?
mschap + ldap + md5 password?
Thanks
Roberto Pioli
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Thu, 3 Apr 2003, Roberto Pioli wrote:
I have a cisco 7100 that I want to use as a nas.This one have to speak
with
a freeradius server that authorize on Ldap where the password attribute
is
in md5 ({md5}fgdfgsfg... ).
What I have to use for authenticate the user for vpn or dialup
Freeradius with ldap.
The dialupAcces attribute is check in the authorization process or in the
authentication process?
How can I do to select between a dialup access and a vpn access (usind ldap
attribute?)
Thanks
Roberto Pioli
-
List info/subscribe/unsubscribe? See http
I try compiling freeradius 0.8.1 on a red hat 9 with mysql installed with
rpm.
I use ./configure --with-mysql-include-dir ,but the module rlm_sql_mysql is
not compiled.
How can I do?
Thanks
Teb!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I want that a user can be authenticate the 14/6/2003 for 2 hours , and not
other day.I want wirte this in the DB or ldap at tha biginning of the month.
Or from 14/6 20/06 2003 for 4 hours at day.
Is it possible with freeradius ?( I can use freeradius with ldap and mysql)
Thanks
Roberto
-
I try to use freeradius whith user in mysql and all work fine if I use clear
password.
If I use the web interface to write md5 password in the mysql db when I try
to anthenticate I'm reject.
If I use the web interface whit clear password option I have no problem.
How can I use cripted password
Username = '%{SQL-User-Name}' ORDER BY id
For the call-duration you'll have to calculate the 'Ascend-Maximum-Time'
or something like that.
Hope this gives you an idea on how to implement.
Regards,
Chris
On Thu, 2003-06-12 at 11:49, Roberto Pioli wrote:
I want that a user can be authenticate
Hi Robert,
It is the authentication method that the client-nas have decided on that
determines what format the password needs to be in. The CHAP method
requires
clear text passwords. The MS-CHAP method requires a NT-PASSWORD or
LM-PASSWORD format. The PAP method requires... and so on.
The PAP method requires nothing. PAP states that a clear text password
is sent over the line. How it is compared against a stored password is
in your hands.
It's the standart problem: will the hacker hijack your phone lines an
sniff clear text PAP passwords, or will he hack your servers and
I have the Nokia P022 wireless access controller.
Whre can I find a dictionary for the vendor specific attributes?
Thanks
Rob
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I read in the radiusd.conf that the reset option fo the counter module can
be user define.
How can I do this?
Thanks
Rob
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
when he module counter return:
rlm_counter: Entering module authorize code
rlm_counter: Could not find Check item value pair
modcall[authorize]: module counter returns noop
modcall: group authorize returns ok
What's the matter?
Rob
-
List info/subscribe/unsubscribe? See
I try to use this module but the debug wirte:
rlm_sql (sql): Released sql socket id: 4
modcall[authorize]: module sql returns ok
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
modcall[authorize]: module noresetcounter returns noop
I use the sqlcounter module.When I use Max-All-Session all work fine.But if
I try to use Max-Daily-Session this become Session-Timeout and the module
dailyconunter don't work,because the counter in debug is = 0.
rlm_sqlcounter: (Check item - counter) is greater than zero
rlm_sqlcounter:
I have a 2 compaq Evo with P4 2,8 Mhz and 512 MB Ram and a SCSI ultra wide
160 Disk.
I installed Freeradius:
one compaq work as proxy radius
the other one as server for a real a use mysql to store the user.
I do a test with radclient contacting the proxy that foward the reques to
the server.
The
I use freeradius 0.8.1 on a RedHat 7.3 .
I'm using mysql for store password-user and for accounting log.
This is how I do the test:
time /usr/local/freeradius/bin/radclient -q -s -f rad.test x.x.x.x auth
testing
Total approved auths: 55
Total denied auths: 6
real
there is a radius client for windows that can do many request of AAA to a
Radius server for testing porpuose?
Thanks
Menkar
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Is it possible to use user and password stored in a windows 2000 domain with
freeradius?
Thanks
Roberto
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
It is possible if windows 2000 domain is enabled with ADS (Active
Directory).. If yes then modify your radius.conf for Authentication and
other Auth-Type parameters..
but which module do I have to use? Ldap module?
regards
Roberto
regards
Premal.
--- Roberto Pioli [EMAIL PROTECTED
It is possible to log to syslog freeradius log's?
Thanks
TEB!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I'm using freeradius with Ldap ;
I store an md5 password and a Nt password in Ldap.When a user want to login
to my cisco 7100 radius use username and the attribute User Password (where
i store the md5 password).When the user is making a vpn from a windows
client ( using mschap) radius use username
I'm using freeradius with Ldap ;
I store an md5 password and a Nt password in Ldap.When a user want to login
to my cisco 7100 radius use username and the attribute User Password (where
i store the md5 password).When the user is making a vpn from a windows
client ( using mschap) radius use username
I want use a cisco 7100 for vpn with mschap.
If 7100 have mppe passive mode all fill good and mscap-mppe work fine.The
user is aunthenticated and the connection is encypt 128 bit.
If 7100 il in mppe auto the user login was ok but in one second the 7100
send access accounting stop segnal foe mppe
Where can I change the attribute logged with the auth_detail module?
Thanks
TEB!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
There is no auth_detail module. And I'm not sure what you mean by
changing the attribute.
I try to explain but my english is not so good.
In the last version i can log authentication information with
detail auth_log {
detailfile = ${radacctdir}/%{Client-IP-Address}/auth-detail-%Y%m%d
25 matches
Mail list logo