09/30/2009 03:35 AM, José Johnny RANDRIAMAMPIONONA:
I solved the problem.
I think It ll better to put it in a tutorial or something(I ll do it)!
Please, yes.
I inted to switch AUTH to LDAP and keep PGSQL for ACCT, your feedback
is important to me.
--
Architecte Informatique chez
Dear all,
I'm trying to use rlm_sqlippool with mysql. User can get IP address from
pool with Pool-Name attribute but all users get same IP address.
How to solve this ?
Best regards,
Tseveendorj
TunamalCom LLC
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I'm trying to use rlm_sqlippool with mysql. User can get IP address from
pool with Pool-Name attribute but all users get same IP address.
How to solve this ?
Debug?
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
I am checking simultaneous-use information, logged users etc on sql server.
The problem is, if a user logges in, nearly after a minute later i can see
the logged on user on mysql tables. But i can see the same user with
radlast command in the same second the user logs in.
So it seems like
Hi Ivan Kalik,
Sorry, How to debug ?
Best regards,
Tseveen.
Ivan Kalik wrote:
I'm trying to use rlm_sqlippool with mysql. User can get IP address from
pool with Pool-Name attribute but all users get same IP address.
How to solve this ?
Debug?
Ivan Kalik
Kalik Informatika ISP
-
List
I am checking simultaneous-use information, logged users etc on sql
server.
The problem is, if a user logges in, nearly after a minute later i can see
the logged on user on mysql tables. But i can see the same user with
radlast command in the same second the user logs in.
So it seems like
I am checking simultaneous-use information, logged users etc on sql
server.
The problem is, if a user logges in, nearly after a minute later i can
see
the logged on user on mysql tables. But i can see the same user with
radlast command in the same second the user logs in.
So it seems like
-Original Message-
From:
freeradius-users-bounces+kamil=extendbroadband@lists.freeradius.org
[mailto:freeradius-users-bounces+kamil=extendbroadband@lists.freeradius.
org] On Behalf Of Ivan Kalik
Sent: Wednesday, September 30, 2009 1:07 PM
To: FreeRadius users mailing list
I am checking simultaneous-use information, logged users etc on sql
server.
The problem is, if a user logges in, nearly after a minute later i can
see
the logged on user on mysql tables. But i can see the same user with
radlast command in the same second the user logs in.
So it seems like
from ESET Smart Security, version of virus signature
database 4470 (20090930) __
The message was checked by ESET Smart Security.
http://www.eset.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I am checking simultaneous-use information, logged users etc on sql
server.
The problem is, if a user logges in, nearly after a minute later i can
see
the logged on user on mysql tables. But i can see the same user with
radlast command in the same second the user logs in.
So it seems like
All,
I am having problems with my freeradius server for the past 24
hours, which seems that the radius server isn't authenticating EAP-TLS
clients from my wireless network. I am looking for a little advice from
the local subject matter experts. I am running a Vista and an XP home
client
At the first try of sql i see the error
rlm_sql (sql_lojnet): Couldn't insert SQL accounting START record - Column
'AcctStopTime' cannot be null
Maybe that might be causing this...
So how can i fix that???
Something is wrong with your schema. Default is:
acctstoptime datetime NULL default
two options
1. allow null for AcctStopTime field (Alter table radacct )
2. change queries in dialup.conf file for accounting (start query) and
replace NULL with '0' for AcctStopTime
Keep in mind that second option is much harder then the first one
because you need to change all accounting
At the first try of sql i see the error
rlm_sql (sql_lojnet): Couldn't insert SQL accounting START record -
Column
'AcctStopTime' cannot be null
Maybe that might be causing this...
So how can i fix that???
Something is wrong with your schema. Default is:
acctstoptime datetime NULL
I am having problems with my freeradius server for the past 24
hours, which seems that the radius server isn't authenticating EAP-TLS
clients from my wireless network. I am looking for a little advice from
the local subject matter experts. I am running a Vista and an XP home
client right
Pierre-Henri Baraffe wrote:
Hello,
I have a mistake with my freeradius. On server with 1.1.7 the command :
radzap -u username -P port-nas 127.0.0.1 secret work with no problem
On a new server with FR 2.0.5, with the same command i have this error
radclient:: failed to get
So I went back to a clean install of Fedora 11, followed the instructions
on installing freeradius via yum.
Then I issued the command:
chkconfig --list radiusd (and got the following)
radiusd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
so i entered sudo chkconfig radiusd on
and then I got
Hi:
We have a client running FreeRadius 2.1.6 on a Linux box authenticating
against shadow passwords. I've gone over the radiusd.conf and it appears
that the expire module is enabled by default in the global config (there
are no virtual servers here). However, FreeRadius appears to be
I think that editing /etc/rc.local will start freeradius as a service. u v
just to add sbin/rc.radiusd start .
Best
2009/9/30 paul.blal...@gmail.com
So I went back to a clean install of Fedora 11, followed the instructions
on installing freeradius via yum.
Then I issued the command:
On 09/30/2009 12:52 PM, paul.blal...@gmail.com wrote:
So I went back to a clean install of Fedora 11, followed the
instructions on installing freeradius via yum.
Then I issued the command:
chkconfig --list radiusd (and got the following)
radiusd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
so i
Have you checked the appropriate logs?
Any info in /var/log/radius/radius.log? Please post the contents.
How do you start it and as what user?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 09/30/2009 01:19 PM, José Johnny RANDRIAMAMPIONONA wrote:
I think that editing /etc/rc.local will start freeradius as a service.
u v just to add sbin/rc.radiusd start .
No, don't do this. Please use the standard System V init mechanisms only.
/sbin/chkconfig
/sbin/service
--
John Dennis
On 09/30/2009 01:57 PM, Danner, Mearl wrote:
Have you checked the appropriate logs?
Any info in /var/log/radius/radius.log? Please post the contents.
good suggestion
How do you start it and as what user?
Since this is Fedora and uses System V initscript it will start as root
and then
Hi there!
Please help
I´m doing a attr_rewrite with an attribute in the request:
attr_rewrite strip-vpn {
attribute = Acct-Session-Id
searchin = packet
searchfor = ^[^\(]+([\(])([^\)]+).+$
replacewith = %{2}
new_attribute = no
max_matches =
Hi,
We tried to stress test (EAPTLS) FreeRADIUS 2.1.7 which sits behind Load
Balancer
We had 2 FreeRADIUS servers behind load balancer (R1,R2)
Some requests got rejected (Access-Reject was sent) and the log showed
Wed Sep 30 11:56:31 2009 : Error: rlm_eap: No EAP session matching the State
hi,
in the UK I deal with various questions regarding FreeRADIUS
configuration and abilities - occasionally a question pops up that
I'm very unfamilar with or havent got a direct clue to answer..
today one of those reemerged and as this might affect anyone at any point
I was looking for best
leopold wrote:
Hi,
We tried to stress test (EAPTLS) FreeRADIUS 2.1.7 which sits behind Load
Balancer
That doesn't work. Don't bother trying to fix FreeRADIUS. Instead,
use a load balancer that is aware of EAP. e.g. FreeRADIUS.
Now we understand that if EAPTLS session started (we have
Alan Buxey wrote:
anyway, in summary, your RADIUS server has to answer to the old clients
and the new clients. What is the best practice way or configuration to ensure
that your RADIUS server can be both people...old servercert+old_CA and
new servertcert+new_CA so that it can deal with both
It occurred to me there is one there is one issue you might need to be
aware of, bootstrapping. The server with the default configuration will
not successfully start without certificates. radiusd will automatically
create temporary certificates the first time it is run for you if you
don't
Hi,
Stick your fingers in your ears and go la la la la la.
;-) I'll get some ear plugs then - at least I can then continue
typing :-)
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Alan,
First, I don't profess to be an eap expert and what follows is based upon my
understanding of how eap and RADIUS work.. I'm also interested to see if
anyone else has any other thoughts..
anyway, in summary, your RADIUS server has to answer to the old clients
and the new clients.
Hi,
I was wondering where to look in free radius, for something that is kicking
the wireless clients off at a certain time. I have a backend mysql database
that allows the clients certain times to login from. Where would the file be
located that is telling the free radius server that there time is
Hi,
ah..if all our systems were under full control and were Windows boxes life
would be easier - but so much duller :-) we have a mixture of clients and
a mixture of centrally managed and personal systems
I can certainly see that using a seperate SSID would be a way of doing it..
but not
We have a client running FreeRadius 2.1.6 on a Linux box authenticating
against shadow passwords. I've gone over the radiusd.conf and it appears
that the expire module is enabled by default in the global config (there
are no virtual servers here). However, FreeRadius appears to be ignoring
I was wondering where to look in free radius, for something that is
kicking
the wireless clients off at a certain time. I have a backend mysql
database
that allows the clients certain times to login from. Where would the file
be
located that is telling the free radius server that there time
DEFAULT User-Name =~ ^(\.*)([a-zA-Z]{3}[0-9]{5}), Huntgroup-Name ==
test,
ldapgroups1-Ldap-Group==cn=%{Acct-Session-Id},o=test,c=de
Use unlang instead.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
What is the best way to deal with misbehaving nas's that send accounting
to both the primary and secondary server, even while receiving replies
to both queries.
This results in multiple accounting records in sql, with duplicate
acctsessionid and acctuniqueid values.
Assuming the NAS cannot
Hello,
I'm back on this issue again. 2.1.6 on FBSD and RHEL. When doing 8021x auth
using winblows xp supplicant (wired) and the setting use my windows username
and password, I can't seem to get FR to strip the domain name.
I have the nt hack enabled in a couple places. Also read about using
as Alan Dekok said...deploy a new CA in advanced
and then sign server with that new CA and put cert into place.
I read Alan's reply and it's logical (as usual ;-) ).
Perhaps it wasn't stated because it was intuitively obvious, but the only thing
I would add is that when the new CA cert is
Hi Mihamina,
It ll take a few days to me to finish the tuto(my training report with it)
but if u want I can email it in your Inbox. Anyway, I had two big problems:
- I worked on a given server and the running distribution is not really
my favorite one. I thought that the server was up to date ,
41 matches
Mail list logo