Hi All,
I am using Freeradius 2.1.0
PEAP/TTLS is working fine and I am facing problem in TLS
authentication. I am able to generate certificate but while connecting it
throws Authentication error.
Please let me know how to debug it.
rad_recv: Access-Request packet from host
senthil kumar wrote:
I am using Freeradius 2.1.0
PEAP/TTLS is working fine and I am facing problem in TLS
authentication. I am able to generate certificate but while connecting
it throws Authentication error.
Please let me know how to debug it.
*Read* the debug log.
James J J Hooper wrote:
It works on Mac OS and iOS, but I havn't been able to get it to work
as expected on XP or Win7:
* Win7 does as it did before
That's not all bad.
* XP: The [builtin] supplicant gets stuck at the 'tryng to authenticate'
message.
That's not good.
Could you
On 04/08/2011 08:26 AM, Alan DeKok wrote:
James J J Hooper wrote:
It works on Mac OS and iOS, but I havn't been able to get it to work
as expected on XP or Win7:
* Win7 does as it did before
That's not all bad.
* XP: The [builtin] supplicant gets stuck at the 'tryng to authenticate'
On 04/07/2011 10:06 PM, joezamosc wrote:
2.1.10
Here's a snippet of freeradius -X...
+- entering group post-auth {...}
[ldap] Entering ldap_groupcmp()
[files] expand: ou=Departments,dc=corp,dc=development,dc=com -
ou=Departments,dc=corp,dc=development,dc=com
[files] expand:
Phil Mayers wrote:
+1 - In my experience it's necessary to cater for windows' weirdness
*first*. Most other clients have sane behaviours. I'm concerned about
the we didn't do much windows testing line...
Yup.
I've just pushed some changes to the git v2.1.x branch. See:
joezamosc joezam...@yahoo.com wrote:
The 10th line from the bottom of the snippet returns with the following...
rlm_ldap::ldap_groupcmp: ldap_get_values() failed
I'm waiting for a subsequent [ldap] performing search in my DN and to
match with filter (cn=WANN)
But it's not happening.
Hi Alan,
Earlier I have faced the same problem and after changing Make file it
was working fine.
Now certificate got expired and I tried to generate new certificate.
Problem is I am not able to connect with the new certificate.
So please let me know how to solve this problem.
Olivier Bilodeau wrote:
As suggested, I created a Wiki page: http://wiki.freeradius.org/NAS-Port
I added what we have so far. I'll try to remember to maintain it.
Thanks.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
config.log:configure:3082: WARNING: FAILURE: rlm_sql_unixodbc requires:
sql.h.
- Original Message -
From: Fajar A. Nugraha l...@fajar.net
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Thursday, April 07, 2011 07:30 PM
Subject: Re: rlm_sql_unixodbc ?
All,
We're seeing very occasional segfaults in the detail listener. I've
managed to catch one under gdb, and the backtrace shows it dying at
detail.c:601:
if (feof(data-fp)) goto cleanup;
...because data-fp == NULL
I can't follow the control flow to see why this might happen, but I did
Olivier Bilodeau obilod...@inverse.ca wrote:
If there's nothing yet, maybe they can create a wiki page for it? I'd be
willing to edit the entries, either on the wiki if I can get an account,
or offline and batch up the responses into wiki markup.
As suggested, I created a Wiki page:
Jim Rice wrote:
config.log:configure:3082: WARNING: FAILURE: rlm_sql_unixodbc requires:
sql.h.
Install the unixodbc software, library, and header files.
Ask the unixodbc people how to do this.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Phil Mayers wrote:
We're seeing very occasional segfaults in the detail listener. I've
managed to catch one under gdb, and the backtrace shows it dying at
detail.c:601:
if (feof(data-fp)) goto cleanup;
...because data-fp == NULL
I can't follow the control flow to see why this might
hi alan,
tnank you for reply.i google/found how to configure pc according to ch.4:
http://h17007.www1.hp.com/docs/interoperability/Microsoft/4AA2-1531EEE.pdf
on pc i have pop-up window which asks for credentials (username and pwd) and
for pc i have defined following entry (deleted old one
igrubnic wrote:
but when i enter that username/pwd on pc again same debug output obtained:
Ready to process requests.
rad_recv: Access-Request packet from host 10.223.0.131 port 65534, id=16,
length=132
NAS-IP-Address = 100.1.1.1
NAS-Port-Id = 1.2
Framed-MTU = 1024
A couple of comments on how clients behave:
o It was my impression based on comments from our support area that the
unpatched code (which does not follow the rfc) serving a windows client
presented the user with a dialogue box on failure. I have not tested this. I
assumed that if windows
-enabled/default
+- entering group accounting {...}
[detail]expand:
/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d -
/var/log/radius/radacct/10.73.93.151/detail-20110408
[detail] /var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands
to /var/log/radius/radacct
I install freeradius in the server its ip is 192.168.1.1.
In the server I have already do the radtest ,and the result is OK
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=11, length=20
I want to add a test authenticator host client. So I add something at
the end of my
Hi,
Is there a way to restrict an LDAP user to be authorized only from an
specific NAS (Access Point)?
I'm using FreeRADIUS Version 2.1.1
Thanks in advance!
--
--
Sergio Belkin http://www.sergiobelkin.com
Watch More TV http://sebelk.blogspot.com
LPIC-2 Certified - http://www.lpi.org
-
List
you are probably looking to check for the calling-station-id
attribute... im not sure how to do with ldap.
On Fri, Apr 8, 2011 at 7:11 AM, Sergio Belkin seb...@gmail.com wrote:
Hi,
Is there a way to restrict an LDAP user to be authorized only from an
specific NAS (Access Point)?
I'm using
There was also an issue with the authorized_macs module returning noop
instead of notfound. Not sure if this is just something weird on my end,
but changing the if statement seems to make it work.
-Joren
On Thu, Apr 7, 2011 at 1:25 AM, Phil Mayers p.may...@imperial.ac.uk wrote:
On 04/06/2011
Well spotted, this was accounted for correctly in the original example, after
someone else on the listed pointed out that files returned not found. I guess
the author of the new examples didn't actually check what return code the
files module returns when an entry isn't found.
I've updated
On 08/04/11 16:39, Arran Cudbard-Bell wrote:
Well spotted, this was accounted for correctly in the original example,
after someone else on the listed pointed out that files returned not
found. I guess the author of the new examples didn't actually check what
return code the files module returns
Phil - i changed according to your suggestion. Still getting the
rlm_ldap::ldap_groupcmp: ldap_get_values() failed error.
Alexander - you have a point - WANN is under OU - I've made an adjustment in
modules/ldap and changed groupname_attribute to ou groupname_attribute =
ou
But after running it
Hello,
We're using freeradius 2.1.6 as a proxy server.
It receives authentication/accounting from Wimax NAS/ASN Gateway,
(EAP/TTLS), send it to inner tunnel, and then proxy to customer home
server.
The server where it is located has two IP interfaces and even worse on
one of the interface
On my client's wifi network, we are authenticating staff users via
FreeRADIUS against the corporate LDAP database.
I've created a new SSID/WLAN with an IP pool that I've restricted through
router ACLs that we want to deploy for temporary guest users. I can set
up a new FreeRADIUS server (I've
Found it. I was missing unixODBC-devel
Thanks!
- Original Message -
From: Alan DeKok al...@deployingradius.com
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Friday, April 08, 2011 04:02 AM
Subject: Re: rlm_sql_unixodbc ?
Jim Rice wrote:
Hi,
On my client's wifi network, we are authenticating staff users via
FreeRADIUS against the corporate LDAP database.
I've created a new SSID/WLAN with an IP pool that I've restricted through
router ACLs that we want to deploy for temporary guest users. I can set
up a new FreeRADIUS
On Apr 8, 2011, at 1:13 PM, Alan Buxey wrote:
Hi,
On my client's wifi network, we are authenticating staff users via
FreeRADIUS against the corporate LDAP database.
I've created a new SSID/WLAN with an IP pool that I've restricted through
router ACLs that we want to deploy for temporary
30 matches
Mail list logo
