Hello guys,
i am a newby in installing and configuring an access point with a radius
server.
I set up a free radius server (IP 10.1.1.1) and i checked that is on.
I set up a wireless access point (D-LINK DLW3200 AP, IP 10.1.1.2) with
wpa2-enterprise authentication settings.
In the screen of DWL
If that client is Windows you can select a type of certificate to import.
just click on the drop down list and select .p12.
Ivan Kalik
Kalik Informatika ISP
Dana 18/12/2007, Gaurav Bandekar [EMAIL PROTECTED]
piše:
Hi,
I have followed the steps specified in
Gianni Socionovo wrote:
I set up a free radius server (IP 10.1.1.1) and i
checked that is on.
I set up a wireless access point (D-LINK DLW3200 AP, IP 10.1.1.2)
with wpa2-enterprise authentication settings.
In the screen of DWL authentication setting i set 10.1.1.1 as
radius server and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Good Morning Dan and Good Morning everybody,
I've got Freeradius 1.1.7 + (python module enable + rlm_digest patches)
OpenSER 1.2.2 + (Radius ACC enable)
CDRTool 5.3.2
and I don't understand these outputs... OpenSER is crashing after
[EMAIL PROTECTED] wrote:
In the radiusd.conf config file, the %{Stripped-User-Name} is correctly
created from %{User-Name}.
That's not the issue. The issue is that something is editing the
User-Name attribute. That editing is breaking EAP.
I have made some tests with and without the
Martin Pauly wrote:
I tested with radtest, as before. All of my real-world access-requests
currently come to the NASes some sort of PAP: Either traditional PAP in
PPP or PAP in EAP-TTLS. In either case, the RADIUS request contains a
password in clear text. The corresponding database is in
Hi,
I added following lines in eap.conf inside eap block.
sim {
}
I added following lines to users file.
eapsim Auth-Type := EAP, EAP-Type := SIM
EAP-Sim-Rand1 = 0xabcd1234abcd1234abcd1234abcd1234,
EAP-Sim-SRES1 = 0x1234abcd,
EAP-Sim-KC1 =
Alan, this is a big deal. Congratulations! I've been using FreeRADIUS on
my modest little network to do simple authentication and EAP-TLS with my
wireless for just over a year now and have been well pleased with both the
$$$ I'm saving over commercial products which are probably inferior anyway.
Hi,
Does latest snapshot release of freeradius supports PEAP versions 0
and 1 ? or only 0 is supported?
--
Regards Thanks
Raghavendra. S
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok a écrit :
[EMAIL PROTECTED] wrote:
In the radiusd.conf config file, the %{Stripped-User-Name} is correctly
created from %{User-Name}.
That's not the issue. The issue is that something is editing the
User-Name attribute. That editing is breaking EAP.
Okay, I
Raghavendra. S wrote:
Does latest snapshot release of freeradius supports PEAP versions 0
and 1 ? or only 0 is supported?
Peapv0.
Peapv1 *may* be supported in rlm_eap2, but it's up to you to configure
and build it. The module is experimental, and is NOT for production use.
See
Hi,
I added following lines in eap.conf inside eap block.
sim {
}
I added following lines to users file.
eapsim Auth-Type := EAP, EAP-Type := SIM
EAP-Sim-Rand1 = 0xabcd1234abcd1234abcd1234abcd1234,
EAP-Sim-SRES1 = 0x1234abcd,
EAP-Sim-KC1 =
http://www.ietf.org/rfc/rfc4186.txt
Ivan Kalik
Kalik Informatika ISP
Dana 18/12/2007, Raghavendra. S [EMAIL PROTECTED] piše:
Hi,
I added following lines in eap.conf inside eap block.
sim {
}
I added following lines to users file.
eapsim Auth-Type := EAP, EAP-Type := SIM
Hi,
EAP Auth appears to be failing for no reason with CVS head.
It probably has something to do with
rlm_eap: Request found, released from the list
rlm_eap: Response appears to match, but EAP type is wrong.
rlm_eap: Failed in handler
and the random Failed to remember handler errors in the
Alan DeKok schrieb:
Andreas Moroder wrote:
According to radiusd.conf
#Note that NT-Passwords MUST be stored as a 32-digit hex
# string, and MUST start off with 0x, such as:
In 1.1.7, that's no longer necessary. The pap module will take care
of fixing any issues with NT-Password. But it
-20071218
rlm_detail:
//var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d
expands to //var/log/radius/radacct/149.246.185.169/reply-detail-20071218
expand: %t - Tue Dec 18 15:29:07 2007
++[reply_log] returns ok
rlm_sql (sql): Processing sql_postauth
expand: %{User-Name
/149.246.185.169/reply-detail-20071218
rlm_detail:
//var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d
expands to //var/log/radius/radacct/149.246.185.169/reply-detail-20071218
expand: %t - Tue Dec 18 15:29:07 2007
++[reply_log] returns ok
rlm_sql (sql): Processing sql_postauth
the post-auth section of radiusd.conf
modcall: entering group post-auth for request 0
radius_xlat:
'/usr/local/freeradius-1.1.7/var/log/radius/radacct/ip.address.NAS/detail-20071218'
rlm_detail:
/usr/local/freeradius-1.1.7/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to
/usr
Arran Cudbard-Bell wrote:
Norbert Wegener wrote:
I am using a recent pre-2, authentication via a mysql database.
In post-auth I have a sql module, that reports accept/reject to a
another mysql database.
When this database is not available, the user is rejected, although I
get Auth-Type =
Arran Cudbard-Bell wrote:
Whats slightly worrying about using rlm_sql is if for any reason a table
is locked,
the SQL request will block until the table is unlocked. In blocking it
appears to block the entire FR server !
Everything just stops until the table is unlocked, and the request is
Arran Cudbard-Bell wrote:
EAP Auth appears to be failing for no reason with CVS head.
It probably has something to do with
rlm_eap: Request found, released from the list
rlm_eap: Response appears to match, but EAP type is wrong.
rlm_eap: Failed in handler
Ok...
rad_recv:
Alan DeKok wrote:
Arran Cudbard-Bell wrote:
EAP Auth appears to be failing for no reason with CVS head.
It probably has something to do with
rlm_eap: Request found, released from the list
rlm_eap: Response appears to match, but EAP type is wrong.
rlm_eap: Failed in handler
Hello I'm working on something and I can figure what is the max year for
expiration attribute?
Here is the problem
rlm_sql: Failed to create the pair: failed to parse time string December 31
2039 00:00:00
When I enter December 31 2035 00:00:00 as a year it works but 2039 doesn't.
Is there any
On Tuesday 18 December 2007 11:26, Alan DeKok wrote:
Post the debugging output.
Here we go (private data masked):
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/freeradius/proxy.conf
Config: including file:
2007/12/18, Alan DeKok [EMAIL PROTECTED]:
Gianni Socionovo wrote:
I set up a free radius server (IP 10.1.1.1) and i
checked that is on.
I set up a wireless access point (D-LINK DLW3200 AP, IP 10.1.1.2)
with wpa2-enterprise authentication settings.
In the screen of DWL authentication
Marinko Tarlac wrote:
Hello I'm working on something and I can figure what is the max year for
expiration attribute?
It's a 32-bit Unix timestamp, in seconds since 1970. 2039 *is* the
maximum.
Here is the problem
rlm_sql: Failed to create the pair: failed to parse time string
December
Martin Pauly wrote:
On Tuesday 18 December 2007 11:26, Alan DeKok wrote:
Post the debugging output.
Here we go (private data masked):
..,
rlm_ldap: bind as xx/ldap-passwd to auth1.staff.uni-marburg.de:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap:
Hello:
I am having trouble getting pam_radius working and was wondering if someone
might be of help since I followed the INSTALL instructions as well as a howto
(as provided by the Wikid folks) and I am still coming up short getting it
working.
Here are some of my details
- My PAM is such
During testing period, I add an DEFAULT section that allow access.
And it works.
But, when I made a test with a valid user in the LDAP, even if the
password is valid the users file is also checked. How could I avoid that?
Remove (comment out) Auth-Type Accept entry. You can try using = instead
modcall[authorize]: module ldap1 returns ok for request 0
modcall: leaving group redundant (returns ok) for request 0
rlm_pap: WARNING! No known good password found for the user. Authentication
may fail because of this.
modcall[authorize]: module pap returns noop for request 0
You said
Seems like I am getting closer possibly, but I see an error in radius.log --
could not set LDAP_OPT_X_TLS_REQUIRE_CERT option to allow.
Basically, I go to login to my pam_radius host, user exists in local password
file with no pass, user/pass in RADIUS/LDAP, and when I login the SSH session
Hi All,
I'm trying to setup an XP supplicant that authenticates through my NAS to an
OpenLDAP server. The problem is that the native authentication provided by MS
shows the user as MYDOMAIN\\user or MYPC\\user. As a result, the LDAP searches
fail to find this user.
The radiusd.conf file
Hi,
I want to setup freeradius server to test peap version 1. For that
configured freeradius-server-snapshot-20071217, as below
./configure --prefix=/usr/local/radius-latest
--with-openssl-includes=/usr/local/openssl/include
33 matches
Mail list logo