On 12/26/2011 03:53 AM, backghost wrote:
i have installed this configuration:
CentOS 5.1; freeradius 1.1.3;
You should install a more current version of freeradius on CentOS 5.
It's available under the freeradius2 package names (because it's version
2.x) on RHEL5. All other RHEL
Hi,
I am using FREERADIUS v.2.1.12
I am getting the following attributes in Access Request from Radius Client:
ATTRIBUTE User-Name 1 string
ATTRIBUTE User-Password 2 string
ATTRIBUTE NAS-IP
Hi all,
I'm testing accounting on a freeradius (version 2.1.11). The nas
appliances are Cisco Wireless APs, and I've configured PEAP/MSCHAPv2
authentication (using a openldap backend, where the freeradius server
verify username and passwords).
Anyway, all works, so authentication succeds
Pietro Accerboni wrote:
The problem arises from the tunneled nature of PEAP. Accounting works, i
guess, only on the esternal attribute User-Name, so all users that
(correctly) configure outer identity with a generic 'anonymous' is
logged in the accounting session with the same, useless,
I have a certificate called AddTrustExternalCARoot.crt that I would like
to have FreeRadius start using. I know I need to change the eap.conf to
look at the new cert however I was noticing that when the test
certificates are created there is both a server.crt and server.pem. Is
there a
Yup, there's a difference. You'll want to put the cert chain in the pem file
so that it's available for clients when you present your cert for the first
time. Just put the cert all by itself in the crt file.
I'm about to go swap them out on our systems, so I'll review to see if there
was
I notice that the existing server.pem file contains the locality and
organization name and so forth along with a local key id before it lists
the cert chain. Is there something I need to do to generate this?
Joseph R. McSparin
Network Administrator
Hill Country Memorial Hospital
830 990 6638
The extra info outside of the 'BEGIN CERTIFICATE' and 'END CERTIFICATE' lines
is just extra, informative stuff you can get openssl to generate for you when
you put together your file.
On further reflection, I believe I was mistaken. Looks like we stuff all the
useful-to-freeradius certs in
Anyone know if this is possible. I have found information on MAC Based
Authentication but nothing on GUID.
Joseph R. McSparin
Network Administrator
Hill Country Memorial Hospital
830 990 6638 phone
830 990 6623 fax
jmcspa...@hillcountrymemorial.org
--
This email message and any attachments
I currently have FreeRadius setup to authenticate agains Active
Directory and it works great. I was wondering though for everyone out
there using it if you had any reccomendations for this scenario:
I have users that will connect wirelessly using their NT domain username
and password on the
I have tried for a few weeks now to get this working. I have a mac os
machine running with 10.6 installed and updated. I had a linux friend help
me with the dependancies/compiling and we were able to compile with no
errors. The problem came in attempting to start the server. It appears to
hang
On Wed, Dec 28, 2011 at 8:43 AM, maldridge aldridge@gmail.com wrote:
I have tried for a few weeks now to get this working. I have a mac os
machine running with 10.6 installed and updated. I had a linux friend help
me with the dependancies/compiling and we were able to compile with no
odd, I apparently pasted, but did not attach the output of the debug...
After sudoing it once, I haven't got any of the weird permission errors
since, here is the output below. My linux friend looked at this server and
said that he had no idea what was wrong with it, that's how I wound up here.
On Wed, Dec 28, 2011 at 9:58 AM, maldridge aldridge@gmail.com wrote:
Failed binding to /opt/local/var/run/radiusd/radiusd.sock: No such file or
directory
Does /opt/local/var/run/radiusd/ exists? If not, you need to create it manually
Is /opt/local/var/run/radiusd/ writable by the normal
your were right, the directory didn't exist.
It now loads correctly, I just have to get the server configured now
in case anyone else has this problem, you have to have it writeable to the
system user 'everyone' and the user that you are logged into the terminal as.
-
List
Automate an export of the list of WiFi MAC addresses of your managed computers
from the DC. Then in post-auth, query that list (we use an SQL database) and
use the result to alter the tunnel-group-ID sent back in the outer reply.
Users can spoof their MAC addresses, of course, but as long as
I set up the server with gracious help from the community, and now it
starts without errors. The problem comes in trying to get the test user to
work. The server simply replies with Access-Reject and awaits the next
user.
Here is the dump from radtest:
DeepBlue:~ michaelaldridge$ radtest
On Wed, Dec 28, 2011 at 11:45 AM, Michael Aldridge
aldridge@gmail.com wrote:
I set up the server with gracious help from the community, and now it starts
without errors. The problem comes in trying to get the test user to work.
The server simply replies with Access-Reject and awaits the
As requested:
DeepBlue:raddb michaelaldridge$ radiusd -X
FreeRADIUS Version 2.1.9, for host i386-apple-darwin10.8.0, built on Dec 9
2011 at 18:58:07
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
On Wed, Dec 28, 2011 at 11:55 AM, Michael Aldridge
aldridge@gmail.com wrote:
DeepBlue:raddb michaelaldridge$ radiusd -X
FreeRADIUS Version 2.1.9, for host i386-apple-darwin10.8.0, built on Dec 9
including configuration file /opt/local/etc/raddb/radiusd.conf
so your configuration files
I feel stupid now, I was editing the wrong users file...
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
21 matches
Mail list logo