On Sat, Jan 28, 2012 at 3:03 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote:
What??
You dont need that kind of hardware for job, sure. Throwing that kind of
horsepower might fix the speed but this is a DBA question.
Look at your mysql configuration and see how it can be adjusted (my.cnf)
look
On Sun, Jan 29, 2012 at 11:36 AM, Alan DeKok al...@deployingradius.comwrote:
YvesDM wrote:
Just wondering, do you see performance increase using postgres instead
of mysql?
Yes.
MySQL can be higher performance than older versions of PostGreSQL, if
you don't do database writes. Newer
On Tue, Jan 3, 2012 at 4:44 PM, John Corps env...@gmail.com wrote:
Hello All,
I have 4 servers setup exactly the same at 4 different locations. Each
server is using the exact same configs and is working perfectly well
doing what I want it to do. The only issue I have is at the 1
location, I
On Mon, Dec 26, 2011 at 4:31 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote:
Fairly easy to do, especially with a recent version (ie 2.x) of freeradius
alan
Correct.
Or simply forget about pfsense and use Mikrotik as NAS which has hotspot
trial time included as a default option.
kr,
Yves
-
On Fri, Oct 21, 2011 at 9:07 PM, Alan DeKok al...@deployingradius.comwrote:
I need to assign quota to squid users based on the weekly/hourly
basis. I need users radius server to return packet reject when time is
expired. is it possible in radius?
Yes. See the counter module, or the
That's also the way we do it.
On Sat, Oct 8, 2011 at 7:48 PM, Michael Hartwick hartw...@hartwick.comwrote:
It may not be pretty, but why not just sent all 3 sets of VSA’s. If the NAS
doesn’t recognize it won’t it just ignore the attribute?
-
List info/subscribe/unsubscribe? See
Hi,
I try to configure dynamic clients on FR2.1.8.
I use as good as default configuration in my testing.
Somehow it always looks at FreeRADIUS-Client-Virtual-Server = something
even the dynamic_client_server is defined in client dynamic.
As I understand it right, it shouldn't look at that
On Mon, Jun 6, 2011 at 1:24 PM, Hanno Schupp hanno.sch...@gmail.com wrote:
Thank you for this reply.
I thought the limitation might come from the wrapping around 4.3 GB due to
the limitations of a 32bit system with 2147483648 being the highest signed
and 4294967296 being the highest unsigned
On Sun, Jun 5, 2011 at 1:22 AM, Hanno Schupp hanno.sch...@gmail.com wrote:
Dear All,
can I ask for some pointers please. in my FreeRADIUS Version 2.1.8, for
host x86_64-pc-linux-gnu (Ubuntu LTS 10.04) installation I have followed the
Gigabyte instructions on the FreeRADIUS wiki's FAQ
On Fri, May 6, 2011 at 5:01 PM, Meyer Jerome jerome.me...@iwbtelekom.chwrote:
Thanks for reply!
Meyer Jerome wrote:
# radiusd -v
What about radiusd -X, as suggested in the FAQ, README, man page,
web pages, and daily on this list?
Should the client start the radiusd daemon too?
On Fri, Apr 8, 2011 at 9:50 PM, u...@3.am wrote:
On my client's wifi network, we are authenticating staff users via
FreeRADIUS against the corporate LDAP database.
I've created a new SSID/WLAN with an IP pool that I've restricted through
router ACLs that we want to deploy for temporary guest
On Fri, Apr 1, 2011 at 10:40 AM, Alan DeKok al...@deployingradius.com wrote:
The latest version has rlm_expr, which is 64-bit clean. You can use
it to split the counters into 32-bit pieces.
Alan DeKok.
Tnx Alan, will check it out.
-
List info/subscribe/unsubscribe? See
Hi,
We 're about to upgrade our radius which is still running 1.1.7
We use monthly datalimits so we patched the sqlcounter in order to
make it reply max 4GB of left quota (to avoid wrapping), even if the
user still has 10GB quota left.
Of course this results in a logged out user when he reaches a
On Sat, Feb 5, 2011 at 7:16 AM, npayne npa...@g-host.co.za wrote:
I have installed freeradius with daloRadius. I have then created a group /
profile to cut off after using a certain amount of data. I have the
following problem. It does not cut the user off when the limit was reached
but it
On Wed, Nov 24, 2010 at 7:50 AM, mikal m...@atceast.com wrote:
What I'm trying to do is enable a non-technical person to create temporary,
guest like accounts using the dialup admin interface. The accounts will
be created as needed, they need to expire within a predetermined time
frame(s)
On Thu, Sep 9, 2010 at 8:01 PM, Sean Wingert se...@norris-stevens.com wrote:
Thanks to Alan and Stephen, I am closer to a solution. I realized the
scrambled password was due to hotspotlogin.php (I need to study Chillispot
more), so for now I commented out its uamsecret line, which -- although
On Tue, Jun 15, 2010 at 6:49 PM, David Peterson
dav...@wirelessconnections.net wrote:
I know there is probably something easy I am missing but I cannot for the
life of me get FR to compile with OpenSSL for EAP-TTLS support. Are there
any how-to’s on getting Ubuntu to compile OpenSSL support
On Sat, Mar 13, 2010 at 8:14 PM, Suman Dash sumand...@gmail.com wrote:
+- entering group PAP {...}
[pap] login attempt with password hello
[pap] Using CRYPT encryption.
[pap] Passwords don't match
++[pap] returns reject
I don't think you used a crypt password in your users file
-
List
On Sun, Mar 14, 2010 at 8:35 AM, Suman Dash sumand...@gmail.com wrote:
No, The Password is in Cleartext. How do i disable / Enable the CRYPT
password ?
On the first day google was born
http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg61708.html
kind regards
-
List
On Mon, Feb 15, 2010 at 8:47 AM, YvesDM ydm...@gmail.com wrote:
Hi,
Situation: All users can login to different nas types.
Problem: I need a different value for simult.-use check depending on
the nas a user logs on to.
Is there a way to do this? (using FR1.1.7 for now)
tnx.
Yves
Edited
Hi,
Situation: All users can login to different nas types.
Problem: I need a different value for simult.-use check depending on
the nas a user logs on to.
Is there a way to do this? (using FR1.1.7 for now)
tnx.
Yves
-
List info/subscribe/unsubscribe? See
On Mon, Nov 30, 2009 at 4:44 PM, Charles char...@goma.kivu-online.com wrote:
Thanks Allan,
I think you are right, I will ask in the monowall forum.
Just that the forum is not very active on Captive Portal issues.
Could you be kind to suggest a NAS that you know which can help me achieve
my
On Wed, Aug 5, 2009 at 1:13 PM, Alan Buxeya.l.m.bu...@lboro.ac.uk wrote:
Hi,
Hi,
Can anyone let me know if there is a free downloadable Tacacs server with
support for Ipv6
www.google.com
alan
Aren't you mistaking?
This looks like some kind of search engine, not a tacacs server? :-)
-
On Tue, Jul 14, 2009 at 6:02 AM, Ericbbah...@gmail.com wrote:
freeradius-1.1.3-1.4 !!
Is it the reason of problem ?
Yes, reply-name was only implemented in version 1.1.5 or 1.1.6
Upgrade to the latest version.
Kind regards
Yves
-
List info/subscribe/unsubscribe? See
Hi,
I'm having issues with octet accounting. Users are monthly limited in
octets, not in time.
The problem i have is when a user logs in on the last day of the month
and stays online for 3 days then there's 2days within the new month
but the accounting counts within the previous month, which we
On Fri, Dec 12, 2008 at 5:33 PM, Diogo Teixeira diogo@gmail.com wrote:
and i done everything i it still don't work.
You do have port 1813 open on your radius right?
Kind regards
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Fri, Nov 28, 2008 at 5:05 AM, Sebo PL
[EMAIL PROTECTED][EMAIL PROTECTED]
wrote:
I'm waiting for such NAS-ID exactly and hope it might be based on the
SSID of the AP.
Or it may be based on
Calling-Station-Id
I see the MAC address of the AP in this attribute attached to each
message
Very nice and understandable for everybody.
Keep up the good work, really looking forward to the book here ;-)
Kind regards,
Yves
On Sun, Jul 20, 2008 at 5:47 PM, Alan DeKok [EMAIL PROTECTED]
wrote:
I've added a few more HOWTO's for EAP, certificates, etc. on my web
page. See:
On Tue, Apr 29, 2008 at 12:09 PM, Ivan Kalik [EMAIL PROTECTED] wrote:
Literally? Or it is some sort of example? Eg i have to write:
Expiration := May 10 2008 21:00:00
Like that.
Ivan Kalik
Kalik Informatika ISP
Hmm interesting, I did not know you could add an hour too, tnx ;-)
On Sun, Feb 24, 2008 at 2:59 PM, Ivan Kalik [EMAIL PROTECTED] wrote:
'Idle-Timeout' timeout is an argument in Radius. Chillispot use this
radius argument.
Yes.
I think freeradius configuration can update automatically the
Acct-Session-Time argument if it see a user is IDLE.
What do you
On Jan 30, 2008 10:15 AM, Devinder Singh [EMAIL PROTECTED] wrote:
Hi Liran
This is my log file i cant find any errors for cannot connect to sql
database
Thanks
Devinder
080124 14:48:58 mysqld ended
080124 14:48:58 mysqld started
080124 14:48:58 InnoDB: Started; log sequence number
On Jan 30, 2008 10:41 AM, Devinder Singh [EMAIL PROTECTED] wrote:
Yes i can access mysql rom CLI
Did you try to create another mysql user account for dialupadmin and give
him the correct rights on the radius database?
-
List info/subscribe/unsubscribe? See
should let
us know how you ran it.
Regards,
Liran.
On Jan 1, 2008 4:06 PM, YvesDM [EMAIL PROTECTED] wrote:
Hi,
FR1.1.6 on debian.
I use the truncate_radacct script that comes with dialup admin to
delete older accounting records.
I got the $back_days set at 365 days in order
Hi,
FR1.1.6 on debian.
I use the truncate_radacct script that comes with dialup admin to delete
older accounting records.
I got the $back_days set at 365 days in order to keep the accounting data
for one year.
It 's been working fine untill this morning (1/1/08, 00:01) Instead of
deleting data
On Nov 22, 2007 7:51 AM, [EMAIL PROTECTED] wrote:
Attribute name is Expiration. It is a check item so it does go into
radcheck. I use is == as operator, but := should work as well. Format
that works for me is:
November 28 2007 20:26:43
Ivan Kalik
Kalik Informatika ISP
Any suggestions on
On 10/31/07, Doc. Caliban [EMAIL PROTECTED] wrote:
[EMAIL PROTECTED]
IPCop is actually pretty good for this as it uses one of it's
interfaces for wireless access based on granting each node specific
access by MAC, but it can be any network node, it doesn't have to be a
wireless device.
On 10/31/07, Doc. Caliban [EMAIL PROTECTED] wrote:
YvesDM wrote:
Alternativley you could install the copspot plugin on ipcop (
http://www.ban-solms.de/t/IPCop-copspot.html )
It implements chillispot and gives you a captive portal which can talk
to you radius for AAA.
Kind regards
On 10/31/07, Doc. Caliban [EMAIL PROTECTED] wrote:
YvesDM wrote:
Strange, according to the copspot link I've sent you it uses https. (on
non-standard port)
I never used ipcop myself though.
Kind regards
Yves
Oh, weird. It must be in the details somewhere. That's the page I'd
Hi,
FR + mysql authacct.
Sometimes I need to restrict users or groups to acces a certain NAS.
I use the nas-identifier attribute to recognize the nas
To accomplish this I just add an entry to radcheck or radgroupcheck like
this
NAS-identifier != nas-name
This works fine but, sometimes I use
On 10/17/07, Daann [EMAIL PROTECTED] wrote:
but I'd like to have some more detailed instructions on what to do.
Thanks in advance
Set this in the users file and accounting will get updated every 300 sec
# Sent Chillispot Interim Accounting interval in every reply packet
DEFAULT
On 9/7/07, YvesDM [EMAIL PROTECTED] wrote:
Hi,
I want a specific user (call him john) NOT to be able to login through a
specific nas.
So I thought, just add this to radcheck
INSERT INTO `radcheck` (`UserName`, `Attribute`, `op`, `Value`) VALUES
('john','NASIdentifier','!=','nas-id
Hi,
I want a specific user (call him john) NOT to be able to login through a
specific nas.
So I thought, just add this to radcheck
INSERT INTO `radcheck` (`UserName`, `Attribute`, `op`, `Value`) VALUES
('john','NASIdentifier','!=','nas-id')
(nas-id is the nasidentifier of the specific nas)
On 8/30/07, Svend Eriksen [EMAIL PROTECTED] wrote:
Hi,
We run freeradius 1.1.6 against postgresql 8.1.
With the current configuration the user can only login one time
simultaneously. What I want is that a user can login only one time per
NAS, but that the user can login on several NASes at
On 8/4/07, Fred Zinsli [EMAIL PROTECTED] wrote:
Hello everyone
I am very new to freeradius and security type environments and I am
feeling somewhat out of my depth at the moment.
My current situation is that I have a chillispot WIFI setup. A diagram
of the current network can be seen at
On 8/2/07, Marwan Sultan [EMAIL PROTECTED] wrote:
Hello All,
Im on freeradius Latest, and FreeBSD, ChilliSpot.
When an account of my users expires, and he tries to log in again,
the HotSpotlogin script will reply with a message says Password Has
Expired
How would I change this to Account
On 7/30/07, Roberto Greiner [EMAIL PROTECTED] wrote:
YvesDM wrote:
Hi Robert,
As for m0n0wall (and I guess pfsense too), you can also use the
diable concurrent logins option in the CP setup.
This way there will never be simultaneous use from the same nas.
Kind Regards,
Yves
On 7/27/07, Roberto Greiner [EMAIL PROTECTED] wrote:
Hi,
I was starting to look at checkrad, and found (based on
http://www.freeradius.org/radiusd/doc/Simultaneous-Use) that using
other as the NAS-type will actually check only radutmp instead of
looking at the actual NAS. Now, Could someone
On 5/8/07, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
Hi!
YvesDM wrote:
How i can use nas identifier attribute?? client.conf needs an ip
however ?? i'm very confused.
In clients.conf use 0.0.0.0/0 and make sure your
shared secret is long and strong.
A small note if you really
On 5/4/07, AS Alex [EMAIL PROTECTED] wrote:
Yes i have enabled hostname_lookups but nothing.
Hostname lookups are only done at FR startup, so as soon as the ip changes
you have a problem :-)
Use the Nas identifier attribute.
Kind regards,
Yves
-
List info/subscribe/unsubscribe? See
On 3/11/07, adreas Polyxronopoulos [EMAIL PROTECTED] wrote:
Hi list,
I have tried ubuntu 6.10 desktop with freeradius1.1.3 source and
everything work perfect. Now i have installed on another PC ubuntu 6.06server
LAMP and i am in the moment where the freeradius should be installed.
I can
On 2/25/07, Tas Dionisakos [EMAIL PROTECTED] wrote:
Just vim /etc/freeradius/dictionary
and include the following line
$INCLUDE/usr/share/freeradius/dictionary.chillispot
Oh, and move the chillispot.dictionary file into the
/usr/share/freeradius directory just to keep things neat!
On 2/24/07, PD [EMAIL PROTECTED] wrote:
Simple questions...
how and where to get sql counter module ?
I try to googling for hours but still can not find it.
TIA
PD
You should compile FR with experimental modules
You have to create the module yourself
Read rlm_sqlcounter in the doc/
On 2/24/07, Graham Beneke [EMAIL PROTECTED] wrote:
In the current version of FR (1.1.4) the sqlcounter module is no longer
experimental - comes as in the default collection of modules.
There is also a wiki article on using sqlcounter:
http://wiki.freeradius.org/Rlm_sqlcounter
Its not
On 2/24/07, Graham Beneke [EMAIL PROTECTED] wrote:
YvesDM wrote:
rlm_sqlcounter: No such attribute ChilliSpot-Max-Total-Octets
obelix:/etc/freeradius#
Strange...
But I'm not in a rush, I'll find out what's wrong :-)
Looks like a dictionary problem to me - Chillispot's dictionary
On 2/24/07, Graham Beneke [EMAIL PROTECTED] wrote:
Looks like a dictionary problem to me - Chillispot's dictionary is not
yet part of FR you have to add it manually.
Maybe someone with a little spare time can throw together the Chillispot
dictionary as a patch ;-)
Graham Beneke
Yeah, that
On 1/29/07, satish patel [EMAIL PROTECTED] wrote:
Install mysql again
Did you compile FR yourself?
Did you install the mysql-dev files?
Kind regards,
Yves
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 11/12/06, James Wakefield [EMAIL PROTECTED] wrote:
- if my wifi router is not able to be configured for accounting my network is not able to do accounting because station(s) cannot contact 1813.That's correct - at least, you won't be able to do RADIUS accounting
with your wifi router.Depending
I try to get chillispot to work with freeradius.I can't authenticate. Log files show me this entry:Fri Oct 13 14:38:28 2006 : Error: Received packet from 192.168.2.165 with invalid Message-Authenticator! (Shared secret is incorrect.) Dropping packet without response.
radius2:/var/log/freeradius#
is in the Client or
the Server config... or just a misconfiguration between the two!
Kind regards,Paul.On 10/13/06, K. Hoercher
[EMAIL PROTECTED] wrote:
Hi,On 10/13/06, YvesDM [EMAIL PROTECTED] wrote: Looks pretty obvious, though, I'm sure the shared secret is correct in my
clients.conf
configure: error: no acceptable C compiler found in $PATH
See `config.log' for more details
Read the output.
You have no c compiler. Install gcc
Sincerely
Yves
On 10/1/06, Abel Monzon [EMAIL PROTECTED] wrote:
Hi list, I have trying install Freeradius on Debian Sytem, but when I try
whit
I use FR + mysqlI try to clean some stale sessions from NAS's with dynamic ip's.I 'm logged in on the server and use radzap this way:radius1:~# radzapUsage: radzap [options] server[:port] secretSo i try:
radius1:~# radzap -u john localhost:1812 mysecretBut this doesn't seem to be the right way?tnx
On 8/16/06, Nicolas Baradakis [EMAIL PROTECTED] wrote:
YvesDM wrote: Created my own debs of freeradius 1.0.5Please upgrade to 1.1.2.I know, but the radius I'm running now (FR 1.0.5, SQL authentication, timevolume accounting) was originally setup by somebody else.
It's working fine, but I wanted
On 8/16/06, Alan DeKok [EMAIL PROTECTED] wrote:
YvesDM [EMAIL PROTECTED] wrote: Missing modules are for example downloadlimit When i take a look at radiusd.conf from the existing server, it's in the Authorize section right above the authentication section.
snippet: It's a module created
On 8/16/06, Alan DeKok [EMAIL PROTECTED] wrote:
YvesDM [EMAIL PROTECTED] wrote: I don't get it? What should i read?The original radiusd.conf. That snippet in my prior mail came from radiusd.conf
from the existing (active) serverYes, go read that again.It's defining those extra
On 8/12/06, Francois-Xavier GAILLARD [EMAIL PROTECTED] wrote:
Le Sat, Aug 12, 2006 at 01:55:20AM +0100, Stephen Gran ecrivait: apt-get build-dep freeradius is so much easier :) But I'm being a pedant, I think.No, you're being right :)
Thank you both Stephenfox for this explanation!I 'll try it
hi,Created my own debs of freeradius 1.0.5Everything works, but when i try to use mysql i get a segmentation fault running radiusd -X Could my freeradius-mysql.deb be corrupt? I got no errors creating it.
I used the rules file in the debian dir of the tar.gz, but added --with-experimental modules
On 8/11/06, Stefan Winter [EMAIL PROTECTED] wrote:
Can someone point me to the right direction?There's a configure switch that allows you to specify the configurationdirectory.StefanIndeed, I just noticed. I posted a little to fast, sorry.
Many tnxYves
-
List info/subscribe/unsubscribe? See
On 8/11/06, Stephen Gran [EMAIL PROTECTED] wrote:
Take a look at the file debian/rules in the tarball.It is the Makefilefor building debian packages from the tarball.Several options arepassed to ./configure to make it install various directories in their
various places.That should give you a
On 8/11/06, Alan DeKok [EMAIL PROTECTED] wrote:
YvesDM [EMAIL PROTECTED] wrote: When I install using apt-get (installs 1.0.2 currently), I get freeradius installed in /etc/freeradius. When I install the same version using the
tar.gz it gets installed in /usr/local/etc/raddb/If you're building
On 5/12/06, Jeremy ohara [EMAIL PROTECTED]
wrote:
Hi there
i been able to get the radius to working. but the problem i'm
having is. when i try to do a test login it keeps being rejected. i've setup
groups, etc and using dialupadmin for administration. i've attached the
radiusd.conf and
On 4/13/06, Guy Fraser [EMAIL PROTECTED] wrote:
You will also need to use Auth-Type := Crypt-LocalThis has been discussed, an enormous number of times.Please feel free to use Google to search for answers.-List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.htmlI really did
Hi,Using the latest freeradiusdialupadmin on debian.I did find the option to set time limits (day,week,month), but i 'd like to know how i can set volume limits. (MiB's up/down transfered) The up-/down transferred MiB's are sent by the NAS and stored into the db.
I can see all users sessions
Hi,I'm getting desperate here.I've been trying for a week now to make freeradius work with mysql.Can someone please help me out here?Tnx!some info:debiancompiled freeradius 1.1.1
with mysqlRadius is working fine, i get an Acces-accept packet when i radtest a user from the users
On 4/12/06, Alan DeKok [EMAIL PROTECTED] wrote:
YvesDM [EMAIL PROTECTED] wrote: mysql select * from radcheck; ++--+---+++ | id | UserName | Attribute | op | Value
On 4/12/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Hi,ummm. I'm not too certain here but wasnt the password you defined in the
mySQL database for john $1$bkW9WNor$tq5sRRiUcwOV4/fwk3CYM/if this is a crypted password then surely the attribute is Crypt-Passwordrather than User-Password?alan-List
On 4/12/06, [EMAIL PROTECTED] [EMAIL PROTECTED]
wrote:Hi, modcall: leaving group authorize (returns ok) for request 0
rad_check_password:Found Auth-Type System auth: type Systemtry removing the default System authentication method from yourusers file.alanWorking now!
i changed system to radius
76 matches
Mail list logo