Riccardo Veraldi wrote:
Unfortunately I am bound to 1.1.7 version in my whole infrastructure
That's sad. It means you can't take advantage of the many new
features in 2.1.
how
can I copy inner identity and send it to access-accept?
See use_tunneled_reply in eap.conf.
Alan DeKok.
-
Emmett Culley wrote:
However, as soon as I attempt to define a set of main and backup
servers, then use the auth_pool and acct_pool variables I get the
following error:
Ignoring spoofed proxy reply. Signature is invalid
That's pretty definitive. It means that the shared secret is wrong.
Hi, guys,
I have successfully set up FreeRADIUS server to use Active Directory to
authenticate LAN users.
My authorize{} and authenticate{} section configuration in radiusd.conf
file looks like this:
authorize {
preprocess
eap
mschap
}
authenticate {
Auth-Type
bastardinho69 wrote:
I have successfully set up FreeRADIUS server to use Active Directory to
authenticate LAN users.
My authorize{} and authenticate{} section configuration in radiusd.conf
file looks like this:
If you're using AD for authentication, those sections do *not* look
like that.
Alan DeKok wrote:
Riccardo Veraldi wrote:
Unfortunately I am bound to 1.1.7 version in my whole infrastructure
That's sad. It means you can't take advantage of the many new
features in 2.1.
how
can I copy inner identity and send it to access-accept?
See
Hi,
Has anyone had any success in implementing MySQL 5.1's partitions to
increase backend performance for FreeRADIUS?
Thanks,
Tim
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Tue, May 26, 2009 at 3:35 PM, Tim O'Donovan t...@icukhosting.co.uk wrote:
Hi,
Has anyone had any success in implementing MySQL 5.1's partitions to
increase backend performance for FreeRADIUS?
You mean partitioning the radacct table? Succesfull, sure (at least on
test phase).
Increase
Riccardo Veraldi wrote:
Yes I have to plan an upgrade, but this has to be done in about 20
different sites,
It takes time, but it shouldn't be hard.
and freeradius 2.x is different in configuration files and everythign
may not work out of the box
upgrading from 1.1.x to 2.1, isn't it ?
Marco De Magistris wrote:
Can I enable other counters for AuthRadiusClientAccessRetransmissions,
AuthRadiusClientTimeouts, AuthRadiusClientCounterDiscontinuity)?
The server does not currently track those statistics.
As always, patches are welcome.
Or I should use “counter” module of
Hi all,
Here is the issue I am facing with rlm_counter module.
I am using freeradius-server-2.1.4 and configuring Max session time
for each user.
for example:
user1 Max-Session-Time := 1800, Auth-Type := Reject
Reply-Message = Your time limit is used
user2
Here is the issue I am facing with rlm_counter module.
I am using freeradius-server-2.1.4 and configuring Max session time
for each user.
for example:
user1 Max-Session-Time := 1800, Auth-Type := Reject
Reply-Message = Your time limit is used
user2
Here is the issue I am facing with rlm_counter module.
I am using freeradius-server-2.1.4 and configuring Max session time
for each user.
for example:
user1 Max-Session-Time := 1800, Auth-Type := Reject
Reply-Message = Your time limit is used
user2
Ahmed Nifaz Faizabadi wrote:
counter daily {
counter-name = Max-All-Session-Time
check-name = Max-All-Session
key = User-Name
reset = never
...
I am observing that the user accounting record is not deleted from
rlm_counter module once the user has used his
Hi:
I've used Livingston and Cistron radiusd's in the past with dialup ppp
users and Cisco/Lucent NASes and have been able to do this with no
problems.
Users are currently authenticating fine and getting assigned IPs from the
IP pool as defined in the Cisco NAS. However, I'd like to have
Hello,
Sorry for this off-topic message, I have a question about 802.1x deployment
and don't know where to ask. As freeradius is one of the element I think of,
maybe someone here can help me find the solution ?
My Goals :
1) authenticate access to the network from Open Public Access Catalog
/freeradius-users/attachments/20090526/37c1e41c/attachment.html
--
Message: 8
Date: Tue, 26 May 2009 23:57:27 +0800
From: ?? jiang...@seec.com.cn
Subject: FW: freeradius2.1.4--Simultaneous
To: freeradius-users@lists.freeradius.org
Message-ID: fed9eb928de94c60a0bed02f25242
I have my freeradius working, I running slackware 12.1 with freeradius
version 2.1.5. I used NTRAping utility to send packets to my freeradius
server. I also used radtest and that was successful. So now I want to set
freeradius with backend mysql database. I am looking for the script
db_mysql.sql
Read the SQL HOWTO at: http://wiki.freeradius.org/SQL_HOWTO. Also, look at
the sql.conf file in the raddb directory and the mysql files in
raddb/sql/mysql. You will want to read the information in admin.sql and
schema.sql.
Tim
From:
Hi guys,
My scenario is:
-- Radius Server
1
Radius Client -- Radius Proxy ---
-- Radius Server
2
Radius Proxy sends the
Mikael Kermorgant wrote:
My Goals :
1) authenticate access to the network from Open Public Access Catalog
(OPAC) desktop machines available to every user of a biblioteque.
OPAC? That must be term local to your site. I don't know what it means.
2) have a guest account with limited LAN
Hi,
1) authenticate access to the network from Open Public Access Catalog
(OPAC) desktop machines available to every user of a biblioteque.
OPAC? That must be term local to your site. I don't know what it means.
we have OPACs too - i think its a term derived from the world
of
My scenario is:
-- Radius Server
1
Radius Client -- Radius Proxy ---
-- Radius Server
2
Radius Proxy sends the request to the first live home server in the list
I've used Livingston and Cistron radiusd's in the past with dialup ppp
users and Cisco/Lucent NASes and have been able to do this with no
problems.
Users are currently authenticating fine and getting assigned IPs from the
IP pool as defined in the Cisco NAS. However, I'd like to have a few,
ok so after reading the admin.sql it looks like it is telling me what to
type into my mysql, to create a default admin for radius,and so freeradius
can read any table in sql, does it matter what I change localhost to or can
it be anyname I want. guess I am seeing what I have to do but not fully
ok so after reading the admin.sql it looks like it is telling me what to
type into my mysql, to create a default admin for radius,and so freeradius
can read any table in sql, does it matter what I change localhost to or
can
it be anyname I want. guess I am seeing what I have to do but not
On Tue, 26 May 2009, Ivan Kalik wrote:
I've used Livingston and Cistron radiusd's in the past with dialup ppp
users and Cisco/Lucent NASes and have been able to do this with no
problems.
Users are currently authenticating fine and getting assigned IPs from the
IP pool as defined in the Cisco
I have a fairly standard config, using EAP/TTLS and an LDAP back end. Both EAP
and non-EAP requests need to do LDAP lookups.
It's working well (I did very little customizing), except I see a lot of the
anonymous outer id's getting sent to the LDAP servers. I moved EAP above LDAP
in the
Hi,
I have a fairly standard config, using EAP/TTLS and an LDAP back end. Both
EAP and non-EAP requests need to do LDAP lookups.
It's working well (I did very little customizing), except I see a lot of the
anonymous outer id's getting sent to the LDAP servers. I moved EAP above
LDAP
doesn't contain any file with that
name.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-- next part --
An HTML attachment was scrubbed...
URL:
https://lists.freeradius.org/pipermail/freeradius-users/attachments/20090526/15e2a75c
Make Sure Overide is Disabled in the ippool module..
e.g. # override:
# If set, the Framed-IP-Address already in the
# reply (if any) will be discarded, and replaced
# with a Framed-IP-Address assigned here.
override = no
That would be so
On Tue, 26 May 2009, Ivan Kalik wrote:
Make Sure Overide is Disabled in the ippool module..
e.g. # override:
# If set, the Framed-IP-Address already in the
# reply (if any) will be discarded, and replaced
# with a Framed-IP-Address assigned here.
Hi All,
I'm having some issues with the acct-session-id, where special characters
for instance [] being converted to it's hex equivalent.
For example below, the Acct-Session-Id = 301[]426932183 when inserted
into the accounting table it is inserted as 301=5B=5D426932183.
I have noticed the
Hi!
On Tue, May 26, 2009 at 11:34:41AM -0400, u...@3.am wrote:
Users are currently authenticating fine and getting assigned IPs from the
IP pool as defined in the Cisco NAS. However, I'd like to have a few,
select users assigned static IPs from outside that pool, but the Cisco
(2811)
Hello,
Any suggestion Windows XP EAP problem?
Balgaa-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, 27 May 2009, Vadim Ostranitsyn wrote:
Hi!
On Tue, May 26, 2009 at 11:34:41AM -0400, u...@3.am wrote:
Users are currently authenticating fine and getting assigned IPs from the
IP pool as defined in the Cisco NAS. However, I'd like to have a few,
select users assigned static IPs from
35 matches
Mail list logo
