Hi,
Our radius-server timeout is high enough: 4 minutes. Once again: I
suppose that what freeradius thinks of as Received conflicting packet
... are rather a bit delayed packets normally treated as Discarding
conflicting packet ..., i.e. they arrive at freeradius in maybe 1.01+
Hi to all,
I've installad freeradius on a Debian box with Mysql DB.
After the upgrade from freeradius version 1.7 and freeradius 2.x I
notice that sometimes, but everyday, the freeradius doesn't respond. I
must do a /etc/init.d/freeradius restart
In my log:
Mon Oct 12 10:24:45 2009 : Info:
Alan Buxey wrote:
Hi,
Our radius-server timeout is high enough: 4 minutes. Once again: I
suppose that what freeradius thinks of as Received conflicting packet
... are rather a bit delayed packets normally treated as Discarding
conflicting packet ..., i.e. they arrive at freeradius in
Stefan A. wrote:
I still see the memory consumption rising over the time
Output from top every 5 Minutes:
SIZE/RES
16M/13M
34M/32M
53M/51M
71M/69M
...it rises about 3-4 MB per Minutes.
Ugh.
I read about some issues and tried 2.1.7... still the same.
Because the code in rlm_sql.c
Our radius-server timeout is high enough: 4 minutes. Once again: I
suppose that what freeradius thinks of as Received conflicting packet
... are rather a bit delayed packets normally treated as Discarding
conflicting packet ..., i.e. they arrive at freeradius in maybe 1.01+
second after the
Ivan Kalik wrote:
Our radius-server timeout is high enough: 4 minutes. Once again: I
suppose that what freeradius thinks of as Received conflicting packet
... are rather a bit delayed packets normally treated as Discarding
conflicting packet ..., i.e. they arrive at freeradius in maybe 1.01+
rihad wrote:
Trying for the third time:
Do you have any intention of reading the messages here?
there are many, many requests of the
Discarding conflicting packet kind, which for one reason or another
are dupped by our Cisco NASes in under one second (see the code). And
there are many,
Alan DeKok wrote:
rihad wrote:
Trying for the third time:
Do you have any intention of reading the messages here?
there are many, many requests of the
Discarding conflicting packet kind, which for one reason or another
are dupped by our Cisco NASes in under one second (see the code). And
Hi,
I changed the listen IP as you has told me last time. Now I am able to connect
to the free radius, I get the vrf properly configured on the LNS as expected by
the radius and get the proper IP also. But now the problem is that once I am
connected, after 5 secs i get disconnected. I saw in
rihad wrote:
Oh yeah? Isn't Cisco 7260 good enough for you?
Q: Hi, I have a RADIUS server that is slower than a 386, and a NAS that
violates the RADIUS protocol. What should I do?
A: Fix the server and the NAS.
Q: You bastards! How dare you tell me my equipment is broken!
While this
I changed the listen IP as you has told me last time. Now I am able to
connect to the free radius, I get the vrf properly configured on the LNS
as expected by the radius and get the proper IP also. But now the problem
is that once I am connected, after 5 secs i get disconnected.
According to
hi,
just a quick catch-up on using SQL for client configuration...
what is the current status of support for 'require_message_authenticator',
'virtual_server' and 'coa_server' options being fed in via rlm_sql -
I'm aware that theres ability to name virtual_server but what happens
if the field
Alan DeKok wrote:
rihad wrote:
Oh yeah? Isn't Cisco 7260 good enough for you?
Q: Hi, I have a RADIUS server that is slower than a 386, and a NAS that
violates the RADIUS protocol. What should I do?
A: Fix the server and the NAS.
Q: You bastards! How dare you tell me my equipment is
rihad wrote:
Being 100% correct protocol-wise means nothing, if the software can't
fit well into an environment.
So you agree that the NAS is broken.
Just a recent example off the top of my
head: dnscache. Its security and DNS protocol support are astonishing.
But due to it being unable
accounting {
if (Acct-Status-Type == Start) {
update reply {
Tmp-String-0 =
%{exec:/etc/freeradius/SCRIPT/userlogin.py %{User-Name}}
}
}
if (Acct-Status-Type == Stop)
of virus signature
database 4494 (20091009) __
The message was checked by ESET Smart Security.
http://www.eset.com
__ Information from ESET Smart Security, version of virus signature
database 4500 (20091012) __
The message was checked by ESET Smart Security.
http
Being 100% correct protocol-wise means nothing, if the software can't
fit well into an environment.
Exactly. The only problem being your inability to comprehend that
freeradius is not faulty but it is your perl script that can't cope. If
you are unwilling to alter it in order to speed things up
Ivan Kalik wrote:
Being 100% correct protocol-wise means nothing, if the software can't
fit well into an environment.
Exactly. The only problem being your inability to comprehend that
freeradius is not faulty but it is your perl script that can't cope.
Why do you not understand that even if I
rihad wrote:
Ivan Kalik wrote:
Exactly. The only problem being your inability to comprehend that
freeradius is not faulty but it is your perl script that can't cope.
Why do you not understand that even if I put sleep 1 right before
finishing a request in my auth/acct Perl scripts, meaning
Hi,
finishing a request in my auth/acct Perl scripts, meaning each request
would take at least 1 second to process, freeradius shouldn't care! It
okay...you have a daemon listening on port 1812 ... how many threads
or radiusd processes are you running - because , for example, if you have
Rihad,
Take your NAS, and throw it in the garbage. Buy a real NAS that
implements RADIUS.
Oh yeah? Isn't Cisco 7260 good enough for you?
Hmmm ... A few months ago I was working on a project with a Cisco 72XX
terminating PPoE connections from DSL modems. I was using custom SQL code
Alan Buxey wrote:
what is the current status of support for 'require_message_authenticator',
'virtual_server' and 'coa_server' options being fed in via rlm_sql -
I'm aware that theres ability to name virtual_server but what happens
if the field is entry - does it go to the default
I was searching back in the archives, and in September there was a user
who reported a problem with session resumption. I'm seeing the exact
same symptoms I believe, also on Debian 5.0 with OpenSSL 0.9.8g. I never
saw any follow up? Is there a fix known for this? I am using a locally
compiled
David Mitchell wrote:
I was searching back in the archives, and in September there was a user
who reported a problem with session resumption. I'm seeing the exact
same symptoms I believe, also on Debian 5.0 with OpenSSL 0.9.8g. I never
saw any follow up? Is there a fix known for this? I am
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi folks,
I'm trying to ascertain how to have radiusd return an arbitrary attribute with
each successful authentication. My radiusds are doing PEAP/MS-CHAPv2 against
Kerberos for authn, and it seems like activating rlm_ldap for authz will cause
Security.
http://www.eset.com
__ Information from ESET Smart Security, version of virus signature
database 4501 (20091012) __
The message was checked by ESET Smart Security.
http://www.eset.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok wrote:
David Mitchell wrote:
I was searching back in the archives, and in September there was a user
who reported a problem with session resumption. I'm seeing the exact
same symptoms I believe, also on Debian 5.0 with OpenSSL 0.9.8g. I never
saw any follow up? Is there a fix known
I know that this list is not connected with any hardware vendor but I
see that every couple days someone cries here NAS problems...
I use Mikrotik and I'm not satisfied (duplicated packets, does not
support POD correctly , etc)
Also, yesterday I see that Cisco can be pain in the a***
Thanks to some handy hints in here, I've had some success with rlm_perl. But
(and there is always a but)
I've been happily developing against 2.x but have just discovered I need to
actually use 1.x because of RHEL. The rlm_perl link of both version 1 and
version 2 points to the same
Hi Ivan
I managed to install the certificates on XP machine and works filn. I
had configured my AP IP addresss in radius Server and shared secret
key.yesterday i can get an Ip address when i click on the SSID today i
get limited network connectivity. I hse VLAN 3 on the SSID. It was
working well
30 matches
Mail list logo