Hi Guys, we are trying to get Free Radius to authenticate our users who
connect through a Cisco Small Business POE switch.
When testing authentication with a shutdown / no shutdown command on
port fa/17 which has an IP phone connected to it we receive the
following errors:
FREE
Hi,
I want to authenticate asterisk peer using freeradius I am using asterisk
12.0.0 and Freeradius 2.2.1. I have configured freeradius correctly as I am
able to authenticate user saved in users file from the terminal by using
radclient command from the terminal. but when I try to register peer
On 23 Sep 2013, at 11:27, Husnain Taseer husnain.tas...@gmail.com wrote:
Even I don't get any request from asterisk server in radius logs.
You're looking at the wrong layer for the problem.
Fire up tcpdump. Do you see any radius traffic leaving the asterisk box? Does
it reach the RADIUS
Hi All,
I really do try to read the forums in full before I post, but I have seen much
out there on this, but just cant find out why this is happening.
Please see below.
The only think I dont have is sim_files entry in the sites-enabled/default, as
I assume this is now covered in the radiusd.conf
On 23 Sep 2013, at 12:32, ken.farrington ken.farring...@802.co.uk wrote:
Hi All,
I really do try to read the forums in full before I post, but I have seen
much out there on this, but just cant find out why this is happening.
Please see below.
The only think I dont have is sim_files
In tcpdump asterisk not sending request to the freeradius can u tell after
configuring freeradius what configurations are needed to be done in
asterisk.
Regards,
Husnain Taseer
On Mon, Sep 23, 2013 at 4:11 PM, Adam Bishop adam.bis...@ja.net wrote:
On 23 Sep 2013, at 11:27, Husnain Taseer
Hi Arran,
Im not sure if I have interpreted this right. Are you agreeing with my
statement, that it is not needed or are you saying it is needed? I seem to
recall I get an error when I put the sime_files in the default file.
Many thx indeed for the lightning fast response mate :)
Ken
On 23
Dear,
I wonder if the Freeradius to authenticate a client by IP number, without
using login and password, only the IP. If possible, how to do?
thank you
---
Marcelo
-
List info/subscribe/unsubscribe? See
On 23/9/2013 3:14 μμ, Free-Radius wrote:
I wonder if the Freeradius to authenticate a client by IP number,
without using login and password, only the IP. If possible, how to do?
You can authenticate a client based on MAC Address. See
http://wiki.freeradius.org/guide/Mac-Auth for various
Just also beware that the MAC and be spoofed also with lots of programs :)
On 23 September 2013 at 13:46 Nikolaos Milas nmi...@noa.gr wrote:
On 23/9/2013 3:14 μμ, Free-Radius wrote:
I wonder if the Freeradius to authenticate a client by IP number,
without using login and password, only
Also, if I put the sim_files entry before eap in the default file I get the
following error when I try and start Radiusd -s -X
Module: Linked to sub-module rlm_eap_sim
Module: Instantiating eap-sim
Module: Checking authorize {...} for more modules to load
/usr/local/etc/raddb/radiusd.conf[643]:
Husnain Taseer wrote:
In tcpdump asterisk not sending request to the freeradius can u tell
after configuring freeradius what configurations are needed to be done
in asterisk.
You were told to ask this question on the asterisk mailing list.
We are not asterisk, and we know nothing about
Am Montag, 23. September 2013, 13:53:14 schrieb ken.farrington:
Just also beware that the MAC and be spoofed also with lots of programs :)
Yes: ip link dev ... set addr ...
On 23 September 2013 at 13:46 Nikolaos Milas nmi...@noa.gr wrote:
On 23/9/2013 3:14 μμ, Free-Radius wrote:
I
Daniel Baker wrote:
[ldap] performing search in dc=citlao,dc=local, with filter (uid=root)
[ldap] object not found
[ldap] search failed
What part of that is unclear?
What can I try to fix the authentication issues so that all ports are being
successfully authenticated ?
Ensure
Hi Guys, we are trying to get Free Radius to authenticate our users who
connect through a Cisco Small Business POE switch.
When testing authentication with a shutdown / no shutdown command on
port fa/17 which has an IP phone connected to it we receive the
following errors:
FREE
Thank you Alan I will pursue that line of inquiry further.
On 9/23/2013 8:18 PM, Alan DeKok wrote:
Daniel Baker wrote:
[ldap] performing search in dc=citlao,dc=local, with filter (uid=root)
[ldap] object not found
[ldap] search failed
What part of that is unclear?
What can I try
On Mon, 23 Sep 2013 at 13:31, John Dennis opined:
JD:You still haven't sent the full debug.
hi john - thanks for your reply. i sent the output from running radiusd
-X, are you saying i need to run -Xxx and send that instead?
or are you looking for the startup output as well? i only included
-TLS Authentication.
Please suggest any document which can help in better understanding on TLS
Authentication.
Thanks.
-- next part --
An HTML attachment was scrubbed...
URL:
http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130923/59640d8e
On 23/09/13 17:33, paul trader wrote:
am i doing something glaringly wrong, or just going plain crazy?
It's difficult to say, because the debug you sent has all the useful
bits trimmed out - like the original packet, and the full module
processing chain.
Send a full debug, and odds are
On 09/23/2013 01:19 PM, paul trader wrote:
eOn Mon, 23 Sep 2013 at 17:52, Phil Mayers opined:
PM:It's difficult to say, because the debug you sent has all the useful
PM:bits trimmed out - like the original packet, and the full module
PM:processing chain.
You still haven't sent the full
hi all - i've recently tried upgrading from v1 to v2. on a centos 6.4 box
w/ all latest updates, i installed freeradius v2, added one username and
password to /etc/raddb/users:
test Cleartext-Password := testing
and the radtest command-line authentication works. i then added one
client
eOn Mon, 23 Sep 2013 at 17:52, Phil Mayers opined:
PM:It's difficult to say, because the debug you sent has all the useful
PM:bits trimmed out - like the original packet, and the full module
PM:processing chain.
hi phil - ok, here's the full debug for a successful request:
rad_recv:
On Mon, 23 Sep 2013 at 18:49, Rui Ribeiro opined:
RR:Your not crazy for sure. The problem authenticating with Windows boxen
RR:is that they only support MSCHAPv2… kudos to Microsoft.
hi rui - thanks for that, although my family and co workers may disagree!
according to this wiki faq entry:
Hi,
I am facing some issues with 802.1x EAP-TLS Authentication.
Please suggest any document which can help in better understanding on TLS
Authentication.
Thanks.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 09/23/2013 02:07 PM, paul trader wrote:
On Mon, 23 Sep 2013 at 13:31, John Dennis opined:
JD:You still haven't sent the full debug.
hi john - thanks for your reply. i sent the output from running radiusd
-X, are you saying i need to run -Xxx and send that instead?
No. It means all
paul trader wrote:
i used a default v2 install and only changed the users and clients.conf
files. everything else was left alone.
Well, there's no magic. If the users file entry doesn't match, it's
because the User-Name isn't test.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Hey I wanted to say thanks for the tips! I convinced the peers that it was
not a good idea to allow auto certificate acceptance and to just have the
clients accept it when the new certificate went online.
Cheers,
- Trevor
On Thu, Sep 12, 2013 at 3:46 PM, Brian Julin bju...@clarku.edu wrote:
On Mon, 23 Sep 2013 at 14:42, John Dennis opined:
JD:You have all the information you need to debug your problem. It does
JD:require reading the debug output carefully. But you should really try
JD:to do that yourself first. As a said earlier, verify you're reading the
JD:exact same users file
On 23/09/2013 18:19, paul trader wrote:
hi phil - ok, here's the full debug for a successful request:
[files] users: Matched entry test at line 1
Versus
and here's the full output of a failed request:
[files] users: Matched entry DEFAULT at line 172
The two request look very similar,
--Please suggest any document which can help in better understanding on
TLS Authentication.
Arvind, I also faced the same issue at beginning , but I would suggest to
read Freeradius own documentation. That is probably the best.
On Mon, Sep 23, 2013 at 7:45 PM, arvind132 . arvind...@gmail.com
30 matches
Mail list logo