Hi,
I'm trying to establish a EAP/TLS authentication. The certificates are
created by the freeradius scripts. rad_eap_test v0.22 is used for
testing. Somehow the authentication request runs into to timeout, but I
can't see what's wrong. Any suggestions ?
# ~/rad_eap_test -S testing123 -u
Hello,
I'am a newbee in freeradius but after reading o'reilly's Radius book for
dummies i still can't figure out what the difference is between := == and =
in the usersfile.
steve Auth-Type := Local, User-Password == Testing etc.
I also see notations like Jonathan Password = Unix-PW.
In the
Am 04.11.2009 um 11:12 schrieb verhoem:
Hello,
I'am a newbee in freeradius but after reading o'reilly's Radius book
for
dummies i still can't figure out what the difference is between :=
== and =
in the usersfile.
steve Auth-Type := Local, User-Password == Testing etc.
It should
Thank you for your message. I am away until Nov 10th. I will respond to
your message on my return . For urgent matters, please contact
helpd...@stgeorges.bc.ca .
Cheers,
Gilbert Lo
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
http://freeradius.org/radiusd/man/users.html
2009/11/4 Nicolas Goutte nicolas.gou...@extragroup.de
Am 04.11.2009 um 11:12 schrieb verhoem:
Hello,
I'am a newbee in freeradius but after reading o'reilly's Radius book for
dummies i still can't figure out what the difference is between :=
Am 04.11.2009 um 11:21 schrieb Ana Gallardo:
http://freeradius.org/radiusd/man/users.html
Well, unfornately there is an example:
bob User-Password == hello
which is bad.
Have a nice day!
2009/11/4 Nicolas Goutte nicolas.gou...@extragroup.de
Am 04.11.2009 um 11:12 schrieb verhoem:
What we would like to do, is at the end of each month (Just before date
rolls into next month), the current accounting record to stop, a new
record to start (As if a start record had been recieved) without
disconnecting the user from the nas. Giving the appearance in the
radacct table, the
http://freeradius.org/radiusd/man/users.html
Well, unfornately there is an example:
bob User-Password == hello
which is bad.
That's out of date. man 5 users on the radius server will be up-to-date
(ie documentation is included with the server).
I'am a newbee in freeradius but after
Need to know if there's a script that allows users to clean their
session has been connected by a long period in the table raddact.
DELETE FROM radacct WHERE AcctStartTime whatever
Why would you allow users to do anything with their accounting records?
Ivan Kalik
Kalik Informatika ISP
-
List
Hi Jeremy,
I had exactly the same need as you, except I wanted my rollover to take
place on an hourly basis for live accounting.
I found this guide helpful:
http://www.netexpertise.eu/en/freeradius/daily-accounting.html
Regards,
Jonathan
Jonathan Gazeley
Hi,
I was setting up NTLM auth against AD and it works well however I wanted
to add another server sections in the config and that was working ok too
up to the point when somebody wants to do mschap authentication against
something else than AD
I followed the recommendations and add the
Alan DeKok al...@deployingradius.com wrote:
Alexander Clouter wrote:
I got those :alpha:-n-chums actually working and tested them with a
bunch of test cases; they definitely seem to be doing what I would
expect...well unless the realm has a space in it :)
Odd...
Glad you do too, means
Alan Buxey a.l.m.bu...@lboro.ac.uk wrote:
Eduroam should really be creating a routing protocol for RADIUS. I
don't think it would be hard: git + ssh + text files. See Section 2.7 of:
http://tools.ietf.org/id/draft-dekok-radext-nai-00.txt
firstly, its 'eduroam', not 'Eduroam' - minor
I was setting up NTLM auth against AD and it works well however I wanted
to add another server sections in the config and that was working ok too
up to the point when somebody wants to do mschap authentication against
something else than AD
I followed the recommendations and add the
Hi,
Thanks for your quick answer. I am very new to radius server, so i was not able
to understand what you pointed out below. It would be great if you can
elaborate a bit on it.
Regards,
Yagnesh Dave.
On Mon, 02 Nov 2009 17:04:11 +0530 wrote
Can you let me know where can we check the time
Thank you!!!
On Wed, 2009-11-04 at 12:17 +, Ivan Kalik wrote:
I was setting up NTLM auth against AD and it works well however I wanted
to add another server sections in the config and that was working ok too
up to the point when somebody wants to do mschap authentication against
Hi,
I also found this command in the Radius E-book by O`reilly.
radiusreport -i 0 -f detail
But this command does not work, i get an error message saying not found.
Please help me.
Regards,
Yagnesh Dave
On Wed, 04 Nov 2009 17:50:55 +0530 wrote
Hi,
Thanks for your quick answer. I am very
Hi,
proxy that does the talking to Eduroam; okay I am now touting the
'separate' proxy...but Eduroam has some pretty unique requirements that
*no-one* else does and this is the key point.
'eduroam' not Eduroam please! ;-)
So the bar (including the administrative work both for you and the
Hi Dave,
Radiusreport is a seperate project - see
http://www.pgregg.com/projects/radiusreport/
Ivan posted an SQL statement above which answers your initial query. Simply
execute the query on your SQL server.
For simplified management you may want to take a look at installing and
configuring
/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -
/var/log/freeradius/radacct/127.0.0.1/auth-detail-20091104
[auth_log]
/var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/freeradius/radacct/127.0.0.1/auth-detail-20091104
[auth_log] expand: %t - Wed Nov 4 12:05
Wiedemann, Joerg wrote:
I got a little further in using eapol_test. Now the radius server
reports the following.
There is a lot... but reading it for error and failure doesn't
hurt, either.
...
[tls] TLS 1.0 Handshake [length 0382], Certificate
-- verify error:num=20:unable to get local
I got a little further in using eapol_test. Now the radius server
reports the following.
...
[tls] TLS 1.0 Handshake [length 0382], Certificate
-- verify error:num=20:unable to get local issuer certificate
[tls] TLS 1.0 Alert [length 0002], fatal unknown_ca
TLS Alert write:fatal:unknown CA
On Wed, 2009-11-04 at 10:40 +, Ivan Kalik wrote:
Need to know if there's a script that allows users to clean their
session has been connected by a long period in the table raddact.
DELETE FROM radacct WHERE AcctStartTime whatever
Why would you allow users to do anything with their
Craig Campbell cr...@ccraft.ca wrote:
I'm running an unreleased 'development? version of freeradius (2.1.8?).
me too, I get exactly what you are getting. If you are always
fiddling with FreeRADIUS I recommend you always run it in gdb as then
you can get things fixed easily.
I usually build
Hello,
I would like to know if anyone could help me with the design of this
implementation :
Requirements :
- 802.1x Authentication for wired and wireless clients ( Windows XP with
Novell Client )
- Single sign on login to Novell eDirectory and Active Directory
- Radius Authentication should
D'Oh!
Did the trick, totally missed that small step
Thank you for your assistance
Larry
From: freeradius-users-bounces+lfross=ucdavis@lists.freeradius.org
[mailto:freeradius-users-bounces+lfross=ucdavis@lists.freeradius.org] On
Behalf Of Peter Lambrechtsen
Sent: Monday, November 02,
from ESET Smart Security, version of virus
signature database 4573 (20091104) __
The message was checked by ESET Smart Security.
http://www.eset.com
__ Information from ESET Smart Security, version of virus signature
database 4573 (20091104) __
The message
Alexander Clouter wrote:
It's when I add (I am pretty sure it's the in the first 8 or so
patches) the following I get the same problem with FreeRADIUS:
...
I guess at this point I am going to be told to be a good boy and run off
and use git bisect? :)
Pretty much, sorry.
Looking through
Craig Campbell cr...@ccraft.ca wrote:
Thanks for the update - I was concluding I'd have to wait for the release
of 2.1.8 to pursue this. I am currently in a situation where I can help
debug 2.1.8, since the 'new' systems aren't yet in production.
Well I can see no reason to run
Alan DeKok al...@deployingradius.com wrote:
Alexander Clouter wrote:
It's when I add (I am pretty sure it's the in the first 8 or so
patches) the following I get the same problem with FreeRADIUS:
...
I guess at this point I am going to be told to be a good boy and run off
and use git
Hi,
So, 'eduroam-ca.der' can be a *group* of Root CA's I hope and there is a
with a decent system you can just point the CA part to a directory
or listing of CAs for it to check. simple extensions can prove 'club'
membership for whatever purpose/resource you are happy with
Kinda my point is
Alexander Clouter wrote:
The problem is you *have* to
apply my listed cherry-picks, as if you add *any* of the TCP related
code Alan has been working on, it all stops compiling[1]
*Please* use the git stable branch. The master branch has a whole
whack of other changes in it which may or
32 matches
Mail list logo
