Am 02.02.2010 um 00:12 schrieb David Buckley:
Greetings from New Zealand
I have a two factor auth system built using rlm_perl, which is all
working fine but for one problem.
I have a function that sends emails for sending one-time passwords via
SMS which works perfectly when FR is run as
On Mon, Feb 01, 2010 at 05:19:34PM +0100, Alan DeKok wrote:
If you've installed a Debian package, read the Wiki for how to install
a debian package with OpenSSL.
Hm, http://wiki.freeradius.org/Build#Building_Debian_packages needs to be
updated to tell people to run 'dpkg-buildpackage
Join ELOM ETSE on Yahoo! Messenger.
Come chat with me, share files and more.
Stay in the loop with all your friends.
Get started :
http://invite.msg.yahoo.com/invite?op=acceptintl=ussig=Y4dC6BBsI0enNCyVwoDJWqG_1Ttj9Hvwr6C2.nA9_AVmqJtMr9WVvQ--
* Stay connected at home, at work, or on the go
*
Hi,
Running the 2.1.1 version, is it possible to log the amount of time
taken (in ms) to process an accounting packet?
I figured that I can enable authentication and reply log for
authentication and write a script to calculate the time between request
coming and response going out, but for
hi, I need to use chap-password and chap-challenge to authenticate mikrotik
on radius
and i'm trying to use some pear extensions to do it...
but mikrotik use passwords like this
password=1
CHAP-Challenge = 0xad2c7efe802ea7bea94e270404eb01ae
CHAP-Password = 0x000ad48b2d944948e8014118aeb4e56923
Helo there,
I'm relative new to freeradius, and i'm trying to configure a PPTP VPN on
pfSense, authenticating in a FreeRADIUS with LDAP module. But, I'm getting
the following error :
Found Auth-Type = LDAP
WARNING: Please update your configuration, and remove 'Auth-Type = Local'
WARNING: Use the
Now i try to test with my freeradius. There are two tests:
1. User try to get IP from pool
2. Users try to get IP as Framed-IP-Address
There is two log i deleted same lines. I send only differences
##Log for IP pool:
...
...
[files]
Is there any way to get timestamps to display when running radiusd -X?
I get them when running as a service, but then I don't get the same
detail in radius.log
Rick
Rick Steeves
http://www.sinister.net
In reality nothing is more damaging to the adventurous spirit within
a man than a
On 2010-02-02, at 9:12 AM, freerad...@corwyn.net wrote:
Is there any way to get timestamps to display when running radiusd -X?
simple,
radiusd -XX
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freerad...@corwyn.net wrote:
Is there any way to get timestamps to display when running radiusd -X?
$ radiusd -Xx
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Fabio Rampazzo Mathias wrote:
I'm relative new to freeradius, and i'm trying to configure a PPTP VPN
on pfSense, authenticating in a FreeRADIUS with LDAP module. But, I'm
getting the following error :
Found Auth-Type = LDAP
WARNING: Please update your configuration, and remove 'Auth-Type =
Alisson wrote:
hi, I need to use chap-password and chap-challenge to authenticate
mikrotik on radius
and i'm trying to use some pear extensions to do it...
Well.. the RFC's explain how to do CHAP calculations. FreeRADIUS
contains examples of how to do it.
but mikrotik use passwords like
Alan,
Thanks for quick response.
On Tue, Feb 2, 2010 at 12:29 PM, Alan DeKok al...@deployingradius.comwrote:
Fabio Rampazzo Mathias wrote:
I'm relative new to freeradius, and i'm trying to configure a PPTP VPN
on pfSense, authenticating in a FreeRADIUS with LDAP module. But, I'm
getting
When I have used FreeRADIUS in the past, it has been in the traditional
users file model - that is, very simplistic installation. To date, I
have not used FreeRADIUS with Oracle.
Is the Oracle support in FreeRADIUS mature, or developmental, in its
current state? I cannot determine this answer
i'm sending this atributes
Cleartext-Password==1
CHAP-Password==1
Mikrotik-Rate-Limit==600k/600k
NAS-Identifier=Mikrotik
Calling-Station-Id=192.168.3.210
MT-Group=Mikrotik
NAS-IP-Address=192.168.3.242
Service-Type=Login-User
and on log I have this error
[chap] Cleartext-Password is required for
Hello,
How do I fix the supplicant problem, Suggested by you?
José Campos
-Mensagem original-
De: freeradius-users-bounces+jjscampos=gmail@lists.freeradius.org
[mailto:freeradius-users-bounces+jjscampos=gmail@lists.freeradius.org]
Em nome de Alan DeKok
Enviada:
On Sun, 31 Jan 2010, Alan Buxey wrote:
Hi,
to these servers client field, just enter the 'common name' entered on
the certificate? I wonder if a wildcard cert would work for this. As in
*.myorg.ca, then entering *.myorg.ca for client servers field. Just asking
because I have one of those.
Hi All. This is my attempt at giving back to the freeradius community.
Maybe others will find my configuration useful in their efforts.
I'm a network guy, and I do quite a bit of consulting work for various
companies. I have a customer in particular who (prior to this) was
using a very out-of-date
Alisson wrote:
i'm sending this atributes
Were you asked for that information?
and on log I have this error
Which you already posted before.
what atributes I need to change?
Read my previous message. I can't say it any more clearly than that.
Alan DeKok.
-
List
Fabio Rampazzo Mathias wrote:
yes and couldn't find anything saying Auth-Type = Local...but I think
this isn't the most important problem. I've used grep to search.
A database?
I've sent just a part of debug because I've thought this is the part
which really matters.
Is there any other
William Bulley wrote:
Is the Oracle support in FreeRADIUS mature, or developmental, in its
current state? I cannot determine this answer from a search of the
mailing list archives dating back a couple of years.
Lots of people use it. Some have 10^6 users.
In addition to authentication
According to Alan DeKok al...@deployingradius.com on Tue, 02/02/10 at 14:29:
If Oracle support in FreeRADIUS is meant to at least include logging
of session records, if RADIUS requests arrive at two FreeRADIUS server
instances (say, primary and backup/failover), say Acct-Start to server
Ugh. Please ignore my previous post to the list, gmail 'plain text' mode ate
most of the message.
All, this is my attempt at giving back to the freeradius community. Maybe
others will find my configuration useful in their efforts.
I'm a network guy, and I do quite a bit of consulting work for
William Bulley wrote:
Do NOT CC me on messages sent to the list. It's rude.
Just to clarify, given a server C running an instance of Oracle,
and given the two FreeRADIUS boxes A and B, if they both are
configured to talk to Oracle on server C
... then it's up to Oracle to ensure
Alan,
On Tue, Feb 2, 2010 at 5:27 PM, Alan DeKok al...@deployingradius.comwrote:
Fabio Rampazzo Mathias wrote:
yes and couldn't find anything saying Auth-Type = Local...but I think
this isn't the most important problem. I've used grep to search.
A database?
There's no database AFAIK.
At present my setup uses peap/ms-chapV2 to authenticate users
is it possible to have an entry in the users file that will allow users
to connect regardless of the username/password combo they input
at the login box
.
I did try *DEFAULT Auth-Type := Accept*, but it didn't work
rad_recv:
On Wed, Feb 3, 2010 at 5:52 AM, Godfrey Peart grpe...@googlemail.com wrote:
At present my setup uses peap/ms-chapV2 to authenticate users
is it possible to have an entry in the users file that will allow users
to connect regardless of the username/password combo they input
at the login box
.
Hi,
I did update the private key password in eap.conf, to match the one I used
in the original signing request. So what did I do wrong?
did you also update/put the right .key file into place?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I know, that's what baffling me, under my normal setup I get the TLS tunnel
established and authentication works fine, but here there is no TLS setup
just
an accept mesage that matches the default entry but the client doesn't
connect.
Do I need to do any other tweaking concerning the peap setup
-
I think you should install the openssl-delvel package for tls header and lib,
if you can not run radiuxd -X also before replacing the the certs.and then
build freeradius again.
On Sun, 31 Jan 2010, Alan Buxey wrote:
Hi,
to these servers client field, just enter the 'common name' entered on
On Tue, 2 Feb 2010, Alan Buxey wrote:
Hi,
I did update the private key password in eap.conf, to match the one I used
in the original signing request. So what did I do wrong?
did you also update/put the right .key file into place?
It would be the same server.key file that was generated
On Wed, Feb 3, 2010 at 6:44 AM, Godfrey Peart grpe...@googlemail.com wrote:
I know, that's what baffling me, under my normal setup I get the TLS tunnel
established and authentication works fine, but here there is no TLS setup
just
an accept mesage that matches the default entry but the client
Godfrey Peart wrote:
At present my setup uses peap/ms-chapV2 to authenticate users
is it possible to have an entry in the users file that will allow users
to connect regardless of the username/password combo they input
at the login box
.
I did try *DEFAULT Auth-Type := Accept*, but it
33 matches
Mail list logo