Hi,
[pap] WARNING! No known good password found for the user. Authentication
may fail because of this.
++[pap] returns noop
# Begin output of goofy processing
++? if (!control:Auth-Type)
? Evaluating !(control:Auth-Type) - FALSE
++? if (!control:Auth-Type) - FALSE
cd /etc/raddb
Hi,I am just trying to get dynamic clients to work, but I get nothing but :Tue Mar 8 12:22:22 2011 : Info: Ready to process requests.rad_recv: Access-Request packet from host 213.158.yyy.zzz port 1027, id=5, length=229Tue Mar 8 12:22:25 2011 : Debug: server dynamic_client_server {Tue Mar 8
On 08/03/11 11:36, Jan Strauch wrote:
All DB queries return the correct value, when entered in the mysql console.
Where does IP address 0.0.0.0 come from ?
You need to set:
FreeRADIUS-Client-IP-Address = %{something}
...as per the default examples. Are you?
-
List
On 7 Mar 2011, at 22:14, Alexander Clouter wrote:
Guy g...@britewhite.net wrote:
I now have FreeRadius granting access and using LDAP for username and
password information.
My next challenge, using the same Radius and LDAP server I would like
to grant different users access via
Hi List,
I've successfully setup the following scenario:
- Windows CA (Root-CA and Sub-CA)
- Cisco WLAN Controller + APs
- Windows 7 Domain Clients (+ Computer Certificates)
- EAP-TLS Auth with certificates
I created a small script to fetch the CRL from the CA and have it
converted to PEM
On 08/03/11 13:01, Rudolph Bott wrote:
Tue Mar 8 13:09:48 2011 : Error: -- verify error:num=36:unhandled
critical CRL extension
This comes out of OpenSSL. OpenSSL can't parse your CRL.
You may need a newer version of OpenSSL; what does:
openssl crl -text -noout -in thefile.pem -inform pem
Hi Phil,
openssl is able to read the crl, output als follows (I changed the
URL/LDAP information):
Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: /DC=tld/DC=domain/CN=test
Last Update: Mar 5 14:08:35
Good idea, but no help. It only returned default, which is one of the first
files I checked, double-checked, replicated, etc.
I'm wondering if I zip my raddb dir if you (or someone) would be willing to
test it on your system and see if you get similar results? It's not a huge
deal anymore
Is it possible to use the linelog to provide a debug light for rlm_eap
and submodules? What I'm looking for is some way to tell why an
authentication has failed for a given login attempt, without resorting to
full debugging. If it is possible, example configuration is most welcome.
Thanks!
--
On Tue, Mar 08, 2011 at 04:44:53PM +0100, Kolbj??rn Barmen wrote:
Is it possible to use the linelog to provide a debug light for rlm_eap
and submodules? What I'm looking for is some way to tell why an
authentication has failed for a given login attempt, without resorting to
full debugging.
Hello Alan/Hello List,
on Nov 19, 2010 you wrote:
Alex Bergmann wrote:
Back in 2004 I've finished my diploma thesis covering OCSP integration
in the EAP/TLS module of freeRADIUS. Unfortunately I never posted the
patch. To get this burden off me, I've dug through the code again, did
some final
Hi,
Good idea, but no help. It only returned default, which is one of the
first files I checked, double-checked, replicated, etc.
if it says default, then that code is in 'default' - look in that file to find
where it is
Thanks for the help so far. I'll keep at it until I resolve it or
Rudolph Bott wrote:
Do you already have an estimated release date (besides when it's done)
for 2.1.11? I would love to test out that feature!
See http://git.freeradius.org, v2.1.x branch. You can test it now.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
On 03/08/2011 03:58 PM, Kenneth Marshall wrote:
On Tue, Mar 08, 2011 at 04:44:53PM +0100, Kolbj??rn Barmen wrote:
Is it possible to use the linelog to provide a debug light for rlm_eap
and submodules? What I'm looking for is some way to tell why an
authentication has failed for a given login
Hi Alan,
On 08.03.2011 18:13, Alan DeKok wrote:
Rudolph Bott wrote:
Do you already have an estimated release date (besides when it's done)
for 2.1.11? I would love to test out that feature!
See http://git.freeradius.org, v2.1.x branch. You can test it now.
Thanks - I will try it out
Any idea of the time frame?
Should I spend my time looking at the code and proposing a patch?
johnh...
From: freeradius-users-bounces+john.hayward=wheaton@lists.freeradius.org
[freeradius-users-bounces+john.hayward=wheaton@lists.freeradius.org] on
Hi List,
I've got a problem which I now know isn't FreeRADIUS misbehaving but
seems to be some CHAP-related issue, but I can't see what. With
advanced apologies for being somewhat off-topic, I'm wondering if anyone
has any ideas?
I've been building a test PPPoE server on Linux, specifically
Hey all,
So the host-based auth stuff is working well now, but we've discovered another
problem.
We have four FR 2.1.7 servers running on RHEL 5 (fully patched). Every now and
then, for no apparent reason, radiusd just stops. It exits with Exiting
normally. to syslog. They don't all exit
One of my virtual servers uses LDAP auth. However, it isn't clear to me if
modules/ldap can be configured with a secondary LDAP server, should the primary
fail to respond. The group that provides the LDAP server can't set up multiple
servers behind a load balancer due to cert issues, so I'm
Gdb
From: McNutt, Justin M. [mailto:mcnu...@missouri.edu]
Sent: Tuesday, March 08, 2011 04:59 PM
To: freeradius-users@lists.freeradius.org
freeradius-users@lists.freeradius.org
Subject: FR 2.1.7 Exits for no reason
Hey all,
So the host-based auth stuff is working well now, but we've discovered
I'm pretty sure this is discussed, examples, etc in the doc: online and in FR
conf files. Sorry I don't have exact location handy, but I'm sure its there.
From: McNutt, Justin M. [mailto:mcnu...@missouri.edu]
Sent: Tuesday, March 08, 2011 05:02 PM
To: freeradius-users@lists.freeradius.org
You must realize that gdb by itself is an answer that is of very little use.
While I am aware that gdb is the GNU Debugger, you have no way of knowing that
I do, and you gave no other context or other information that would help me use
gdb to gather anything.
So let me be more clear:
What
You seem fairly intelligent (and a Ninja) so I figured you'd be familiar with
gdb and just needed a nudge that direction.
Gdb will have a lot of good info at abend time: what each thread was executing,
stack info, etc. It may give you a clue or more importantly Alen.
If you google gdb mini
It's not anywhere in the config files, but I did find where RedHat hid the
doc/* files. There's a /usr/share/doc/freeradius-2.1.7/configurable_failover
that looks like what I need. Goes into some decent detail, too.
--J
From:
On 2011/03/09 01:05 AM, Gary Gatten wrote:
We have four FR 2.1.7 servers running on RHEL 5 (fully patched). Every now
and then, for no apparent reason, radiusd just stops. It exits with Exiting
normally. to syslog. They don't all exit at the same time. Since there are
Hi,
I had the same
Rudolph Bott wrote:
But let me rephrase my initial question: Would you consider this feature
stable?
Try it and see. This isn't commercial software with dozens of people
in the QA department. *You* are the QA department.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
John Hayward wrote:
Any idea of the time frame?
A long time.
Should I spend my time looking at the code and proposing a patch?
Sure.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Paul Thornton wrote:
I've got a problem which I now know isn't FreeRADIUS misbehaving but
seems to be some CHAP-related issue, but I can't see what. With
advanced apologies for being somewhat off-topic, I'm wondering if anyone
has any ideas?
It isn't a CHAP issue. Read the debug output.
28 matches
Mail list logo