Hi,
I have found this explanation in the MikroTik manual
Here you can download MikroTik reference dictionary, which incorporates
all the needed RADIUS attributes. This dictionary is the minimal dictionary,
which is enough to support all features of MikroTik RouterOS. It is designed
for
Im using the dictionary file provided by MikroTik at
http://www.mikrotik.com/Documentation/manual_2.9/dictionary whihc I
installed by typing;
cd /etc/freeradius
rm dictionary
wget http://www.mikrotik.com/Documentation/manual_2.9/dictionary
chmod 640 dictionary
chown root.freerad
On Fri 15 Jun 2007, nguyenvinht wrote:
Thanks Arran.
How and where do I implement those codes in AIX RADIUS? Doable on AIX
RADIUS?
This is the FreeRADIUS mailing list. Please ask questions about other RADIUS
servers elsewhere.
--
Peter Nixon
http://www.peternixon.net/
PGP Key:
___
From:
[EMAIL PROTECTED]
g
[mailto:[EMAIL PROTECTED]
adius.org] On Behalf Of Liam Farr
Sent: Friday, 15 June 2007 15:11
To: FreeRadius users mailing list
Subject: Errors reading dictionary - MikroTik
Hi,
Thanks heaps Kelvin Frank, worked a treat!
I re downloaded the Debian free radius package, extracted and replaced the
original /etc/freeradius/dictionary file, chomod chown'd it and added the
line '$INCLUDE/usr/share/freeradius/dictionary.mikrotik'.
I didn't do step 3 though (?).
Now
Arran Cudbard-Bell wrote:
Have you managed to reproduce the bus error?
No. Maybe today.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubscribe? See
German Hernandez wrote:
Hello everybody!
I need your help. I want generate accounting replication with radrelay, I
read doc/radrelay, but is not clear for me where(in what file configuration)
I add the line that fire up radrelay (radrelay -S secret_file server
detail-combined).
Archie Holland wrote:
What is the easiest way to specify which of two password files a user should
authenticate against based on the client IP address?
In 1.1.6, Autz-Type. See doc/Autz-Type. Have two sections, each for
a different password file. Then, set Autz-Type based on the client
Liam Farr wrote:
Im using the dictionary file provided by MikroTik at
http://www.mikrotik.com/Documentation/manual_2.9/dictionary whihc I
installed by typing;
Why? I am continually amazed at the number of people who go to great
lengths to break the default configuration.
The default
Arran Cudbard-Bell wrote:
...
*narrowed*
authorize {
# Some devices send their loopback address as Nas IP Address, overwrite
this with packet source.
if(%{NAS-IP-Address} == 127.0.0.1){
update request {
NAS-IP-Address := %{Packet-Src-IP-Address}
}
}
Nope. It
Alan Dekok wrote:
Arran Cudbard-Bell wrote:
...
*narrowed*
authorize {
# Some devices send their loopback address as Nas IP Address, overwrite
this with packet source.
if(%{NAS-IP-Address} == 127.0.0.1){
update request {
NAS-IP-Address := %{Packet-Src-IP-Address}
}
Hi,
I was reading the FreeRADIUS how to guide on mikrotik's wiki, which
explicitly said remove the dictionary file and replace it, (I have now
changed the wiki to read 'include the dictionary.mikrotik file...).
How would I get hold of the new updated dictionary file (that your about to
[EMAIL PROTECTED] wrote:
Hi,
Ok, is there any way to get it to be more verbose about whats causing
the bus error ?
I'm going grab a fresh copy from the repository, just in case cvs update
has mangled one of the files
make distclean
./configure --with-you-options
make
rm -rf
Hi,
Ok, is there any way to get it to be more verbose about whats causing
the bus error ?
I'm going grab a fresh copy from the repository, just in case cvs update
has mangled one of the files
make distclean
./configure --with-you-options
make
rm -rf /usr/local/lib/rlm_* (or
Arran Cudbard-Bell wrote:
[EMAIL PROTECTED] wrote:
Hi,
Ok, is there any way to get it to be more verbose about whats causing
the bus error ?
I'm going grab a fresh copy from the repository, just in case cvs update
has mangled one of the files
make distclean
./configure
Arran Cudbard-Bell wrote:
...
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating pap
pap {
encryption_scheme = auto
auto_header = yes
}
Module: Linked to module rlm_chap
Module:
Alan Dekok wrote:
Arran Cudbard-Bell wrote:
...
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating pap
pap {
encryption_scheme = auto
auto_header = yes
}
Module: Linked to module
Hi all,
perhaps my question is not totally in topic, I apologize if it hurts someone.
I'm going to upgrade freeradius from v.1.0.0 to v.1.1.6 and I noticed that the
database structure has changed.
Are there any tools to quickly migrate the db?
I have checked the differences and I think it's
Liam Farr wrote:
I was reading the FreeRADIUS how to guide on mikrotik's wiki, which
explicitly said remove the dictionary file and replace it, (I have now
changed the wiki to read 'include the dictionary.mikrotik file...).
The dictionary file that they have includes a LOT of non-mikrotik
On 6/15/07, Francesco Cristofori [EMAIL PROTECTED] wrote:
I'm going to upgrade freeradius from v.1.0.0 to v.1.1.6 and I noticed that
the database structure has changed.
Are there any tools to quickly migrate the db?
having noticed a few changes myself, I just edited the sql.conf's to
fit my
Alan Dekok wrote:
Alan Dekok wrote:
Another thing for 2.0.0 (maybe) is to have per-socket configuration.
i.e. socket X can have authorization section X, and socket Y can have
authorization section Y.
It may not be too hard to add, in fact.
Yup. 300 lines of code.
The listener
I have Freeradius installed on two opensuse 10.2 servers
Running Freeradius 1.16
I am running radrelay on the two too keep the detail files in sync
(New Setup)
The combined detail work file is created on the two servers and each appear to
write to it ok.
But they aren't syncing
Hello,
as I have mentioned before in one of my e-mails, is there anyone who can
provide me a practical example of the python module?
Thank you in advance,
DanB
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I have FreeRadius setup as outlined by the Howto at this link.
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
I am using CENTOS 5 as the host system actiing as the SAMBA/RADIUS server.
All the *.conf files are configured as directed.
I have joined the radius server to
Hi,
Hello,
as I have mentioned before in one of my e-mails, is there anyone who can
provide me a practical example of the python module?
google?
take the default docs and a few queries and you can do eg
python {
mod_instantiate = radiusd_test
I was just wondering if the bug from this post has been fixed since 1.1.6:
Re: EAP-TTLS outer identity accounting
After alot of experimenting researching, I still haven't found a solution
to the TTL anonymous outer identity being used for accounting.
I have set a DEFAULT entry that sets the
Hey Allan,
thxs for the answer. It looks bit less foggy for me now.
Have a good one,
DanB
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Alan,
My initial config on Centos was to turn firewall off.
I do have authentication going on, but it looks like the certificates are
not working.
I uploaded a doc with the output of the debug on the first message.
Bryant
--
View this message in context:
Hi,
I have FreeRadius setup as outlined by the Howto at this link.
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
I am using CENTOS 5 as the host system actiing as the SAMBA/RADIUS server.
All the *.conf files are configured as directed.
I have joined the radius
Uploaded it where? Debug output in your first message is just server
startup. It hasn't recieved any packets. Check where is your NAS
sending those requests.
Ivan Kalik
Kalik Informatika ISP
Dana 15/6/2007, Bryant Marsh [EMAIL PROTECTED] piše:
Hi Alan,
My initial config on Centos was to turn
Here is the doc with the debug output at bottom.
Bryant.
tnt wrote:
Uploaded it where? Debug output in your first message is just server
startup. It hasn't recieved any packets. Check where is your NAS
sending those requests.
Ivan Kalik
Kalik Informatika ISP
Dana 15/6/2007,
Hi Alan,
My initial config on Centos was to turn firewall off.
I do have authentication going on, but it looks like the certificates are
not working.
I uploaded a doc with the output of the debug on the first message.
http://www.nabble.com/file/p11144608/radius-auth.doc radius-auth.doc
ftp://ftp.freeradius.org/pub/radius/freeradius-1.1.5.tar.gz
I am getting an error that the dir or file does not exist...
Am I right that 2.0 is not available and/or not considered stable yet?
Regards,
Andrew
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Have you read the bit of eap.conf titled:
! WARNINGS for Windows compatibility !
just above the peap module?
Ivan Kalik
Kalik Informatika ISP
Dana 15/6/2007, Bryant Marsh [EMAIL PROTECTED] piše:
Hi Alan,
My initial config on Centos was to turn firewall off.
I do have
Hi,
I am using CENTOS 5 as the host system actiing as the SAMBA/RADIUS server.
All the *.conf files are configured as directed.
I have joined the radius server to the Active Directory domain and
configured the radius server with custom SSL certificates.
The Radius server starts correctly
Hi,
ftp://ftp.freeradius.org/pub/radius/freeradius-1.1.5.tar.gz
1.1.6.tar.gz is latest, as per
ftp://ftp.freeradius.org/pub/radius/freeradius-1.1.6.tar.gz
as linked from the main page(!)
alan
Am I right that 2.0 is not available and/or not considered stable yet?
2.0 release is not yet
That link is broken. But 1.1.6 is the latest version. You have the link
in the text and side menu.
Ivan Kalik
Kalik Informatika ISP
Dana 15/6/2007, Andrew Long [EMAIL PROTECTED] piše:
ftp://ftp.freeradius.org/pub/radius/freeradius-1.1.5.tar.gz
I am getting an error that the dir or file does
Hi,
Running 1.1.6 now. Crypt-Local works ok now.
I would like to know if it is possible to have both User-Password and
Crypt-Local Auth-Types for sql users.
Now I need to disable the current System (/etc/passwd) users to
Crypt-Local, and also have users with cleartext passwords.
Thank you,
Ivan,
Well in my EAP.Conf file, I have in the eap module a default_eap_type = peap
and in my peap module the default_eap_type = mschapv2
Is that correct?
tnt wrote:
Have you read the bit of eap.conf titled:
! WARNINGS for Windows compatibility !
just above the peap module?
No. I mean this:
# If you see the server send an Access-Challenge,
# and the client never sends another Access-Request,
# then
#
# STOP!
#
# The server certificate has
[EMAIL PROTECTED] wrote:
Hi,
ftp://ftp.freeradius.org/pub/radius/freeradius-1.1.5.tar.gz
1.1.6.tar.gz is latest, as per
ftp://ftp.freeradius.org/pub/radius/freeradius-1.1.6.tar.gz
as linked from the main page(!)
alan
Am I right that 2.0 is not available and/or not considered
--- [EMAIL PROTECTED] wrote: ---
You tried building from CVS lately ;)
I was under the impression that a CVS build would not be recommended for
a production server. Am I wrong?
Andrew
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Andrew Long wrote:
--- [EMAIL PROTECTED] wrote: ---
You tried building from CVS lately ;)
I was under the impression that a CVS build would not be recommended for
a production server. Am I wrong?
Andrew
It's fine so long as you don't do a make install :)
Alan D is on it, i'm sure
-Original Message-
From:
[EMAIL PROTECTED]
.org
[mailto:[EMAIL PROTECTED]
eeradius.org] On Behalf Of Arran Cudbard-Bell
Sent: Friday, June 15, 2007 4:30 PM
To: FreeRadius users mailing list
Subject: Re: download latest version: link broken?
Andrew Long wrote:
--- [EMAIL
Andrew Long wrote:
-Original Message-
From:
[EMAIL PROTECTED]
.org
[mailto:[EMAIL PROTECTED]
eeradius.org] On Behalf Of Arran Cudbard-Bell
Sent: Friday, June 15, 2007 4:30 PM
To: FreeRadius users mailing list
Subject: Re: download latest version: link broken?
Andrew Long
45 matches
Mail list logo