[EMAIL PROTECTED] wrote:
When TLS is empty (i.e. TLS {}):
Huh? Why would you leave it empty?
If you're not going to use TLS, delete the whole section. It's just
like any other module.
When TLS is removed:
rlm_eap: Unable to load EAP-Type/ttls, as EAP-Type/TLS is required
first.
rlm_eap: Unable to load EAP-Type/peap, as EAP-Type/TLS is required
first.
This makes sense, as I'll need my server cert for PEAP. If those certs
have to be defined in the TLS block, what is the right way to disable
TLS in this case, but still have PEAP working?
Don't issue client
Ben Wiechman wrote:
With this it wouldn't be that hard to separate the information for a
specific subscriber or group into a separate log file would it.
Correct.
Assuming that the two log options are appropriately configured:
Fr 2.x
if( User-Name != test-user {
# will (Group-Name !=
[EMAIL PROTECTED] wrote:
I did read that, but I was trying to reject TLS. It also says, If you
do not use client certificates, and you do not want to permit EAP-TLS
authentication, then delete this configuration item, referring to
CA_file. I just want to point out that it appears you can't
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
My radius.conf file has the following for Group Membership Checking
#
# Group membership checking. Disabled by default.
#
groupname_attribute = cn
groupmembership_filter =
((objectClass=GroupOfNames)(member=
Also, will this take care of both accounting log info and authentication
log
info?
No. See doc/Post-Auth-Type and the post-auth section.
Thanks, I'll look there. I'm not much concerned with the accounting info.
Our wimax base stations send a keepalive auth request at rather frequent
Hello all,
I'm using freeradius 2.0.1 with mysql to authorize users for a wireless
hotspot. I have a wireless router running CoovaAP firmware. I'm using
Arch Linux, and everything is now working great, with ONLY ONE niggling
problem remaining
I have not modified the freeradius configs much.
I
David Toms wrote:
I have not modified the freeradius configs much.
I added VENDOR ChilliSpot 14559 to the dictionary file, which I hoped
would make freeradius read the dictionary.chillispot dictionary.
No, it won't.
The
file says see man dictionary for the format of the dictionary
Thanks a lot.
Regards,
Rafael
Vincent Magnin wrote:
Hello Rafael,
It should be possible in Freeradius 2 and using unlang language:
if (User-Name != test-user) {
sql_log
}
In previous versions, you can use Acct-Type:
preacct {
files
}
accounting {
Acct-Type SQL-LOG {
sqllog
Thanks for that. The manual page for dictionary was installed, but the
man system itself is broken.
It didn't help that the link to the dictionary manual on the website
(http://www.freeradius.org/dictionary.txt) is also broken.
I DO try to RTFM, but this is not always so easy!
Anyway. I have
Hello.
I have a question about FreeRadius:
RADIUS proxy server (FreeRadius) should perform 150 - 250 requests per second.
Some attributes in requests have to be modified (rules is specified in
hints file). OS is Debian Linux.
How much memory should have the server?
What the processor (in GHz)
Mikhail Novikov wrote:
RADIUS proxy server (FreeRadius) should perform 150 - 250 requests per second.
Some attributes in requests have to be modified (rules is specified in
hints file). OS is Debian Linux.
How much memory should have the server?
What the processor (in GHz) do you recommend?
David Toms wrote:
It didn't help that the link to the dictionary manual on the website
(http://www.freeradius.org/dictionary.txt) is also broken.
Where is that link from?
http://www.freeradius.org/radiusd/man/dictionary.html
I DO try to RTFM, but this is not always so easy!
Well, there
The broken link was on http://www.freeradius.org/usage.html. All the
links on that page pointing to manual entries seem to point to .txt
not .html pages.
I think the documentation is pretty good. It is a complex product, and
people like me shouldn't really be trying to configure it without
15 matches
Mail list logo