Dialup_Admin Help
Title: Message I have set up Dialup_Admin with Apache 2, MySQL 4, php and Redhat 9. I have set the permissions to the DB in the admin.conf file but the web server refuses to connect to the DB both remotely and Locally. Any ideas??? Wayne T Work, Sr.CISSPwww.securitygauntlet.comwww.hipaact.com
RE: Cisco AP350 series - Freeradius authentication warning.
The CISCO AP350 does have a MAC authentication selection in the setting. Make sure that this is not selected. If it is selected you have to populate the AP with the MAC addresses which are authorized to use the AP. Since the Radius Server does not appear to be receiving an request in Debug mode, the AP maybe stopping the request. Just a thought!! Wayne T Work, Sr. CISSP (Work) 203.217.5004 (Fax) 208-545-4365 Owner and Sr. Information Systems Security Consultant Security Gauntlet Consulting HIPAA Compliance Resource Group www.securitygauntlet.com www.hipaact.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ivan Barrera Sent: Monday, July 14, 2003 11:03 AM To: [EMAIL PROTECTED] Subject: Cisco AP350 series - Freeradius authentication warning. Hello, I have a linux server with Freeradius. The access point (AP) is a Cisco AP350 Series. I configured all the files, and seems to be working using radtest. When I use my laptop to try to reach the network, the AP drops a warning message like: (Warning): No MAC-Authentication response for Station 00022d0bea39 from server 10.4.132.24 Both the server and the AP are in the same network, and the ping response from the server to the AP is ok. But when I run the radius server with full debug options (-xxyz -l stdout) it does not show any message related to the request from the AP. Is that normal? Should not the server show at least the request from the AP, even if I have an error on the configuration files? Thank you for your help, Ivan Barrera ECE - University of Delaware - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html BEGIN:VCARD VERSION:2.1 N:Work;Wayne FN:Wayne T Work (E-mail) ORG:Security Gauntlet Consulting TITLE:Sr. Information Security Consultant TEL;WORK;VOICE:(203) 217-5004 TEL;CELL;VOICE:(203) 217-5004 ADR;WORK:;;56 Applewood Lane;Naugatuck;CT;06770;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:56 Applewood Lane=0D=0ANaugatuck, CT 06770=0D=0AUnited States of America EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20021023T141508Z END:VCARD
RE: Cisco AP350 series - Freeradius authentication warning.
I do not think that the AP will forward the MAC auth request to the FR and will try to do it all internally. Wayne T Work, Sr. CISSP (Work) 203.217.5004 (Fax) 208-545-4365 Owner and Sr. Information Systems Security Consultant Security Gauntlet Consulting HIPAA Compliance Resource Group www.securitygauntlet.com www.hipaact.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ivan Barrera Sent: Monday, July 14, 2003 2:05 PM To: [EMAIL PROTECTED] Subject: Re: Cisco AP350 series - Freeradius authentication warning. Thank you Vincent and Wayne for your answers. I think the problem is the AP configuration too, but since it is on service right now, and it is set for MAC address authentication, it is suppossed to send the request to the FR when the MAC is not found in its database. Do you think that maybe that setting (I mean forward requests to the FR) should work right? Can the authentication be shared between the AP and th FR? or is it an exclusive job for just one, the FR or the AP? So should I try to disable the MAC authentication at the AP just to see if that works? I am still checking the configuration, and it seems to be right, unless that shared authentication does not work well. I will check with cisco if there is a work around for this configuration. Thank you, Ivan Dario Barrera Graduate Student ECE - University of Delaware - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html BEGIN:VCARD VERSION:2.1 N:Work;Wayne FN:Wayne T Work (E-mail) ORG:Security Gauntlet Consulting TITLE:Sr. Information Security Consultant TEL;WORK;VOICE:(203) 217-5004 TEL;CELL;VOICE:(203) 217-5004 ADR;WORK:;;56 Applewood Lane;Naugatuck;CT;06770;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:56 Applewood Lane=0D=0ANaugatuck, CT 06770=0D=0AUnited States of America EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20021023T141508Z END:VCARD
RE: Cisco AP350 series - Freeradius authentication warning.
Vinc, You are right . Most 350s have the Vx *^%$ stuff in them all thought I believe there are two tools up on the CISCO site to change them to CISCO IOS. Wayne T Work, Sr. CISSP (Work) 203.217.5004 (Fax) 208-545-4365 Owner and Sr. Information Systems Security Consultant Security Gauntlet Consulting HIPAA Compliance Resource Group www.securitygauntlet.com www.hipaact.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, July 14, 2003 2:20 PM To: [EMAIL PROTECTED] Subject: Re: Cisco AP350 series - Freeradius authentication warning. [EMAIL PROTECTED] wrote on 07/14/2003 01:04:37 PM: I think the problem is the AP configuration too, but since it is on service right now, and it is set for MAC address authentication, it is suppossed to send the request to the FR when the MAC is not found in its database. Casually perusing the 350 docs, it appears as though what you're trying to do _should_ be possible with the 350. Then again, the 350's run that awful VxWorst operating system, so who knows. ;) Do you think that maybe that setting (I mean forward requests to the FR) should work right? Can the authentication be shared between the AP and th FR? or is it an exclusive job for just one, the FR or the AP? So should I try to disable the MAC authentication at the AP just to see if that works? I'd try that, but that basically means you're taking the AP out of service for a while. (You're kind of stuck between a rock and a hard place here.) Why can't you just take all the MAC addresses that are on the access points, put them in FR, and then have the AP _only_ check FR? Wouldn't that eliminate an unnecessary layer of uncertainty? Vincent Giovannone Network Infrastructure Group Information Services Division Rush - Presbyterian St. Luke's Medical Center A four-year-old will very quickly get over news of the death of Santa if told that it was due to his fully loaded sleigh crashing in the back garden. -- Mil Millington - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html BEGIN:VCARD VERSION:2.1 N:Work;Wayne FN:Wayne T Work (E-mail) ORG:Security Gauntlet Consulting TITLE:Sr. Information Security Consultant TEL;WORK;VOICE:(203) 217-5004 TEL;CELL;VOICE:(203) 217-5004 ADR;WORK:;;56 Applewood Lane;Naugatuck;CT;06770;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:56 Applewood Lane=0D=0ANaugatuck, CT 06770=0D=0AUnited States of America EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20021023T141508Z END:VCARD
RE: radpaths.h cannot be found
I received the same error the other night with Red Hat 9.0 trying to compile this new version. It appears that the radpaths.h is never made. Any help?? Wayne T Work, Sr. CISSP (Work) 203.217.5004 (Fax) 208-545-4365 Owner and Sr. Information Systems Security Consultant Security Gauntlet Consulting HIPAA Compliance Resource Group www.securitygauntlet.com www.hipaact.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jonnas Sent: Saturday, July 12, 2003 3:04 AM To: [EMAIL PROTECTED] Subject: radpaths.h cannot be found Hi, Trying to compile version 0.9.0-pre1 and I have the following error: In file included from rlm_acct_unique.c:27: ../../include/radiusd.h:11:22: radpaths.h: No such file or directory gmake[6]: *** [rlm_acct_unique.o] Error 1 gmake[6]: Leaving directory `/root/downloads/freeradius-0.9.0-pre1/src/modules/rlm_acct_unique' gmake[5]: *** [common] Error 1 gmake[5]: Leaving directory `/root/downloads/freeradius-0.9.0-pre1/src/modules' gmake[4]: *** [all] Error 2 gmake[4]: Leaving directory `/root/downloads/freeradius-0.9.0-pre1/src/modules' gmake[3]: *** [common] Error 1 gmake[3]: Leaving directory `/root/downloads/freeradius-0.9.0-pre1/src' gmake[2]: *** [all] Error 2 gmake[2]: Leaving directory `/root/downloads/freeradius-0.9.0-pre1/src' gmake[1]: *** [common] Error 1 gmake[1]: Leaving directory `/root/downloads/freeradius-0.9.0-pre1' make: *** [all] Error 2 I checked in the src/include/ folder and indeed the radpaths.h file is missing. ./configure didn't seem to return any relevant errors, but if necessary I can post that output also. Where is my radpaths.h??? Am I doing something wrong? I'm stuck on this, so any advise is much appreciated. TIA, Jonnas -- http://www.desilinux.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html BEGIN:VCARD VERSION:2.1 N:Work;Wayne FN:Wayne T Work (E-mail) ORG:Security Gauntlet Consulting TITLE:Sr. Information Security Consultant TEL;WORK;VOICE:(203) 217-5004 TEL;CELL;VOICE:(203) 217-5004 ADR;WORK:;;56 Applewood Lane;Naugatuck;CT;06770;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:56 Applewood Lane=0D=0ANaugatuck, CT 06770=0D=0AUnited States of America EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20021023T141508Z END:VCARD
