Realy need Help
Hi everybody, I am having a problem with acct_users, i did a shell script but when the user logon, the radius print that exec-program is running but it didnt make any action. I realy do know how to set it up. Thanks Atenciosamente Lucas Oliveira Web Manager Prompt Tecnologia www.prompt-tecnologia.com.br - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
need help
Hello freeradius-users, i have mpd+freeradius+mysql when i connecting to vpn server i see following messages in radius log: [pptp0] RADIUS: RadiusAccount for: test [pptp0] RADIUS: using /usr/local/etc/radius. [pptp0] RADIUS: RadiusAddServer Adding 192.168.100.1 [pptp0] RADIUS: RadiusAccount: Sending accounting data (Type: 2) [pptp0] RADIUS: RadiusSendRequest: rad_send_request failed No valid RADIUS responses received please prompt me how i can solve this problem -- Best regards, Sergey aka Freak - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I need help
I am a microsoft guy who is trying to learn linux, because I have to i freeradius on it. can anyone help me get started in the right direction. Any help is appreciated - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: I need help
Buy the O'Reilly RADIUS book. josh. On Wed, 2003-11-26 at 16:57, Jason Tres wrote: I am a microsoft guy who is trying to learn linux, because I have to i freeradius on it. can anyone help me get started in the right direction. Any help is appreciated - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- --- Josh Howlett, Networking Digital Communications, Information Systems Computing, University of Bristol, U.K. 'phone: 0117 928 7850 email: [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need help on application - RADIUS integration
Hi all, Greeting to all. I am currently working on a wireless project that requires integration of a web portal with a mobile carrier's AAA system (a RADIUS system). I am rather new to RADIUS technology, but I have tried playing around with FreeRADIUS to familiarize myself with the technology and to prepare for the integration work with the carrier's AAA system. For my project at the current moment, unfortunately, I am still waiting to get the right technical contact and the necessary technical info about their RADIUS system from the carrier...The info is coming in rather slowly. My project requirements as far as integration with the carrier's RADIUS system is concerned are as follows: 1. to retrieve mobile users' MSISDNs (Mobile Station ISDN) or assigned client IP addresses from the incoming HTTP requests received by the web portal, and to validate it against the carrier's AAA system. The web portal will grant user access based on the result of the validation. 2. In cases where client IP addresses are received, to also get the users' corresponding MSISDNs from the carrier's AAA system. 3. Upon successful validation, to also fetch the required user profiles (name, email, etc if available) from the carrier's AAA system so that the user info can be made available for the web portal's use. Instead of waiting for the info to come in, I am thinking of configuring my FreeRADIUS server to simulate a typical mobile carrier's RADIUS system as closely as possible and to start some preliminary integration of my web portal with the RADIUS server. As I am very new to RADIUS and not to mention the mobile carrier's RADIUS system, which I gathered from pieces of information - it could be a specialized RADIUS system for wireless industry, I am not sure how viable is my above approach. I would really appreciate it if somebody, who is expert in application - RADIUS integration or familiar with carrier RADIUS deployment, share their valuable experience and suggestions as to how should I proceed with my tasks. I would also appreciate it very much if any of you can point me to the right directions on the followings: - Is there a document/case study that describes how mobile carriers typically make use of RADIUS for authenticating their mobile users? - Has anyone ever configured FreeRADIUS in a way that closely resembles a typical mobile carrier's RADIUS system? Can you share your system architecture or configurations? - Is there a comprehensive and stable open-source Java APIs for RADIUS integration? I am sorry for sending such a long email ...more so if this is not the right forum for this type of questions. But, I would really appreciate your valuable inputs. Best Regards. __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help on application - RADIUS integration
KT Poh [EMAIL PROTECTED] wrote: My project requirements as far as integration with the carrier's RADIUS system is concerned are as follows: 1. to retrieve mobile users' MSISDNs (Mobile Station ISDN) or assigned client IP addresses from the incoming HTTP requests received by the web portal, and to validate it against the carrier's AAA system. The web portal will grant user access based on the result of the validation. For Apache, mod_auth_radius can do some of this. You may have to edit the source to add features for your local system. 2. In cases where client IP addresses are received, to also get the users' corresponding MSISDNs from the carrier's AAA system. If the MSISDN is defined in a RADIUS attribute, that's possible. 3. Upon successful validation, to also fetch the required user profiles (name, email, etc if available) from the carrier's AAA system so that the user info can be made available for the web portal's use. For that, you'll probably need to create a local vendor dictionary, and write a RADIUS client to integrate into your web portal, which understands these attributes. As I am very new to RADIUS and not to mention the mobile carrier's RADIUS system, which I gathered from pieces of information - it could be a specialized RADIUS system for wireless industry, I am not sure how viable is my above approach. It's possible, it's just a lot of work. Personally, I would use RADIUS just for authentication, and have the users information in an SQL database. The web portal can then query the database for the user information ONLY if the RADIUS server says that the user was authenticated. The reason for this design is that it looks like you're trying to use the RADIUS server for both authentication some database information. That's going to cause difficulties. - Is there a document/case study that describes how mobile carriers typically make use of RADIUS for authenticating their mobile users? I doubt it. That kind of information is usually kept secret. - Is there a comprehensive and stable open-source Java APIs for RADIUS integration? Look on google. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Newbie - need help urgently, help appreciated
Lee Puay Yong [EMAIL PROTECTED] wrote: 1.Does freeradius support LEAP authentication against ldap database. No. I tried to set authorize to LDAP and authentication to EAP but no progress so far (maybe I missed somthing). It will be nice if someone can send me a wokring copy of the radiusd.conf and the users file. If you can configure the server to do PAP authentication by using LDAP for 'authorize', and NOT using LDAP for 'authenticate', then that should also work for LEAP. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Newbie - need help urgently, help appreciated
Hi, I am trying to set up a radius server using EAP type = leap. I have a cisco airnet 1100 A.P and it is successfully so far. However, I have problem trying to authenticate it through the ldap database. I do a web search and the most recent one I found in somewhere in april this yearwhere they said that leap doesn't support ldap database. Even cisco secure access control server version 3.2 doesn't support LDAP database through leap (http://www.cisco.com/warp/public/cc/pd/sqsw/sq/prodlit/acsq_qp.htm). So my questions are: 1. Does freeradius support LEAP authentication against ldap database. If yes, how should I configure it? I tried to set authorize to LDAP and authentication to EAP but no progress so far (maybe I missed somthing). It will be nice if someone can send me a wokring copy of the radiusd.conf and the users file. 2. Has anyone been able to setup LEAP against LDAP with success? regards, Puay Yong
I need help in accounting configuration
Hi, ALL! I'm novice in installation, configuration and using of FreeRadius. Can anybody help me in accounting configuring for NAS. I mean, should I use acct_users file? Or should I use another config params and files? I'm not planning to use DB right now. Best regards, Serg Shipaev - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help with SNMP
On Thursday, July 31, 2003, at 04:25 PM, Alan DeKok wrote: Harrie Hazewinkel [EMAIL PROTECTED] wrote: While looking at it to upgrade to net-snmp, I was wondering why you do a compile test for some include files and not just a check?? It's part of autoconf. Ask them. Maybe I should ask, but you use it from them. So why are you using it?? Anyway, I believe just testing if the files are there is enough for checking the existance of include files. Anyway, do people think that upgrading to NET-SNMP is usefull and start adding AgentX based agent?? I am willing to work on it. Harrie - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help with SNMP
Harrie Hazewinkel [EMAIL PROTECTED] wrote: It's part of autoconf. Ask them. Maybe I should ask, but you use it from them. So why are you using it?? Because it's the best solution for a horrible problem. The whole point of using a tool is to see that it works. Knowing HOW it works is much less relevant. Anyway, I believe just testing if the files are there is enough for checking the existance of include files. No. You're got to check if the *compiler* thinks they exist, and if the *compiler* thinks that they are well-formed. The best way to do those checks is to compile a test program ,and #include the files. Anyway, do people think that upgrading to NET-SNMP is usefull and start adding AgentX based agent?? Sure. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help with SNMP
On Tuesday, July 29, 2003, at 08:01 PM, Alan DeKok wrote: Atanu Das [EMAIL PROTECTED] wrote: net-snmp-5.0.6-17 FreeRADIUS can't use net-snmp. While looking at it to upgrade to net-snmp, I was wondering why you do a compile test for some include files and not just a check?? Do you want to make sure the files contain a content you expect?? If so, you need to use various types defined in there and not just 'int a = 1;' This is just a wild guess. But I have the ucd-snmp as well net-snmp headers in /usr/include/ucd-snmp and /usr/include/net-snmp. Then get the server to look at *only* ucd-snmp, and ignore net-snmp. regards, Harrie - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help with SNMP
Greetings Everybody and special thanks to Mr. Phillip Blow and Mr. Alan DeKok I got my radius compiled with SNMP support. But while I run the snmpget query in the test environment I get the following message [EMAIL PROTECTED] snmp]# snmpget -v2c -c myradius localhost .1.3.6.1.2.1.67.1.1.1.1.5.0 SNMPv2-SMI::mib-2.67.1.1.1.1.5.0 = Counter32: 0 [EMAIL PROTECTED] snmp]# snmpget -v2c -c myradius localhost .1.3.6.1.2.1.67.2.1.1.1.5.0 SNMPv2-SMI::mib-2.67.2.1.1.1.5.0 = Counter32: 0 At the time of runnning this command, five accounting session was there and 18 authentication request were taking place simultaneously. Well Just like that, is the message natural??? Ats - Original Message - From: Harrie Hazewinkel [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: Harrie Hazewinkel [EMAIL PROTECTED] Sent: Thursday, July 31, 2003 6:10 PM Subject: Re: Need Help with SNMP On Tuesday, July 29, 2003, at 08:01 PM, Alan DeKok wrote: Atanu Das [EMAIL PROTECTED] wrote: net-snmp-5.0.6-17 FreeRADIUS can't use net-snmp. While looking at it to upgrade to net-snmp, I was wondering why you do a compile test for some include files and not just a check?? Do you want to make sure the files contain a content you expect?? If so, you need to use various types defined in there and not just 'int a = 1;' This is just a wild guess. But I have the ucd-snmp as well net-snmp headers in /usr/include/ucd-snmp and /usr/include/net-snmp. Then get the server to look at *only* ucd-snmp, and ignore net-snmp. regards, Harrie - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help with SNMP
Harrie Hazewinkel [EMAIL PROTECTED] wrote: While looking at it to upgrade to net-snmp, I was wondering why you do a compile test for some include files and not just a check?? It's part of autoconf. Ask them. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help with SNMP
What Mr. DeKok means is... He's a giant jerk and thinks he's too important to answer your questions, so he has to make snide remarks questioning your intelligence to make himself feel all nerdy and stuff. Best advice, keep playing till you get something. You wrote: Atanu Das [EMAIL PROTECTED] wrote: But while I run the snmpget query in the test environment I get the following message [EMAIL PROTECTED] snmp]# snmpget -v2c -c myradius localhost .1.3.6.1.2.1.67.1.1.1.1.5.0 SNMPv2-SMI::mib-2.67.1.1.1.1.5.0 = Counter32: 0 [EMAIL PROTECTED] snmp]# snmpget -v2c -c myradius localhost .1.3.6.1.2.1.67.2.1.1.1.5.0 SNMPv2-SMI::mib-2.67.2.1.1.1.5.0 = Counter32: 0 So... what are the values you're querying? Most people don't keey ~8 digit numbers in their heads for every MIB query, and if you can't be bothered to look them up, I don't think you should expect that anyone else would, either. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html --
Re: Need Help with SNMP
***Wonders who p**sed in Steven's cheerios this morning At 07:02 AM 7/31/03, you wrote: What Mr. DeKok means is... He's a giant jerk and thinks he's too important to answer your questions, so he has to make snide remarks questioning your intelligence to make himself feel all nerdy and stuff. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help with SNMP
I answer any questions where I have experience in the subject. Since my needs for FreeRadius are limited, I don't want to say anything that could be counterproductive for someone. As I become more familiar with the system, I will gladly pitch in and spend more time answering others' questions so that you may devote more time to development. I appreciate very much your efforts, I've just seen some of the replies you've given as somewhat abrupt. My apologies, Steven - Original Message - From: Alan DeKok [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, July 31, 2003 12:53 PM Subject: Re: Need Help with SNMP Steven Fries [EMAIL PROTECTED] wrote: What Mr. DeKok means is... He's a giant jerk and thinks he's too important to answer your questions, so he has to make snide remarks questioning your intelligence to make himself feel all nerdy and stuff. Hmm... I answer about 100x more questions on this list than you do, so I don't see what you're complaining about. If you don't like my responses, you should have the balls to answer questions yourself. But you don't. Instead, you whine about how you don't like my answers. So even though I'm provably friendlier and more helpful than you are, you think I should be doing more. That's not rude, it's just stupid. I've got a simple response: Pay me to help you, and I'll be endlessly polite. If you're not going to pay me, and if you're not going to lift a finger to help people, then shut up, and stop complaining about my answers. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help with SNMP
Atanu Das [EMAIL PROTECTED] wrote: net-snmp-5.0.6-17 FreeRADIUS can't use net-snmp. This is just a wild guess. But I have the ucd-snmp as well net-snmp headers in /usr/include/ucd-snmp and /usr/include/net-snmp. Then get the server to look at *only* ucd-snmp, and ignore net-snmp. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help with SNMP
Hi Alan, Thanks for such a prompt reply. I got your point. I think I will have to install the **OLD** version of ucd-snmp (ucd-snmp-4.2.6) in my RedHat 9 box. The headers that i have in /usr/include/ucd-snmp are asn1.h- #ifdef UCD_COMPATIBLE #include net-snmp/library/asn1.h #else #error Please update your headers or configure using --enable-ucd-snmp-compatibility #endif --snmp.h--- #ifdef UCD_COMPATIBLE #include net-snmp/library/snmp.h #else #error Please update your headers or configure using --enable-ucd-snmp-compatibility #endif ---snmp_impl.h- #ifdef UCD_COMPATIBLE #include net-snmp/net-snmp-config.h #include net-snmp/types.h #include net-snmp/library/snmp_impl.h #else #error Please update your headers or configure using --enable-ucd-snmp-compatibility #endif and all the files are using the headers of net-snmp. This has left me with no choice :) Thanks anyway Regards, Ats - Original Message - From: Alan DeKok [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, July 29, 2003 11:31 PM Subject: Re: Need Help with SNMP Atanu Das [EMAIL PROTECTED] wrote: net-snmp-5.0.6-17 FreeRADIUS can't use net-snmp. This is just a wild guess. But I have the ucd-snmp as well net-snmp headers in /usr/include/ucd-snmp and /usr/include/net-snmp. Then get the server to look at *only* ucd-snmp, and ignore net-snmp. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Need Help with SNMP
Ats, The way I got this working was to remove the ifdefs in the headers files in /usr/include/ucd-snmp. Then it complies fine. I have also started making some other changes to allow more snmp information to be collected (it was to a pre 0.9.0 snapshot), but will need a bit more time to sort it out and the patches will need to be approved. Alan, I think that when the --enable-ucb-snmp-compatibility switch is passed to ./configure, the configure script does not #define UCD_COMPATABILITY. This might be the problem. Cheers, Philip Blow Senior Technical Manager Simply Wireless -Original Message- From: Atanu Das [mailto:[EMAIL PROTECTED] Sent: Wednesday, 30 July 2003 4:46 AM To: [EMAIL PROTECTED] Subject: Re: Need Help with SNMP Hi Alan, Thanks for such a prompt reply. I got your point. I think I will have to install the **OLD** version of ucd-snmp (ucd-snmp-4.2.6) in my RedHat 9 box. The headers that i have in /usr/include/ucd-snmp are asn1.h- #ifdef UCD_COMPATIBLE #include net-snmp/library/asn1.h #else #error Please update your headers or configure using --enable-ucd-snmp-compatibility #endif --snmp.h--- #ifdef UCD_COMPATIBLE #include net-snmp/library/snmp.h #else #error Please update your headers or configure using --enable-ucd-snmp-compatibility #endif ---snmp_impl.h- #ifdef UCD_COMPATIBLE #include net-snmp/net-snmp-config.h #include net-snmp/types.h #include net-snmp/library/snmp_impl.h #else #error Please update your headers or configure using --enable-ucd-snmp-compatibility #endif and all the files are using the headers of net-snmp. This has left me with no choice :) Thanks anyway Regards, Ats - Original Message - From: Alan DeKok [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, July 29, 2003 11:31 PM Subject: Re: Need Help with SNMP Atanu Das [EMAIL PROTECTED] wrote: net-snmp-5.0.6-17 FreeRADIUS can't use net-snmp. This is just a wild guess. But I have the ucd-snmp as well net-snmp headers in /usr/include/ucd-snmp and /usr/include/net-snmp. Then get the server to look at *only* ucd-snmp, and ignore net-snmp. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Accounting CISCO MySQL problem! Need HELP!! URGENT!
Hi there, I bukld CISCO h323 accounting using FreeRadius, first problem is that I do accounting start-stop packets, It works well, it is full info in radacct files, but I have the problem with MySQL. I have no disconnect couse in MySQL base! It works only when I make only Stop packets accounting. I've changed sql.conf file like this: accounting_onoff_query = UPDATE ${acct_table1} SET AcctStopTime='%S', AcctSessionTime=unix_timestamp('%S') - unix_timestamp AcctStartTime), AcctTerminateCause='%{Acct-Terminate-Cause}', AcctStopDelay = %{Acct-Delay-Time} WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStartTime = '%S' accounting_update_query = UPDATE ${acct_table1} SET FramedIPAddress = '%{Framed-IP-Address}' WHERE AcctSessionId = '%{Acct- Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStopTime = 0 accounting_start_query = INSERT into ${acct_table1} (RadAcctId, AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('', '%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', '0', '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay-Time}', '0') accounting_start_query_alt = UPDATE ${acct_table1} SET AcctStartTime = '%S', AcctStartDelay = '%{Acct-Delay-Time}', ConnectInfo_start = '%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}' AND AcctStopTime = 0 accounting_stop_query = UPDATE ${acct_table2} SET AcctStopTime = '%S', AcctSessionTime = '%{Acct-Session-Time}', AcctInputO ctets = '%{Acct-Input-Octets}', AcctOutputOctets = '%{Acct-Output-Octets}', AcctTerminateCause = '%{Acct-Terminate-Cause}', AcctStopDelay = '%{Acct-Delay-Time}', ConnectInfo_stop = '%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}' AND AcctStopTime = 0 accounting_stop_query_alt = INSERT into ${acct_table2} (RadAcctId, AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddre ss, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('', '%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '0', '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Connect-Info}', '%{Acct-Input-Octets}', '%{Acct-Output-Octets}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{h323-disconnect-cause}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0', '%{Acct-Delay-Time}') Maybe something is wrong. Please help!!! It is really URGENT! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Accounting CISCO MySQL problem! Need HELP!! URGENT!
Hi there, I've this problem solved, but still follow problem: When I account only stop packets, I have succesful call records in the MySQL, where is unsuccessful? What I need change? Oleg Please help urgent! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Oleg Ustinov Sent: Thursday, July 17, 2003 7:35 PM To: [EMAIL PROTECTED] Subject: Accounting CISCO MySQL problem! Need HELP!! URGENT! Hi there, I bukld CISCO h323 accounting using FreeRadius, first problem is that I do accounting start-stop packets, It works well, it is full info in radacct files, but I have the problem with MySQL. I have no disconnect couse in MySQL base! It works only when I make only Stop packets accounting. I've changed sql.conf file like this: accounting_onoff_query = UPDATE ${acct_table1} SET AcctStopTime='%S', AcctSessionTime=unix_timestamp('%S') - unix_timestamp AcctStartTime), AcctTerminateCause='%{Acct-Terminate-Cause}', AcctStopDelay = %{Acct-Delay-Time} WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStartTime = '%S' accounting_update_query = UPDATE ${acct_table1} SET FramedIPAddress = '%{Framed-IP-Address}' WHERE AcctSessionId = '%{Acct- Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStopTime = 0 accounting_start_query = INSERT into ${acct_table1} (RadAcctId, AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('', '%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', '0', '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay-Time}', '0') accounting_start_query_alt = UPDATE ${acct_table1} SET AcctStartTime = '%S', AcctStartDelay = '%{Acct-Delay-Time}', ConnectInfo_start = '%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}' AND AcctStopTime = 0 accounting_stop_query = UPDATE ${acct_table2} SET AcctStopTime = '%S', AcctSessionTime = '%{Acct-Session-Time}', AcctInputO ctets = '%{Acct-Input-Octets}', AcctOutputOctets = '%{Acct-Output-Octets}', AcctTerminateCause = '%{Acct-Terminate-Cause}', AcctStopDelay = '%{Acct-Delay-Time}', ConnectInfo_stop = '%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}' AND AcctStopTime = 0 accounting_stop_query_alt = INSERT into ${acct_table2} (RadAcctId, AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddre ss, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('', '%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '0', '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Connect-Info}', '%{Acct-Input-Octets}', '%{Acct-Output-Octets}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{h323-disconnect-cause}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0', '%{Acct-Delay-Time}') Maybe something is wrong. Please help!!! It is really URGENT! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need help!
Thx to Simon White for fast answer. Would You help me with the following: 1) Operational Scheme: [Cisco AS5300 voip] - [freeradius] - [postgresql] 2) What I need: a) cisco AS5300 gets incomming call b) AS 5300 sends to freeradius information about this call c) freeradius queries postgre for call's price cost d) freeradius receives price cost from postgre e) radius sends price cost to cisco In other words, I need a way to be able to query and get some info from a foreign database. As CISCO say, TCL application (AS5300) can operate with outer world only via radius protocol (correct me if I am wrong). - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help!
19-Feb-03 at 12:54, lakris ([EMAIL PROTECTED]) wrote : 1) Operational Scheme: [Cisco AS5300 voip] - [freeradius] - [postgresql] 2) What I need: a) cisco AS5300 gets incomming call b) AS 5300 sends to freeradius information about this call c) freeradius queries postgre for call's price cost d) freeradius receives price cost from postgre e) radius sends price cost to cisco In other words, I need a way to be able to query and get some info from a foreign database. As CISCO say, TCL application (AS5300) can operate with outer world only via radius protocol (correct me if I am wrong). Does the Cisco support pricing in attributes? This is far more NAS specific than it is Radius specific. This is better: - Cisco gets incoming call - Cisco sends Radius attributes to Freeradius server - Based on these attributes, Freeradius queries PostgreSQL - Freeradius sends query result back to Cisco as Radius response That's how it works. Now you have to work out what attributes trigger what responses, etc. Regards, -- [Simon White. vim/mutt. [EMAIL PROTECTED] Folding@home no log script yet...] Warsaw's Fourth Law: The Law of Pinball Machine Instructions. It doesn't matter a wit if the instructions are printed clearly for all to see, nobody will read them. They'll just drop their quarters and start pushing buttons like a Tommy. Software is the same. -- B. Warsaw - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradis need help !
Hello ! Whether ÷ÏÖÍÏÖÎÏ that the inquiry in comparison of passwords was such plan WAIT_PPP_PSWD2 and from base return either a zero or the password and login. Then at ÓÔÁhÔÏ×ÏÊ to record in base it was transferred INSERT (standard) And at closing ÓÅÓÉÉ (close init sesion). If it possible that you could not result examples skripts by means of which it is possible to make the given procedures! Thenk You for you help ! -- Best regards, Panchenko Mikhael Master Sviaz Sank-Petersburg +7(812) 346-8101 www.master.ru - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradis need help !
*?* would it be ÷ÏÖÍÏÖÎÏ for you to avoid russenglish? it's hardly comprehensible, even perfectly speaking both languages. and it's not very polite for those who don't, don't you think? :-) Whether ÷ÏÖÍÏÖÎÏ that the inquiry in comparison of passwords was such plan WAIT_PPP_PSWD2 and from base return either a zero or the password and login. Then at ÓÔÁhÔÏ×ÏÊ to record in base it was transferred INSERT (standard) And at closing ÓÅÓÉÉ (close init sesion). If it possible that you could not result examples skripts by means of which it is possible to make the given procedures! Thenk You for you help ! Sank-Petersburg SankT??? :-) best wishes artur -- Artur Hecker De'partement Informatique et Re'seaux, ENST Paris http://www.infres.enst.fr/~hecker - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help with fail-over config
chris [EMAIL PROTECTED] wrote: I've read doc/configurable_failover and gone through a ton of messages in the archives. Right when I think I understand it, I see another message that conflicts with it. Seems that alot has changed over the versions. Nothing has changed in the configurable failover code for nearly a year and a half. However, the SQL modules weren't able to take advantage of it until 0.8. I have FR working with MySQL but want to add fail-over. Could some kind person post a FULL example of their config? The examples in the documentation SHOULD work. My suggestion is to try using configurable fail-over with ANOTHER module (e.g. the 'always' module), for testing. Once you've got it failing over, then switch to using the SQL module. If that stops working, then there's a problem with SQL, not with configurable fail-over. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need help with fail-over config
Guys, I'm about to lose my hair! ;) I've read doc/configurable_failover and gone through a ton of messages in the archives. Right when I think I understand it, I see another message that conflicts with it. Seems that alot has changed over the versions. I'm at 0.8.1 and new to FreeRadius. I have FR working with MySQL but want to add fail-over. Could some kind person post a FULL example of their config? Please show everything from modules, authorize, authenticate, sql.conf (if you're doing and INCLUDE), etc. I know I'm asking for it to be handed on a silver platter, but I'm just not having any luck with this and it would probably just be easier to see the whole thing rather than go back and forth with my config and a working one section by section. I'll just adapt someone's to my specifics... Thanks to anyone how can help! Chris Bunnell - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
need help ..
hi .. we have installed FreeRadius 0.8 on Redhat Linux 7.3 with MySQL for radius AAA. have been tested and working properly with rlm_counter. my question is what must i do for disconnecting users in a specify time if they didn't receive any data byte or didn't receive an IP address from RAS. or blocked user that didn't receive an IP Address from NAS. is there any external program/script ? or module ? eDy - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: God, I need help getting this thing running on Redhat 8.0!
Dear Mr. McCracken, I looked at the web site and was unable to find a list of required libraries. Could you send the url for the page containing them? Regards Ken -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tim D. McCracken Sent: Friday, December 06, 2002 4:50 PM To: [EMAIL PROTECTED] Subject: RE: God, I need help getting this thing running on Redhat 8.0! Have you installed all the prerequisite libraries? They are listed on the web site. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ken Henrich Sent: Friday, December 06, 2002 3:55 PM To: [EMAIL PROTECTED] Subject: God, I need help getting this thing running on Redhat 8.0! Hi, I must be dumb. I cannot get this thing (freeradius-0.8) to compile under Redhat 8.0. I've got a fresh, default, installation. Here is just the output of ./configure. Now I know kerberos is installed. I know that MySQL is intalled. I've got to be missing something very basic. Regards Ken /home/Ken/freeradius/missing: Unknown `--run' option Try `/home/Ken/freeradius/missing --help' for more information configure: warning: `missing' script is too old or missing cat: ./config.h.in: No such file or directory configure: warning: the comm_err library isn't found! configure: warning: silently not building rlm_krb5. configure: warning: FAILURE: rlm_krb5 requires: krb5. configure: warning: silently not building rlm_sql_postgresql. configure: warning: FAILURE: rlm_sql_postgresql requires: libpq-fe.h libpq. configure: warning: oracle headers not found. Use --with-oracle-home-dir=path. configure: warning: sql submodule 'oracle' disabled configure: warning: iodbc headers not found. Use --with-iodbc-include-dir=path. configure: warning: sql submodule 'iodbc' disabled configure: warning: mysql headers not found. Use --with-mysql-include-dir=path. configure: warning: sql submodule 'mysql' disabled configure: warning: ibm db2 headers not found. Use --with-ibmdb2-include-dir=path.configure: warning: sql submodule 'db2' disabled configure: warning: unixODBC headers not found. Use --with-unixodbc-include-dir=path. configure: warning: sql submodule 'unixodbc' disabled configure: warning: silently not building rlm_sql_postgresql. configure: warning: FAILURE: rlm_sql_postgresql requires: libpq-fe.h libpq. configure: warning: oracle headers not found. Use --with-oracle-home-dir=path. configure: warning: sql submodule 'oracle' disabled configure: warning: iodbc headers not found. Use --with-iodbc-include-dir=path. configure: warning: sql submodule 'iodbc' disabled configure: warning: mysql headers not found. Use --with-mysql-include-dir=path. configure: warning: sql submodule 'mysql' disabled configure: warning: ibm db2 headers not found. Use --with-ibmdb2-include-dir=path.configure: warning: sql submodule 'db2' disabled configure: warning: unixODBC headers not found. Use --with-unixodbc-include-dir=path. configure: warning: sql submodule 'unixodbc' disabled - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: God, I need help getting this thing to run on Redhat!
spamdump [EMAIL PROTECTED] wrote: I must be dumb. I cannot get this thing (freeradius-0.8) to compile under Redhat 8.0. I've got a fresh, default, installation. Here is just the output of ./configure. Now I know kerberos is installed. I know that MySQL is intalled. I've got to be missing something very basic. Do you have the development libraries and header files installed? configure: warning: the comm_err library isn't found! Nope. Alan Dekok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
God, I need help getting this thing running on Redhat 8.0!
Hi, I must be dumb. I cannot get this thing (freeradius-0.8) to compile under Redhat 8.0. I've got a fresh, default, installation. Here is just the output of ./configure. Now I know kerberos is installed. I know that MySQL is intalled. I've got to be missing something very basic. Regards Ken /home/Ken/freeradius/missing: Unknown `--run' option Try `/home/Ken/freeradius/missing --help' for more information configure: warning: `missing' script is too old or missing cat: ./config.h.in: No such file or directory configure: warning: the comm_err library isn't found! configure: warning: silently not building rlm_krb5. configure: warning: FAILURE: rlm_krb5 requires: krb5. configure: warning: silently not building rlm_sql_postgresql. configure: warning: FAILURE: rlm_sql_postgresql requires: libpq-fe.h libpq. configure: warning: oracle headers not found. Use --with-oracle-home-dir=path. configure: warning: sql submodule 'oracle' disabled configure: warning: iodbc headers not found. Use --with-iodbc-include-dir=path. configure: warning: sql submodule 'iodbc' disabled configure: warning: mysql headers not found. Use --with-mysql-include-dir=path. configure: warning: sql submodule 'mysql' disabled configure: warning: ibm db2 headers not found. Use --with-ibmdb2-include-dir=path.configure: warning: sql submodule 'db2' disabled configure: warning: unixODBC headers not found. Use --with-unixodbc-include-dir=path. configure: warning: sql submodule 'unixodbc' disabled configure: warning: silently not building rlm_sql_postgresql. configure: warning: FAILURE: rlm_sql_postgresql requires: libpq-fe.h libpq. configure: warning: oracle headers not found. Use --with-oracle-home-dir=path. configure: warning: sql submodule 'oracle' disabled configure: warning: iodbc headers not found. Use --with-iodbc-include-dir=path. configure: warning: sql submodule 'iodbc' disabled configure: warning: mysql headers not found. Use --with-mysql-include-dir=path. configure: warning: sql submodule 'mysql' disabled configure: warning: ibm db2 headers not found. Use --with-ibmdb2-include-dir=path.configure: warning: sql submodule 'db2' disabled configure: warning: unixODBC headers not found. Use --with-unixodbc-include-dir=path. configure: warning: sql submodule 'unixodbc' disabled - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: God, I need help getting this thing running on Redhat 8.0!
Have you installed all the prerequisite libraries? They are listed on the web site. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ken Henrich Sent: Friday, December 06, 2002 3:55 PM To: [EMAIL PROTECTED] Subject: God, I need help getting this thing running on Redhat 8.0! Hi, I must be dumb. I cannot get this thing (freeradius-0.8) to compile under Redhat 8.0. I've got a fresh, default, installation. Here is just the output of ./configure. Now I know kerberos is installed. I know that MySQL is intalled. I've got to be missing something very basic. Regards Ken /home/Ken/freeradius/missing: Unknown `--run' option Try `/home/Ken/freeradius/missing --help' for more information configure: warning: `missing' script is too old or missing cat: ./config.h.in: No such file or directory configure: warning: the comm_err library isn't found! configure: warning: silently not building rlm_krb5. configure: warning: FAILURE: rlm_krb5 requires: krb5. configure: warning: silently not building rlm_sql_postgresql. configure: warning: FAILURE: rlm_sql_postgresql requires: libpq-fe.h libpq. configure: warning: oracle headers not found. Use --with-oracle-home-dir=path. configure: warning: sql submodule 'oracle' disabled configure: warning: iodbc headers not found. Use --with-iodbc-include-dir=path. configure: warning: sql submodule 'iodbc' disabled configure: warning: mysql headers not found. Use --with-mysql-include-dir=path. configure: warning: sql submodule 'mysql' disabled configure: warning: ibm db2 headers not found. Use --with-ibmdb2-include-dir=path.configure: warning: sql submodule 'db2' disabled configure: warning: unixODBC headers not found. Use --with-unixodbc-include-dir=path. configure: warning: sql submodule 'unixodbc' disabled configure: warning: silently not building rlm_sql_postgresql. configure: warning: FAILURE: rlm_sql_postgresql requires: libpq-fe.h libpq. configure: warning: oracle headers not found. Use --with-oracle-home-dir=path. configure: warning: sql submodule 'oracle' disabled configure: warning: iodbc headers not found. Use --with-iodbc-include-dir=path. configure: warning: sql submodule 'iodbc' disabled configure: warning: mysql headers not found. Use --with-mysql-include-dir=path. configure: warning: sql submodule 'mysql' disabled configure: warning: ibm db2 headers not found. Use --with-ibmdb2-include-dir=path.configure: warning: sql submodule 'db2' disabled configure: warning: unixODBC headers not found. Use --with-unixodbc-include-dir=path. configure: warning: sql submodule 'unixodbc' disabled - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
God, I need help getting this thing to run on Redhat!
Hi, I must be dumb. I cannot get this thing (freeradius-0.8) to compile under Redhat 8.0. I've got a fresh, default, installation. Here is just the output of ./configure. Now I know kerberos is installed. I know that MySQL is intalled. I've got to be missing something very basic. Regards Ken /home/Ken/freeradius/missing: Unknown `--run' option Try `/home/Ken/freeradius/missing --help' for more information configure: warning: `missing' script is too old or missing cat: ./config.h.in: No such file or directory configure: warning: the comm_err library isn't found! configure: warning: silently not building rlm_krb5. configure: warning: FAILURE: rlm_krb5 requires: krb5. configure: warning: silently not building rlm_sql_postgresql. configure: warning: FAILURE: rlm_sql_postgresql requires: libpq-fe.h libpq. configure: warning: oracle headers not found. Use --with-oracle-home-dir=path. configure: warning: sql submodule 'oracle' disabled configure: warning: iodbc headers not found. Use --with-iodbc-include-dir=path. configure: warning: sql submodule 'iodbc' disabled configure: warning: mysql headers not found. Use --with-mysql-include-dir=path. configure: warning: sql submodule 'mysql' disabled configure: warning: ibm db2 headers not found. Use --with-ibmdb2-include-dir=path.configure: warning: sql submodule 'db2' disabled configure: warning: unixODBC headers not found. Use --with-unixodbc-include-dir=path. configure: warning: sql submodule 'unixodbc' disabled configure: warning: silently not building rlm_sql_postgresql. configure: warning: FAILURE: rlm_sql_postgresql requires: libpq-fe.h libpq. configure: warning: oracle headers not found. Use --with-oracle-home-dir=path. configure: warning: sql submodule 'oracle' disabled configure: warning: iodbc headers not found. Use --with-iodbc-include-dir=path. configure: warning: sql submodule 'iodbc' disabled configure: warning: mysql headers not found. Use --with-mysql-include-dir=path. configure: warning: sql submodule 'mysql' disabled configure: warning: ibm db2 headers not found. Use --with-ibmdb2-include-dir=path.configure: warning: sql submodule 'db2' disabled configure: warning: unixODBC headers not found. Use --with-unixodbc-include-dir=path. configure: warning: sql submodule 'unixodbc' disabled - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radreply - I need help
I realy apologize for posting this dummy question again to the list, but I can't find solutions What kind of info do I need to set in radreply table of MySql to avoid any error in log file when I do not need to send any reply to the NAS. I act only as remote proxed server with only user/password auth. Leaving the table radreply empty I got this error: Fri Nov 22 18:45:00 2002 : Error: rlm_sql_authorize: no rows returned from query (no such user) ... each rows: Fri Nov 22 18:45:00 2002 : Error: rlm_sql_authorize: no rows returned from query (no such user) Fri Nov 22 18:45:00 2002 : Auth: Login OK: [giancarlo] (from nas easy@1 port 2070 cli 54942324) Fri Nov 22 18:48:00 2002 : Error: rlm_sql_authorize: no rows returned from query (no such user) Fri Nov 22 18:48:00 2002 : Auth: Login OK: [giancarlo] (from nas easy@1 port 2070 cli 54942324) many thanks my config --- mysql select * from radcheck; ++---+---+--+--+ | id | UserName | Attribute | Value| op | ++---+---+--+--+ | 1 | giancarlo | User-Password | hp3ehp3 | == | ++---+---+--+--+ mysql select * from radgroupcheck; ++---+---++--+ | id | GroupName | Attribute | Value | op | ++---+---++--+ | 1 | stop | Auth-Type | reject | := | ++---+---++--+ mysql select * from radgroupreply; ++---+---+---+--+--+ | id | GroupName | Attribute | Value | op | prio | ++---+---+---+--+--+ | 1 | dialin| Auth-Type | PAP | =: |0 | ++---+---+---+--+--+ 1 row in set (0.00 sec) mysql select * from radreply; Empty set (0.00 sec) mysql select * from usergroup; ++---+---+ | id | UserName | GroupName | ++---+---+ | 1 | giancarlo | dialin| ++---+---+ 2 rows in set (0.00 sec) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radreply - I need help
Glomanet Informa - [EMAIL PROTECTED] wrote: What kind of info do I need to set in radreply table of MySql to avoid any error in log file when I do not need to send any reply to the NAS. I act only as remote proxed server with only user/password auth. You can add a dummy non-protocol attribute. e.g. Menu = 1 Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
R: radreply - I need help
Sorry, same as usually Thu Dec 5 18:20:17 2002 : Error: rlm_sql_authorize: no rows returned from query (no such user) Thu Dec 5 18:29:19 2002 : Auth: Login OK: [pippo] (from nas easy@3 port 18434 cli 12942324) in radack mysql select * from radcheck where username=comsoften; ++---+---+--+--+ | id | UserName | Attribute | Value| op | ++---+---+--+--+ | 1 | pippo | User-Password | pluto| == | ++---+---+--+--+ in radreply: mysql select * from radreply; ++---+---+---+--+ | id | UserName | Attribute | Value | op | ++---+---+---+--+ | 1 | pippo | Menu | 1 | =| ++---+---+---+--+ -Messaggio originale- Da: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Per conto di Alan DeKok Inviato: giovedì 5 dicembre 2002 18.03 A: [EMAIL PROTECTED] Oggetto: Re: radreply - I need help Glomanet Informa - [EMAIL PROTECTED] wrote: What kind of info do I need to set in radreply table of MySql to avoid any error in log file when I do not need to send any reply to the NAS. I act only as remote proxed server with only user/password auth. You can add a dummy non-protocol attribute. e.g. Menu = 1 Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
need help with client.config !!
Hi all , I tried to get the freeradius to work with a CN3000 wireless router from Colubris Network , it has build in function to authenticate to a radius server . I got it to work in my entire LAN when I did an entry in the client.conf for the router`s static private IP address , but I don`t have any idea how to get the radius server to work to accept any IP address , private or public. I did a search in the list for hour`s and on the web and I must admit that I am a newbie to radius. Any help would be great and sorry for my bad english Mike - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help compiling 0.8 under NetBSD 1.6
Dave Burgess [EMAIL PROTECTED] wrote: pthreads are installed in NetBSD1.6. The problem was that there is a missing #include pthreads.h header file reference. I added at line 33. Hmm... but the file radiusd.h already includes pthread.h, and rlm_counter.c includes radiusd.h. I don't know what's broken, but I'll add the include, and do a few more touch-ups. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help compiling 0.8 under NetBSD 1.6
On a whim I pulled the source last night and built it on my vanilla NetBSD-1.6 and I didn't have the pthreads problem per se. I get to here: gcc -g -O2 -Wall -D_GNU_SOURCE -DNDEBUG -I../include -c -o raduse.o raduse.c raduse.c: In function `listnas': raduse.c:95: structure has no member named `ut_tv' raduse.c: In function `fillstruct': raduse.c:154: structure has no member named `ut_tv' raduse.c:186: structure has no member named `ut_tv' raduse.c:195: structure has no member named `ut_tv' gmake[3]: *** [raduse.o] Error 1 gmake[3]: Leaving directory `/users/peter/freeradius-0.8/src/main' gmake[2]: *** [common] Error 1 gmake[2]: Leaving directory `/users/peter/freeradius-0.8/src' gmake[1]: *** [all] Error 2 gmake[1]: Leaving directory `/users/peter/freeradius-0.8/src' gmake: *** [common] Error 1 *** Error code 2 It built everything up to raduse just fine with no modifications. Lemme noodle through this and see what the snag is... on 11/26/02 9:40 AM, Alan DeKok at [EMAIL PROTECTED] wrote: Dave Burgess [EMAIL PROTECTED] wrote: pthreads are installed in NetBSD1.6. The problem was that there is a missing #include pthreads.h header file reference. I added at line 33. Hmm... but the file radiusd.h already includes pthread.h, and rlm_counter.c includes radiusd.h. I don't know what's broken, but I'll add the include, and do a few more touch-ups. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I need help on this please
I'm new to freeradius and radius at all. What I need to configure to make authentication by sql to work? When a user log in I receive this rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module sql returns ok users: Matched DEFAULT at 152 modcall[authorize]: module files returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type System auth: Failed to validate the user. Where do I set the auth type to sql? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: I need help on this please
Do you have a line containing: Auth-Type System in your users file? You may want to try changing that to Auth-Type := System -- Mark P. Hennessy [EMAIL PROTECTED] On Wed, 20 Nov 2002, Jamil Buchalla Neto wrote: Date: Wed, 20 Nov 2002 12:34:28 -0200 From: Jamil Buchalla Neto [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: I need help on this please I'm new to freeradius and radius at all. What I need to configure to make authentication by sql to work? When a user log in I receive this rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module sql returns ok users: Matched DEFAULT at 152 modcall[authorize]: module files returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type System auth: Failed to validate the user. Where do I set the auth type to sql? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: I need help on this please
Mark Hennessy wrote: Do you have a line containing: Auth-Type System in your users file? No, my user file is the default that came with freeradius You may want to try changing that to Auth-Type := System Default users file alreayd have this I just don't know what to do. I have put sql in the authorize section like I read into a doc at frontios.com What else should I do? heres the complete log of what I get rad_recv: Access-Request packet from host x:1645, id=95, length=147 User-Name = servico User-Password = 1234 NAS-IP-Address = NAS-Port = 1539 Acct-Session-Id = 144 USR-Interface-Index = 2795 Service-Type = Login-User USR-Chassis-Call-Slot = 7 USR-Chassis-Call-Span = 1 USR-Chassis-Call-Channel = 3 Calling-Station-Id = 6218297 Called-Station-Id = 8600 NAS-Port-Type = Async modcall: entering group authorize modcall[authorize]: module preprocess returns ok rlm_chap: Could not find proper Chap-Password attribute in request modcall[authorize]: module chap returns noop modcall[authorize]: module mschap returns notfound rlm_realm: No '@' in User-Name = servico, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop radius_xlat: 'servico' rlm_sql (sql): sql_set_user escaped user -- 'servico' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE UserName = 'servico' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 4 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.UserName = 'servico' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE UserName = 'servico' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.UserName = 'servico' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module sql returns ok users: Matched DEFAULT at 152 users: Matched DEFAULT at 226 modcall[authorize]: module files returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type System auth: Failed to validate the user. Delaying request 1 for 1 seconds - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ok, I think I need help...
Yes, you're dealing with a newbie! LOL First ever radius server I attempt to setup, and I'm afraid to say it's quite a tight one as well. Multiple realms, call-backs, vpns, just about anything I've spend the night so far compiling it, and getting the DB structures in order to expand a little bit on what is offered, so that I can use one DB for multiple realms etc etc etc. Now, from the debug output, it would seem to me that the radius server does the appropriate queries successfully, and retrieves the account password. Then, all of a sudden, this pops up... rlm_sql: Released sql socket id: 23 modcall[authorize]: module sql returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type System auth: Failed to validate the user. I swear, I am missing something The question is what? If more info is needed, please just ask, I'll be happy to provide! -- me - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Ok, I think I need help...
OK, Nothing like a big hit on the poor puter with a 10 minute break and a quick nicotine fix. I found my stupid problem, and it's sorted. I have a very basic Radius server running *woohooo* If I can just ask something else quickly. On the Radius Authentication (MySQL), what is the difference between the *check* and *reply* queries, and why am I using both? Sure, this may be a stupid question, and sure there may be some of you going *shrugs*, but bare with me OK... I never touched a RAS before in my life - I actually don't even have one yet... I need to integrate the Radius into our existing management database, as I am sure you can all understand, and to do this, I would most definitely need a very clear understanding of how Radius works (I have this semi below the belt), but also what information free Radius is looking for, and when! Sorry if it's stupid questions... I'm sure someone will find it in their hearts to help me :P -- me - Original Message - From: Chris Knipe [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, November 02, 2002 10:11 AM Subject: Ok, I think I need help... Yes, you're dealing with a newbie! LOL First ever radius server I attempt to setup, and I'm afraid to say it's quite a tight one as well. Multiple realms, call-backs, vpns, just about anything I've spend the night so far compiling it, and getting the DB structures in order to expand a little bit on what is offered, so that I can use one DB for multiple realms etc etc etc. Now, from the debug output, it would seem to me that the radius server does the appropriate queries successfully, and retrieves the account password. Then, all of a sudden, this pops up... rlm_sql: Released sql socket id: 23 modcall[authorize]: module sql returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type System auth: Failed to validate the user. I swear, I am missing something The question is what? If more info is needed, please just ask, I'll be happy to provide! -- me - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Ok, I think I need help...
Chris Knipe [EMAIL PROTECTED] wrote: On the Radius Authentication (MySQL), what is the difference between the *check* and *reply* queries, and why am I using both? See the 'users' file for exampls. See 'man 5 users' for more documentation. The general concept is check to see if the request has FOO, and if so, reply with BAR. I need to integrate the Radius into our existing management database, as I am sure you can all understand, and to do this, I would most definitely need a very clear understanding of how Radius works (I have this semi below the belt), but also what information free Radius is looking for, and when! The server doesn't look for ANY information, other than what you configure it to look for. Read the files in the 'doc' directory. See 'doc/aaa.txt'. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
need Help !
Hi, I'm a newcomer on Radius server. I do install a Radius server for my factory and I don't have many experience on radius and I don't know all of the Radius system. Can I install the Freeradius server tu run somothing productive ? Have your example of that ? Many Thanks. Olivier - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_ippool / need help
my problem, I need to stop the radiusd service then delete the db.ippool and db.ipindex files then restart the radiusd. Any help please to solve my problem... ippool hangar { range-start = 172.16.10.50 range-stop = 172.16.10.60 netmask = 255.255.255.0 cache-size = 10 session-db = ${raddbdir}/db.ippool ip-index = ${raddbdir}/db.ipindex I am not able to reproduce the problem. The ippool module will give out all the available ip's in it's pool and after that it will not do anything. Could you send some debuging info showing radiusd giving out a wrong IP? this is what I have, I using 3Com Ras1500 as my RAS and RedHat 7.2. In my RAS1500 box I have also an IPPOOL 172.16.10.10 size 10 means It will pool 10 ip address which this is for my default dialup users. I have also IPPOOL configuration thru the rlm_ippool module and I need it because of the feature that it can define to limit the ippool. After I consumed the range pool from my configuration 172.16.10.50 to 60, the next time I login it gave me 172.16.10.11, 12, 13 and so on. So I need to stop the radius services then delete the db.ippool and db.ipindex files and start again the radiusd servicecs. What I want to be even I consumed the IPPOOL range the next time I login I can still pool with in the range specified. My biggest problem is I'm not a programmer so I don't know how to debug. Thank you Kostas for replying my email... I realy need the features. Thanks again. --ador - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_ippool / need help
On Mon, 29 Jul 2002, Ador Dauz wrote: To all, Please need your help or other solutions. I using freeradius 0.6 and I used the rlm_ippool module. this is what I observed, Using my setup which it pool 10 IP Address range, so I try to login 10 times and It gave me the right IP address range which in my configuration. After that, In my 11 attempt login, It gave an IP address out of the range specified in my configuration. So to solve my problem, I need to stop the radiusd service then delete the db.ippool and db.ipindex files then restart the radiusd. Any help please to solve my problem... ippool hangar { range-start = 172.16.10.50 range-stop = 172.16.10.60 netmask = 255.255.255.0 cache-size = 10 session-db = ${raddbdir}/db.ippool ip-index = ${raddbdir}/db.ipindex I am not able to reproduce the problem. The ippool module will give out all the available ip's in it's pool and after that it will not do anything. Could you send some debuging info showing radiusd giving out a wrong IP? -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 10 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rlm_ippool / need help
To all, Please need your help or other solutions. I using freeradius 0.6 and I used the rlm_ippool module. this is what I observed, Using my setup which it pool 10 IP Address range, so I try to login 10 times and It gave me the right IP address range which in my configuration. After that, In my 11 attempt login, It gave an IP address out of the range specified in my configuration. So to solve my problem, I need to stop the radiusd service then delete the db.ippool and db.ipindex files then restart the radiusd. Any help please to solve my problem... ippool hangar { range-start = 172.16.10.50 range-stop = 172.16.10.60 netmask = 255.255.255.0 cache-size = 10 session-db = ${raddbdir}/db.ippool ip-index = ${raddbdir}/db.ipindex Thanks --ador - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help
Bertrand TACHAGO [EMAIL PROTECTED] wrote: No, i don't have duplicates ports listed for the service radius. 1645 is listed in the /etc/services file for datametrics (old radius entry) Then why did you say it was listed along with 1812 and 1813, for RADIUS? That just confused the issue. Those was the same messages I had with freeradius 0.5 before upgrading. But the server is not receiving any requests. So did you read the FAQ, and try sending messages to *localhost*? If the server is listening on an IP address and port, and never sees any packets, then either no one is sending packets, or they're being deleted/filtered before the server is receiving them. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help
Hi, I've been trying to run the radius server in debug mode ( radiusd -xxyz -l stdout ); it isn't showing errors and when i try to connect, the server isn't seeing the request. I launch radtest : radtest my_user_name my_password radius_server_ip_address 10 client_secret (client_secret is the same as in the /etc/raddb/clients file). This is the output: Sending Access-Request of id 46 to radius_server_ip_address:1812 User-name = my_user_name Password = encrypt_pass NAS-IP-Address= radius_server_ip_address NAS-Port-Id = 10 radclient: no response from server. I would like to add that ports 1645, 1812 and 1813 are there in /etc/services file. Is the freeradius 0.6's configuration different freeradius 0.5's configuration? Because I really don't understand what's happen. Thanks for your help Cheers, Aaron T. Weiker wrote: When you run it in debug mode are there any errors? Can you verify that the radius server is seeing the request. Aaron Weiker -Original Message- From: Bertrand TACHAGO [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 23, 2002 12:38 PM To: [EMAIL PROTECTED] Subject: Re: Need help I'm running RH 7.2 with Freeradius version 0.6. I succeeded to restart the Radius server but nobody is able to connect; the connexion failed just after the username and password verification with the following error: Error 629 you have been disconnected from the computer you have called, unable to start a distant connexion. I added the following in the /etc/sysconfig/ipchains file in order to open the radius's ports i found in the /etc/services file: - A input -s 0/0 1645 -d radius_server_ip_address 1645 -p udp -i eth0 -j ACCEPT - A input -s 0/0 1812 -d radius_server_ip_address 1812 -p udp -i eth0 -j ACCEPT - A input -s 0/0 1813 -d radius_server_ip_address 1813 -p udp -i eth0 -j ACCEPT Please, can anyone help me to solve this crucial probleme? Thanks a lot in advance Ador Dauz wrote: I hope all your ports is open, specially for the radius. Because you might forgot the port to open, and its block of your ipchains policies... thats only I guess. thank's --ador On Monday 22 July 2002 21:07, you wrote: Hello, I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings were working properly. But since i upgraded the system to Redhat Linux 7.2, nothing is working: anyone is unable to connect. Please can someone help me solve this problem? Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help
Bertrand TACHAGO wrote: I launch radtest : radtest my_user_name my_password radius_server_ip_address 10 client_secret (client_secret is the same as in the /etc/raddb/clients file). Instead of radius_server_ip_address, try localhost or 127.0.0.1 (and the appropriate client_secret for that IP address). What does tcpdump report? -- Regards, Daryl Tester, Software Wrangler and Bit Herder, IOCANE Pty. Ltd. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help
Bertrand TACHAGO [EMAIL PROTECTED] wrote: I've been trying to run the radius server in debug mode ( radiusd -xxyz -l stdout ); it isn't showing errors and when i try to connect, the server isn't seeing the request. It's obvious you haven't read the FAQ, and you haven't closely read the debugging output of the server. One of the last messages the server prints out is which port it's listening on. I launch radtest : radtest my_user_name my_password radius_server_ip_address 10 client_secret (client_secret is the same as in the /etc/raddb/clients file). This is the output: Sending Access-Request of id 46 to radius_server_ip_address:1812 The server is probably listening on port 1645. I would like to add that ports 1645, 1812 and 1813 are there in /etc/services file. So you have duplicate ports listed for the service 'radius'? Why do you expect *anything* to work? The server (through standard library calls) asks for port radius, and your /etc/services file returns the first one: 1645. If you had read the FAQ, this is explained. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help
No, i don't have duplicates ports listed for the service radius. 1645 is listed in the /etc/services file for datametrics (old radius entry) 1812 is lited for radius and 1813 for radius-acct (radius accounting). I didn't add anything there, that's how this file was when I was running freeradius 0.5 and before I upgraded to RH 7.2. In the debug mode or in the normal way, the server print the following last messages: Listening on IP address radius_server_ip_address, ports 1812/udp and 1813/udp, with proxy on 1814/udp Ready to process requests. Those was the same messages I had with freeradius 0.5 before upgrading. But the server is not receiving any requests. My client is a livingston's portmaster 2e; I'm not able to start any radius command or tcpdump from there. Alan DeKok wrote: Bertrand TACHAGO [EMAIL PROTECTED] wrote: I've been trying to run the radius server in debug mode ( radiusd -xxyz -l stdout ); it isn't showing errors and when i try to connect, the server isn't seeing the request. It's obvious you haven't read the FAQ, and you haven't closely read the debugging output of the server. One of the last messages the server prints out is which port it's listening on. I launch radtest : radtest my_user_name my_password radius_server_ip_address 10 client_secret (client_secret is the same as in the /etc/raddb/clients file). This is the output: Sending Access-Request of id 46 to radius_server_ip_address:1812 The server is probably listening on port 1645. I would like to add that ports 1645, 1812 and 1813 are there in /etc/services file. So you have duplicate ports listed for the service 'radius'? Why do you expect *anything* to work? The server (through standard library calls) asks for port radius, and your /etc/services file returns the first one: 1645. If you had read the FAQ, this is explained. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help
I'm running RH 7.2 with Freeradius version 0.6. I succeeded to restart the Radius server but nobody is able to connect; the connexion failed just after the username and password verification with the following error: Error 629 you have been disconnected from the computer you have called, unable to start a distant connexion. I added the following in the /etc/sysconfig/ipchains file in order to open the radius's ports i found in the /etc/services file: - A input -s 0/0 1645 -d radius_server_ip_address 1645 -p udp -i eth0 -j ACCEPT - A input -s 0/0 1812 -d radius_server_ip_address 1812 -p udp -i eth0 -j ACCEPT - A input -s 0/0 1813 -d radius_server_ip_address 1813 -p udp -i eth0 -j ACCEPT Please, can anyone help me to solve this crucial probleme? Thanks a lot in advance Ador Dauz wrote: I hope all your ports is open, specially for the radius. Because you might forgot the port to open, and its block of your ipchains policies... thats only I guess. thank's --ador On Monday 22 July 2002 21:07, you wrote: Hello, I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings were working properly. But since i upgraded the system to Redhat Linux 7.2, nothing is working: anyone is unable to connect. Please can someone help me solve this problem? Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help
Just to specify that the client is a livingston portmaster 2e Cheers Bertrand TACHAGO wrote: I'm running RH 7.2 with Freeradius version 0.6. I succeeded to restart the Radius server but nobody is able to connect; the connexion failed just after the username and password verification with the following error: Error 629 you have been disconnected from the computer you have called, unable to start a distant connexion. I added the following in the /etc/sysconfig/ipchains file in order to open the radius's ports i found in the /etc/services file: - A input -s 0/0 1645 -d radius_server_ip_address 1645 -p udp -i eth0 -j ACCEPT - A input -s 0/0 1812 -d radius_server_ip_address 1812 -p udp -i eth0 -j ACCEPT - A input -s 0/0 1813 -d radius_server_ip_address 1813 -p udp -i eth0 -j ACCEPT Please, can anyone help me to solve this crucial probleme? Thanks a lot in advance Ador Dauz wrote: I hope all your ports is open, specially for the radius. Because you might forgot the port to open, and its block of your ipchains policies... thats only I guess. thank's --ador On Monday 22 July 2002 21:07, you wrote: Hello, I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings were working properly. But since i upgraded the system to Redhat Linux 7.2, nothing is working: anyone is unable to connect. Please can someone help me solve this problem? Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Need help
When you run it in debug mode are there any errors? Can you verify that the radius server is seeing the request. Aaron Weiker -Original Message- From: Bertrand TACHAGO [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 23, 2002 12:38 PM To: [EMAIL PROTECTED] Subject: Re: Need help I'm running RH 7.2 with Freeradius version 0.6. I succeeded to restart the Radius server but nobody is able to connect; the connexion failed just after the username and password verification with the following error: Error 629 you have been disconnected from the computer you have called, unable to start a distant connexion. I added the following in the /etc/sysconfig/ipchains file in order to open the radius's ports i found in the /etc/services file: - A input -s 0/0 1645 -d radius_server_ip_address 1645 -p udp -i eth0 -j ACCEPT - A input -s 0/0 1812 -d radius_server_ip_address 1812 -p udp -i eth0 -j ACCEPT - A input -s 0/0 1813 -d radius_server_ip_address 1813 -p udp -i eth0 -j ACCEPT Please, can anyone help me to solve this crucial probleme? Thanks a lot in advance Ador Dauz wrote: I hope all your ports is open, specially for the radius. Because you might forgot the port to open, and its block of your ipchains policies... thats only I guess. thank's --ador On Monday 22 July 2002 21:07, you wrote: Hello, I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings were working properly. But since i upgraded the system to Redhat Linux 7.2, nothing is working: anyone is unable to connect. Please can someone help me solve this problem? Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Need help please
Run radiusd in debug mode with the -x flag. Then let us know what errors or stange things are appearing. Aaron Weiker -Original Message- From: Bertrand TACHAGO [mailto:[EMAIL PROTECTED]] Sent: Monday, July 22, 2002 11:14 AM To: [EMAIL PROTECTED] Subject: Need help please Hello, I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings were working properly. But since I upgraded the system to Redhat Linux 7.2, nothing is working now: anyone is unable to connect. Please can someone help me solve this problem? Thanks in advance -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need help
Hello, I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings were working properly. But since i upgraded the system to Redhat Linux 7.2, nothing is working: anyone is unable to connect. Please can someone help me solve this problem? Thanks in advance -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need help please
Hello, I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings were working properly. But since I upgraded the system to Redhat Linux 7.2, nothing is working now: anyone is unable to connect. Please can someone help me solve this problem? Thanks in advance -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need help
Hello, I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings were working properly. But since i upgraded the system to Redhat Linux 7.2, nothing is working: anyone is unable to connect. Please can someone help me solve this problem? Thanks in advance -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help
Bertrand TACHAGO [EMAIL PROTECTED] wrote: ... Posting 4 copies of the same message to the list without reading any replies isn't nice. Read the FAQ. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help
Sorry, there was a problem with my mail server. Alan DeKok wrote: Bertrand TACHAGO [EMAIL PROTECTED] wrote: ... Posting 4 copies of the same message to the list without reading any replies isn't nice. Read the FAQ. Alan DeKok. -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help please
I had recompiled the program as you adviced me but at now, when I'm trying to start the program, I have the following error: Starting Freeradius server: radwatch/etc/rc.d/init.d/rc.radiusd: start-stop-daemon: command not found radiusd. Please can you tell me what wrong is? Enesha Fairluck wrote: try recompiling the program - Original Message - From: Bertrand TACHAGO To: [EMAIL PROTECTED] Sent: Monday, July 22, 2002 10:28 AM Subject: Need help please Hello, I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings were working properly. But since I upgraded the system to Redhat Linux 7.2, nothing is working now: anyone is unable to connect. Please can someone help me solve this problem? Thanks in advance -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Need help please
The problem is the startup script you are using. To start the daemon just execute radiusd directly and pass the appropriate arguments. Not all flavors of *nix have the start-stop-daemon program/function. Aaron -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bertrand TACHAGO Sent: Monday, July 22, 2002 1:17 PM To: Enesha Fairluck Cc: [EMAIL PROTECTED] Subject: Re: Need help please I had recompiled the program as you adviced me but at now, when I'm trying to start the program, I have the following error: Starting Freeradius server: radwatch/etc/rc.d/init.d/rc.radiusd: start-stop-daemon: command not found radiusd. Please can you tell me what wrong is? Enesha Fairluck wrote: try recompiling the program - Original Message - From: Bertrand TACHAGO To: [EMAIL PROTECTED] Sent: Monday, July 22, 2002 10:28 AM Subject: Need help please Hello, I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings were working properly. But since I upgraded the system to Redhat Linux 7.2, nothing is working now: anyone is unable to connect. Please can someone help me solve this problem? Thanks in advance -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help
I hope all your ports is open, specially for the radius. Because you might forgot the port to open, and its block of your ipchains policies... thats only I guess. thank's --ador On Monday 22 July 2002 21:07, you wrote: Hello, I was using freeradius version 0.5 with Redhat Linux 7.1 and everythings were working properly. But since i upgraded the system to Redhat Linux 7.2, nothing is working: anyone is unable to connect. Please can someone help me solve this problem? Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Newbie -- need help
BORCHERS,JASON (HP-Roseville,ex1) [EMAIL PROTECTED] wrote: I'm really at a loss here, and since I'm so new to RADIUS I have no idea what to do next. I suspect I've missed an important step in setting up the server. Does anyone have any ideas? Read the FAQ? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need help please
Hi everyone, i have a strange problem in my server. After a user has log off from the system or especially when the light turn off, the system is still react as the user is still logged in. This is showed by RADLAST or RADWHO command. What's wrong and how can I solve this problem? I'm running RH 7.1 with radiusd-cistron-1.6.6. Thanks a lot for your help. -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/
RE: Need help please
Hi everyone, i have a strange problem in my server. After a user has log off from the system or especially when the light turn off, the system is still react as the user is still logged in. This is showed by RADLAST or RADWHO command. What's wrong and how can I solve this problem? I'm running RH 7.1 with radiusd-cistron-1.6.6. Thanks a lot for your help. Wrong list. This is the freeradius list not the cistron radius list. But perhaps you should switch to freeradius cause it's more stable and better than cistron. P.S.: could you please stop using HTML in your mails to a mailinglist, it's considered to be not very polite. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help please
Stefan Immel wrote: Hi everyone, i have a strange problem in my server. After a user has log off from the system or especially when the light turn off, the system is still react as the user is still logged in. This is showed by RADLAST or RADWHO command. What's wrong and how can I solve this problem? I'm running RH 7.1 with radiusd-cistron-1.6.6. Thanks a lot for your help. Wrong list. This is the freeradius list not the cistron radius list. But perhaps you should switch to freeradius cause it's more stable and better than cistron. P.S.: could you please stop using HTML in your mails to a mailinglist, it's considered to be not very polite. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Many thanks. I'm going to try and let you know what happens -- Bertrand TACHAGO Computer specialist, Network Information Specialist SDNP SchoolNet Cameroon (237)221 25 53 Yaounde Cameroon My website: http://www.sdnp.cm/tachago/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Newbie -- need help
Hi everyone, I need to set up a Freeradius server to act as an authenticator for network switches. I'm very new to Linux and RADIUS, and am having trouble. I've downloaded and installed version 0.5. I added a switch to the clients.conf file, and then configured the switch to use the Freeradius server for telnet login authentication. When I attempt to telnet into this switch, after I enter the user name and password, I get a Can't reach RADIUS server message as it times out. I know this isn't true, because I can successfully ping the server from the switch. I've also triple-checked to make sure I entered the correct server address into the switch. I'm really at a loss here, and since I'm so new to RADIUS I have no idea what to do next. I suspect I've missed an important step in setting up the server. Does anyone have any ideas? Thanks, Jason - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4
I am running FreeRADIUS 0.4 with PostgreSQL backend, it's been running great. I am now required to add Ascend-Data-Filter (s). After reading the documentation I came up with the following: The following in /usr/local/freeradius/etc/raddb/attrs DEFAULT Service-Type == Framed-User, Service-Type == Login-User, Login-Service == Telnet, Login-Service == Rlogin, Login-Service == TCP-Clear, Login-TCP-Port = 65536, Framed-IP-Address == 255.255.255.254, Framed-IP-Netmask == 255.255.255.255, Framed-Protocol == PPP, Framed-Protocol == SLIP, Framed-Compression == Van-Jacobson-TCP-IP, Framed-MTU = 576, Framed-Filter-ID =~ .*, Reply-Message =~ .*, Session-Timeout = 28800, Idle-Timeout = 600, Port-Limit = 2, Ascend-Data-Filter = ip in forward tcp est, Ascend-Data-Filter = ip in forward dstip ip.of.mail.box/32, Ascend-Data-Filter = ip in drop tcp dstport = 25, Ascend-Data-Filter = ip in forward And the following in /usr/local/freeradus/etc/raddb/radius.conf authorize { preprocess attr_filter sql # files # counter # attr_filter # eap # suffix # files # mschap } but alas, the filters do not get send. What am I missing? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4
Lists [EMAIL PROTECTED] wrote: I am running FreeRADIUS 0.4 with PostgreSQL backend, it's been running great. I am now required to add Ascend-Data-Filter (s). After reading the documentation I came up with the following: The following in /usr/local/freeradius/etc/raddb/attrs DEFAULT Service-Type == Framed-User, Service-Type == Login-User, This is wrong. Please read 'man 5 users' for a description of what '==' does. Framed-MTU = 576, This will NEVER do what you think. The Framed-MTU is an attribute which tells the NAS *exactly* what size MTU to use, and NOT a range. Ascend-Data-Filter = ip in forward tcp est, Ascend-Data-Filter = ip in forward dstip ip.of.mail.box/32, Use '+=' here, instead of '='. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4
At 02:16 PM 5/28/2002 -0700, Lists wrote: I am running FreeRADIUS 0.4 with PostgreSQL backend, it's been running great. I am now required to add Ascend-Data-Filter (s). After reading the documentation I came up with the following: The following in /usr/local/freeradius/etc/raddb/attrs 8 snip Ascend-Data-Filter = ip in forward tcp est, Ascend-Data-Filter = ip in forward dstip ip.of.mail.box/32, Ascend-Data-Filter = ip in drop tcp dstport = 25, Ascend-Data-Filter = ip in forward but alas, the filters do not get send. What am I missing? := is the operator you want. And you really want to upgrade to the latest release, as there have been changes to the way attrs is parsed and the operators you can use ( two new ones are now available =* and !* ). -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4
Chris Parker [EMAIL PROTECTED] wrote: This is not 'users'. This is 'attrs'. The operators specified were correct for that usage, apart from the Data-Filter ones, which should have been := ( Set Operator ). :) Whoops, sorry. I skimmed the message too quickly, I think. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4
At 02:30 PM 5/28/2002 -0400, Alan DeKok wrote: Lists [EMAIL PROTECTED] wrote: I am running FreeRADIUS 0.4 with PostgreSQL backend, it's been running great. I am now required to add Ascend-Data-Filter (s). After reading the documentation I came up with the following: The following in /usr/local/freeradius/etc/raddb/attrs DEFAULT Service-Type == Framed-User, Service-Type == Login-User, This is wrong. Please read 'man 5 users' for a description of what '==' does. This is not 'users'. This is 'attrs'. The operators specified were correct for that usage, apart from the Data-Filter ones, which should have been := ( Set Operator ). :) -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4
OK it's getting clearer. Now, when I use radtest, should I see those filters in the output? Cause I am not seeing any. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Chris Parker Sent: Tuesday, May 28, 2002 11:37 AM To: [EMAIL PROTECTED] Subject: Re: Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4 At 02:30 PM 5/28/2002 -0400, Alan DeKok wrote: Lists [EMAIL PROTECTED] wrote: I am running FreeRADIUS 0.4 with PostgreSQL backend, it's been running great. I am now required to add Ascend-Data-Filter (s). After reading the documentation I came up with the following: The following in /usr/local/freeradius/etc/raddb/attrs DEFAULT Service-Type == Framed-User, Service-Type == Login-User, This is wrong. Please read 'man 5 users' for a description of what '==' does. This is not 'users'. This is 'attrs'. The operators specified were correct for that usage, apart from the Data-Filter ones, which should have been := ( Set Operator ). :) -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4
Well, to answer my own question, I should but I am not. I have the following entry in radiusd.conf authorize { preprocess attr_filter sql } attr_filter in turn has this: attr_filter { attrsfile = ${confdir}/attrs } and attrs DEFAULT Service-Type == Framed-User, Service-Type == Login-User, Login-Service == Telnet, Login-Service == Rlogin, Login-Service == TCP-Clear, Login-TCP-Port = 65536, Framed-IP-Address == 255.255.255.254, Framed-IP-Netmask == 255.255.255.255, Framed-Protocol == PPP, Framed-Protocol == SLIP, Framed-Compression == Van-Jacobson-TCP-IP, Framed-MTU = 576, Framed-Filter-ID =~ .*, Reply-Message =~ .*, Session-Timeout = 28800, Idle-Timeout = 600, Port-Limit = 2, Ascend-Data-Filter += ip in forward tcp est, Ascend-Data-Filter := ip in forward dstip ip.of.mailbox/32, Ascend-Data-Filter := ip in drop tcp dstport = 25, Ascend-Data-Filter := ip in forward, Fall-Through = yes what gives? OK it's getting clearer. Now, when I use radtest, should I see those filters in the output? Cause I am not seeing any. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Chris Parker Sent: Tuesday, May 28, 2002 11:37 AM To: [EMAIL PROTECTED] Subject: Re: Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4 At 02:30 PM 5/28/2002 -0400, Alan DeKok wrote: Lists [EMAIL PROTECTED] wrote: I am running FreeRADIUS 0.4 with PostgreSQL backend, it's been running great. I am now required to add Ascend-Data-Filter (s). After reading the documentation I came up with the following: The following in /usr/local/freeradius/etc/raddb/attrs DEFAULT Service-Type == Framed-User, Service-Type == Login-User, This is wrong. Please read 'man 5 users' for a description of what '==' does. This is not 'users'. This is 'attrs'. The operators specified were correct for that usage, apart from the Data-Filter ones, which should have been := ( Set Operator ). :) -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4
At 04:46 PM 5/28/2002 -0700, Lists wrote: DEFAULT Service-Type == Framed-User, Service-Type == Login-User, Login-Service == Telnet, Login-Service == Rlogin, Login-Service == TCP-Clear, Login-TCP-Port = 65536, Framed-IP-Address == 255.255.255.254, Framed-IP-Netmask == 255.255.255.255, Framed-Protocol == PPP, Framed-Protocol == SLIP, Framed-Compression == Van-Jacobson-TCP-IP, Framed-MTU = 576, Framed-Filter-ID =~ .*, Reply-Message =~ .*, Session-Timeout = 28800, Idle-Timeout = 600, Port-Limit = 2, Ascend-Data-Filter += ip in forward tcp est, No. Use :=. Ascend-Data-Filter := ip in forward dstip ip.of.mailbox/32, Ascend-Data-Filter := ip in drop tcp dstport = 25, Ascend-Data-Filter := ip in forward, Fall-Through = yes what gives? Run a recent version. Earlier versions have known problems that cannot be fixed except by upgrading. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need help w/ Accounting error message
Hi I am running FreeRadius 0.5. I keep seeing the following error in the radius.log file: - Mon Apr 15 12:18:27 2002 : Error: Received Accounting-Request packet from xxx.xxx.xxx.xxx with invalid signature! - and the radius accounting does not log any data coming from that device. There is nothing wrong with the secret because customers are able to authenticate. Can someone give me a hint or a clue on how to fix it? I tried searching for an answer with google.com but to no avail. Lucent PM3 Term servers, FreeBSD 4.5, MySQL Database ... Thanks, Paul - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need help w/ Accounting error message
Paul S. Puth [EMAIL PROTECTED] wrote: Mon Apr 15 12:18:27 2002 : Error: Received Accounting-Request packet from xxx.xxx.xxx.xxx with invalid signature! - and the radius accounting does not log any data coming from that device. There is nothing wrong with the secret because customers are able to authenticate. Some NAS boxes have a different secret for authentiction packets and accounting packets. You should check that. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
a new comer need help
hi everyone i'm a new comer just installed a freeradius,i found it's default use unix password file to authenticate,can anyone tell me how can i change it to use ldap ,or a database(oracle) to authenticate?thank's a lot.so kind of you. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a new comer need help
Read the comment line on radius.conf Munir Hasan [EMAIL PROTECTED] wrote: hi everyone i'm a new comer just installed a freeradius,i found it's default use unix password file to authenticate,can anyone tell me how can i change it to use ldap ,or a database(oracle) to authenticate?thank's a lot.so kind of you. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
need help
hi,everyone how can i authenticate and authorizationwith ldap or database(such as oracle,sybase...),thanks wheatly shtel: 86-21-52984755-215email: [EMAIL PROTECTED]
starting radiusd- need help
Hi, I am newbie to Free Radius Server. I am using the latest version of Cistron Radius available in the FreeRadius site. I am trying to configure the Free Radius Server for processing simple Radius attributes. I have successfully run the configure, make and make install. I am trying to edit+rename the raddb files. In the README document in the /doc available as a part of the Server package, its being mentioned to start radiusd. But how do we build this executable message? Can any one help me in this regard Thank in Advance Selvam M - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: starting radiusd- need help
At 01:20 PM 11/27/2001 +, Selvam Murugesan wrote: Hi, I am newbie to Free Radius Server. I am using the latest version of Cistron Radius available in the FreeRadius site. I am trying to configure the Free Radius Server for processing simple Radius attributes. I have successfully run the configure, make and make install. I am trying to edit+rename the raddb files. In the README document in the /doc available as a part of the Server package, its being mentioned to start radiusd. But how do we build this executable message? If you didn't change any of the paths, radiusd will install itself as: /usr/local/sbin/radiusd The files in raddb are located in: /usr/local/etc/raddb by default. You can edit them in place. I'd recommend keeping backup copies of the originals ( which will also be located in the source ). As for renaming the files, that is not recommended as it will require you to change the code as well. -Chris -- \\\|||/// \ Chris Parker-Manager, Development Engineering \ ~ ~ / \ WX *is* Wireless!\ [EMAIL PROTECTED] | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Without C we would have 'obol', 'basi', and 'pasal' - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Need Help setting up config
Randy Perryman [EMAIL PROTECTED] wrote: How do I setup FreeRadius to authenticat MS-Chap across a Cisco 2620 VPN using pptp? Upgrade to the latest CVS version. Version 0.3 had problems which made it unable to do MS-CHAP authentication. Then, in the 'users' file, do: DEFAULT Auth-Type := MS-CHAP, ... ... and it should work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Need Help setting up config
Title: Message I just can't find the answer. How do I setup FreeRadius to authenticat MS-Chap across a Cisco 2620 VPN using pptp? I have setup the router to FreeRadius to authenticate for logging onto the console, but I can't get it to authenticate passwords. thanks -- Randy
More Informaiton: Need Help setting up config:
Title: Message Here is an exert from running radiusd -X. When I configure to except CHAP only, authentication works great. How do I setup to allow MS-CHAP? I see where the failure occurs, but I do not understand the why. Additional information: radiusd: FreeRADIUS Version 0.3, for host i686-pc-linux-gnu, built on Oct 16 2001 at 17:07:19 I compiled this last night with the lastest download. rad_recv: Access-Request packet from host 192.168.1.1:1645, id=46, length=132 NAS-IP-Address = 192.168.1.1 NAS-Port = 2 NAS-Port-Type = Virtual User-Name = "user" MS-CHAP-Challenge = 0x10126adf2c34ff7 MS-CHAP-Response = 0x2c0149adsfasd337dab27336c5883801cb4154eea73912ef Service-Type = Framed-User Framed-Protocol = PPPmodcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "suffix" returns ok users: Matched randyp at 12 modcall[authorize]: module "files" returns okmodcall: group authorize returns ok rad_check_password: Found Auth-Type MS-CHAPauth: No Password or CHAP-Password attribute in the requestauth: Failed to validate the user.Sending Access-Reject of id 46 to 192.168.1.1:1645Finished request 1Going to the next request--- Walking the entire request list ---Waking up in 6 seconds...--- Walking the entire request list ---Cleaning up request 1 ID 46 with timestamp 3bcf3f77 -- Randy