On 2010/09/22 03:15 PM, Alan DeKok wrote:
I've put some preliminary tar files on:
http://git.freeradius.org/pre/
If there are any issues, let me know now. Otherwise we'll release
2.1.10 on Monday.
Would be nice to remove +git from debian/changelog
--
Johan Meiring
Cape PC Services
Panagiotis Georgopoulos pa...@comp.lancs.ac.uk wrote:
I have a client machine that authenticates to FreeRadius using
EAP-TTLS over Access_Point_1 just fine. When I roam the client to
Access_Point_2 and tries to authenticate again to FreeRadius, session
resumption seems to be failing with
In the clients.conf file is it possible to make custom variables and then
test for those/match them in the users file?
What I'd like to do is create a variable called vendorname and use that to
dictate what stub in the users file gets hit depending on the make/platform
of the equipment in
Hi Alexander, all
Thanks a lot for your reply. Please see my comments below...
Panagiotis Georgopoulos pa...@comp.lancs.ac.uk wrote:
I have a client machine that authenticates to FreeRadius using
EAP-TTLS over Access_Point_1 just fine. When I roam the client to
Access_Point_2
Hi everybody!!
I've got a strange problem with expand the result of the execution of a
program. This is my config data:
-- dictionary ---
ATTRIBUTE mi-resultado-script 3003integer
- exec --
exec {
John Horne wrote:
We also have the file /etc/raddb/modules-local/attr_filter which
contains:
Have you *deleted* the default configuration for the
attr_filter.post-proxy module?
If not, you have *two* copies of the module configuration. That's why
it's having issues. It picks on the first
On 23/09/10 08:23, Cameron Wood wrote:
In the clients.conf file is it possible to make custom variables and
then test for those/match them in the users file?
Yes; this came up on the list recently:
http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg62699.html
-
List
On Thu, 2010-09-23 at 12:05 +0200, Alan DeKok wrote:
John Horne wrote:
So, I guess the question is why is freeradius reloading the post-proxy
filter a second time after the HUP?
The question is why do you have two configurations for the same module?
The only bug here is that the
Juan Rodríguez wrote:
Hi everybody!!
Executing /aplicaciones/radius/bin/radius_ath.sh
Exec-Program output:
The program printed nothing.
Exec-Program: returned: 1
result 1
expand: %{exec:/aplicaciones/radius/bin/radius_ath.sh} -
The result of the program is 1 but the value of the
Bjørn Mork wrote:
RCS keywords don't make sense with git, so use the RADIUSD_VERSION
macro instead, like the server and radmin already do.
Added, thanks.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thank you Alan.
I get this error now:
expand: %{exec:/aplicaciones/radius/bin/radius_ath.sh} - 1
ERROR: Failed parsing value 1 for attribute mi-resultado-script: Unknown
value 1 for attribute mi-resultado-script
We can see a space after value 1. I've write in my script the line
echo
Hello all
one radius == freeradius-1.1.7
one mysql server
create db == db1, db2 , db3, db4 .
I want multiple dialupadmin
dialupadmin1 use == db1
dialupadmin2 use == db2
dialupadmin3 use == db3
dialupadmin4 use == db4
..
..
Would it be possible?
Please Help me
-
List
Panagiotis Georgopoulos pa...@comp.lancs.ac.uk wrote:
Hmm, yes I think I do. So the server keeps the reply of an authentication
and therefore if a client has authenticated successfully before, there
should be a valid entry of his identity in the cache so that Phase 2 of TTLS
in my case would
Juan Rodríguez wrote:
Thank you Alan.
I get this error now:
expand: %{exec:/aplicaciones/radius/bin/radius_ath.sh} - 1
ERROR: Failed parsing value 1 for attribute mi-resultado-script:
Unknown value 1 for attribute mi-resultado-script
See scripts/exec-program-wait
This is
I just noticed the redhat/freeradius.spec file wasn't fully updated in
2.1.0. It was missing the dynamic_clients and opendirectory modules in
the %files section. Also the release tag was left at 2 instead of being
reset to 1. Attached is a patch, in addition to the above it adds the
changelog
We are experiencing an issue where certain policies need to push down to
laptops before the user enters their credentials to authenticate to the
wireless network. We only have Radius/802.1x enabled on the wireless right
now. Is it possible to authenticate the device based on MAC address so the
John Dennis wrote:
I just noticed the redhat/freeradius.spec file wasn't fully updated in
2.1.0. It was missing the dynamic_clients and opendirectory modules in
the %files section. Also the release tag was left at 2 instead of being
reset to 1. Attached is a patch, in addition to the above it
On Tue, Sep 21, 2010 at 12:41:08PM +0100, Alan Buxey wrote:
Hi,
is it possible to send attributes based on the used SSID?
yes. as that can be gained from RADIUS attributes sent to the
RADIUS server . where you do them, and how you do them - ie unlang,
users, SQL huntgroups etc etc is
Hello Peter and Alan,
Thank you for your reply. I've given the documentation of Peter a look but I'm
not that familiar with LDAP or how its underpinnings work in OS X Server.
When the Cisco router now authenticates against the FreeRADIUS server all works
fine except for the fact that the group
Hi Phil,
Thank you so much for responding with your recommendations.. The Ldap config
varies only by Server IP, Base DN and password.. If I use option #2, how
does Free Radius know which OU to plug in when authorizing users? Does that
mean users have to enter their fully qualified login name ?
On 23/09/10 15:08, Ziggy Bopster wrote:
Hi Phil,
Thank you so much for responding with your recommendations.. The Ldap
config varies only by Server IP, Base DN and password.. If I use option
If the bind DN passwords are different, you probably can't use this
option. You'll probably need 1
Aiko Barz a...@chroot.de wrote:
Now I am able to ask various Active Directory servers by using
Net::LDAPS. This enables me to put the following parameters into
relation:
- DOMAIN
- username
- SSID
And it makes me more flexible when I have to deal with complex Active
Directory forest
Rob Yamry rya...@kimberly.k12.wi.us wrote:
We are experiencing an issue where certain policies need to push down to
laptops before the user enters their credentials to authenticate to the
wireless network. We only have Radius/802.1x enabled on the wireless right
now. Is it possible to
Hi Phil,
Let me look into the docs and see if I can get something setup..
If I had one SSID and wanted multiple LDAP servers search bases behind it,
should I use Option#1.. (i.e. User selects SSID Secure.. If user is not
found in LDAP search base #1, look for user in LDAP search base #2, if not
On 23/09/10 16:21, Ziggy Bopster wrote:
Hi Phil,
Let me look into the docs and see if I can get something setup..
If I had one SSID and wanted multiple LDAP servers search bases behind
it, should I use Option#1.. (i.e. User selects SSID Secure.. If user is
not found in LDAP search base #1,
Thank you.
On Thu, Sep 23, 2010 at 8:32 AM, Phil Mayers p.may...@imperial.ac.ukwrote:
On 23/09/10 16:21, Ziggy Bopster wrote:
Hi Phil,
Let me look into the docs and see if I can get something setup..
If I had one SSID and wanted multiple LDAP servers search bases behind
it, should I use
On 9/17/10 11:09 AM, Alan DeKok wrote:
Jeffrey Collyer wrote:
Could someone give me a pointer/hint as to how to configure eap/ldap to
cut down on the number of ldap queries. Any help greatly appreciated.
The default configuration does *not* do LDAP lookups. So... use the
default
Jeffrey Collyer wrote:
setup information that I failed to explain properly the first time :
freeradius 2.1.7 is used to
authenticate wireless users with eap-tls
Well... that would have been nice to say.
I started with a default configuation and added ldap to it in the
Charles Hooper wrote:
I am trying to work out why an Acct-Interim-Interval is not being sent
to NAS with the Accept-Accept.
You need to configure the server to send it back.
I don't receive back any accounting
messages from my WRT54GL with DD-WRT v24 on it.
It might not even support
In the users file is where you specify the reply attributes in my example.
So using your example:
DEFAULT Huntgroup-Name == CiscoVPN, Ldap-Group ==
cn=CiscoVPN,ou=Roles,ou=Radius,DC=ACME,DC=COM
Service-Type = NAS-Prompt-User,
Idle-Timeout = 600,
Cisco-AVPair =
Hi
I configured a freeradius server with EAP_TLS to authenticate clients that
connects to Cisco AP.
When I run freeradius -X I got a lot of activity output but the client is
still trying to authenticate
I post last lines from the server's output
I see the port of Access-request es 1645 but I
Thanks for the reply Phil, that looks like exactly like what I was after.
Cheers
Cam.
--
On Thu, Sep 23, 2010 at 20:36, Phil Mayers p.may...@imperial.ac.uk wrote:
On 23/09/10 08:23, Cameron Wood wrote:
In the clients.conf file is it possible to make custom variables and
then test for
32 matches
Mail list logo