] wrote:
If I look at the dictonary file of freeradius I see
ATTRIBUTEClass 25 octets
So shouldn`t this be like :
ATTRIBUTE Class 25 string ?!?
No. The string type in the RFC simply means that the attribute is
variable
Alex French [EMAIL PROTECTED] wrote:
Having read the RFCs (well, skimmed them at least) I am aware that
including Acct-Session-Time, Acct-Output-Octets and Acct-Input-Octets in
UPDATE messages is illegal. However, we have what we think is a good reason
to do it, and freeradius seems to
This question seems to aim for a FAQ question :)
Jon
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok
Sent: Tuesday, November 18, 2003 9:27 PM
Subject: Re: Documentation Suggestion
Anson Rinesmith [EMAIL PROTECTED] wrote:
What's the
Artur,
Have you checked if the last EAPOL-Key is malformed. It works fine for
me too even if the packet is not correct !!
I tried to pass traffic with WEP enabled and I didn't have any problem,
but I don't know if this packet should be malformed anyway!!
Could you please try to pass traffic using
On Tue, 18 Nov 2003, John A. Hengstler wrote:
Greetings.
I have an Cisco as5300 that I am using for Dial customers.
The customer connects, the authentication comes through, but then at the
authorization level the connection gets dropped by the nas..
Are there any suggested attributes to
On Tue, 18 Nov 2003, John A. Hengstler wrote:
Greetings.
I have an Cisco as5300 that I am using for Dial customers.
The customer connects, the authentication comes through, but then at the
authorization level the connection gets dropped by the nas..
Are there any suggested
Heiden, John [EMAIL PROTECTED] wrote:
I am assuming I need to somehow have FreeRADIUS add a realm
to the incoming information first, then pass that back to the
Active Directory server?
Are you using FreeRADIUS to put the users into different realms, or
are the users logging in with different
Hello,
I would like, for testing, a sample configuration for freeradius with
peap or EAP/TTLS with a openLDAP server backend.
Thanks.
Escuse my english
--
GQS
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I'm sorry, I should have been more specific. I have multiple
Cisco access servers (AS5300/AS5350/AS5400) and some are in
one pool of users, some are in another, and some are in still
another. I think about 5 different pools.
So kind of imagine a tree of sorts. The leaves/branches are
the Cisco
-Name = shawn'
rlm_acct_unique: Acct-Unique-Session-ID = f56023f6b2ffca98.
modcall[accounting]: module acct_unique returns ok
radius_xlat:
'/usr/local/var/log/radius/radacct/205.28.26.18/detail-20031119'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands
to /usr
Heiden, John [EMAIL PROTECTED] wrote:
So kind of imagine a tree of sorts. The leaves/branches are
the Cisco AS servers, they go back and authenticate to a
Linux server with Free Radius. The Linux/FreeRADIUS server
then ultimately authenticates the users back to an AD server.
But the
=
205.28.26.18,NAS-IP-Address = 205.28.26.18,Acc
t-Session-Id = 8120001a,User-Name = shawn'
rlm_acct_unique: Acct-Unique-Session-ID = f56023f6b2ffca98.
modcall[accounting]: module acct_unique returns ok
radius_xlat:
'/usr/local/var/log/radius/radacct/205.28.26.18/detail-20031119'
rlm_detail
Am Die, 2003-11-18 um 20.26 schrieb Mario Duve:
Hello,
how I can reach, which can log in each user,
not two times at the same time?
The Simultaneous-Use Attribute not work in
my groupcheck.
that's what it should look like...
| id | groupname |attribute | op | value
Hey everyone,
I continue to have a problem using peap with
freeradius-snapshot-20031110. From what I have read about EAP, and
from my discussions with others on this list, I believe I am seeing a
problem from freeradius.
Please correct me if I am wrong.
According to the documentation in
The idea is that the only place where pool membership would be
defined is in the AD. The problem is that each pool needs to
be independent, and sometimes users move between pools. And the
only place (that they want to keep track of ) membership is in
the AD.
That kind of sucks about CHAP. OH
Umm... dumb question, but you don't have eap listed in the
authenticate section of your radiusd.conf file twice do you?
--Mike
On Wed, 2003-11-19 at 12:31, Bill Reid wrote:
Hey everyone,
I continue to have a problem using peap with
freeradius-snapshot-20031110. From what I have read
I am asking the dumb questions here!
No I don't.
thanks Mike.
-=Bill
Michael Griego wrote:
Umm... dumb question, but you don't have eap listed in the
authenticate section of your radiusd.conf file twice do you?
--Mike
On Wed, 2003-11-19 at 12:31, Bill Reid wrote:
Hey everyone,
I continue
Bill Reid [EMAIL PROTECTED] wrote:
I continue to have a problem using peap with
freeradius-snapshot-20031110. From what I have read about EAP, and
from my discussions with others on this list, I believe I am seeing a
problem from freeradius.
I've looked at your packet trace, and there
On Wed, 2003-11-19 at 13:09, Alan DeKok wrote:
From the debug output, it looks like you've managed to make the
server call the EAP module *twice* for the request, during the
authenticate stage. I have no clue how you managed to do this, but
it's definitely wrong.
That's exactly what I'm
Hi list,
I was wondering what peoples experiences have been with using FreeRadius
with the cisco VPN 3000 concentrator.
Are there any documents outlining this?
Thanks,
Dan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I have two 3005s and a 3015 that authenticate users via Freeradius. It just
works right out of the box. I'm using our central LDAP directory that already
contains user authentication info.
-Tom
On Wed, Nov 19, 2003 at 03:46:18PM -0500, Dan Didier wrote:
Hi list,
I was wondering what peoples
I have freeradius/mysql setup authenticating on a MAX2000,
the Max has the IP pool. I would like to know how to setup mysql/freeradius to
handle giving out the IP.
Im sure I its just setting up the table, but I
dont know the syntax.
Hello everyone,
I've never used FreeRadius before. I think I successfully installed it
on RedHat and it seems to start up OK. I added my windows XP IP address
in the clients file along with a key; added the same IP address, short
name, and portslave as the type; and uncommented out the 3 lines
FOR MAC based auth only
- Make sure the IP address of you AP's are in the clients.conf
- edit the users file and add the MAC address of the clients as the user name.
Thepassword is the key you set on your AP's.
Ken Connell
Intermediate Network Engineer
Computer Communication Services
Ryerson
I've been asked if the following is possible. We operate a pair of
radius servers that proxy several realms to their respective home
servers. We need to limit their users access based on
Called-Station-ID. When the Auth request comes in from the NAS, I need
to be able to consult a (possibly
Do you use group functions, or is everyone in the base group?
Thanks,
Dan
-Original Message-
From: Tom Miller [mailto:[EMAIL PROTECTED]
Sent: Wed 11/19/2003 4:14 PM
To: [EMAIL PROTECTED]
Cc:
Subject: Re: Cisco VPN 3000 experience
Dan Didier [EMAIL PROTECTED] wrote:
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: base64
Please fix your mailer to send text as text, instead of encoding it.
Content-Type: application/ms-tnef;
name=winmail.dat
Please also fix your mailer to not send
Mark Moody [EMAIL PROTECTED] wrote:
We need to limit their users access based on Called-Station-ID.
When the Auth request comes in from the NAS, I need to be able to
consult a (possibly large) list of access numbers and determine if
the user called an approved number, if so allow the request
At 03:28 PM 11/19/2003, Michael Shanafelt wrote:
Hello everyone,
I've never used FreeRadius before. I think I successfully installed it
on RedHat and it seems to start up OK. I added my windows XP IP address
in the clients file along with a key; added the same IP address, short
name, and
On Wed, 19 Nov 2003, Dan Didier wrote:
Hi list,
I was wondering what peoples experiences have been with using FreeRadius
with the cisco VPN 3000 concentrator.
Are there any documents outlining this?
Thanks,
Dan
-
List info/subscribe/unsubscribe? See
Hi,
I working on getting my radius accounting records in MySQL.
I noticed that the attribute: Freeradius-Proxied-To = aa.bbb.ccc.ddd
shows up in my radius accounting flat files but when I look at
sqltrace.sql it shows up as ' ' and when I select that record from
my radacct table it shows up as
Hello,
After a good night, everything is better.
So Andreas Congratulation for your great work, here with your package file
everything work perfectly (without a glitch) on any panther distrib (tested
on 3 Emac and 2 G4)
I m really impressed by it (installing it with a mouse in graphical mode
Hi all,
Could someone please verify I'm using the right syntax for the huntgroups
file and a sample row of data from the radcheck table in an SQL DB.
huntgroups:
# Group 1
group1 NAS-IP-Address == 10.100.50.6
NAS-IP-Address == 10.100.50.7
# Group 2
group2 NAS-IP-Address ==
At 09:12 PM 19/11/2003 -0500, you wrote:
Disregard, I made an error in the huntgroups syntax.
Hi all,
Could someone please verify I'm using the right syntax for the huntgroups
file and a sample row of data from the radcheck table in an SQL DB.
huntgroups:
# Group 1
group1 NAS-IP-Address ==
confirm 482356
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I think this can also be achieved by writing a function/procedure in
database which return the values after doing the checking.
Deepak Singhal
- Original Message -
From: Alan DeKok [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, November 20, 2003 3:28 AM
Subject: Re: Limiting
hello sir,
i'm trying to connect freeradius db2 .
i want to know how the freeradius my sql works.
1) i mean to say the front end of freeradius is available on -? where shall i find it? the interface?
2) also how the tables are maintained in the freeradius server as well as the db2 server.
If I use freeradius with portsale check mulltiple logins (Simultaneous-Use) works only
with finger?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
48 matches
Mail list logo