Hi all. I have a question about rlm_ippool and cache-size option.
Info from description: cache-size: The gdbm cache size for the db
files. Should be equal to the number of ip's available in the ip
pool.
Also, note the cache size matches the number of IP's in your pool.
More is OK but
Konstantin Chekushin wrote:
My pool size is 32k. And I'm using this pool only for fallback issue.
So, I'll need it rarely in the future.
For 32K IP's, I'd suggest using a database.
If cache-size = 32768, then radiusd process takes all memory.
Mon Sep 13 12:33:46 2010 : Error: Couldn't
Hallo Liste,
is there any how_to or solution to interpret the ldap checkItem and
change the replyItem (I think in inner-tunnel)?
f.e.: If the checkItem match one of 'sec11', 'Sec11', 'SEC11'... the
replyItem should be set to '111'.
ldap.attrmap:
checkItem Tunnel-Private-Group-Id
Hi David and Alexander... thank you, so much...
I've tried your tips, but it didn't work...
# dpkg -l |grep freeradius
ii freeradius
2.1.9+gita high-performance and highly
configurable R
ii freeradius-common
On 09/13/2010 01:44 PM, Michael Bathe wrote:
Hallo Liste,
is there any how_to or solution to interpret the ldap checkItem and
change the replyItem (I think in inner-tunnel)?
f.e.: If the checkItem match one of 'sec11', 'Sec11', 'SEC11'... the
replyItem should be set to '111'.
ldap.attrmap:
Michael Bathe wrote:
is there any how_to or solution to interpret the ldap checkItem and
change the replyItem (I think in inner-tunnel)?
f.e.: If the checkItem match one of 'sec11', 'Sec11', 'SEC11'... the
replyItem should be set to '111'.
$ man unlang
The ldap module doesn't do generic
Kleber Larroyd wrote:
If you can't be bothered to explain *why* you're doing this, and
*what* is going wrong, then we can't be bothered to read the reams of
data you posted.
It also helps to *read* the debug output. Really.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Douglas Caro wrote:
Hi David and Alexander... thank you, so much...
I've tried your tips, but it didn't work...
shrug The Wiki contains instructions for building your own debian
package with OpenSSL support.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
On 09/13/2010 10:35 AM, Kleber Larroyd wrote:
Have any idea ? Where can i find the solution ?
When i trying connect (windows vista) freeradius server *with wireless over
access point* i get this error:
In the future please follow the instructions to send the *complete*
output of radiusd -X
Thanks for advice, but I am using database for main solution (I've
writen my module for this issue, which uses rlm_sql functions for sql
logic). And I wont to use file-based for redundancy only. So, the
main question - what will happens, if query-cache will be less, then
ip-range? I have
Douglas Caro wrote:
# freeradius -v
freeradius: FreeRADIUS Version 2.1.9, for host i486-pc-linux-gnu, built
on Sep 13 2010 at 09:40:57
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
It seems suspicious to me that your freeradius is reporting a build date
of today.
David Mitchell wrote:
Douglas Caro wrote:
# freeradius -v
freeradius: FreeRADIUS Version 2.1.9, for host i486-pc-linux-gnu, built
on Sep 13 2010 at 09:40:57
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
It seems suspicious to me that your freeradius is reporting
Hi,
peap {
default_eap_type = mschapv2
copy_request_to_tunnel = no
use_tunneled_reply = no
personally, I'd advise that you set those to yes rather than no.
File /etc/raddb/users
DEFAULT Auth-Type = ntlm_auth
you dont need to do this. ever. we
Hello
If someone who has a working freeradius samba ntlm_auth AD 2008 setup
could let me know which version of samba they are using and which
patches it might help me a great deal.
I have a working configuration freeradius + samba 3.0.37 + Active
Directory 2003.
Our Active Directory servers are
Hi,
The messages keep appearing
Ignoring EAP-Type/tls because we do not have OpenSSL support.
Ignoring EAP-Type/ttls because we do not have OpenSSL support.
Ignoring EAP-Type/peap because we do not have OpenSSL support.
I'm not sure which bit of this isnt clear enough? the FreeRADIUS
Hi,
Can somebody indicates me if there is any log that can help me identifying the
problem with my Windows XP client trying to authenticate to the radius server.
I do not know how to interpret the RADIUS/DECODE:
parse response no app start; FAIL since no communication was establish between
Hi,
If someone who has a working freeradius samba ntlm_auth AD 2008 setup
could let me know which version of samba they are using and which
patches it might help me a great deal.
I have a working configuration freeradius + samba 3.0.37 + Active
Directory 2003.
we moved to 2008 last year
http://de3wpk.2010healthworld2.com/cap
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi guys ,
Im trying to authenticate freeradius against passwd , but i keep getting
Login Incorrect error , im doing EAP/PEAP mschapv2
I dont know what im missing
I can perform a radtest with sucess .
Here is the ouput
rad_recv: Access-Request packet from host 192.168.0.1 port 2048, id=187,
Paulo Maia wrote:
Im trying to authenticate freeradius against passwd , but i keep getting
Login Incorrect error , im doing EAP/PEAP mschapv2
I dont know what im missing
I can perform a radtest with sucess .
Here is the ouput
Which you need to read. The debug output you posted to the list
Hi
I´ll like to know if there is a way to configurates a Radius server + Mysql
to authenticate Wireless clients via a Cisco AP without certificates (EAP
TLS), only a username and password
Thanks
--
*Esteban Talavera*
-
List info/subscribe/unsubscribe? See
Hi
I have installed freeradius recently with MySQL and tested with success to
authenticate VTY session en cisco routers and switches.
However, my configuration with EAP_TLS is not working properly.
I use a Cisco AP
I create and copy the certificates to a Windows XP SP3 laptop to test if
Hi Esteban,
this can be done via EAP-PEAP or EAP-TTLS, but not directly via TLS.
Regards,
Marten Pape
Esteban TALAVERA schrieb:
Hi
I´ll like to know if there is a way to configurates a Radius server +
Mysql to authenticate Wireless clients via a Cisco AP without
certificates (EAP TLS),
Hi Marten
You mean configuring freeradius for EAP-PEAP its not necessary to creates
certificates?
Its possible to use with CISCO AP as NAS?
Thanks
On Mon, Sep 13, 2010 at 6:23 PM, Marten Pape marten.p...@pape-hn.de wrote:
Hi Esteban,
this can be done via EAP-PEAP or EAP-TTLS, but not
Esteban TALAVERA wrote:
I create and copy the certificates to a Windows XP SP3 laptop to test
if everything is OK, but in freeradius -X mode I got a lot of message
and none give me the reason of the problem.
The AP says authentication failed and the Radius server sends the
challenge an
Konstantin Chekushin wrote:
Thanks for advice, but I am using database for main solution (I've
writen my module for this issue, which uses rlm_sql functions for sql
logic). And I wont to use file-based for redundancy only. So, the main
question - what will happens, if query-cache will be less,
26 matches
Mail list logo
