Sarkis Gabriel <[EMAIL PROTECTED]> wrote:
> Thanks alan for the reply just wondering if there is any workaround
> to kill those connections?
Grab the CVS version of the 1.0 branch.
> if there is no workaround are all Freeradius > 1.0.0 have that bug in
> radwho?
I said it would be fixed in
I have freeradius and LDAP authenticating nicely. The problem I am
running into is that when I id a user, it only shows the primary group
that user is a member of. How can I get FreeRadius to report the other
groups that the user belongs to?
Mark Litchfield
Sorry I don't understand. Can you
Thanks alan for the reply just wondering if there is any workaround
to kill those connections?
if there is no workaround are all Freeradius > 1.0.0 have that bug in
radwho?
Thanks again
Sarky
Alan DeKok wrote:
Sarkis Gabriel <[EMAIL PROTECTED]> wrote:
johny,johny,shell,S-2140143609,Tue 09:
Sarkis Gabriel <[EMAIL PROTECTED]> wrote:
> johny,johny,shell,S-2140143609,Tue 09:47,192.116.123.117,10.10.11.251
>
> Any idea why it is giving a negative number?
It looks like a bug in radwho. It will be fixed in 1.0.5 (if and
when it gets released)
Alan DeKok.
-
List info/subscribe/unsu
Tim P <[EMAIL PROTECTED]> wrote:
> I am having trouble getting my radius setup to authenticate to windows
> 2003 active directory.
That will work only for PAP, if that's all you need.
> radiusd.conf - I didn't find a system or System auth type, did I
> miss something?
See the "users" file:
Previous post sent before I was done, here is the full post:
I am having trouble getting my radius setup to authenticate to windows
2003 active directory.
when using the following string "radtest administrator "password"
localhost 2 radiussecret
rad_recv: Access-Request packet from host 127.0.0.
I am having trouble getting my radius setup to authenticate to windows
2003 active directory.
when using the following string "
radiusd.conf
ldap {
server = "gtds-domcon.gtdsolutions.org"
basedn = "dc=gtdsolutions,dc=org"
filter = "(sAM
I have a MAX TNT that will be doing dialin service. Is it possible to
selectively proxy based on the DNIS? My user accounts are stored in a
postgres database that I have working fine for PPPoA termination already.
Thanks for any help
dave
-
List info/subscribe/unsubscribe? See http://www.f
=?ISO-8859-1?Q?J=E9r=E9my_Cluzel?= <[EMAIL PROTECTED]> wrote:
> I manage to do this by a cron script which removes them from database,
> but it's (really) crap... Is there any proper way to do this ? counter
> module ?
Yes.
> Moreover, I wish to use a "max consecutive time" too, which allow m
"Stephane Rossi" <[EMAIL PROTECTED]> wrote:
> I'm using Freeradius in EAP-TLS and I'm trying to use dialupadmin/mysql.
> Although the supplicant is not in my database, the NAS receives an
> Access-Accept.
> Is this normal ?
Yes. The client certificate means that they're a valid user.
Alan De
Bryan Beronilla <[EMAIL PROTECTED]> wrote:
> Still getting the errors I got before about not setting an auth type.
> Where should the auth type be set?
The server figures it out.
> I've tried the config Dusty mentioned but still getting me
> nowhere...
Try one thing at a time. The default
Hi,
I'm trying to setup a system which allow users to login for a specific
period (1 month, or 1 week, it depends on the type of the account) since
their first connection.
I manage to do this by a cron script which removes them from database,
but it's (really) crap... Is there any proper way t
Hi Alan
I do not know what to do with it, it is coming as a negative number the
Nas Type is a Mikrotik and when radwho -r is issued i get this.
johny,johny,shell,S-2140143609,Tue 09:47,192.116.123.117,10.10.11.251
Any idea why it is giving a negative number?
Thanks
sarky
Alan DeKok wrote:
I'm using Freeradius in EAP-TLS and I'm trying to
use dialupadmin/mysql.
Although the supplicant is not in my database, the
NAS receives an Access-Accept.
Is this normal ?
#file is commented in my radiusd.conf.
thanks for your help.
Stephane Rossi
rlm_sql (sql): User testwifi not found
> Hi
>
> I am running FreeRadius 1.0.4 with Postgres.
> I have noticed that the sessiontime is sometimes calculated incorrectly
> in the radacct table.
> If you compare the acctsessionstart and the acctsessionend with the
> acctsessiontime it does not match.
> This is particularly true for connect
Barry wrote:
> I am running FreeRadius 1.0.4 with Postgres.
> I have noticed that the sessiontime is sometimes calculated
> incorrectly
> in the radacct table.
> If you compare the acctsessionstart and the acctsessionend with the
> acctsessiontime it does not match.
> This is particularly true for
[EMAIL PROTECTED] wrote:
Does the Dlink DWL-2100AP support this? It supports 801.X WPA
Here's is a screenshot of what the WPA configuration section looks
like (on the
AP's config page)
http://support.dlink.com/emulators/dwl2100ap/html/CfgWepParam.html
It appears it does. WPA-PSK is WPA with
Barry <[EMAIL PROTECTED]> wrote:
> If you compare the acctsessionstart and the acctsessionend with the
> acctsessiontime it does not match.
...
> When would session times generally be wrong and how can I stop this from
> happening ?
As a general principle, FreeRADIUS logs what it receives. If
Hello,
Am Montag, den 25.07.2005, 12:57 -0400 schrieb Alan DeKok:
> "Mario Lipinski" <[EMAIL PROTECTED]> wrote:
> > Can i do LEAP with Samba-Passwords (which are also stored in the db)?
>
> Yes.
>
> > I think this should work in general but not with the MSChapv2
> > implementation in FreeRadiu
<[EMAIL PROTECTED]> wrote:
> I am looking for a free radius server with IPv6 support. Can anyone of
> you help me.
See the CVS snapshot. It can have IPv6 clients, but it can't yet
proxy to IPv6 home servers.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/
Sarkis Gabriel <[EMAIL PROTECTED]> wrote:
> radzap -N 192.116.123.117 -P -2140143609 -u johny -x
A negative number for the port? That isn't nice.
Hmm... The numbers should be printed as unsigned int's, and the
input to radzap should be unsigned int's.
Alan DeKok.
-
List info/subscribe/
Tariq Rashid <[EMAIL PROTECTED]> wrote:
> i prevent the backend server from sending this particular Tunnel-Password
> attribute.
Ok... can you post sample packet traces containing that attribute,
and use a known shared secret like "testing123". That will let me
validate the packets...
The re
Quoting Vladimir Vuksan <[EMAIL PROTECTED]>:
To make life easy...
I want WPA-EAP authentication working, but I want the authentication
be against
the Linux username and its password.
Is this possible? Guides and tips welcome
It is possible however only with EAP-TTLS and PAP inner tunnel
auth
melvin wrote:
LDAP does provide some authentication -- through the 'BIND' statement.
Incidentally, this is how the FreeRadius rlm_ldap module chooses to
authenticate against an LDAP entry... it attempts to 'bind' to it,
passing
the username and password to LDAP.
I have successfully integrated
[EMAIL PROTECTED] wrote:
To make life easy...
I want WPA-EAP authentication working, but I want the authentication be against
the Linux username and its password.
Is this possible? Guides and tips welcome
It is possible however only with EAP-TTLS and PAP inner tunnel
authentication. Set up
Team,
I am looking for a free radius server with IPv6 support. Can anyone of
you help me.
-Thanks
Confidentiality Notice
The information contained in this electronic message and any attachments to
this message are intended
for the exclusive use of the addressee(s) and may contain confiden
Hi
I am running FreeRadius 1.0.4 with Postgres.
I have noticed that the sessiontime is sometimes calculated incorrectly
in the radacct table.
If you compare the acctsessionstart and the acctsessionend with the
acctsessiontime it does not match.
This is particularly true for connections ended w
The freeradius server is running and the MySQL server is running. I can get
it to work in debug radiusd -X and then use NTRadPing and get an Accept
message back.
When I run /etc/init.d/radiusd start I get:
Starting RADIUS server:[ OK ]
But then freeradius
Andreas Engler wrote:
> So now for me remains in which case won't an Insert work but the
> alternate Update, or what for is accounting_start_query_alt.
INSERT may fail if your SQL schema defines a unique index to prevent
insertion of duplicate accounting records.
With MySQL 4.1 you could use th
uot;files" returns noop for request 0
modcall: group preacct returns ok for request 0
Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 0
radius_xlat: '/var/log/radius/radacct/192.116.123.115/detail-20050726'
rlm_detail: /var/log/radiu
Hi,
I've looked at the 802.1X Port-Based Authentication HOWTO guide, I have a few
questions.
The guide authenticates using a "users" file which is a formatted text file.
I wish to use the users unix (linux) user name and passwords which I are in
/etc/password and the /etc/shadow which
has the encr
On Tue, 26 Jul 2005, Dominique Lambert wrote:
On Tue, 26 Jul 2005, Dominique Lambert wrote:
hello
my answer
i would like to file the url visited by the users of my radius server
which file shall i modify
thank's
dom
You already asked this question a few days ago and it has already been
ans
Christian Seitz a écrit :
On Tue, 26 Jul 2005, Dominique Lambert wrote:
hello
my answer
i would like to file the url visited by the users of my radius server
which file shall i modify
thank's
dom
You already asked this question a few days ago and it has already been
answered by me and othe
On Tue, 26 Jul 2005, Dominique Lambert wrote:
hello
my answer
i would like to file the url visited by the users of my radius server
which file shall i modify
thank's
dom
You already asked this question a few days ago and it has already been
answered by me and other list members that this isn'
hello
my answer
i would like to file the url visited by the users of my radius server
which file shall i modify
thank's
dom
begin:vcard
fn:dominique
n:lambert;dominique
org:sofibra;informatique
adr:;;5 rue colbert;brest;;29280;france
email;internet:[EMAIL PROTECTED]
title:technicien
tel;work:02988
On 7/22/05, Alan DeKok <[EMAIL PROTECTED]> wrote:
> Bryan Beronilla <[EMAIL PROTECTED]> wrote:
> > # Added by Barok for alternate password
> > passwd virtual_passwd {
> > filename = /home/virtual/domain.com/etc/passwd
> > format = "*User-Name::LM-Pa
>> I though you said that the backend server sent the attribute? How
do you comment it out?
i prevent the backend server from sending this particular Tunnel-Password
attribute.
t
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
I thought a second time about it and i guess it is an performance
related decision, because it is most likely that no entry exits.
/ to prevent duplicate entries in the radacct table, shouldn't the
/>/ accounting_start_query be the "UPDATE" query and the
/
How are you going to UPDATE
38 matches
Mail list logo