.
Chris Brotsos
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
At 09:52 AM 7/30/2002 -0500, you wrote:
Still getting segmentation fault after removing old version 0.5 rlm_*
libraries and re-installing. By the way, there are no core dump file
generated even after setting allow_core_dumps = yes.
More ideas ???
Yes, make distclean, and then after the LIBS
Spike,
After processing the SQL table, attributes will be picked up from the
DEFAULT profile in the users file. If you need a specific DEFAULT profile
to be used then assign an attribute via SQL and use it as a check-item in
the users file DEFAULT profile.
Chris
At 06:11 PM 7/30/2002
At 03:52 PM 8/21/2002 +0200, you wrote:
Hello,
after my konfiguration and implementation of the radiusd in the company
network, i am now in the test phase.
A test user got the problem that his Win2k SP 3 Client cannt connect to
the radius server, though his user profile/passwd
works well on
At 04:41 PM 8/21/2002 +0200, you wrote:
Do you use PAP authentication on your network with the test-user
attempting CHAP authentication? Or is there some reason why CHAP would
work for you and not your test user? Look for differences in DUN/PPP
configurations between the two PC's (the one
At 01:38 PM 8/21/2002 -0700, you wrote:
I should have included all the unix {} config :
# Unix /etc/passwd style authentication
#
#
unix {
#
# Cache /etc/passwd, /etc/shadow, and /etc/group
#
If you mean, for example, to have an entry in proxy.conf as realm
somerealm match to somerealm and SOMEREALM then do the following...
In r1.67 of files.c, change the line:
if (strcmp(cl-realm, realm) == 0) {
to:
if (strcasecmp(cl-realm, realm) == 0) {'
That should force FR to accomplish the
At 10:41 AM 8/22/2002 -0400, you wrote:
Chris Brotsos [EMAIL PROTECTED] wrote:
If you mean, for example, to have an entry in proxy.conf as realm
somerealm match to somerealm and SOMEREALM then do the following...
In r1.67 of files.c, change the line:
...
This is probably a good idea
At 09:49 AM 9/11/2002 -0300, you wrote:
Hi,
Is there a webpage or documentation on what the operators (:=, =,...etc) are
and what they mean? I've been looking through the documentation that I
could find in the freeradius installation but I haven't seen anything.
At 01:34 PM 9/12/2002 -0400, you wrote:
I am using a bastardized approach to rlm_sql
I am using a customized query to use the data in a vpopmail table for radius
auth. I have about everything commented out in sql.conf, except for the
bare necessities to lookup names...
I am unable to make the
is still in the development stage.*
If the problem still occurs, write back again with some debug output and/or
a GDB backtrace. That may make it easier for list members to determine the
source of your problem.
Regards,
Chris Brotsos
-
List info/subscribe/unsubscribe? See http
I have downloaded the recent CVS snapsot, and i am getting the same problem
again and again.
But the important thing here to notice is that, this is happenning in only
one of my m/c., i.e., a Compaq Proliant 400 server, and free radius was
running there for some quite a long time untill it
At 05:37 PM 10/24/2002 +0200, you wrote:
| By Chris Brotsos [EMAIL PROTECTED]
| [ 2002-10-24 17:17 +0200 ]
I would suggest running in GDB to find out what's going wrong here.
Yea, I tried but honestly can't find the core file. Core dumps are enabled
' with no arguments). The problem with your method
now is that radiusd re-reads radiusd.conf when you HUP it. As you can see
from your debug ouput, radiusd thinks it should restart in debug_level
0...so tell it to run at level 2 right from the beginning.
Regards,
Chris Brotsos
-
List info/subscribe
At 12:58 PM 11/15/2002 -0500, you wrote:
I delete it but:
radiusd: entering modules setup
Module: Library search path is /usr/local/freeradius/lib
radiusd.conf[485] Failed to link to module 'rlm_pap': file not found
the problem now is with pap, I need authenticate and authorizate whit ldap
At 01:32 PM 11/15/2002 -0500, you wrote:
my rlm_* libraries are in /usr/local/freeradius/lib directory
the variable LD_LIBRARY_PATH no defined
but I define it, LD_LIBRARY_PATH=/usr/local/freeradius/lib,
and problem continue.
On LINUX and Solaris, if I have the correct library path
At 12:36 PM 11/19/2002 -0500, you wrote:
Ok, as I said I'm new to this, [I'm running FR 0.8 btw] Im just trying to
use radtest to get something authenticating at this point, this is what I
put in my /etc/raddb/users file:
drewAuth-type := Local,
User-Password == yummy
The above
At 12:49 PM 11/19/2002 -0500, you wrote:
Replying. Sorry., I forgot to try it in debug mode.
The error its getting is rlm_chap: could not find proper chap-password
attribute in request
-Drew
I'm not sure how to send a Chap-Password via radtest. You are failing on
the test because you are
in the password. ? Double-check the
shared secret on the server and the NAS!
Check shared secret in your clients file on FreeRADIUS and the NAS config too.
Regards,
Chris Brotsos
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
At 11:12 PM 11/19/2002 -0200, you wrote:
Chris Brotsos wrote:
At 06:04 PM 11/19/2002 -0200, you wrote:
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql: The 'op' field for attribute 'User-Password =
$1$C.zZID82$kp/ZF6uwfT3dIHwtLd1B70' is NULL, or non-existent.
rlm_sql: You MUST FIX
to
the end of line 982 helps.
Such that:
New line 982 reads, LIBS=$old_LIBS -L$try -lmysqlclient -lz .
Regards,
Chris Brotsos
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
At 03:51 PM 11/21/2002 -0500, you wrote:
no problem, I figured it out... but it didn't help. I noticed it was
looking for mysql/mysql.h so I add a soft link like this
ln -s /usr/local/mysql/include /usr/local/include/mysql
then I did the same for the lib directories.
This subterfuge
At 02:36 PM 11/26/2002 +0100, you wrote:
Hi!
First of all, I'm new to RADIUS in general, so this might very well be
a beginners question.
I'd like to have encrypted passwords in the etc/users file, is that
possible? And if so, what syntax should I use?
The documentation seems to refer to the
Alan,
At 11:38 PM 11/27/2002 +1100, you wrote:
Dear all,
I have just installed radius 0.8 on my redhat 7.2 box. Being a total
newbie I just wanted to know two things...
1) Firstly how do I add new users and then without restarting make radius
reread the users file? Is there a configuration
Travaglia
Chris Brotsos [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
11/27/2002 07:39 AM
Please respond to freeradius-users
To: [EMAIL PROTECTED]
cc:
Subject:Re: User Configuartion Help and Interesting Scenario
Alan,
At 11:38 PM 11/27/2002 +1100, you
Role, you want someone who's absolute crap, looks
reasonable on paper, and won't cause too much trouble. ... Well I don't
have any MCSEs on my books at the moment, but I could call around.--
Simon Travaglia
Chris Brotsos [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
11/27/2002 09:08 AM
digits of the DNIS.
Keep the proxy.conf configuration the same. Add a Proxy-To-Realm attribute
through DEFAULT profiles that use the DNIS as a check-item. This could be
done, for example, through rlm_files or rlm_fastusers.
HTH,
Chris Brotsos
-
List info/subscribe/unsubscribe? See http
At 11:07 PM 12/22/2002 -0800, you wrote:
I've downloaded freeradius0.8.1 and installed it on a
FreeBSD 4.4 pc.
I added the following lines in the config file hints
DEFAULT Suffix = @test1.vpdn, Strip-User-Name = No
Hint = PPP,
Service-Type = Framed-User,
Framed-Protocol
Norbert,
At 03:23 PM 1/21/2003 +0100, you wrote:
I start my freeradius 0.8.1 with /usr/local/sbin/radiusd -i 127.0.0.1 -p
1812 -sfX
and have problems to get proxyauthentication working. Without the realm
everything works as expected.
proxy_requests = yes in radiusd.conf
here is my minimal
At 01:40 PM 1/23/2003 -0700, you wrote:
Hey all,
I do a lot of proxy for realms to remote radius servers, and several of the
realms have the same proxy information with just a different realm name.
Currently I have proxy.conf setup as follows:
realm realm1.com {
type= radius
At 05:37 AM 1/27/2003, you wrote:
I note that in the documentation it states that the DEFAULT realm
matches all realms.
Is it possible to match all realms that are *not* defined? (ie. similar
to DEFAULT but not does match on realms that *are defined).
That is what happens.
A realm that is
Hello All,
I have recently tried implementing rlm_perl with FR 0.9-pre on Solaris2.8.
After installing Perl5.6.1, I got the following errors when running 'make'
in the rlm_perl directory:
*** Warning: Linking the shared library rlm_perl.la against the
*** static library
At 03:31 PM 2/4/2003, you wrote:
Is there a way to proxy subrealms to downstream radius servers?
We have [EMAIL PROTECTED], [EMAIL PROTECTED], subrealm3.foo.com
and want to proxy all three subrealms to the same downstream radius server
without having to specify each subrealm...just the *.foo.com
At 10:36 AM 2/4/2003, you wrote:
Chris Brotsos [EMAIL PROTECTED] wrote:
I have recently tried implementing rlm_perl with FR 0.9-pre on Solaris2.8.
After installing Perl5.6.1, I got the following errors when running 'make'
in the rlm_perl directory:
Yeah, perl supplies some dynamic
-to-realm attribute
that will suffice for your *.foo.com realms.
Just another possibility. Hope one of them helps.
Chris
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Chris
Brotsos
Sent: Tuesday, February 04, 2003 4:38 PM
To: [EMAIL PROTECTED
At 03:09 PM 2/7/2003, you wrote:
Hello all freeradius-users,
sorry again for my bad english... :)
i changed radtest script to do acct, so as a result i got:
Accounting: no Accounting-Status-Type record.
modcall[accounting]: module unix returns noop
Accounting: no Accounting-Status-Type
that.
Just a note, the disbursement of requests will not necessarily be
A-B-A-B-A-B, but you will get an even spread (i.e. A-B-B-A-A-B) as time
approaches infinity.
Regards,
Chris Brotsos
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
At 05:01 PM 3/26/2003, you wrote:
I have the ldflag in the proxy.conf file set to round_robin on all of the
realms we have but the system is not doing a round robin on the servers.
Has anyone got any idea why this might happen or am I using the wrong flag?
What version of FreeRADIUS are you
At 02:13 AM 4/1/2003, you wrote:
i'm having problems compiling freeradius v0.8.1 on a solaris 9 machine
with mysql support and any help would be greatly appreciated. here's some
more details on the setup.
solaris 9 (12/02)
freeradius v0.8.1
mysql 3.23.53 (from sunfreeware.com)
mysql base dir is
At 10:31 AM 4/3/2003, you wrote:
Hi,
I'm using freeradius 0.8.1.
I try activating it from actually two types of clients (which worked
successfully against other RADIUS servers).
And keep getting server errors of the form:
Ignoring request from unknown client 10.119.33.184:3458
The client (IP)
At 10:49 AM 4/3/2003, you wrote:
Thankis Chris,
But I have 10.119.33.184 as well, which doesn't help:
And clients itself should be enough (although obsolete).
O/k, I thought maybe you just missed that by mistake.
I would take Allen's suggestion, and make sure the server is reading the
modcall[authorize]: module sql returns fail
Anyone could tell me why I not seeing a SQL Query on
the screen? Instead I get Unknow attribute SQL-User-
Name
Does your dictionary file include an entry for SQL-User-Name?
Chris Brotsos
-
List info/subscribe/unsubscribe? See http
that is provided with the
distribution.). Looks to me like you have said requirements commented out
in your eap block.
HTH,
Chris Brotsos
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
think you might want to look at rlm_sqlcounter. There is excellent
documentation too, which is found in /path/to/src/radiusd/doc/rlm_sqlcounter.
HTH,
Chris Brotsos
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
At 06:56 PM 6/30/2003, you wrote:
Hi,
Is it possible to make Proxy Authentication decisions (i.e whether to
forward Auth-Request to another RADIUS or Not) based on
Username\Part_of_username instead of Realms ?
Yes. Use the Proxy-To-Realm attribute. Here are some posts that explain:
At 03:41 PM 7/2/2003, you wrote:
It deals with the radius server authenticating, or sending to another
radius server based on the originating DNIS.
Archive Search: Proxy DNIS
http://www.mail-archive.com/[EMAIL PROTECTED]/msg16250.html
http://www.mail-archive.com/[EMAIL PROTECTED]/msg12031.html
At 12:49 PM 7/9/2003, you wrote:
Hello.
Is The servers_per_realm a maximum setting, or has it to be exact?
If i have to proxy a realm to say 2 servers, an another to 3 - is it
possible?
I'm pretty sure that the limit was removed when the round-robin code was
re-implemented. Either way, when the
with that.
Chris Brotsos
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
At 03:34 PM 7/10/2003, you wrote:
I am simply not successful in getting fail_over to work running FR 0.8.1
in proxy mode.
I thought the code was there to handle fail_over.
Look for a statement in proxy.c that read, marking authentication server
%s:%d for realm %s dead. Look for code in
will be dropped before the fail-over can
take place.
proxy_requests = yes
$INCLUDE ${confdir}/proxy.conf
authorize {
suffix
files
}
###
And that's about all that should matter. Take a look at your
max_request_time. Is that maybe the problem?
Regards,
Chris
At 02:03 PM 7/18/2003, you wrote:
My first issue, is in the users file, how do I set an attribute to equal
something ONLY if it doesn't exist in the packet?
A DEFAULT profile.
Secondly, with rlm_attr_filter, how do I setup multiple values to allow per
attribute (like for Service-Type, the proxy
At 03:30 PM 7/25/2003, you wrote:
Hi
When I do gmake I get this error:
gcc .libs/radiusdS.o -g -O2 -Wall -D_GNU_SOURCE -DNDEBUG -I../include -o
.libs/radiusd radiusd.o files.o util.o acct.o nas.o log.o valuepair.o
version.o proxy.o exec.o auth.o timestr.o conffile.o modules.o modcall.o
session.o
At 04:21 PM 7/25/2003, you wrote:
Guillermo Delmastro [EMAIL PROTECTED] wrote:
When I do gmake I get this error:
...
radiusd.o: In function `main':
/usr/freeradius-0.9.0/src/main/radiusd.c:845: undefined reference to
`total_active_threads'
Build with support for threads.
Alan DeKok.
And
about
memset(). I had this version of attr_filter for awhile, and Alan advised me
that the memset function was added to the instantiate function in a later
release. So if you have the memset(inst, 0, sizeof(*inst)); line in your
instantiate function...that's a good thing :o)
Thanks,
Chris Brotsos
function. The only
semi-tricky mod to attr_filter was making an accounting function ;o).
HTH,
Chris Brotsos
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
At 09:34 AM 8/11/2003, you wrote:
I sent the post-proxy patch...you probably hadn't received it by the time
you sent this.
Yes, I guess I was a little impatient, a bad attitude of me...
I included a patch this time with the post-proxy() and accounting()
functions. Pay attention to the
At 03:58 AM 8/12/2003, you wrote:
On Mon, 2003-08-11 at 16:45, Chris Brotsos wrote:
Another strange thing, if I dialin without a realm, that realm is added
after the files section (Proxy-To-Realm =+ realmname). This works for
authentication, but not for accounting. With pre-proxy an accounting
...) {
while (check) {
}
if (fail ==0 pass 0) {
mypairappend(send_item, send_tmp);
}
}
pairfree(request-packet-vps);
request-packet-vps = send_tmp;
HTH,
Chris Brotsos
Thanks,
Chris
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http
to allow the
use of X-Ascend attributes.
Once that's done, you use the X-Ascend-Client-Primary-DNS,
X-Ascend-Client-Secondary-DNS, and X-Ascend-Client-Assign-DNS attributes to
do what you want.
HTH,
Chris Brotsos
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
dictionary.
Any more help on this is much appreciated.
They are in dictionary.ascend
Chris Brotsos
-Original Message-
From: Brian Foster [mailto:[EMAIL PROTECTED]
Sent: 18 August 2003 15:04
To: '[EMAIL PROTECTED]'
Subject: RE: config dns server in users file
Thanks J
I'll try that and get
At 07:30 AM 9/26/2003, you wrote:
Hi,
please help. I want to send more than one IP-Pool-Definition to my
ascend box. Freeradius sends only one of them.
users-file:
pools-Moritz Auth-Type := Local, User-Password ==secret
Service-Type = Dialout-Framed-User,
At 09:58 PM 10/15/2003, you wrote:
I tried to set the Radius server (0.9.1 on Red Hat 9) so it can do
proxy. I use the sql module for authentication (mysql).
I have two users, [EMAIL PROTECTED]' and 'alex_chen'. in the DB.
I setup the proxy.conf like the followings so that if the proxy server
Josh,
I don't really deal with the NULL realm, so I'm not 100% sure of a certain
configuration option's actions with said realm, but you might want to try
setting 'wake_all_if_all_dead = yes' in the proxy.conf file. Assuming that
wake_all_if_all_dead works with the NULL realm, this would at
be configured as follows:
Tunnel-Password:0 = ,
Tunnel-Medium-Type:0 = IP,
Tunnel-Type:0 = L2TP,
Tunnel-Server-Endpoint:0 = xxx.xxx.xxx.xxx
HTH,
Chris Brotsos
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-Password:0 = ,
Tunnel-Medium-Type:0 = IP,
Tunnel-Type:0 = L2TP,
Tunnel-Server-Endpoint:0 = xxx.xxx.xxx.xxx
--haizam
- Original Message -
From: Chris Brotsos [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, November 19, 2003 9:40 PM
Subject: Re: tunneling
From
At 01:14 PM 12/4/2003, you wrote:
Hi ...
I'm new to this list as well as freeradius. I've installed 0.9.3
and have been trying to figure out how to restrict access to various
framed networks. I was led to believe that freeradius was capable of
doing this but I haven't found anything
Add the string debug_level = 2 as the last line of radiusd.conf
At 11:24 AM 12/12/2003, you wrote:
Hello to everyone.
As I have seen in a previous post a bug that occasionaly crashed the
server when it received a HUP signal has been fixed. After compiling
the latest release (0.9.3) on a SUN
67 matches
Mail list logo