Hi,
I have configured everything and gotten free radius to authenticate off
/etc/samba/smbpasswd via the etc_smbpasswd module. The problem I have
run into is when I switch the securew2 windows xp eap-ttls client to use
the current logged on user credentials. Then, SecureW2 sends the
Hi Luciano,
Many thanks for the reply.
Yes, it was a client-side error (now fixed, see below).
I removed the empty lines between VENDOR and the first attributes and
that didn't make any difference.
The Cisco attributes were added by me creating a dictionary.cisco file
which I then
Alexander Clouter wrote:
From what I can remember, I think the segfault for use was in the GNU
regexp library it's-self.
Yes. glibc was segfaulting on internal functions. The only solution
is to upgrade glibc to a version that works.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Hi. I find you tutorial and followed it. It is exactly what I need.
Thanks a lot.
Arrigo.
-Messaggio originale-
Da: freeradius-users-bounces+a.savio=bascom...@lists.freeradius.org
[mailto:freeradius-users-bounces+a.savio=bascom...@lists.freeradius.org] Per
conto di
Luciano Afranllie wrote:
Now, I have an stupid question. When I do digest authentication with
this config, digest module set Auth-Type = Digest but I am overriding
it with Auth-Type = Accept in perl module. How do I set Auth-Type in
perl only if it is not already set? What is the value for a
MMM... Not so easy...
I made other tests, but I had a wrong profile on user table. I corrected the
profile and I still have my problem.
At the moment I can classify users belonging to a group, and all is OK. The
problem is for users that don't belong to any group. They are still
authenticated (I
MMM... Not so easy...
I made other tests, but I had a wrong profile on user table. I corrected the
profile and I still have my problem.
At the moment I can classify users belonging to a group, and all is OK. The
problem is for users that don't belong to any group. They are still
authenticated (I
I now want to assign a few users different, static IPs using this:
testuser Service-Type == Framed-User
Framed-Protocol == PPP,
Framed-IP-Address = 192.168.1.2,
Framed-IP-Netmask = 255.255.255.0,
Framed-Compression =
I followed your suggestion, but I still have the problem. I put
DEFAULT
Auth-Type := Reject
at the bottom of users file.
I have a mysql database containing users, not file: this could be a problem?
Arrigo
-Messaggio originale-
Da:
I followed your suggestion, but I still have the problem. I put
DEFAULT
Auth-Type := Reject
at the bottom of users file.
It should be on the same line:
DEFAULT Auth-Type := Reject
And it should go to the front of the users file.
Ivan Kalik
Kalik Informatika ISP
-
List
I've changed the example.pl perl script so it 'use DBI;' to query a Sybase
server via freetds.
It works fine when running in foreground radiusd -X while testing.
However, if ran in background, the perl script gets triggered, but the dbi
connect fails:
my $dbh =
You're right: putting the parameter in the first lines of the file
everything is OK (and now I'm sure of that).
Thanks.
Arrigo
-Messaggio originale-
Da: freeradius-users-bounces+a.savio=bascom...@lists.freeradius.org
Hello,
i am using FreeRadius 1.1.3 and want to use it for Call Routing.
The Sippy B2BUA will send AAA Requests to RADIUS and i want the routing
based on the Called-Station-Id Attribute.
For the beginning i would like to configure the routes in the users-File
and later switch to an sql
hi,
do you have eg SELINUX running on this system? if so,
then it may be blocking access between the processes.
check your selinux log (or change the mode to permissive
and check logs!) and then edit the selinux config to allow
operation
alan
-
List info/subscribe/unsubscribe? See
i am using FreeRadius 1.1.3 and want to use it for Call Routing.
For the beginning i would like to configure the routes in the users-File
and later switch to an sql backend.
b2b Called-Station-Id == 555,Called-Station-Id == 557,Auth-Type :=
Accept
With that version you won't be able to use
selinux was the culprit,
thank you very much!
On Wed, Jan 7, 2009 at 2:22 PM, nes pa nesp...@gmail.com wrote:
I've changed the example.pl perl script so it 'use DBI;' to query a Sybase
server via freetds.
Any hints welcome for solution or better tools to debug/strace into the
perl script.
Alan DeKok wrote:
I suggest upgrading. It's not hard to build an RPM of the latest
version of the server.
Information on this wiki page will be helpful to you:
http://wiki.freeradius.org/Red_Hat_FAQ
--
John Dennis jden...@redhat.com
-
List info/subscribe/unsubscribe? See
a.l.m.bu...@lboro.ac.uk wrote:
Hi,
I recently posted a howto explaining how to implement huntgroups in SQL
using unlang in 2.x, look in the mail archives. It also illustrates how
to use the SQL huntgroups to control logon access based on the NAS.
Perhaps I should put this on the wiki.
Hi,
I've modified the eap.conf, clients.conf, and users respectfully but am getting
the below error when started radius:
Module: Loaded eap
eap: default_eap_type = tls
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: No EAP type
Brian Ertel wrote:
I've modified the eap.conf, clients.conf, and users respectfully but am
getting the below error when started radius:
You have edited *too much*.
Module: Loaded eap
eap: default_eap_type = tls
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap:
On Wed, 7 Jan 2009, t...@kalik.net wrote:
I now want to assign a few users different, static IPs using this:
testuserService-Type == Framed-User
Framed-Protocol == PPP,
Framed-IP-Address = 192.168.1.2,
Framed-IP-Netmask = 255.255.255.0,
I now want to assign a few users different, static IPs using this:
testuser Service-Type == Framed-User
Framed-Protocol == PPP,
Framed-IP-Address = 192.168.1.2,
Framed-IP-Netmask = 255.255.255.0,
Framed-Compression =
On Wed, 7 Jan 2009, Jeff Crowe wrote:
I was running into this problem on my Redback. The issue was the Redback
wanted an IP address in the same subnet so I had to setup 192.168.1.1/24 as
a sub interface to allow subscribers to be assigned addresses in the
192.168.1.x/24 range. My Shasta was
Sorry for the top-post, but I'm replying to myself and I want to keep my
questions clear. I tried creating two different ippools in the
radiusd.conf using the different ranges I want to use, but the client
ignored it and went only to the pool that the Cisco has. I then changed
the Cisco
ippool users_pool {
range-start = 172.16.1.2
range-stop = 172.16.30.253
netmask = 255.255.255.0
cache-size = 251
session-db = ${db_dir}/db.ippool
ip-index = ${db_dir}/db.ipindex
Alan DeKok wrote:
Josh Hiner wrote:
Trying to configure eap ttls with mschapv2 using Freeradius version
Version 1.1.3 in Redhat enterprise Linux 5.
I suggest upgrading. It's not hard to build an RPM of the latest
version of the server.
Upgrading will get you a lot.
Ok I did
Honestly... there are 3-4 solutions which are trivial in 2.x. Any
solution is hard in 1.1.3. I don't even recall what feature set it has
(or is missing).
Alan DeKok.
Ok, I have upgraded to Freeradius version 2.1.3 (following the
suggestion above). I have configured and gotten
This may sound like a strange request, but I'd like to know if it is
possible to use FreeRADIUS to perform EAP-TLS without asking for a
client certificate. The purpose is to allow for a secure connection
to an access point without client authentication. I think this might
be useful to replace
28 matches
Mail list logo