I don't know if my chiming in will make a difference or not.
But windows can authenticate with a machine certificate or a user
certificate
If you're doing the machine certificates, please say so, I'm a little
confused as to what exactly you are doing now.
-Bob
Thibault Le Meur wrote:
Trymp wrote:
I want to get FreeRadius 2.0.0 pre version.
$ cvs -d :pserver:[EMAIL PROTECTED]:/source checkout module-name
what is module-name??
Please no HTML to the list.
The module name is radiusd.
--
Nicolas Baradakis
-
List info/subscribe/unsubscribe? See
Hello Ali
I do not know whether you managed to solve your issue, however using a perl
script, the format to send these AV Pairs is:
#!/usr/bin/perl
print Cisco-AVPair += \h323-return-code=0\\,\n;
print Cisco-AVPair += \h323-credit-amount=30\\,\n;
print Cisco-AVPair += \h323-credit-time=200\\n;
I don't know if my chiming in will make a difference or not.
But windows can authenticate with a machine certificate or a user
certificate
If you're doing the machine certificates, please say so, I'm a little
confused as to what exactly you are doing now.
I don't now if you're asking
Hi
I am trying to set freeradius +hostapd on Debian
I have installed freeradius from .deb testing package and than from
.tar (1.1.3)
In init.d freeradius starts first and than hostapd is started.
Immediately after hostapd is started freeradius disappears from process
list.
I have
Hi,
uh not sure, but you seem to have mixed up the installation by using
the .deb (most prominent change: uses /etc/freeradius as configuration
place) and having some libraries lying around in
main: libdir = /usr/local/lib
probably from building and installing from the tarball.
I'm not sure
Hi,
it works now. Thanks Thibault, you saved my day, again! :-)
- the extension SubjectAltName must contain the Netbios name of the PC
(I think)
This had no meaning in my tests. Anyway, there must be chosen a type of
that field. Did you take DNS-Name, Email or Raw? I took now DNS-Name,
but
Hi Gef
I solved the problem through C and rlm_modules.
Anyway, Thanks a lot.
Regards
On 9/21/06, Geoffrey Cauchi [EMAIL PROTECTED] wrote:
Hello AliI do not know whether you managed to solve your issue, however using a perlscript, the format to send these AV Pairs is:
#!/usr/bin/perlprint
Hi,
Thibault Le Meur schrieb:
Alexandros do you confirm that you are not trying to authenticate the
user, but only the host at boot time ?
Exactly. The hosts need to be authentified, we simply do that to protect
the Ethernetports of the switch. Our students plug in their equipment
otherwise
Hi,
it works now. Thanks Thibault, you saved my day, again! :-)
You're welcome
- the extension SubjectAltName must contain the Netbios name of the
PC (I think)
This had no meaning in my tests. Anyway, there must be chosen a type
of that field. Did you take DNS-Name, Email or Raw?
I use
We are having some difficulties getting MS Vista RC1 build (5600) to
work with our Freeradius server using 802.1x. Has anyone been able to
get this to work?
Brian Dourty
System Administrator - Team Lead
IAT Services
University of Missouri - Columbia
573-882-1035
-
List
On Wednesday 20 September 2006 22:39, Peter Nixon wrote:
On Thu 21 Sep 2006 04:50, LeRoy DeVries wrote:
Does the latest version (1.1.3) have the experimental modules that you
had to compile with in the old version 1.03
I suggest you use my SUSE packages:
On Wednesday 20 September 2006 22:39, Peter Nixon wrote:
On Thu 21 Sep 2006 04:50, LeRoy DeVries wrote:
Does the latest version (1.1.3) have the experimental modules that you
had to compile with in the old version 1.03
I suggest you use my SUSE packages:
We are having some difficulties getting MS Vista RC1 build
(5600) to work with our Freeradius server using 802.1x. Has
anyone been able to get this to work?
PEAP-MSChapv2 does not work for us. EAP-TLS does. Not had a chance to look
any further into it yet though.
Matt Balyuzi
Imperial
On Thu 21 Sep 2006 17:27, LeRoy DeVries wrote:
On Wednesday 20 September 2006 22:39, Peter Nixon wrote:
On Thu 21 Sep 2006 04:50, LeRoy DeVries wrote:
Does the latest version (1.1.3) have the experimental modules that you
had to compile with in the old version 1.03
I suggest you use
Dourty, Brian R. \(IATS\) [EMAIL PROTECTED] wrote:
We are having some difficulties getting MS Vista RC1 build (5600) to
work with our Freeradius server using 802.1x. Has anyone been able to
get this to work?
Not that I've heard.
What problems are you having?
Alan DeKok.
--
Hello,
Should I be able to read the User-Password attribute in the authorize
section ?
I tried printing out RAD_REQUEST{'User-Password'} but it is blank ...
--
Michael Gale
Red Hat Certified Engineer
Network Administrator
Pason Systems Corp.
-
List info/subscribe/unsubscribe? See
Hello!I'm OrgacK and this is my first post. I'm try to configure my own radius
server for my house but before a lot of attempts I haven't got it. I always
obtain same error:
Starting - reading configuration files ...
Using deprecated naslist file. Support for this will go away soon.
Module:
I haven't spent a lot of time debugging the problem yet, but out of the
box Vista doesn't work with our 802.1x/PEAP/MSChapV2 config we have been
using successfully on WinXP.
Brian Dourty
-Original Message-
From: freeradius-users-
[EMAIL PROTECTED] [mailto:freeradius-
[EMAIL
Be aware that the EAP subsystem in Vista has been totally re-architected.
There are new APIs and legacy module support.
Anything could go wrong.
Dave.
- Original Message -
From: Dourty, Brian R. (IATS) [EMAIL PROTECTED]
To: FreeRadius users mailing list
Hi,
This is just a comment on the default radiusd.conf provided information.
In the authenticate section of the default radiusd.conf I can read
about Auth-Type LDAP:
quote
# Note that this means check plain-text password against
# the ldap database, which means that EAP won't
LeRoy DeVries wrote:
Does the latest version (1.1.3) have the experimental modules that you had to
compile with in the old version 1.03
I removed the Suse (10.1) version completely and installed the
Freeradius 1.1.2 by hand
Since than i have no (real) problems with freeradius anymore
Michael Gale [EMAIL PROTECTED] wrote:
Should I be able to read the User-Password attribute in the authorize
section ?
Is there a password in the request?
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
ine doc/rlm_ldap I've read:
quote
# identity: DN under which LDAP searches are done password: pasword
# which authenticate this DN default: anonymous bind, no password
# required NOTE: searches are done now over unencrypted connection!
/quote
I'm especially concerned about the
Hi,
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: SSL error error:02001002:system library:fopen:No such file or
directory
rlm_eap_tls: Error reading Trusted root CA list
rlm_eap: Failed to initialize type tls
it cant load the certificate file. please post your eap.conf
Hi,
We are having some difficulties getting MS Vista RC1 build
(5600) to work with our Freeradius server using 802.1x. Has
anyone been able to get this to work?
PEAP-MSChapv2 does not work for us. EAP-TLS does. Not had a chance to look
any further into it yet though.
they havent
Thibault Le Meur [EMAIL PROTECTED] wrote:
While usually true, this assumption is a little confusing sometimes.
Indeed, when EAP-TTLS uses PAP (not an EAP protocol I know) as its
inside authentication protocol, a cleartext password is provided to
Freeradius which is then able to use a simple
:( No ... further reading the MS-CHAP process points out that there is
no password in the request.
Michael
Alan DeKok wrote:
Michael Gale [EMAIL PROTECTED] wrote:
Should I be able to read the User-Password attribute in the authorize
section ?
Is there a password in the request?
While usually true, this assumption is a little confusing sometimes.
Indeed, when EAP-TTLS uses PAP (not an EAP protocol I know) as its
inside authentication protocol, a cleartext password is provided to
Freeradius which is then able to use a simple ldap bind exchange to
authenticate the user.
Thibault Le Meur [EMAIL PROTECTED] wrote:
* the inner PAP authentication is processed by the ldap module in
which I don't need to define which password hashing method is used (I
use at least CRYPT _and_ MD5 in the same directory for historical
reasons)
Version 2.0 has fixes that make it
Hello,i'm using freeradius to do the auth on a wireless network. My users are in a Ldap directory that have both NT-Password and UserPassword, i use ldap to auth linux users and samba+ldap to auth windows users.I have PEAP and ttls set up in my config and some test users with clear password in the
Hi guys
Is there any way (in some post processing module perhaps) to rewrite the
name of a reply attribute without changing the value.
One of the modules that I am using has the reply attribute 'hardwired'
but it is returning the exact attribute value that I require.
The more elegant
Hello,
Am installing freeRadius with Mysql5 and dialup admin with a freebsd 5.4 box
well done most of the configs but dialup wont show the frame on the right in
browser when I load it on the webserver
Any help will be highly appreciated
Kind Regards
Francis
-
List
Hi,
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: SSL error error:02001002:system library:fopen:No such file or
directory
rlm_eap_tls: Error reading Trusted root CA list
rlm_eap: Failed to initialize type tls
it cant load the certificate file. please post your
34 matches
Mail list logo