hi,
My configuration
RedHat 9.0 Latest up2date
FR 0.9.3 non CVS, ./configure --with-experimental-modules / make / make
install
MySQL Ver 12.20 Distrib 4.0.13, for pc-linux (i686)
--- radius.log begin ---
Mon Dec 15 12:30:23 2003 : Info: rlm_sql (sql): There are no DB handles to
use! skipped 0,
On Mon, Dec 15, 2003 at 09:12:59AM +0800, Bruce Cook wrote:
Hmm, don't see it in the current version I'm running, I'll suck the
latest CVS and
have a look at that.
Mon Dec 1 23:20:53 2003 : Info: rlm_perl: ?/RAD_REQUEST:
Mon Dec 1 23:20:53 2003 : Info: rlm_perl: ? Calling-Station-Id =
Joe Bonow wrote:
After searching the limited archive I am unable to find info on how
to have the Login Incorrect return the name of the nas that the login
failed on.
The CVS version has support for a postauth_query stanza in sql.conf
which allows you to insert any value you want in the SQL
At Fri, 12 Dec 2003 19:24:03 +0200,
ZORBADELOS KONSTANTINOS wrote:
Here is the output after adding debug_level = 2 as the last line of
radiusd.conf. Sorry for the delay I was off for the weekend.
By the way I compiled freeradius on another SUN machine (much bigger)
with gcc 2.95.3 and in the HUP
On Sun, 14 Dec 2003, Patrick Mowry wrote:
Hello,
I have a requirement for two stage authentication for wireless networks.
Before the wireless Windows 2000/XP client is even allowed to reach the
domain, it must authenticate to the network with Digital Certs issued
from an iPlanet certificate
Good morning all,
We have a server with a really old copy of FreeRADIUS logging accounting
data to mysql 3.xx. We are now in the process of upgrading to the latest
stable of mysql 4 and freeradius.
We've built the system on a separate machine and it works during
testing, except it doesn't log
radius_xlat:
'/usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20031215'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20031215
modcall[authorize]: module auth_log returns ok for request 15
Hello everyone,
I am a new user of Freeradius server. I have installed freeradius (beta
version) and tested radius server using 'radtest' command and found in
working.
I have a windows user connected through AP600 (NAS), and it is not
responding. (I ran 'radiusd' with -X option ..and found it not
At Mon, 15 Dec 2003 10:25:36 +,
James Green wrote:
Use radiusd -X and see what happens with the requests. You should see
the sql queries that the server tries to execute.
Good morning all,
We have a server with a really old copy of FreeRADIUS logging accounting
data to mysql 3.xx. We
ZORBADELOS KONSTANTINOS wrote:
At Mon, 15 Dec 2003 10:25:36 +,
James Green wrote:
Use radiusd -X and see what happens with the requests. You should see
the sql queries that the server tries to execute.
Zorbadelos,
This has been done. That is how I know it connects to the database, but
At Mon, 15 Dec 2003 12:57:24 +,
James Green wrote:
ZORBADELOS KONSTANTINOS wrote:
You said you used radiusd -x and not radiusd -X (case is important).
Please send the output you receive from radiusd -X. See the rlm_sql
and radius_xlat messages. Perhaps something is wrong with the
Patrick Mowry [EMAIL PROTECTED] wrote:
I have a requirement for two stage authentication for wireless networks.
Before the wireless Windows 2000/XP client is even allowed to reach the
domain, it must authenticate to the network with Digital Certs issued
from an iPlanet certificate server
Nick Marino [EMAIL PROTECTED] wrote:
Can anyone point in the direction of the best way to upgrade to Freeradius
version 0.9.3 from version FreeRADIUS Version 0.8-pre with out losing my
current configuration?
$ make install
Read the output. It warns you in big letters that it hasn't changed
[EMAIL PROTECTED] wrote:
In fact could someone try to look at my log, and tell me where is my
problem? I would be great!
The log you posted to the list contains a description of what is wrong.
Another point is the configuration of the users file, for peap. I've read
the list but nobody
Shashidhara S Bapat [EMAIL PROTECTED] wrote:
I have a windows user connected through AP600 (NAS), and it is not
responding. (I ran 'radiusd' with -X option ..and found it not showing
any message, when the windows-user tried to access. It's allowing user
to access the NAS without asking for any
This is my last message on this topic, in the naive hope that you
will pay attention to what I'm saying.
Stephan von Krawczynski [EMAIL PROTECTED] wrote:
You are not wrong, you simply don't listen or don't at least try to
understand the problem, again:
I have a freeradius 0.8.1 and let it
--- Alan DeKok [EMAIL PROTECTED] wrote:
Nick Marino [EMAIL PROTECTED] wrote:
Can anyone point in the direction of the best way to upgrade to
Freeradius
version 0.9.3 from version FreeRADIUS Version 0.8-pre with out losing my
current configuration?
$ make install
Read the output. It
for request 3
modcall[authorize]: module preprocess returns ok for request 3
radius_xlat: '/var/log/radiusd/radacct/81.20.32.130/auth-detail-20031215'
rlm_detail:
/var/log/radiusd/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands
to /var/log/radiusd/radacct/81.20.32.130/auth-detail
So I need to put something into debian/changlog that indicates version
0.9.3 and
the debian packaging system will then correctly name the deb files ???
I am trying to learn this this stuff, and am at the point I am very
dangerous to my systems. :-)
I try to procede with caution in areas I
modcall[authorize]: module preprocess returns ok for request 3
radius_xlat: '/var/log/radiusd/radacct/81.20.32.130/auth-detail-20031215'
rlm_detail:
/var/log/radiusd/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands
to /var/log/radiusd/radacct/81.20.32.130/auth-detail-20031215
I hoped these patches would have been applied to CVS by now, but they
haven't.
If anyone is interested in PostgreSQL support for freeradius, please
check out
the site I have setup, and send feedback if you find any problems.
I have verified my patch against the CVS as of 2003 Dec 15 10:15.
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
yeah I have done that exactly before and it did overwrite my config that is
one of the reasons I am asking.
That must have been a very old version of the server. The current
version does not overwrite any files in raddb/
Alan DeKok.
-
List
Szelepcsenyi Robert [EMAIL PROTECTED] wrote:
I would like to replace the Safeword server with some open source software,
if possible. However, we are using tokens in synchronous mode for dialup,
VPN etc. Freeradius seems to support Safeword Tokens in asynchronous mode
only. I would like to ask
Nick Davis wrote:
James,
All of your accounting data is being written to the details files. You must
not have put sql in the accounting section of radius.conf.
You mean this?:
accounting {
#
# Ensure that we have a semi-unique identifier for every
# request, and many
Is it possible to deny an Access-Request by the NASPortType? The
current issue at hand is as follows:
Our RADIUS servers handles the authentication for standard 56K dial-up,
64K ISDN, and 128K ISDN. The current problem is that if somebody
purchases a dial-up account (which is restricted to
Deramus, Chris [EMAIL PROTECTED] wrote:
What file(s) should I run ldd against?
rlm_sql_mysql.so
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ripunjay Bararia [EMAIL PROTECTED] wrote:
--- radius.log begin ---
Mon Dec 15 12:30:23 2003 : Info: rlm_sql (sql): There are no DB handles to
use! skipped 0, tried to connect 0
Find out why your SQL database is slow.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
--- Alan DeKok [EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
yeah I have done that exactly before and it did overwrite my config that
is
one of the reasons I am asking.
That must have been a very old version of the server. The current
version does not overwrite
NetNITCO Systems Administration [EMAIL PROTECTED] wrote:
So, since dial-up gets reported as NASPortType Async and ISDN is
reported as ISDN, I was wondering if populating 'radgroupcheck'
for the DialUp group with 'NASPortType' Async would disallow
somebody from making an 64K ISDN connection
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
So the config files are competely the same between versions?
No.
Are any modifications needed on the config files after the install or will
0.9.3 run with 0.8 pre config files?
Maybe.
What about new fields in the mysql database are they also
On Mon, 2003-12-15 at 10:51, Alan DeKok wrote:
It should work. Check, though, that the NAS is actually sending
Async.
I checked the 'radacct' table to verify that our HiPerARCs are sending
Async for dial-up and ISDN for ISDN.
This should let the ISDN people also do dial-up, but will
Thanks for the patched log_badlogins it takes care of the issue for me
and is greatly appreciated. Thanks also to all who replied with other
solutions.
Guy Fraser wrote:
You have to configure and run dialup_admin/bin/log_badlogins to
process you radius.log file and put the entries into your
Title: Message
To
all,
I finall got it,
go figure it was a very obvious answer. I simply re-configured FreeRADIUS using
./configure --with-static-modules="sql sql_mysql" command. When I executed a
make, it errored out saying it could not find ../modules/rlm_sql_mysql. I simply
made a
Hello there,
i'am successfully authenticate Certificate users against freeradius 0.9.0 (from suse
9.0).
BUT: only the 'first' time. That means:
wait a 'long' time (av. 15 min)
authenticate successfull
wait a very short time
authentication fails
wait
authentication fails
wait 'long' time
Using Postgresql 4.7
and FreeRadius 0.9.3
on FreeBSD 5.1
On sending an Accounting Stop Request to Freeradius
I get some errors in summary
invalid input syntax for type bigint:
below is the error log and
Below the log is the standard part of postgresql.conf I am using it
unmodified
Nothing to
thanks Alan, for the comment,
My SQL server and FR are running on the same box,
will separating them be a good idea,
I need to do AAA for about 1500 concurrent users
what kind of a machine would I need for FR
and how much load will it put on the MySQL server
so that I can scale both of the
Hi everybody.
I am trying to set up a freeradius, but i cant
execute external program at acct_users file.
it takes no action.
does anyone know hot to set it up?
thanks
Lucas OliveiraWeb ManagerPrompt
Tecnologiawww.prompt-tecnologia.com.br
Ripunjay Bararia [EMAIL PROTECTED] wrote:
My SQL server and FR are running on the same box,
will separating them be a good idea,
It shouldn't matter.
I need to do AAA for about 1500 concurrent users
what kind of a machine would I need for FR
Almost any machine available today will do
Spetzler, Arne (DZ-SH) [EMAIL PROTECTED] wrote:
i'am successfully authenticate Certificate users against freeradius =
0.9.0 (from suse 9.0).
BUT: only the 'first' time. That means:
wait a 'long' time (av. 15 min)
authenticate successfull
This has nothing to do with FreeRADIUS. If
hi
just had this silly question
what is the preferred/normal way to start/stop/restart FR running on a
RedHat box
with or without init.d scripts
Ripunjay Bararia
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Title: RE: How to start/stop/restart FR
Ripunjay,
I have been running FreeRADIUS successfully for over a year on various versions of Redhat. I simply just copied the radiusd executable into /etc/init.d and created a symbolic link to this file in /etc/rc3.d
Each time the machine is
Thanks Alan
I will try to see what can be done about the MySQL interface
thanks
Ripunjay
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok
Sent: Tuesday, December 16, 2003 1:08 AM
To: [EMAIL PROTECTED]
Subject: Re: There are no DB handles to
Finally I found the problem. Looks like the Cisco router messed up the
secrets of different Radius Servers. I have two Radius Servers configured on
the same router for different purposes. When both of them are enabled,
neither of them is working. The same error message comes out. But if only
one
On Tue, 16 Dec 2003, Ripunjay Bararia wrote:
thanks Alan, for the comment,
My SQL server and FR are running on the same box,
will separating them be a good idea,
I need to do AAA for about 1500 concurrent users
what kind of a machine would I need for FR
and how much load will it put on the
I had this very same error several times. This answer may
be way off base, but I found that MySQL was putting
mysql.sock in /tmp. I changed /etc/my.conf
to socket = /var/lib/mysql/mysql.sock and it fixed it.
Again, I am no expert in MySQL or FreeRADIUS but
I am learning.
- Original
On Mon, Dec 15, 2003 at 12:56:53PM -0600, Click Chebon wrote:
Using Postgresql 4.7
I hope you mean 7.4 ;)
rad_recv: Accounting-Request packet from host 192.168.0.1:3306, id=21,
length=38
User-Name = clint
Acct-Status-Type = Stop
Acct-Session-Id = 816
...
Check the Acct_Session-Time in
/usr/local/var/log/radius/radacct/192.168.0.1/detail-20031213
for the stop record of session 816.
The sql is attempting to set AcctSessionTime = ''
AcctSessionTime is a bigint, and '' is not an integer, that is
why you are getting the error.
Click Chebon wrote:
/radius/radacct/192.168.0.1/detail-20031215'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands
to /usr/local/var/log/radius/radacct/192.168.0.1/detail-20031215
modcall[accounting]: module detail returns ok for request 0
modcall[accounting]: module unix returns
Hello
I need to put some custom query after I receive accounting packet. Where I should look into it?
rlm_sql.c is that correct file? Or I could add into accounting query?
Thanks
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Monday 15 December 2003 18:03, Amgaabaatar Purevjal wrote:
Hello
I need to put some custom query after I receive accounting packet. Where I
should look into it? rlm_sql.c is that correct file? Or I could add into
accounting query? Thanks
Show us the detail file entry.
You have no valid data in that record, other than the NAS-IP-Address,
User-Name, and Acct-Session-Id.
What are you using to generate the accounting record?
If this is comming from a NAS, then why is the Acct-Session-Id the same
in both your examples.
-
List
On Mon, Dec 15, 2003 at 04:36:00PM -0600, Click Chebon wrote:
rlm_acct_unique: WARNING: Attribute NAS-Port-Id was not found in request,
unique ID MAY be inconsistent
Is it a real stop packet or just test?
If it's a test packet, try more real data.
If not, don't be lazy to configure
US Stock Market - Stock Profile of the Week
Symbol: NMMG
Market: OTC.BB
Sector: LED TECHNOLOGY
Before we begin our profile we have very exciting after-market news...
Monday December 15, 4:58 pm ET - New Millennium Media Engages Leading Product
Commercialization Consulting Firm
BREAKING NEWS
_
Leonardo D. Pabroquez Jr.
00-51582
Department of Computer Science, College of Engineering
University of the Philippines
Diliman, Quezon City
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Boian Jordanov wrote:
On Mon, Dec 15, 2003 at 09:12:59AM +0800, Bruce Cook wrote:
Hmm, don't see it in the current version I'm running, I'll suck the
latest CVS and
have a look at that.
[...]
You have to use preprocess module for Client-IP-Address
from radiusd.conf authorize section.
This may have been covered before, but I cannot seem to find it when
searching the archives. I am new to FreeRadius, but not new to Linux. I
tried configuring FreeRadius, when checking for checking for
asn1.h,snmp.h,snmp_impl.h... it would not find the NetSNMP installation.
The location
56 matches
Mail list logo