Hello Allan DeKok,
but failover where, my users are defined like
this:
nameuser User-Password == "passowrd", Pool-
Name := "main_pool"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Compression = 0,
Port-Limit = 1,
Idle-Timeout = 0,
Session-Timeout = 0
main_pool
range-start = X.X.X.128
range-stop = X.X.X.151
second_pool
range-start = X.X.X.200
range-stop = X.X.X.251
i have tried failover in radius.conf,
post-auth {
redundant{
main_pool
second_pool
}
}
But i must be doing something bad.
Thank you
----- Original Message -----
>From :
[EMAIL PROTECTED]
To : [EMAIL PROTECTED]
Date : Monday, 17 May, 2004 01:41 PM
Sub : Freeradius-Users digest, Vol 1 #3220 - 12
msgs
> Send Freeradius-Users mailing list submissions
to
> [EMAIL PROTECTED]
>
> To subscribe or unsubscribe via the World Wide
Web,
visit
>
http://lists.freeradius.org/mailman/listinfo/fre
eradius-users
> or, via email, send a message with subject or
body 'help' to
> [EMAIL PROTECTED]
>
> You can reach the person managing the list at
> [EMAIL PROTECTED]
>
> When replying, please edit your Subject line so
it is
more specific
> than "Re: Contents of Freeradius-Users
digest..."
>
>
> Today's Topics:
>
> 1. Re: Reg configuring challenge response
(Alan
DeKok)
> 2. Re: Moving away from Safeword (Robert
Szelepcsenyi)
> 3. Re: freeradius with dhcp (ro0ot)
> 4. Re: Moving away from Safeword (Alan DeKok)
> 5. About Radius Attributes (Lara Adianto)
> 6. Freeradius with MySQL and
Exec-Program-Wait
(Joe Borg)
> 7. Re: Freeradius with MySQL and
Exec-Program-Wait
(Paul Hampson)
> 8. Re: About Radius Attributes (Alan DeKok)
> 9. pool with two ranges (Juan)
> 10. Re: pool with two ranges (Alan DeKok)
> 11. RE: Freeradius with MySQL and
Exec-Program-Wait
(Joe Borg)
> 12. Re: Freeradius with MySQL and
Exec-Program-Wait
(Milver S. Nisay)
>
> --__--__--
>
> Message: 1
> From: "Alan DeKok" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: Reg configuring challenge response
> Date: Mon, 17 May 2004 05:45:13 -0400
> Reply-To: [EMAIL PROTECTED]
>
> Barath kumar <[EMAIL PROTECTED]> wrote:
> > How to configure the free RADIUS server to
send an
Challenge response to
> > an access request. In other words, what are
the
configurations to be
> > done on the free RADIUS server such that it
sends
an challenge response
> > to an access request. By default, will the
free
RADIUS server send an
> > challenge response ? or any special
configurations
needs to be done for
> > the same.
>
> The server will send a challenge when the
protocol
demands it.
> e.g. EAP.
>
> If you don't know what the challenge will be,
or
why the server
> should send a challenge, you probably don't want
challenge-response.
>
> Alan DeKok.
>
>
>
> --__--__--
>
> Message: 2
> Date: Mon, 17 May 2004 11:48:04 +0200
> From: Robert Szelepcsenyi <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: Moving away from Safeword
> Reply-To: [EMAIL PROTECTED]
>
> Hi,
>
>
> Sorry, I was not precise enough in my query. I
am
looking for a system of *synchronous* dynamic
passwords, which use tokens with an internal
counter
without any chalenge. The password has to be
entered
before a call is made (either VPN or dialup), so
there
is no opportunity to recieve a chalnge and act
upon it.
Moreover, X9.9 is insecure.
>
> I did some research some time ago, andif I
remember
correctly, freeradius support at least one such a
system.
>
>
> Robert Szelepcsenyi
>
>
> On Mon, May 17, 2004 at 05:44:05AM -0400, Alan
DeKok
wrote:
> > Robert Szelepcsenyi <[EMAIL PROTECTED]> wrote:
> > > Due to licensing policy of Secure Computing,
which forced me to
> > > upgrade to deploy a separate machine running
just
their AAA server,
> > > I have decided to move away from their
product
Safeword Premier
> > > Access. I am looking for some replacement
for
their system of
> > > dynamic passwords and tokens. Freeradius
supports
several systems of
> > > dynamic passwords. An ideal solution would
be to
have some sort of a
> > > software token that I could install into a
mobile
phone or a PDA. Is
> > > there such an aption with freeradius?
> >
> > It's more of a client side issue than a
server
side.
> >
> > FreeRADIUS does include an "X9.9" module,
which
will do DES-based
> > challenge/response. It's been tested to work
with
CRYPTOCard's
> > tokens, which include a software-based token.
See
> > http:/www.cryptocard.com for details.
> >
> > Alan DeKok.
> >
> > -
> > List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>
> --
>
>
> --__--__--
>
> Message: 3
> Date: Mon, 17 May 2004 17:54:01 +0800
> From: ro0ot <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: freeradius with dhcp
> Reply-To: [EMAIL PROTECTED]
>
> Yep, thats what I mean...thanks Alan DeKok, :)
> Probabily I have to find another solution, :-(
>
> Regards,
> ro0ot
>
>
> Alan DeKok wrote:
>
> >M Singh <[EMAIL PROTECTED]> wrote:
> >
> >
> >>Why not ?
> >>
> >>
> >
> > Because "freeradius working with dhcp"
means "freeradius knows about dhcp".
> >
> >
> >
> >>My university implements something that looks
like
that. A laptop first
> >>gets a DHCP lease, and can address a single IP
which is presumably the
> >>address of the server. Then I fire up the
Cisco VPN
client that
> >>authenticates via an encryption algorithm and
then
the laptop can access
> >>the internet.
> >>
> >>
> >
> > In that case, the dhcp server and FreeRADIUS
don't
talk to each
> >other, and don't know that the other one
exists.
> >
> >
> >
> >>What kind of a server do you think my
university is
using ?
> >>
> >>
> >
> > Two independent servers, which don't
communicate.
> >
> > The original poster was asking about making
FreeRADIUS talk to a
> >DHCP server, in order to allocate IP addresses
it
would give out in
> >RADIUS packets.
> >
> > Alan DeKok.
> >
> >
> >-
> >List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
> >
> >
> >
>
>
>
>
>
> --__--__--
>
> Message: 4
> From: "Alan DeKok" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: Moving away from Safeword
> Date: Mon, 17 May 2004 06:01:22 -0400
> Reply-To: [EMAIL PROTECTED]
>
> Robert Szelepcsenyi <[EMAIL PROTECTED]> wrote:
> > Sorry, I was not precise enough in my query. I
am
looking for a
> > system of *synchronous* dynamic passwords,
which
use tokens with an
> > internal counter without any chalenge. The
password
has to be
> > entered before a call is made (either VPN or
dialup), so there is no
> > opportunity to recieve a chalnge and act upon
it.
Moreover, X9.9 is
> > insecure.
>
> X9.9 is insecure? How?
>
> In any case, CRYPTOCard does offer a
synchronous
mode for their tokens.
>
> As for any othe synchronous token method, I'm
not
aware of it being
> implemented in the server.
>
> Alan DeKok.
>
>
> --__--__--
>
> Message: 5
> Date: Mon, 17 May 2004 02:57:21 -0700 (PDT)
> From: Lara Adianto <[EMAIL PROTECTED]>
> Subject: About Radius Attributes
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Reply-To: [EMAIL PROTECTED]
>
> Hello,
>
> I need some information about the following
> 'service-type' attribute:
> - Outbound
> - Administrative
> - NAS Prompt
> - Call Check
> - Callback NAS Prompt
>
> 1. In which case will a radius client request
for the
> above service type or which radius clients
usually
> request for the above service-type ?
> 2. What attributes are usually returned in the
> access-accept packet for the above service type
?
>
> For Service-type PPP / SLIP requested, is there
any
> MANDATORY attributes that need to be returned by
the
> radius server in the access-accept packet
> (Framed-IP-Address, Framed-MTU, etc) ? If the
> Framed-IP-Address is not a mandatory attribute
to be
> returned for service-type PPP, how will the NAS
decide
> the IP Address assigned to the user ?
>
> Thank you for any replies,
> lara
>
> =====
>
------------------------------------------------------
------------------------------
> La vie, voyez-vous, ca n'est jamais si bon ni si
mauvais qu'on croit
>
- Guy de Maupassant -
>
------------------------------------------------------
------------------------------
>
>
>
>
> __________________________________
> Do you Yahoo!?
> SBC Yahoo! - Internet access at a great low
price.
> http://promo.yahoo.com/sbc/
>
>
> --__--__--
>
> Message: 6
> From: "Joe Borg" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Subject: Freeradius with MySQL and
Exec-Program-Wait
> Date: Mon, 17 May 2004 12:14:40 +0200
> Organization: DataStream Ltd.
> Reply-To: [EMAIL PROTECTED]
>
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_0001_01C43C08.8AF8C2A0
> Content-Type: text/plain;
> charset="us-ascii"
> Content-Transfer-Encoding: 7bit
>
> Hi,
> I'm in the process of seeting up a new RADIUS
server
using Freeradius. I
> intend using MySQL for Authorisation and
Accounting.
As a result, I will
> not be making use of the 'users' file (since
MySQL is
configured for use
> in Radiusd.conf, thereby bypassing the use of
the
users file). My
> problem is that I would like to make use of
Exec-
Program-Wait to execute
> a script in order to process some additional
authentication parameters.
> Is there anyway I can do this since I'm using
MySQL
for authorisation?
>
> Thanks,
>
> Joe
>
>
> ------=_NextPart_000_0001_01C43C08.8AF8C2A0
> Content-Type: text/html;
> charset="us-ascii"
> Content-Transfer-Encoding: quoted-printable
>
> <html xmlns:o=3D"urn:schemas-microsoft-
com:office:office" =
>
xmlns:w=3D"urn:schemas-microsoft-com:office:word"
=
> xmlns=3D"http://www.w3.org/TR/REC-html40";>
>
> <head>
> <META HTTP-EQUIV=3D"Content-Type"
CONTENT=3D"text/html; =
> charset=3Dus-ascii">
>
>
> <meta name=3DProgId content=3DWord.Document>
> <meta name=3DGenerator content=3D"Microsoft Word
10">
> <meta name=3DOriginator content=3D"Microsoft
Word 10">
> <link rel=3DFile-List
href=3D"cid:[EMAIL PROTECTED]">
> <!--[if gte mso 9]><xml>
> <o:OfficeDocumentSettings>
> <o:DoNotRelyOnCSS/>
> </o:OfficeDocumentSettings>
> </xml><![endif]--><!--[if gte mso 9]><xml>
> <w:WordDocument>
> <w:SpellingState>Clean</w:SpellingState>
> <w:GrammarState>Clean</w:GrammarState>
> <w:DocumentKind>DocumentEmail</w:DocumentKind>
> <w:EnvelopeVis/>
> <w:Compatibility>
> <w:BreakWrappedTables/>
> <w:SnapToGridInCell/>
> <w:WrapTextWithPunct/>
> <w:UseAsianBreakRules/>
> </w:Compatibility>
>
<w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLev
el>
> </w:WordDocument>
> </xml><![endif]-->
> <style>
> <!--
> /* Font Definitions */
> @font-face
> {font-family:Verdana;
> panose-1:2 11 6 4 3 5 4 4 2 4;
> mso-font-charset:0;
> mso-generic-font-family:swiss;
> mso-font-pitch:variable;
> mso-font-signature:536871559 0 0 0 415 0;}
> /* Style Definitions */
> p.MsoNormal, li.MsoNormal, div.MsoNormal
> {mso-style-parent:"";
> margin:0cm;
> margin-bottom:.0001pt;
> mso-pagination:widow-orphan;
> font-size:12.0pt;
> font-family:"Times New Roman";
> mso-fareast-font-family:"Times New Roman";
> mso-ansi-language:EN-GB;
> mso-no-proof:yes;}
> h1
> {mso-style-next:Normal;
> margin-top:0cm;
> margin-right:0cm;
> mso-margin-bottom-alt:auto;
> margin-left:0cm;
> text-align:justify;
> line-height:120%;
> mso-pagination:widow-orphan;
> page-break-after:avoid;
> mso-outline-level:1;
> font-size:16.0pt;
> font-family:Verdana;
> mso-bidi-font-family:Arial;
> mso-font-kerning:16.0pt;
> mso-ansi-language:EN-GB;
> font-weight:normal;
> mso-bidi-font-weight:bold;
> text-decoration:underline;
> text-underline:single;}
> a:link, span.MsoHyperlink
> {color:blue;
> text-decoration:underline;
> text-underline:single;}
> a:visited, span.MsoHyperlinkFollowed
> {color:purple;
> text-decoration:underline;
> text-underline:single;}
> p
> {mso-margin-top-alt:auto;
> margin-right:0cm;
> mso-margin-bottom-alt:auto;
> margin-left:0cm;
> mso-pagination:widow-orphan;
> font-size:12.0pt;
> font-family:"Times New Roman";
> mso-fareast-font-family:"Times New Roman";}
> p.Command, li.Command, div.Command
> {mso-style-name:Command;
> margin-top:0cm;
> margin-right:0cm;
> mso-margin-bottom-alt:auto;
> margin-left:0cm;
> text-align:justify;
> line-height:120%;
> mso-pagination:widow-orphan;
> font-size:10.0pt;
> mso-bidi-font-size:16.0pt;
> font-family:"Courier New";
> mso-fareast-font-family:"Times New Roman";
> mso-bidi-font-family:Arial;
> mso-font-kerning:16.0pt;
> mso-ansi-language:EN-GB;
> mso-no-proof:yes;}
> span.EmailStyle19
> {mso-style-type:personal-compose;
> mso-style-noshow:yes;
> mso-ansi-font-size:10.0pt;
> mso-bidi-font-size:10.0pt;
> font-family:Arial;
> mso-ascii-font-family:Arial;
> mso-hansi-font-family:Arial;
> mso-bidi-font-family:Arial;
> color:windowtext;}
> @page Section1
> {size:612.0pt 792.0pt;
> margin:72.0pt 90.0pt 72.0pt 90.0pt;
> mso-header-margin:35.4pt;
> mso-footer-margin:35.4pt;
> mso-paper-source:0;}
> div.Section1
> {page:Section1;}
> /* List Definitions */
> @list l0
> {mso-list-id:379935782;
> mso-list-type:hybrid;
> mso-list-template-ids:268756658 -682957304
67698713 67698715 67698703 =
> 67698713 67698715 67698703 67698713 67698715;}
> @list l0:level1
> {mso-level-tab-stop:36.0pt;
> mso-level-number-position:left;
> text-indent:-18.0pt;}
> @list l0:level2
> {mso-level-number-format:alpha-lower;
> mso-level-tab-stop:72.0pt;
> mso-level-number-position:left;
> text-indent:-18.0pt;}
> ol
> {margin-bottom:0cm;}
> ul
> {margin-bottom:0cm;}
> -->
> </style>
> <!--[if gte mso 10]>
> <style>
> /* Style Definitions */=20
> table.MsoNormalTable
> {mso-style-name:"Table Normal";
> mso-tstyle-rowband-size:0;
> mso-tstyle-colband-size:0;
> mso-style-noshow:yes;
> mso-style-parent:"";
> mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
> mso-para-margin:0cm;
> mso-para-margin-bottom:.0001pt;
> mso-pagination:widow-orphan;
> font-size:10.0pt;
> font-family:"Times New Roman";}
> </style>
> <![endif]-->
> </head>
>
> <body lang=3DEN-US link=3Dblue vlink=3Dpurple =
> style=3D'tab-interval:36.0pt'>
>
> <div class=3DSection1>
>
> <p class=3DMsoNormal><font size=3D2
face=3DArial><span lang=3DEN-GB =
> style=3D'font-size:
> 10.0pt;font-
family:Arial'>Hi,<o:p></o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D2
face=3DArial><span lang=3DEN-GB =
> style=3D'font-size:
> 10.0pt;font-family:Arial'>I�m in the process of
seeting up a new =
> RADIUS
> server using Freeradius. I intend using MySQL
for
Authorisation and =
> Accounting.
> As a result, I will not be making use of the
�users�
file =
> (since
> MySQL is configured for use in Radiusd.conf,
thereby
bypassing the use =
> of the
> users file). My problem is that I would like to
make
use of =
> Exec-Program-Wait
> to execute a script in order to process some
additional authentication
> parameters. Is there anyway I can do this since
I�m
using MySQL =
> for authorisation?<o:p></o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D2
face=3DArial><span lang=3DEN-GB =
> style=3D'font-size:
> 10.0pt;font-
family:Arial'><o:p>�</o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D2
face=3DArial><span lang=3DEN-GB =
> style=3D'font-size:
> 10.0pt;font-
family:Arial'>Thanks,<o:p></o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D2
face=3DArial><span lang=3DEN-GB =
> style=3D'font-size:
> 10.0pt;font-
family:Arial'><o:p>�</o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D2
face=3DArial><span lang=3DEN-GB =
> style=3D'font-size:
> 10.0pt;font-
family:Arial'>Joe<o:p></o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D3
face=3D"Times New
Roman"><span =
> lang=3DEN-GB
> style=3D'font-
size:12.0pt'><o:p>�</o:p></span></font></p>
>
> </div>
>
> </body>
>
> </html>
>
> ------=_NextPart_000_0001_01C43C08.8AF8C2A0--
>
>
>
>
> --__--__--
>
> Message: 7
> Date: Mon, 17 May 2004 20:35:54 +1000
> To: [EMAIL PROTECTED]
> Subject: Re: Freeradius with MySQL and
Exec-Program-
Wait
> From: [EMAIL PROTECTED] (Paul Hampson)
> Reply-To: [EMAIL PROTECTED]
>
> On Mon, May 17, 2004 at 12:14:40PM +0200, Joe
Borg
wrote:
>
> > I'm in the process of seeting up a new RADIUS
server using Freeradius. I
> > intend using MySQL for Authorisation and
Accounting. As a result, I will
> > not be making use of the 'users' file (since
MySQL
is configured for use
> > in Radiusd.conf, thereby bypassing the use of
the
users file). My
> > problem is that I would like to make use of
Exec-
Program-Wait to execute
> > a script in order to process some additional
authentication parameters.
> > Is there anyway I can do this since I'm using
MySQL
for authorisation?
>
> You can use Exec-Program-Wait just like you
would in
a users file, as a
> reply attribute in mySQL. Or consider its
successor,
rlm_exec.
>
> --
> Paul "TBBle" Hampson, on an alternate email
client.
>
>
> --__--__--
>
> Message: 8
> From: "Alan DeKok" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: About Radius Attributes
> Date: Mon, 17 May 2004 07:07:15 -0400
> Reply-To: [EMAIL PROTECTED]
>
> Lara Adianto <[EMAIL PROTECTED]> wrote:
> > 1. In which case will a radius client request
for
the
> > above service type or which radius clients
usually
> > request for the above service-type ?
>
> http://www.freeradius.org/rfc/attributes.html
>
> Click on "Service-Type", and it will tell you
what
those values
> mean, and when they're used.
>
> > 2. What attributes are usually returned in the
> > access-accept packet for the above service
type ?
>
> It depends on your local configuration.
>
> > For Service-type PPP / SLIP requested, is
there any
> > MANDATORY attributes that need to be returned
by the
> > radius server in the access-accept packet
> > (Framed-IP-Address, Framed-MTU, etc) ?
>
> See the RFC's, and your NAS vendor
documentation.
>
> > If the
> > Framed-IP-Address is not a mandatory attribute
to be
> > returned for service-type PPP, how will the
NAS
decide
> > the IP Address assigned to the user ?
>
> See the NAS documentation. It depends on the
NAS.
>
> Alan DeKok.
>
>
>
>
> --__--__--
>
> Message: 9
> Date: Mon, 17 May 2004 13:15:30 +0200
> To: [EMAIL PROTECTED]
> From: "Juan" <[EMAIL PROTECTED]>
> Subject: pool with two ranges
> Reply-To: [EMAIL PROTECTED]
>
> Hello,
>
> i have freeradius with various pools, but now i
> need
> that one Pool have two diffrents ranges. Can i
do
> it
> with freeradius?
>
> ippool main_pool {
> range-start = X.X.X.128
> range-stop = X.X.X.151
> netmask = 255.255.255.255
> cache-size = 23
> session-db = ${raddbdir}/db.main
> ip-index =
> ${raddbdir}/db.maindindex
> override = yes
> }
> I need that main_pool have too this range :
>
> range-start = X.X.X.200
> range-stop = X.X.X.251
>
>
> Thank you.
>
>
>
>
>
>
> --__--__--
>
> Message: 10
> From: "Alan DeKok" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: pool with two ranges
> Date: Mon, 17 May 2004 07:26:39 -0400
> Reply-To: [EMAIL PROTECTED]
>
> "Juan" <[EMAIL PROTECTED]> wrote:
> > i have freeradius with various pools, but now
i
need that one Pool
> > have two diffrents ranges. Can i do it with
freeradius?
>
> Yes and no. Each pool can have only one
range.
But you can create
> & use two pools, and fail over to the secon done
if
the first one is
> full.
>
> Alan DeKok.
>
>
> --__--__--
>
> Message: 11
> From: "Joe Borg" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Subject: RE: Freeradius with MySQL and
Exec-Program-
Wait
> Date: Mon, 17 May 2004 13:40:08 +0200
> Organization: DataStream Ltd.
> Reply-To: [EMAIL PROTECTED]
>
> Hi Paul,
> Thanks for the tip. By any chance, would you be
able
to refer me to some
> documentation/information on how to go about
doing
this? I'm still
> somewhat green to MySQL. Thanks.
> Joe
>
> -----Original Message-----
> From:
[EMAIL PROTECTED]
>
[mailto:[EMAIL PROTECTED]
On Behalf Of Paul
> Hampson
> Sent: 17 May 2004 12:36
> To: [EMAIL PROTECTED]
> Subject: Re: Freeradius with MySQL and
Exec-Program-
Wait
>
> On Mon, May 17, 2004 at 12:14:40PM +0200, Joe
Borg
wrote:
>
> > I'm in the process of seeting up a new RADIUS
server using Freeradius.
> I
> > intend using MySQL for Authorisation and
Accounting. As a result, I
> will
> > not be making use of the 'users' file (since
MySQL
is configured for
> use
> > in Radiusd.conf, thereby bypassing the use of
the
users file). My
> > problem is that I would like to make use of
Exec-
Program-Wait to
> execute
> > a script in order to process some additional
authentication
> parameters.
> > Is there anyway I can do this since I'm using
MySQL
for authorisation?
>
> You can use Exec-Program-Wait just like you
would in
a users file, as a
> reply attribute in mySQL. Or consider its
successor,
rlm_exec.
>
> --
> Paul "TBBle" Hampson, on an alternate email
client.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
>
>
>
> --__--__--
>
> Message: 12
> From: "Milver S. Nisay"
<[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Subject: Re: Freeradius with MySQL and
Exec-Program-
Wait
> Date: Mon, 17 May 2004 12:39:18 +0100
> Reply-To: [EMAIL PROTECTED]
>
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_00BE_01C43C0B.F851BE30
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
>
> ----- Original Message -----=20
>
> Hi,
>
> I'm in the process of seeting up a new RADIUS
server using Freeradius. =
> I intend using MySQL for Authorisation and
Accounting. As a result, I =
> will not be making use of the 'users' file
(since
MySQL is configured =
> for use in Radiusd.conf, thereby bypassing the
use of
the users file). =
> My problem is that I would like to make use of
Exec-
Program-Wait to =
> execute a script in order to process some
additional
authentication =
> parameters. Is there anyway I can do this since
I'm
using MySQL for =
> authorisation?
>
> =20
>
> YES
>
>
> ------=_NextPart_000_00BE_01C43C0B.F851BE30
> Content-Type: text/html;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0
Transitional//EN">
> <HTML xmlns=3D"http://www.w3.org/TR/REC-html40";
xmlns:o =3D=20
> "urn:schemas-microsoft-com:office:office"
xmlns:w
=3D=20
> "urn:schemas-microsoft-com:office:word"><HEAD>
> <META http-equiv=3DContent-Type
content=3D"text/html;
=
> charset=3Diso-8859-1">
> <META content=3DWord.Document name=3DProgId>
> <META content=3D"MSHTML 6.00.2737.800"
name=3DGENERATOR>
> <META content=3D"Microsoft Word 10"
name=3DOriginator><LINK=20
> href=3D"cid:[EMAIL PROTECTED]"
rel=3DFile-List><!--[if gte =
> mso 9]><xml>
> <o:OfficeDocumentSettings>
> <o:DoNotRelyOnCSS/>
> </o:OfficeDocumentSettings>
> </xml><![endif]--><!--[if gte mso 9]><xml>
> <w:WordDocument>
> <w:SpellingState>Clean</w:SpellingState>
> <w:GrammarState>Clean</w:GrammarState>
> <w:DocumentKind>DocumentEmail</w:DocumentKind>
> <w:EnvelopeVis/>
> <w:Compatibility>
> <w:BreakWrappedTables/>
> <w:SnapToGridInCell/>
> <w:WrapTextWithPunct/>
> <w:UseAsianBreakRules/>
> </w:Compatibility>
>
<w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLev
el>
> </w:WordDocument>
> </xml><![endif]-->
> <STYLE>@font-face {
> font-family: Verdana;
> }
> @page Section1 {size: 612.0pt 792.0pt; margin:
72.0pt
90.0pt 72.0pt =
> 90.0pt; mso-header-margin: 35.4pt;
mso-footer-margin:
35.4pt; =
> mso-paper-source: 0; }
> P.MsoNormal {
> FONT-SIZE: 12pt; MARGIN: 0cm 0cm 0pt; FONT-
FAMILY: "Times New Roman"; =
> mso-style-parent: ""; mso-pagination:
widow-orphan; =
> mso-fareast-font-family: "Times New Roman";
mso-ansi-
language: EN-GB; =
> mso-no-proof: yes
> }
> LI.MsoNormal {
> FONT-SIZE: 12pt; MARGIN: 0cm 0cm 0pt; FONT-
FAMILY: "Times New Roman"; =
> mso-style-parent: ""; mso-pagination:
widow-orphan; =
> mso-fareast-font-family: "Times New Roman";
mso-ansi-
language: EN-GB; =
> mso-no-proof: yes
> }
> DIV.MsoNormal {
> FONT-SIZE: 12pt; MARGIN: 0cm 0cm 0pt; FONT-
FAMILY: "Times New Roman"; =
> mso-style-parent: ""; mso-pagination:
widow-orphan; =
> mso-fareast-font-family: "Times New Roman";
mso-ansi-
language: EN-GB; =
> mso-no-proof: yes
> }
> H1 {
> MARGIN-TOP: 0cm; FONT-WEIGHT: normal; FONT-
SIZE: 16pt; MARGIN-LEFT: =
> 0cm; LINE-HEIGHT: 120%; MARGIN-RIGHT: 0cm; FONT-
FAMILY: Verdana; =
> TEXT-ALIGN: justify; TEXT-DECORATION: underline;
mso-
pagination: =
> widow-orphan; mso-ansi-language: EN-GB;
mso-style-
next: Normal; =
> mso-margin-bottom-alt: auto; mso-outline-level:
1;
mso-bidi-font-family: =
> Arial; mso-font-kerning: 16.0pt; mso-bidi-font-
weight: bold; =
> text-underline: single
> }
> A:link {
> COLOR: blue; TEXT-DECORATION: underline; text-
underline: single
> }
> SPAN.MsoHyperlink {
> COLOR: blue; TEXT-DECORATION: underline; text-
underline: single
> }
> A:visited {
> COLOR: purple; TEXT-DECORATION: underline;
text-
underline: single
> }
> SPAN.MsoHyperlinkFollowed {
> COLOR: purple; TEXT-DECORATION: underline;
text-
underline: single
> }
> P {
> FONT-SIZE: 12pt; MARGIN-LEFT: 0cm; MARGIN-
RIGHT: 0cm; FONT-FAMILY: =
> "Times New Roman"; mso-pagination: widow-orphan;
=
> mso-fareast-font-family: "Times New Roman"; mso-
margin-bottom-alt: auto; =
> mso-margin-top-alt: auto
> }
> P.Command {
> MARGIN-TOP: 0cm; FONT-SIZE: 10pt; MARGIN-LEFT:
0cm; LINE-HEIGHT: 120%; =
> MARGIN-RIGHT: 0cm; FONT-FAMILY: "Courier New";
TEXT-
ALIGN: justify; =
> mso-pagination: widow-orphan; mso-fareast-font-
family: "Times New =
> Roman"; mso-ansi-language: EN-GB; mso-no-proof:
yes; =
> mso-margin-bottom-alt: auto;
mso-bidi-font-family:
Arial; =
> mso-font-kerning: 16.0pt; mso-style-name:
Command;
mso-bidi-font-size: =
> 16.0pt
> }
> LI.Command {
> MARGIN-TOP: 0cm; FONT-SIZE: 10pt; MARGIN-LEFT:
0cm; LINE-HEIGHT: 120%; =
> MARGIN-RIGHT: 0cm; FONT-FAMILY: "Courier New";
TEXT-
ALIGN: justify; =
> mso-pagination: widow-orphan; mso-fareast-font-
family: "Times New =
> Roman"; mso-ansi-language: EN-GB; mso-no-proof:
yes; =
> mso-margin-bottom-alt: auto;
mso-bidi-font-family:
Arial; =
> mso-font-kerning: 16.0pt; mso-style-name:
Command;
mso-bidi-font-size: =
> 16.0pt
> }
> DIV.Command {
> MARGIN-TOP: 0cm; FONT-SIZE: 10pt; MARGIN-LEFT:
0cm; LINE-HEIGHT: 120%; =
> MARGIN-RIGHT: 0cm; FONT-FAMILY: "Courier New";
TEXT-
ALIGN: justify; =
> mso-pagination: widow-orphan; mso-fareast-font-
family: "Times New =
> Roman"; mso-ansi-language: EN-GB; mso-no-proof:
yes; =
> mso-margin-bottom-alt: auto;
mso-bidi-font-family:
Arial; =
> mso-font-kerning: 16.0pt; mso-style-name:
Command;
mso-bidi-font-size: =
> 16.0pt
> }
> SPAN.EmailStyle19 {
> COLOR: windowtext; FONT-FAMILY: Arial;
mso-bidi-
font-family: Arial; =
> mso-bidi-font-size: 10.0pt; mso-style-type:
personal-
compose; =
> mso-style-noshow: yes; mso-ansi-font-size:
10.0pt; =
> mso-ascii-font-family: Arial;
mso-hansi-font-family:
Arial
> }
> DIV.Section1 {
> page: Section1
> }
> OL {
> MARGIN-BOTTOM: 0cm
> }
> UL {
> MARGIN-BOTTOM: 0cm
> }
> </STYLE>
> <!--[if gte mso 10]>
> <style>
> /* Style Definitions */=20
> table.MsoNormalTable
> {mso-style-name:"Table Normal";
> mso-tstyle-rowband-size:0;
> mso-tstyle-colband-size:0;
> mso-style-noshow:yes;
> mso-style-parent:"";
> mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
> mso-para-margin:0cm;
> mso-para-margin-bottom:.0001pt;
> mso-pagination:widow-orphan;
> font-size:10.0pt;
> font-family:"Times New Roman";}
> </style>
> <![endif]--></HEAD>
> <BODY lang=3DEN-US style=3D"tab-interval:
36.0pt"
vLink=3Dpurple =
> link=3Dblue=20
> bgColor=3D#ffffff>
> <DIV><FONT face=3DTahoma size=3D2></FONT>�</DIV>
> <BLOCKQUOTE dir=3Dltr=20
> style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px;
MARGIN-LEFT: 5px; =
> BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT:
0px">
> <DIV style=3D"FONT: 10pt arial">----- Original
Message ----- =
> <BR></DIV>
> <DIV class=3DSection1>
> <P class=3DMsoNormal><FONT face=3DArial
size=3D2><SPAN lang=3DEN-GB=20
> style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
> Arial">Hi,<o:p></o:p></SPAN></FONT></P>
> <P class=3DMsoNormal><FONT face=3DArial
size=3D2><SPAN lang=3DEN-GB=20
> style=3D"FONT-SIZE: 10pt; FONT-FAMILY:
Arial">I=92m
in the process of =
> seeting up a=20
> new RADIUS server using Freeradius. I intend
using
MySQL for =
> Authorisation and=20
> Accounting. As a result, I will not be making
use
of the =91users=92 =
> file (since=20
> MySQL is configured for use in Radiusd.conf,
thereby bypassing the use =
> of the=20
> users file). My problem is that I would like
to
make use of =
> Exec-Program-Wait=20
> to execute a script in order to process some
additional authentication =
>
> parameters. Is there anyway I can do this
since
I=92m using MySQL for=20
> authorisation?<o:p></o:p></SPAN></FONT></P>
> <P class=3DMsoNormal><FONT face=3DArial
size=3D2><SPAN lang=3DEN-GB=20
> style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
> Arial"><o:p>�</o:p></SPAN></FONT></P>
> <P class=3DMsoNormal><FONT face=3DTahoma
size=3D2><SPAN lang=3DEN-GB=20
> style=3D"FONT-SIZE: =
>
12pt"><o:p>YES</o:p></SPAN></FONT></P></DIV></BLOCKQUOTE
></BODY></HTML>
>
> ------=_NextPart_000_00BE_01C43C0B.F851BE30--
>
>
>
>
>
> --__--__--
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>
>
> End of Freeradius-Users Digest
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
