Hi,
not really - did you read what I wrote? How can you do a state check
on what is a stateless protocol?
I think you can still do state checks for UDP:
there are ways and means - sure - but in the first throes of
getting some test traffic to the daemon, surely the easiest thing
is to
Hello,
Ok after radius -X command nmap shows me that radius ports are open.
...
[r...@localhost ~]# nmap -v -sU localhost
Starting Nmap 5.00 ( http://nmap.org ) at 2010-01-25 09:36 WET
NSE: Loaded 0 scripts for scanning.
Warning: Hostname localhost resolves to 2 IPs. Using 127.0.0.1.
Initiating
I will be out of the office starting 01/25/2010 and will not return until
01/28/2010.
I will have limited email and voicemail access during the week at the
Phoenix Contact Kickoff meetings. If this is an urgent issue, please
contact our Tech Support group at 800-586-5525.
Thanks,
Dan
-
List
Hi,
I've SELINUX=disabled.
Atentamente,
José Campos
-Mensagem original-
De: freeradius-users-bounces+jjscampos=gmail@lists.freeradius.org
[mailto:freeradius-users-bounces+jjscampos=gmail@lists.freeradius.org]
Em nome de Alan Buxey
Enviada: segunda-feira, 25
On 01/25/2010 01:18 PM, Alan Buxey wrote:
Hi,
not really - did you read what I wrote? How can you do a state check
on what is a stateless protocol?
I think you can still do state checks for UDP:
there are ways and means - sure - but in the first throes of
getting some test traffic to the
Scanning localhost (127.0.0.1) [1000 ports]
Completed UDP Scan at 09:36, 1.21s elapsed (1000 total ports)
Host localhost (127.0.0.1) is up (0.090s latency).
Interesting ports on localhost (127.0.0.1):
Not shown: 996 closed ports
PORT STATE SERVICE
111/udp open|filtered rpcbind
Hi,
Hello,
Ok after radius -X command nmap shows me that radius ports are open.
...
[r...@localhost ~]# nmap -v -sU localhost
okay..what about the output of
netstat -apn | grep 1812
ah.i think I've spotted something far MORE interesting...
[r...@localhost ~]# radtest test test
Ok, that's a good observation, but this is a fresh new installation...
I did not change anything prior the installation of (yum install
freeradius*).
Should I change something before testing it?
Why is radtest doing queries to ::1 (ipv6 address).
Can you help me.
José Campos
-Mensagem
Hi,
I did not change anything prior the installation of (yum install
freeradius*).
Should I change something before testing it?
Why is radtest doing queries to ::1 (ipv6 address).
look in /etc/hosts
see what localhost has been given an alias of. just tell radtest
to use 127.0.0.1 - after
On 01/25/2010 02:37 PM, José Campos wrote:
Ok, that's a good observation, but this is a fresh new installation...
I did not change anything prior the installation of (yum install
freeradius*).
I thing the default is
listen {
...
ipaddr = *
...
}
which means to listen
OK,
It worked all right with: radtest test test 127.0.0.1 0 testing123
José Campos
-Mensagem original-
De: freeradius-users-bounces+jjscampos=gmail@lists.freeradius.org
[mailto:freeradius-users-bounces+jjscampos=gmail@lists.freeradius.org]
Em nome de George Chelidze
Dear freeradius users,
I am currently facing an issue on my network architecture.
Before, I was using freeradius with a DHCP server running in order to attribute
IPs addresses to my customers (I work for an ISP)
This configuration is perfectly working however for security, maintenance and
Hi everyone,
I realise that this maybe somewhat a limitation of the PAM Radius Plugin for
OpenVPN but have searched around for a week now to find a solution.
The problem I am having is that I have an OpenVPN proxy hub that has 3
external IP addresses. I am using huntgroups to distinguish
Sylvain De Muynck wrote:
Before, I was using freeradius with a DHCP server running in order to
attribute IPs addresses to my customers (I work for an ISP)
This configuration is perfectly working however for security,
maintenance and monitoring, I took the choice of delivering IP addresses
Hello,
Can someone give me some guidelines to config freeradius
(freeradius-2.1.7-1.fc11.i586) to do ldap auth.
Witch files must I config.
José Campos
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello freeradius-users,
I have 6 virtual servers on version 2.1.8, each listening on
differents ip addresses lo:[1-6].
I saw it was easy to separate clients files, using clients site-name
{} , and including a sitename.client.conf.
But as huntgroups and users files seems to be loaded globally
Hi,
I saw it was easy to separate clients files, using clients site-name
{} , and including a sitename.client.conf.
But as huntgroups and users files seems to be loaded globally before
sites instanciation, I found no way to dedicate huntgroup and users
file to each server instance, as done
Thanks, Alan, I will check.
Bye.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ldap redundancy Ldap-Group checkItem in user file
Hi all,
I try to migrate a freeradius 1 (where ldap failover was not working)
to freeradius 2 and I have some difficulties to configure LDAP
failover :
As Ldap-Group is registered with individual ldap instances name, (ei
ldap1-Ldap-Group
On 01/24/2010 03:01 PM, Lucio Godoy wrote:
Hi Alan B and Alan D;
I'll investigate the unlang, thats what i needed a pointer where to look.
man unlang
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-
List info/subscribe/unsubscribe? See
Hi All;
I have been reading unlang and also digging the Internet for help with my issue.
I have added the following line to vi sql/mysql/dialup.conf
#Comented out this line
#sql_user_name = %{User-Name}
#as per the man pages:
# Double-quoted strings are expanded by inserting the
Lucio Godoy wrote:
I have been reading unlang and also digging the Internet for help with
my issue.
I have added the following line to vi sql/mysql/dialup.conf
Nope. As the man page says, you need to put the if/else/update
statements into the authorize section.
Alan DeKok.
-
List
hi,
out on a limb but i dont think unlang works in that conf
environment...ou need to do the unlang before you call the
SQL - and ensure that you set SQL-User-Name before you
call the sql in the virtual server
alan
-
List info/subscribe/unsubscribe? See
Hi, I have a problem with my freeradius server, after the authentication, it
does not send the tunnel-type or Tunnel-Medium-Type information.
Can anyone help me?
PEAP: Got tunneled reply RADIUS code 2
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type =
On 1/23/2010 2:07 AM, Alan DeKok wrote:
Padam J Singh wrote:
Hi,
The RADIUS packet has a 8 bit ID field.
This ID field is used to track the requests both in the NAS and the
RADIUS server.
The question is, does the ID need to be unique between the NAS and
RADIUS Server for all packet
Arran Cudbard-Bell wrote:
Really? But they're going to different destination ports, and therefore
different interfaces?
The unique key is:
(src ip/port, dst ip/port, RADIUS code / id)
If there's no existing match, it's a new packet, and it can be processed.
If there is an
Hi,
Hi, I have a problem with my freeradius server, after the authentication, it
does not send the tunnel-type or Tunnel-Medium-Type information.
Can anyone help me?
where in the system are you configuring/setting those Tunnel-Type etc
attributes?
are those attrs being set on another RADIUS
Hi,
From radius.log, the symptom of the failure goes as follow
1. rlm_ldap receives constraint violation reply from ldap.
2. other authentication requests immediately followed the constraint
violation reply failed with incorrect login
sample radius log
-
Jan 12 13:44:05 : rlm_ldap:
Hi all;
I am nearly there, thanks to you all.
I have created this rule on the file sites-available/default on the authorize
section:
if(%{User-Name}){
if (%{User-Name} =~ /^([...@]*)(@([-[:alnum:].]+))?$/){
update request {
Hi,
I have redundant NAS nodes and they obviously have two different NAS-IP. If
one NAS fails, the entity for which I'm accounting traffic is automatically
switched over to the redundant NAS which can keep sending accounting
records to Radius. However, the records will have different NAS-IP,
Write the accounting information to a MySQL database. Then query the radacct
table for the accounting information.
Tim
From:
freeradius-users-bounces+tim.sylvester=networkradius@lists.freeradius.or
g
[mailto:freeradius-users-bounces+tim.sylvester=networkradius@lists.freer
You can configure FreeRADIUS to store all of the accounting information in
one file in the same directory. Look at the etc/raddb/modules/detail file
for instructions on how to change where accounting information is logged.
The default detail file name is:detailfile =
At 12:43 AM 1/20/2010, freerad...@corwyn.net wrote:
At 08:33 PM 1/14/2010, freerad...@corwyn.net wrote:
The Windows environment works, with one quirk, if no one has logged
in for a while (~15-30 min), the next user gets:
It looks like the only difference (besides MSCHAP strings) between
the
chui wrote:
From radius.log, the symptom of the failure goes as follow
1. rlm_ldap receives constraint violation reply from ldap.
Well... that's an issue with LDAP.
2. other authentication requests immediately followed the constraint
violation reply failed with incorrect login
Likely
Lucio Godoy wrote:
I have created this rule on the file sites-available/default on the
authorize section:
if(%{User-Name}){
Or just:
if (User-Name) {
The unlang docs say that means check if the attribute exists.
if (%{User-Name} =~
Marlon Duksa wrote:
The acct-session-id and framed-ip-addrss will be the same (and this is
what I use to identify the entity for which I collect acct info). Is
there any way that this new records will be written to the same file as
before the failover so that I can correlate the records?
36 matches
Mail list logo