I had try to install the Freeradius 0.7, but during complie, I had the message:
gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -DNDEBUG -I../../include -DX99_MODULE_NAME=\"rlm_x99_token\" -DFREERADIUS -c x99_pwe.c -o x99_pwe.o x99_pwe.c:39:25: openssl/md4.h: ????????? Please help me to solve the problem! On Wed, 14 August 2002, [EMAIL PROTECTED] wrote: > > Send Freeradius-Users mailing list submissions to > [EMAIL PROTECTED] > > To subscribe or unsubscribe via the World Wide Web, > visit > <a href="http://mail.dragomate.com//jump/http://lists.cistron.nl/mailman/listinfo/freeradius-users";>http://lists.cistron.nl/mailman/listinfo/freeradius-users</a> > or, via email, send a message with subject or body > 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is > more specific > than "Re: Contents of Freeradius-Users digest..." > > > Today's Topics: > > 1. Freeradius Newbee > (=?iso-8859-1?q?Stefan=20Hilfiker?=) > 2. upgrade from 0.6 to 0.7: 2 problems (bugs?) > (Francois Dessart) > 3. Problem with autocmd (KEV) > 4. Re: ip pool again (Guillermo Schimmel) > 5. Re: ip pool again (Kostas Kalevras) > 6. Re: ip pool again (Guillermo Schimmel) > 7. Re: ip pool again (Kostas Kalevras) > 8. Re: ip pool again (Guillermo Schimmel) > 9. Re: ip pool again (Kostas Kalevras) > 10. Re: Freeradius Newbee (Nick Davis) > 11. Re: Problem with autocmd (Alan DeKok) > 12. Re: upgrade from 0.6 to 0.7: 2 problems (bugs?) > (Alan DeKok) > 13. Re: ip pool again (Guillermo Schimmel) > 14. Re: ip pool again (Kostas Kalevras) > 15. Re: upgrade from 0.6 to 0.7: 2 problems (bugs?) > (Francois Dessart) > 16. different patch for checkrad (Andrea Gabellini) > 17. dial-up & access (Margrete Raaum) > 18. Re: dial-up & access (Kostas Kalevras) > > --__--__-- > > Message: 1 > Date: Wed, 14 Aug 2002 08:29:13 +0200 (CEST) > From: =?iso-8859-1?q?Stefan=20Hilfiker?= > <[EMAIL PROTECTED]> > Subject: Freeradius Newbee > To: [EMAIL PROTECTED] > Reply-To: [EMAIL PROTECTED] > > Hello all > Im a newbee with FreeRadius. Now I have got any > problems to configure the server. > Finaly, I'd like to have the follow sitation: > I have a firewall with one VPN-Key. It work, but 50 > Clients with one VPN-Key is not controllably. The > solution seems to me a Radius-server. Now is my > question, how to configure this server? > I have seen that I must use the users file, but I > don't know how to add a new user for this job. And > must I change any things on the *.conf Files? > > Thanks a lot and greets > Stefan > > ===== > Gesendet von Stefan Hilfiker ([EMAIL PROTECTED]) > <a href="http://mail.dragomate.com//jump/http://get.to/Stefhilfiker";>http://get.to/Stefhilfiker</a> > > __________________________________________________________________ > > Gesendet von Yahoo! Mail - <a href="http://mail.dragomate.com//jump/http://mail.yahoo.de";>http://mail.yahoo.de</a> > M�chten Sie mit einem Gru� antworten? > <a href="http://mail.dragomate.com//jump/http://grusskarten.yahoo.de";>http://grusskarten.yahoo.de</a> > > > --__--__-- > > Message: 2 > From: "Francois Dessart" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Subject: upgrade from 0.6 to 0.7: 2 problems (bugs?) > Date: Wed, 14 Aug 2002 08:42:22 +0200 > charset="iso-8859-1" > Reply-To: [EMAIL PROTECTED] > > Hello, > > I just upgraded from 0.6 to 0.7 and I am experiencing 2 > big problems: > > 1) The 0.7 server is sending a malformed "Class > Attribute": > > Debug: > --------------------------------------------------------- > Sending Access-Accept of id 44 to x.x.192.138:1046 > Service-Type = Framed-User > Framed-Protocol = PPP > Class = 0x > --------------------------------------------------------- > I had not this problem with 0.6 > > ------------------------------------------------------------------------ > ---------------- > 2) Exec-Program-Wait still doesn't work in 0.7 > debugging mode but it > should as described in Changelog. > > Debug: > > modcall: group authtype returns ok > radius_xlat: '/usr/local/perl/radius/check_ulg.pl > u000028' > Exec-Program: /usr/local/perl/radius/check_ulg.pl > u000028 > Exec-Program-Wait: value-pairs: Class = > "internet",Framed-IP-Address = > x.x.39.12 > Exec-Program: Abnormal child exit > Login incorrect (external check failed): > [u000028@INTERNET] (from client > vpn-intra port 1041) > Delaying request 0 for 1 seconds > > What am I doing wrong? > > > Thanks for your help. > > Francois. > > ------------------------------------ > Francois DESSART > Network Engineer - SEGI/ULG > > > > > --__--__-- > > Message: 3 > Date: Wed, 14 Aug 2002 11:52:54 +0400 (MSD) > From: KEV <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Problem with autocmd > Reply-To: [EMAIL PROTECTED] > > > Hello! > > I have these settings into users : > > DEFAULT Prefix==uu, Auth-Type := Accept > Service-Type = Login-User, > Cisco-AVPair = "shell:autocmd=rlogin 10.10.2.110 /user > %u" > > and during login i see such debug : > > *Mar 3 02:17:28.508: RADIUS: saved authorization data > for user 25BB04 at > 25A44C > *Mar 3 02:17:28.516: AAA/AUTHOR/EXEC (583742714): > Port='tty18' list='' > service=EXEC > *Mar 3 02:17:28.520: AAA/AUTHOR/EXEC: (583742714) > user='uutest' > *Mar 3 02:17:28.520: AAA/AUTHOR/EXEC: (583742714) > send AV service=shell > *Mar 3 02:17:28.524: AAA/AUTHOR/EXEC: (583742714) > send AV cmd* > *Mar 3 02:17:28.528: AAA/AUTHOR/EXEC (583742714) found > list "default" > *Mar 3 02:17:28.528: AAA/AUTHOR/EXEC: (583742714) > Method=RADIUS > *Mar 3 02:17:28.532: RADIUS: cisco AVPair > "shell:autocmd=rlogin > 10.10.2.110 /user %u" > ^^^^^^^^^^^^^^^^^^^^ > why? > > *Mar 3 02:17:28.536: AAA/AUTHOR (583742714): Post > authorization status = > PASS_ADD > *Mar 3 02:17:28.540: AAA/AUTHOR/EXEC: Processing AV > service=shell > *Mar 3 02:17:28.540: AAA/AUTHOR/EXEC: Processing AV > cmd* > *Mar 3 02:17:28.544: AAA/AUTHOR/EXEC: Processing AV > autocmd=rlogin > uucp.demos.su /user %u > *Mar 3 02:17:28.548: AAA/AUTHOR/EXEC: Authorization > successful > *Mar 3 02:17:28.628: RADIUS: ustruct sharecount=2 > *Mar 3 02:17:28.628: RADIUS: added cisco VSA 2 len 5 > "tty18" > > So user can't login into 10.10.2.110 ... > > --- > KEV > > > > > --__--__-- > > Message: 4 > Date: Wed, 14 Aug 2002 09:20:11 -0300 > From: Guillermo Schimmel <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: ip pool again > Reply-To: [EMAIL PROTECTED] > > Kostas Kalevras wrote: > > >On Tue, 13 Aug 2002, Guillermo Schimmel wrote: > > > > > > > >>It still doesn't work. > >> > >> > >> > >>>Hi list: > >>> > >>> I'm starting the tests with the ippool module. > >>> > >>> I added this line on the users file: > >>> > >>>DEFAULT NAS-IP-Address == "10.169.255.11", > Auth-Type := > >>>Accept, Pool-Name := "prueba" > >>> > >>> And created an IP pool: > >>> > >>>ippool prueba { > >>> range-start = 10.170.200.1 > >>> range-stop = 10.170.200.254 > >>> netmask = 255.255.255.0 > >>> cache-size = 800 > >>> session-db = /raddb/db.ippool > >>> ip-index = /raddb/db.ipindex > >>>} > >>> > >>> > >>> > >> I can start the server and it works ok, but it > doesn't reply with > >>the Framed-IP-Address attribute. > >> > >> > >> > >>> What am I doing wrong? > >>> > >>> I'm sorry if this is ANOTHER stupid question. > >>> > >>> Thanks a lot for your time. > >>> > >>> > >>>Guillermo > >>> > >>> > > > >Have you added the module in the authorize and > accounting sections in > >radiusd.conf? Make sure also that ippool comes after > the files module in the > >authorize section. > > > > > Yes, I have done so. > > Is this output OK? (The noop part) > > modcall: entering group authorize > modcall[authorize]: module "preprocess" returns ok > modcall[authorize]: module "files" returns notfound > modcall[authorize]: module "ippool" returns noop > rlm_chap: Could not find proper Chap-Password attribute > in request > modcall[authorize]: module "chap" returns noop > modcall: entering group group > > Where else should I look? > > Is there any documentation for the ippool module? > > > Thanks > > > Guillermo > > > > > > > > >-- > >Kostas Kalevras Network Operations Center > >[EMAIL PROTECTED] National Technical University of > Athens, Greece > >Work Phone: +30 10 7721861 > >'Go back to the shadow' Gandalf > > > > > >- > >List info/subscribe/unsubscribe? See > <a href="http://mail.dragomate.com//jump/http://www.freeradius.org/list/users.html";>http://www.freeradius.org/list/users.html</a> > > > > > > > > > > > > > > --__--__-- > > Message: 5 > Date: Wed, 14 Aug 2002 15:31:08 +0300 (EEST) > From: Kostas Kalevras <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: ip pool again > Reply-To: [EMAIL PROTECTED] > > On Wed, 14 Aug 2002, Guillermo Schimmel wrote: > > > Yes, I have done so. > > > > Is this output OK? (The noop part) > > > > modcall: entering group authorize > > modcall[authorize]: module "preprocess" returns ok > > modcall[authorize]: module "files" returns notfound > > modcall[authorize]: module "ippool" returns noop > > rlm_chap: Could not find proper Chap-Password > attribute in request > > modcall[authorize]: module "chap" returns noop > > modcall: entering group group > > > > Where else should I look? > > Please post the authorize and accounting sections of > your radiusd.conf > > > > > Is there any documentation for the ippool module? > > Apart from the comments in the configuration file, no. > > -- > Kostas Kalevras Network Operations Center > [EMAIL PROTECTED] National Technical University of > Athens, Greece > Work Phone: +30 10 7721861 > 'Go back to the shadow' Gandalf > > > > --__--__-- > > Message: 6 > Date: Wed, 14 Aug 2002 09:40:30 -0300 > From: Guillermo Schimmel <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: ip pool again > Reply-To: [EMAIL PROTECTED] > > Kostas Kalevras wrote: > > >On Wed, 14 Aug 2002, Guillermo Schimmel wrote: > > > > > > > >>Yes, I have done so. > >> > >>Is this output OK? (The noop part) > >> > >>modcall: entering group authorize > >> modcall[authorize]: module "preprocess" returns ok > >> modcall[authorize]: module "files" returns notfound > >> modcall[authorize]: module "ippool" returns noop > >>rlm_chap: Could not find proper Chap-Password > attribute in request > >> modcall[authorize]: module "chap" returns noop > >>modcall: entering group group > >> > >>Where else should I look? > >> > >> > > > >Please post the authorize and accounting sections of > your radiusd.conf > > > > > authorize { > preprocess > files > ippool > chap > group { > ldap1 { > fail = 1 > notfound = 2 > noop = return > ok = return > updated = return > reject = return > userlock = return > invalid = return > handled = return > } > ldap2 { > fail = 1 > notfound = 2 > noop = return > ok = return > updated = return > reject = return > userlock = return > invalid = return > handled = return > } > } > } > > accounting { > acct_unique > detail > sql > ippool > } > > > > > > >>Is there any documentation for the ippool module? > >> > >> > > > >Apart from the comments in the configuration file, no. > > > >-- > >Kostas Kalevras Network Operations Center > >[EMAIL PROTECTED] National Technical University of > Athens, Greece > >Work Phone: +30 10 7721861 > >'Go back to the shadow' Gandalf > > > > > >- > >List info/subscribe/unsubscribe? See > <a href="http://mail.dragomate.com//jump/http://www.freeradius.org/list/users.html";>http://www.freeradius.org/list/users.html</a> > > > > > > > > > > > > > > --__--__-- > > Message: 7 > Date: Wed, 14 Aug 2002 15:59:48 +0300 (EEST) > From: Kostas Kalevras <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: ip pool again > Reply-To: [EMAIL PROTECTED] > > On Wed, 14 Aug 2002, Guillermo Schimmel wrote: > > > authorize { > > preprocess > > files > > ippool > > chap > > group { > > ldap1 { > > fail = 1 > > notfound = 2 > > noop = return > > ok = return > > updated = return > > reject = return > > userlock = return > > invalid = return > > handled = return > > } > > ldap2 { > > fail = 1 > > notfound = 2 > > noop = return > > ok = return > > updated = return > > reject = return > > userlock = return > > invalid = return > > handled = return > > } > > } > > } > > > > accounting { > > acct_unique > > detail > > sql > > ippool > > } > > Replace ippool with prueba and everything should work > ok. > > -- > Kostas Kalevras Network Operations Center > [EMAIL PROTECTED] National Technical University of > Athens, Greece > Work Phone: +30 10 7721861 > 'Go back to the shadow' Gandalf > > > > --__--__-- > > Message: 8 > Date: Wed, 14 Aug 2002 10:32:21 -0300 > From: Guillermo Schimmel <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: ip pool again > Reply-To: [EMAIL PROTECTED] > > Kostas Kalevras wrote: > > >On Wed, 14 Aug 2002, Guillermo Schimmel wrote: > > > > > > > >>authorize { > >> preprocess > >> files > >> ippool > >> chap > >> group { > >> ldap1 { > >> fail = 1 > >> notfound = 2 > >> noop = return > >> ok = return > >> updated = return > >> reject = return > >> userlock = return > >> invalid = return > >> handled = return > >> } > >> ldap2 { > >> fail = 1 > >> notfound = 2 > >> noop = return > >> ok = return > >> updated = return > >> reject = return > >> userlock = return > >> invalid = return > >> handled = return > >> } > >> } > >>} > >> > >>accounting { > >> acct_unique > >> detail > >> sql > >> ippool > >>} > >> > >> > > > >Replace ippool with prueba and everything should work > ok. > > > > > Now the server doesn't start. It gives the following > error: > > Module: Loaded IPPOOL > ippool: session-db = "/usr/local/etc/raddb/db.ippool" > ippool: ip-index = "/usr/local/etc/raddb/db.ipindex" > ippool: range-start = 10.170.201.1 IP address > [10.170.201.1] > ippool: range-stop = 10.170.200.254 IP address > [10.170.200.254] > ippool: netmask = 255.255.255.0 IP address > [255.255.255.0] > ippool: cache-size = 254 > rlm_ippool: Invalid configuration data given. > radiusd.conf[330]: prueba: Module instantiation failed. > > > > > > >-- > >Kostas Kalevras Network Operations Center > >[EMAIL PROTECTED] National Technical University of > Athens, Greece > >Work Phone: +30 10 7721861 > >'Go back to the shadow' Gandalf > > > > > >- > >List info/subscribe/unsubscribe? See > <a href="http://mail.dragomate.com//jump/http://www.freeradius.org/list/users.html";>http://www.freeradius.org/list/users.html</a> > > > > > > > > > > > > > > --__--__-- > > Message: 9 > Date: Wed, 14 Aug 2002 16:40:10 +0300 (EEST) > From: Kostas Kalevras <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: ip pool again > Reply-To: [EMAIL PROTECTED] > > On Wed, 14 Aug 2002, Guillermo Schimmel wrote: > > > Module: Loaded IPPOOL > > ippool: session-db = "/usr/local/etc/raddb/db.ippool" > > ippool: ip-index = "/usr/local/etc/raddb/db.ipindex" > > ippool: range-start = 10.170.201.1 IP address > [10.170.201.1] > > ippool: range-stop = 10.170.200.254 IP address > [10.170.200.254] > > ippool: netmask = 255.255.255.0 IP address > [255.255.255.0] > > ippool: cache-size = 254 > > rlm_ippool: Invalid configuration data given. > > radiusd.conf[330]: prueba: Module instantiation > failed. > > Check your range-start. It should probable read > 10.170.200.1. In any case it > should not be an ip number lower than the range-stop. > > -- > Kostas Kalevras Network Operations Center > [EMAIL PROTECTED] National Technical University of > Athens, Greece > Work Phone: +30 10 7721861 > 'Go back to the shadow' Gandalf > > > > --__--__-- > > Message: 10 > charset="iso-8859-1" > From: Nick Davis <[EMAIL PROTECTED]> > Organization: Internet Exposure Inc. > To: [EMAIL PROTECTED] > Subject: Re: Freeradius Newbee > Date: Wed, 14 Aug 2002 08:51:48 -0500 > Reply-To: [EMAIL PROTECTED] > > Download the lastest snapshot. Read the README, the > files in doc/*, and the > files in raddb/*. Then you should understand everything > you have just asked. > If you have more questions, read through the past > messages of this mailing > list. All of your answers are there. Just look for them! > > Nick > > > On Wednesday 14 August 2002 01:29, Stefan Hilfiker > wrote: > > Hello all > > Im a newbee with FreeRadius. Now I have got any > > problems to configure the server. > > Finaly, I'd like to have the follow sitation: > > I have a firewall with one VPN-Key. It work, but 50 > > Clients with one VPN-Key is not controllably. The > > solution seems to me a Radius-server. Now is my > > question, how to configure this server? > > I have seen that I must use the users file, but I > > don't know how to add a new user for this job. And > > must I change any things on the *.conf Files? > > > > Thanks a lot and greets > > Stefan > > > > ===== > > Gesendet von Stefan Hilfiker ([EMAIL PROTECTED]) > > <a href="http://mail.dragomate.com//jump/http://get.to/Stefhilfiker";>http://get.to/Stefhilfiker</a> > > > > > __________________________________________________________________ > > > > Gesendet von Yahoo! Mail - <a href="http://mail.dragomate.com//jump/http://mail.yahoo.de";>http://mail.yahoo.de</a> > > M�chten Sie mit einem Gru� antworten? > <a href="http://mail.dragomate.com//jump/http://grusskarten.yahoo.de";>http://grusskarten.yahoo.de</a> > > > > - > > List info/subscribe/unsubscribe? See > > <a href="http://mail.dragomate.com//jump/http://www.freeradius.org/list/users.html";>http://www.freeradius.org/list/users.html</a> > > -- > Nick Davis > Associate Systems Administrator > [EMAIL PROTECTED] > Internet Exposure, Inc. > <a href="http://mail.dragomate.com//jump/http://www.iexposure.com";>http://www.iexposure.com</a> > > (612)676-1946 > Web Development-Web Marketing-ISP Services > > > --__--__-- > > Message: 11 > From: "Alan DeKok" <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: Problem with autocmd > <20020814112836.C3607-100000@unix1> > Date: Wed, 14 Aug 2002 10:07:54 -0400 > Reply-To: [EMAIL PROTECTED] > > KEV <[EMAIL PROTECTED]> wrote: > > I have these settings into users : > ... > > Cisco-AVPair = "shell:autocmd=rlogin 10.10.2.110 > /user %u" > > The variable expansion is only done for the > Reply-Message > attribute. If you want to expand the Cisco-AVPair > attribute, see the > main web page: > > <a href="http://mail.dragomate.com//jump/http://www.freeradiusd.org";>http://www.freeradiusd.org</a> > > or 'doc/ChangeLog': > > ... > Experimental support for dynamically translated > strings, like > CallBack-Number = `%{request:Calling-Station-Id}` > ... > > > This feature is only in 0.7. > > Alan DeKok. > > > --__--__-- > > Message: 12 > From: "Alan DeKok" <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: upgrade from 0.6 to 0.7: 2 problems (bugs?) > <006001c2435d$be33a3b0$[EMAIL PROTECTED]> > Date: Wed, 14 Aug 2002 10:10:46 -0400 > Reply-To: [EMAIL PROTECTED] > > "Francois Dessart" <[EMAIL PROTECTED]> wroter: > > I just upgraded from 0.6 to 0.7 and I am experiencing > 2 big problems: > > > > 1) The 0.7 server is sending a malformed "Class > Attribute": > > Which probably means you're specifying it incorrectly. > > > Sending Access-Accept of id 44 to x.x.192.138:1046 > > Service-Type = Framed-User > > Framed-Protocol = PPP > > Class = 0x > > And how do you specify it in the 'users' file (or > wherever you > define it)? Odds are, you're doing something like: > > Class = 0xfoobar > > Where 'foobar' isn't a hex string. > > > 2) Exec-Program-Wait still doesn't work in 0.7 > debugging mode but it > > should as described in Changelog. > > Update to the latest CVS snapshot. It's fixed there. > > Alan DeKok. > > > --__--__-- > > Message: 13 > Date: Wed, 14 Aug 2002 11:12:26 -0300 > From: Guillermo Schimmel <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: ip pool again > Reply-To: [EMAIL PROTECTED] > > Yes, it seems like I have several errors. Now Its > working. > > Now, I have read that you can use the Pool-Name > attribute to select one > IP Address pool, that's why I started trying this. > I have to share a NAS for Internet Access and VPN > access and I'm going > to do that by routing and firewalling, assigning > different pools based > on some like group. > > So, I define two (or more) pools in radiusd.conf like: > > ippool test1 { ...} > ippool test2 { ...} > ... > ippool testn { ...} > > And I thought that in the authorization section I had > to put "ippool", > and it would take the Pool-Name attribute to choose a > pool. > But now It seems like I have to put one specific ip > pool. > Could you please tell me which is the correct usage of > this feature? > > > Thank you very very much for your help. > > > > Kostas Kalevras wrote: > > >On Wed, 14 Aug 2002, Guillermo Schimmel wrote: > > > > > > > >>Module: Loaded IPPOOL > >> ippool: session-db = "/usr/local/etc/raddb/db.ippool" > >> ippool: ip-index = "/usr/local/etc/raddb/db.ipindex" > >> ippool: range-start = 10.170.201.1 IP address > [10.170.201.1] > >> ippool: range-stop = 10.170.200.254 IP address > [10.170.200.254] > >> ippool: netmask = 255.255.255.0 IP address > [255.255.255.0] > >> ippool: cache-size = 254 > >>rlm_ippool: Invalid configuration data given. > >>radiusd.conf[330]: prueba: Module instantiation > failed. > >> > >> > > > >Check your range-start. It should probable read > 10.170.200.1. In any case it > >should not be an ip number lower than the range-stop. > > > >-- > >Kostas Kalevras Network Operations Center > >[EMAIL PROTECTED] National Technical University of > Athens, Greece > >Work Phone: +30 10 7721861 > >'Go back to the shadow' Gandalf > > > > > >- > >List info/subscribe/unsubscribe? See > <a href="http://mail.dragomate.com//jump/http://www.freeradius.org/list/users.html";>http://www.freeradius.org/list/users.html</a> > > > > > > > > > > > > > > --__--__-- > > Message: 14 > Date: Wed, 14 Aug 2002 17:23:33 +0300 (EEST) > From: Kostas Kalevras <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: ip pool again > Reply-To: [EMAIL PROTECTED] > > On Wed, 14 Aug 2002, Guillermo Schimmel wrote: > > > Yes, it seems like I have several errors. Now Its > working. > > > > Now, I have read that you can use the Pool-Name > attribute to select one > > IP Address pool, that's why I started trying this. > > I have to share a NAS for Internet Access and VPN > access and I'm going > > to do that by routing and firewalling, assigning > different pools based > > on some like group. > > > > So, I define two (or more) pools in radiusd.conf like: > > > > ippool test1 { ...} > > ippool test2 { ...} > > ... > > ippool testn { ...} > > > > And I thought that in the authorization section I had > to put "ippool", > > and it would take the Pool-Name attribute to choose a > pool. > > But now It seems like I have to put one specific ip > pool. > > Could you please tell me which is the correct usage > of this feature? > > ippool test1 { ... } ippool test2 { ... } are all > instances of the ip pool > module. You have to add them all in the authorize and > accounting sections in > radiusd.conf and use the Pool-Name attribute to select > which one will run. > > > > > > > Thank you very very much for your help. > > -- > Kostas Kalevras Network Operations Center > [EMAIL PROTECTED] National Technical University of > Athens, Greece > Work Phone: +30 10 7721861 > 'Go back to the shadow' Gandalf > > > > --__--__-- > > Message: 15 > From: "Francois Dessart" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>, > <[EMAIL PROTECTED]> > Subject: Re: upgrade from 0.6 to 0.7: 2 problems (bugs?) > Date: Wed, 14 Aug 2002 16:26:40 +0200 > charset="Windows-1252" > Reply-To: [EMAIL PROTECTED] > > > And how do you specify it in the 'users' file (or > wherever you > > define it)? Odds are, you're doing something like: > > > > Class = 0xfoobar > > > > Where 'foobar' isn't a hex string. > > I'm specifying it with the form: > > Class = "internet" > > Is it wrong? (it worked with 0.6!) > > Thanks for your help. > > Francois > > > > --__--__-- > > Message: 16 > Date: Wed, 14 Aug 2002 16:49:20 +0200 > To: [EMAIL PROTECTED] > From: Andrea Gabellini <[EMAIL PROTECTED]> > Subject: different patch for checkrad > Reply-To: [EMAIL PROTECTED] > > Hi, > > in radiusd.conf there is the parameter checkrad with > the location of this > program that isn't read at startup time. > > I wrote a little patch (apply to 0.7) that read this > parameter and use it > in session.c when checkrad is call. > > I'm not a professional programmer but I hope this is > usefull. > > Andrea > > --- radiusd.c.orig 2002-08-14 14:28:53.040002000 > +0200 > +++ radiusd.c 2002-08-14 14:54:49.490002000 +0200 > @@ -203,6 +203,7 @@ > { "lower_pass", PW_TYPE_STRING_PTR, 0, > &mainconfig.do_lower_pass, > "no" }, > { "nospace_user", PW_TYPE_STRING_PTR, 0, > &mainconfig.do_nospace_user, "no" }, > { "nospace_pass", PW_TYPE_STRING_PTR, 0, > &mainconfig.do_nospace_pass, "no" }, > + { "checkrad", PW_TYPE_STRING_PTR, 0, > &mainconfig.checkrad, > "${sbindir}/checkrad" }, > { "proxy_requests", PW_TYPE_BOOLEAN, 0, > &proxy_requests, "yes" }, > { "proxy", PW_TYPE_SUBSECTION, 0, > proxy_config, NULL }, > { "security", PW_TYPE_SUBSECTION, 0, > security_config, NULL }, > > --- session.c.orig 2002-08-14 14:58:15.400056000 > +0200 > +++ session.c 2002-08-14 15:01:43.320003000 +0200 > @@ -254,10 +254,10 @@ > execl(getenv("COMSPEC"), "", > "/C","checkrad",nas->nastype, > address, port, > user, session_id, NULL); > #else > - execl(CHECKRAD, "checkrad",nas->nastype, > address, port, > + execl(mainconfig.checkrad, > "checkrad",nas->nastype, address, port, > user, session_id, NULL); > #endif > - radlog(L_ERR, "Check-TS: exec %s: %s", > CHECKRAD, strerror(errno)); > + radlog(L_ERR, "Check-TS: exec %s: %s", > mainconfig.checkrad, > strerror(errno)); > > /* > * Exit - 2 means "some error occured". > > --- radiusd.h.orig 2002-08-14 14:33:41.090063000 > +0200 > +++ radiusd.h 2002-08-14 14:56:44.400004000 +0200 > @@ -132,6 +132,7 @@ > char *do_nospace_user; > char *do_nospace_pass; > char *nospace_time; > + char *checkrad; > } MAIN_CONFIG_T; > > #define DEBUG if(debug_flag)log_debug > > > > --__--__-- > > Message: 17 > Date: Wed, 14 Aug 2002 16:59:13 +0200 (CEST) > From: Margrete Raaum <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: dial-up & access > Reply-To: [EMAIL PROTECTED] > > > This is probably a very stupud question, but here goes. > > I use freeradius to authenticate both for logging onto > routers and > lock&key. > > I tried to set up freeradius to authenticate our dialup > service (ISDN, > Cisco 3640 12.2(5a)), but how do I let in these users > without allowing > them access to the router? > > The simplest form: DEFAULT Auth-Type := System will > let the users log > onto the router too. I have tried several ways, but as > I don't have a > separate system to test on, I don't want to bother the > users too much :) > > Margrete > > > > > > > > > > --__--__-- > > Message: 18 > Date: Wed, 14 Aug 2002 18:11:22 +0300 (EEST) > From: Kostas Kalevras <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: dial-up & access > Reply-To: [EMAIL PROTECTED] > > On Wed, 14 Aug 2002, Margrete Raaum wrote: > > > > > This is probably a very stupud question, but here > goes. > > > > I use freeradius to authenticate both for logging > onto routers and > > lock&key. > > > > I tried to set up freeradius to authenticate our > dialup service (ISDN, > > Cisco 3640 12.2(5a)), but how do I let in these users > without allowing > > them access to the router? > > > > The simplest form: DEFAULT Auth-Type := System will > let the users log > > onto the router too. I have tried several ways, but > as I don't have a > > separate system to test on, I don't want to bother > the users too much :) > > > > Margrete > > Use The Service-Type attribute. Do something like this > in your users file: > > DEFAULT Service-Type == Framed-User, Auth-Type := System > > That way your radius will only authenticate dialup > users. > > -- > Kostas Kalevras Network Operations Center > [EMAIL PROTECTED] National Technical University of > Athens, Greece > Work Phone: +30 10 7721861 > 'Go back to the shadow' Gandalf > > > > > > --__--__-- > > - > List info/subscribe/unsubscribe? See > <a href="http://mail.dragomate.com//jump/http://www.freeradius.org/list/users.html";>http://www.freeradius.org/list/users.html</a> > > > End of Freeradius-Users Digest- > List info/subscribe/unsubscribe? See > <a href="http://mail.dragomate.com//jump/http://www.freeradius.org/list/users.html";>http://www.freeradius.org/list/users.html</a> - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
