Terry Simons wrote:
I'm running into an issue where FreeRADIUS allows an invalid certificate (one
not signed by my configured CA) to successfully authenticate to EAP-TLS.
Well... the code which prints the error verify error:num=20: is in
the verify certificate callback function. It's
Hi,
I am trying to configure netscreen 208 firewall to authenticate and
account for users traffic when they login via the captive portal. I
have installed freeradius 2.1.9 on Fedora core 13.
in the /etc/raddusers I added the bellow entry for rsa
rsa Cleartext-Password := nopass
Ramzi Abdallah wrote:
when user rsa logs in to the captive portal the authentication is
successful however user rsa still can not access the internet
Read the NAS documentation to see which attributes in needs in the
Access-Accept.
This isn't a FreeRADIUS problem.
Alan DeKok.
-
List
Hello,
For those using rlm_jradius, there is a new release of the JRadius
server: http://www.coova.org/JRadius
Be sure to upgrade your rlm_jradius ! (probably the most common issue we
hear about; I submitted a patch a while back, but haven't followed it
up)
Get it from (also included in java
Thanks Phil.
Final question: At the moment, I can authenticate with username, but not with
usern...@mydomain.ox.ac.uk
How do I tell freeradius to accept usern...@mydomain.ox.ac.uk (I don't mind if
authenticating with just username without the domain fails)
Thanks,
Mark
-
List
It's possible that this don't work?
http://freeradius.org/list/users.html :?
Martín Ruiz
Ibersystems Solutions, SL
Dpto. Redes Inalámbricas
Tel. 902 430 367
669 37 95 21
Fax 93 758 63 01
http://www.ibersystems.es [http://www.ibersystems.es/]
martinr...@ibersystems.es
On 13/10/10 11:55, Mark Holmes wrote:
Thanks Phil.
Final question: At the moment, I can authenticate with username, but not with
usern...@mydomain.ox.ac.uk
How do I tell freeradius to accept usern...@mydomain.ox.ac.uk (I don't mind if
authenticating with just username without the domain
David Bird wrote:
Be sure to upgrade your rlm_jradius ! (probably the most common issue we
hear about; I submitted a patch a while back, but haven't followed it
up)
I'll get it into 2.1.11.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Phil Mayers p.may...@imperial.ac.uk wrote:
Anyway, as always - if it's failing, please post the full debug output i.e.:
radiusd -X | tee log
...I am pretty sure that is meant to be:
radiusd -X 21 | tee log
I thought freeradius printed to STDERR? If not that probably should be
fixed, in
On 13/10/10 13:27, Alexander Clouter wrote:
Phil Mayersp.may...@imperial.ac.uk wrote:
Anyway, as always - if it's failing, please post the full debug output i.e.:
radiusd -X | tee log
...I am pretty sure that is meant to be:
radiusd -X 21 | tee log
I thought freeradius printed to STDERR?
Dears,
I am using freeradius with wichorus ASN-GW (WiMAX), I have problem with
Calling-Station-Id value
The ASN-GW sent Calling-Station-Id in binary format like
this \000\031\001\000K
I checked the debug radius -X result and I found the AAA got
the correct value
Hi Alan,
Thanks for the help! This works well and lessens the confusion on my
part.
I do have one question. When using ldap as the authorization module the
Auth-Type gets set properly to siteone_ldap. But if I try using
ntlm_auth then the Auth-Type is not set even though ntlm_auth returns
OK.
Hi,
I'm playing with freeradius acting as DHCP-server - which is a
magnificent idea!
Got a little problem getting it up and running. Already checked any
comments in sources, list archive, recent git patches related to dhcp
and my favourite search engine. Also used two different machines with
On 13/10/10 14:40, Harry Hoffman wrote:
Hi Alan,
Thanks for the help! This works well and lessens the confusion on my
part.
I do have one question. When using ldap as the authorization module the
Auth-Type gets set properly to siteone_ldap. But if I try using
That's a feature of the ldap
Hi Phil,
Thanks for the pointers. I was attempting to use ntlm_auth to ensure the
account actually existed for the authorization section. And then again
in the authentication section to ensure the user name and password
match.
Is there a better way to check for authorization against AD?
Cheers,
On 13/10/10 15:17, Harry Hoffman wrote:
Hi Phil,
Thanks for the pointers. I was attempting to use ntlm_auth to ensure the
account actually existed for the authorization section. And then again
in the authentication section to ensure the user name and password
match.
But that's not what you're
Moayad Mohammad wrote:
I am using freeradius with wichorus ASN-GW (WiMAX), I have problem with
Calling-Station-Id value
The ASN-GW sent Calling-Station-Id in binary format like
this \000\031\001\000K
Horrible WiMAX specs...
What’s the problem? And how can
IIRC there were problems binding the server to IP addresses. Try just
binding to an interface or being promiscuous.
On 13/10/2010, Zietz, Marco marco.zi...@pfalzkom-manet.de wrote:
Hi,
I'm playing with freeradius acting as DHCP-server - which is a
magnificent idea!
Got a little problem
Hi,
I'm playing with freeradius acting as DHCP-server - which is a
magnificent idea!
Got a little problem getting it up and running. Already checked any
comments in sources, list archive, recent git patches related to dhcp
and my favourite search engine. Also used two different
Using freeradius 2.1.8, I have a sonicwall firewall that
authenticates VPN users against the freeradius server. The VPN
clients are the native MSFT VPN client.
When the client is configured for L2TP, MS-CHAP, the client connects.
When the client is configured for L2TP MSChapv2, the client
freerad...@corwyn.net wrote:
Using freeradius 2.1.8, I have a sonicwall firewall that authenticates
VPN users against the freeradius server. The VPN clients are the native
MSFT VPN client.
When the client is configured for L2TP, MS-CHAP, the client connects.
When the client is
At 03:43 PM 10/13/2010, Alan DeKok wrote:
Wed Oct 13 14:50:57 2010 : Debug: Exec-Program output: NT_KEY:
DDE9BB9EA12ED17BE5F358CB53EE6A8F
Change the version of Samba that you're using. 3.5.5 contains a fix
which addresses this issue.
Thanks Alan. That server is running
Hi Alan,
Got it working now , Thank You
On Tue, Oct 12, 2010 at 5:39 PM, Bhanu Vegesna bhanu.vege...@gmail.comwrote:
HI Alan,
Thank you for you reply , i have user ctc and clartext passowrd mentioned
in user files.I have the complete log at office i will send you once i reach
office
23 matches
Mail list logo
