Hello,
I am having following problem with proxy.
In proxy.conf, I have following entries
realm myPartnerRealm {
type= radius
authhost= mypartner.server.com:1812
accthost= mypartner.server.com:1813
secret = mypartnersecret
On Mon 16 Oct 2006 06:17, nsuralullec wrote:
What i want is to authenticate Mobile WAP users to a
freeradius before using the mobile wap
gateway(Kannel), but as per the radius logs, it
successfully authenticates but it does not redirect
the mobile wap request to the wap gateway. The mobile
Yep. I use attrs.pre-proxy and attrs files to do what they say on the tin.
(Strip unwanted pairs pre and post proxy) then I add back in the pairs I want
with rewrite rule and/or module (Module order is important here). For example
this lets me strip Framed-IP-Address and then add one from
An example would be handy :)
Jarrod.
On Mon, 16 Oct 2006, Peter Nixon wrote:
Yep. I use attrs.pre-proxy and attrs files to do what they say on the tin.
(Strip unwanted pairs pre and post proxy) then I add back in the pairs I want
with rewrite rule and/or module (Module order is important
Hi,I have two radius servers. (Freeradius and Juniper SBR).Freeradius server be a radius proxy to proxy all auth/acct requests to Juniper SBR.Then I sometimes found there are some accounting-stop request don't arrival to Juniper SBR.
Because Freeradius server and Juniper SBR is in the different
Hello everyoneI would appreciate if anybody could tell me whethere FreeRADIUS supports the following scenario or not.Currently, we have Foundry FastIron Edge 2402 switch. What we need is to deploy 802.1x user AND machine authentication.
1) If (Machine authentication is successfull) then (If User
Hello all,
I'm using WPA with EAP-TTLS and PEAP with a MacOS .Authentication works fine (even if enough slowly).
The problem is that I can't authenticate WinXP client.
I've readed that for using EAP-TTLS are required some other supplicant like SecureW2. Is SecureW2 required also for PEAP?
Thanks
anyone??? pls!!! no suggestions at all ? :(
Pe 12 Oct 2006, la 12:46, [EMAIL PROTECTED] a scris:
Hello!
I try to authenticate ssh users logins using pam_radius_auth.so.
On my RedHat 9 I have the following setup:
- freeradius server
- users file:
testAuth-Type := Local,
Hi Josh,
Hello all,
I'm using WPA with EAP-TTLS and PEAP with a MacOS .Authentication works
fine (even if enough slowly).
The problem is that I can't authenticate WinXP client.
I've readed that for using EAP-TTLS are required some other supplicant like
SecureW2. Is SecureW2 required also
Lars Ricken wrote:
How can I understand you developed module for deleting attributes
from incoming radius requests. Can You send it to me via email or
give a link where I can download it.It's very important for me.
I don't think there's any point in deleting attributes in the
incoming
Hi,
Hello all,
I'm using WPA with EAP-TTLS and PEAP with a MacOS .Authentication works fine
(even if enough slowly).
The problem is that I can't authenticate WinXP client.
I've readed that for using EAP-TTLS are required some other supplicant like
SecureW2. Is SecureW2 required also for
Hi,
anyone??? pls!!! no suggestions at all ? :(
I'd read the INSTALL doc that coems as part of the pam_radius
tool.
- cat /etc/pam.d/sshd
#%PAM-1.0
auth required pam_securetty.so
auth sufficient pam_radius_auth.so debug
auth required
On 10/16/06, Stefan Winter [EMAIL PROTECTED] wrote:
Hi Josh,No, the built-in supplicant works. But then your server cert needs to havethe TLS Web Server Authentication OID, otherwise the supplicant will refuseto authenticate. This special surprise brought to you by: Microsoft :-)
Hi Stefan,thank
Dear All,I want to integrate our billing code in freeradius. and i wants to make a code in c language with mysql database connectivity and i wants to make a so file also . Please help me.ThanksA. K.Anand KumarSoftware Engineer(VoIP)
How low will we go? Check out Yahoo! Messengers low
I will be out of the office starting 10/16/2006 and will not return until
10/23/2006.
I will respond to your message when I return.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Does anyone already have a program to block freeradius on-the-fly?
ie: user has PAID = YES in radcheck table. Whenever I set PAID = NO,
the user would no longer authenticate the next time he/ she logs in.
OK, this works, but, if the user is already loged in, even if I set
PAID = NO, the
On Mon 16 Oct 2006 16:25, Guilherme Franco wrote:
Hi,
Does anyone already have a program to block freeradius on-the-fly?
ie: user has PAID = YES in radcheck table.
Sure.
Change:
authorize_check_query = SELECT id, UserName, Attribute, Value, Op \
FROM ${authcheck_table} \
WHERE Username =
On Mon 16 Oct 2006 16:25, Guilherme Franco wrote:
Hi,
Does anyone already have a program to block freeradius on-the-fly?
ie: user has PAID = YES in radcheck table. Whenever I set PAID = NO,
the user would no longer authenticate the next time he/ she logs in.
OK, this works, but, if the user
Hm, well, sort of, as you get:
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Received EAP-TLV response.
rlm_eap_peap: Tunneled data is valid.
rlm_eap_peap: Had sent TLV failure. User was rejcted rejected
earlier in this session.
Probably wrong
I've been through exactly the same hell authenticating a bunch of VPN users.
The fundamental problem is that FreeRADIUS is event-driven: ie, it can
only do anything when someone sends a RADIUS request to it. This
means, for our purposes, that freeradius needs to be *asked* if a user
can continue
On Oct 16, 2006, at 6:25 AM, Guilherme Franco wrote:
Hi,
Does anyone already have a program to block freeradius on-the-fly?
ie: user has PAID = YES in radcheck table. Whenever I set PAID = NO,
the user would no longer authenticate the next time he/ she logs in.
OK, this works, but, if the
I read the mailing list... please send there in the future.
On Sunday 15 October 2006 03:04, affora deeb wrote:
do u know about IAS windows server 2003 configuration with NORTEL NAS
Nope, don't have a clue. I try to avoid any windows that can't stand against
a harsh external environment.
Title: Re:Re:Help: How to authenticate additional attribute
Cisco APs have a dot11
location config. stmt.,
I should also have mentioned that the snmp
server-location config. stmt. controls the Location-name. For more
info, see
Hello, im looking for a way to have my huntgroups
defined in LDAP similar to the way they are in SQL.
For example if a user belongs to Ldap-Group vpn, the Group in
ldap contains an attribute containing the huntgroup names which the Group gives
access to.
I tried adding checkItem
Thanks, I didn't know about the POD (it wasn't on the wiki when I've
read it before)
On 10/16/06, Peter Nixon [EMAIL PROTECTED] wrote:
On Mon 16 Oct 2006 16:25, Guilherme Franco wrote:
Hi,
Does anyone already have a program to block freeradius on-the-fly?
ie: user has PAID = YES in
Hi,
I can't use NT-hash because I use PAP and I need clear-text password.
However I've generated server-side certificates with CA.all script with standart xpextension:
[ xpclient_ext]
extendedKeyUsage = 1.3.6.1.5.5.7.3.2
[ xpserver_ext]
extendedKeyUsage = 1.3.6.1.5.5.7.3.1
Can I modify this OID
Thanks Owen
On 10/16/06, Owen DeLong [EMAIL PROTECTED] wrote:
On Oct 16, 2006, at 6:25 AM, Guilherme Franco wrote:
Hi,
Does anyone already have a program to block freeradius on-the-fly?
ie: user has PAID = YES in radcheck table. Whenever I set PAID = NO,
the user would no longer
for attention
Best Regards, Josh
-- next part --
An HTML attachment was scrubbed...
URL:
https://list.xs4all.nl/pipermail/freeradius-users/attachments/20061016/aafb6aa7/attachment-0001.html
--
-
List info/subscribe/unsubscribe? See http
Hi All!
I use freeradius with pppoe-server and mysql. If I connect to
freeradius, the radius server give confirmation.
The content of confirmation : Attributes + Values ex: Framed-
Ip-Address, Reply_message etc...
These attributes and values is in the my radreply table, in mysql.
I
On 10/16/06, Mustafa Şenay [EMAIL PROTECTED] wrote:
Same password works when binding to LDAP server from different client
applications, sucha as GQ. So I'm pretty sure that password is
correct.
That doesn't mean it works for PEAP too (probably not). See below.
I'm not sure that how will
Hi Jason,I want to use PEAP.So I can use PEAP on a WinXP SP2 client without any other supplicant, using his native supplicant.The problem is that with native WinXP supplicant the authentication process failed, and freeradius server give me an error regarding certificates.
The strange thing is that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Does somebody knows how to configure sqlippool with MySQL ?
The sqlippool.conf example is for pgsql. And for MySQL ?
Here is my sqlippool.conf, corrected for MySQL:
sqlippool sqlippool {
#
# SQL connection information
#
sql-instance-name = sql
Someone needs to do some serious work on sqlippool. I'd do so, but
currently I have no need for SQL-assigned IPs, as I only have one
RADIUS server - and if it fails over, the least thing I have to worry
about is current IP assignments.
I recommend finding someone who is adept at *SQL and buy
anand kumar wrote:
Dear All,
I want to integrate our billing code in freeradius. and i wants to
make a code in c language with mysql database connectivity and i wants
to make a so file also . Please help me.
Thanks
A. K.
Anand Kumar
Software Engineer(VoIP)
Hi Anand,
I'm not quite
I've been away and unable to get mail for the past few days, and now
my main net connection has a fibre cut. Hopefully I'll be back up and
running tomorrow.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I have been experimenting with something like this and
found you can (mis)use the hints file to do something like
this:
DEFAULT Hint
=
`%{ldap:ldap:///ou=hosts,dc=demo,dc=org?radiusHuntgroupName?one?ipHostNumber=%{NAS-IP-Address}}`
If you want you can use Huntgroup-Name insttead of hint.
Message: 5
Date: Mon, 16 Oct 2006 22:36:14 +0200
From: Josh Shamir [EMAIL PROTECTED]
Subject: Re: WPA authentication works only with MacOS clients
To: FreeRadius users mailing list
freeradius-users@lists.freeradius.org
Message-ID:
[EMAIL PROTECTED]
Content-Type: text/plain;
Message: 5
Date: Mon, 16 Oct 2006 22:36:14 +0200
From: Josh Shamir [EMAIL PROTECTED]
Subject: Re: WPA authentication works only with MacOS clients
To: FreeRadius users mailing list
freeradius-users@lists.freeradius.org
Message-ID:
[EMAIL PROTECTED]
Content-Type: text/plain;
38 matches
Mail list logo