Build problem on Debian 3
Build process breaks down at following point: /root/freeradius/freeradius-1.0.1/libtool --mode=link gcc -release 1.0.1 \ -module -export-dynamic -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -D OP ENSSL_NO_KRB5 -I../.. -I../../../../include \ -I'/usr/include/mysql' -o rlm_sql_mysql.la -rpath /usr/local/lib sql_mysql.lo -L'/usr/lib' -lmysqlclient -lz -lcrypt -lnsl -lm rm -fr .libs/rlm_sql_mysql.la .libs/rlm_sql_mysql.* .libs/rlm_sql_mysql-1.0.1.* gcc -shared sql_mysql.lo -L/usr/lib /usr/lib/libmysqlclient.so -lz -lcrypt -lnsl -lm -Wl,-soname -Wl,rlm_sql_my sql-1.0.1.so -o .libs/rlm_sql_mysql-1.0.1.so /usr/bin/ld: cannot find -lz collect2: ld returned 1 exit status make[10]: *** [rlm_sql_mysql.la] Error 1 make[10]: Leaving directory `/root/freeradius/freeradius-1.0.1/src/modules/rlm_sql/drivers/rlm_sql_mysql ' make[9]: *** [common] Error 1 make[9]: Leaving directory `/root/freeradius/freeradius-1.0.1/src/modules/rlm_sql/drivers' make[8]: *** [dynamic] Error 2 make[8]: Leaving directory `/root/freeradius/freeradius-1.0.1/src/modules/rlm_sql/drivers' make[7]: *** [common] Error 1 make[7]: Leaving directory `/root/freeradius/freeradius-1.0.1/src/modules/rlm_sql' make[6]: *** [dynamic] Error 2 make[6]: Leaving directory `/root/freeradius/freeradius-1.0.1/src/modules/rlm_sql' make[5]: *** [common] Error 1 make[5]: Leaving directory `/root/freeradius/freeradius-1.0.1/src/modules' make[4]: *** [all] Error 2 make[4]: Leaving directory `/root/freeradius/freeradius-1.0.1/src/modules' make[3]: *** [common] Error 1 make[3]: Leaving directory `/root/freeradius/freeradius-1.0.1/src' make[2]: *** [all] Error 2 make[2]: Leaving directory `/root/freeradius/freeradius-1.0.1/src' make[1]: *** [common] Error 1 make[1]: Leaving directory `/root/freeradius/freeradius-1.0.1' make: *** [all] Error 2 Where is the problem? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Build problem on Debian 3
In other news for Mon, Nov 01, 2004 at 12:22:04PM +0400, rashad has been seen typing: Build process breaks down at following point: /usr/bin/ld: cannot find -lz Where is the problem? There. -- Rens Houben |opinions are mine Resident linux guru and sysadmin | if my employers have one Systemec Internet Services. |they'll tell you themselves PGP key at http://swordbreaker.systemec.nl/~shadur/shadur.key.asc - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
problem building from CVS
Hi. While trying to build last CVS snapshot on sunos 5.8 i got some error: gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DOPENSSL_NO_KRB5 -Wall -D_GNU_SOURCE -g -Wshadow -Wpointer-arith -Wcast-qual -Wcast-align -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -W -Wredundant-decls -Wundef -I../include -DHOSTINFO=\sparc-sun-solaris2.8\ -DRADIUSD_VERSION=\1.1.0-pre0\ -o radrelay radrelay.o mainconfig.o util.o nas.o client.o log.o conffile.o files.o xlat.o -shared -L/install/src/frCVS/radiusd/src/lib ../lib/.libs/libradius.a -lnsl -lresolv -lsocket -lposix4 -lpthread -lcrypto /install/src/frCVS/radiusd/src/lib/.libs/libradius.a -lcrypt Text relocation remains referenced against symbol offset in file unknown 0x1744 radrelay.o ... ..very-very long listing.. ... lockf 0x304 ../lib/.libs/libradius.a(misc.o) ld: fatal: relocations remain against allocatable but non-writable sections collect2: ld returned 1 exit status make[4]: *** [radrelay] Error 1 make[4]: Leaving directory `/install/src/frCVS/radiusd/src/main' make[3]: *** [common] Error 1 make[3]: Leaving directory `/install/src/frCVS/radiusd/src' make[2]: *** [all] Error 2 make[2]: Leaving directory `/install/src/frCVS/radiusd/src' make[1]: *** [common] Error 1 make[1]: Leaving directory `/install/src/frCVS/radiusd' make: *** [all] Error 2 SunOS abs-test 5.8 Generic_108528-29 sun4u sparc SUNW,Sun-Fire-V240 SMClibtool libtool (sparc) 1.5 What is it? -- Sincerely Yours, Alexander Serkin, Skylink, Moscow - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
unsubscribe 480096 thc@frognet.net
On 2004/11/01 10:52 EST [EMAIL PROTECTED] wrote: This is an automated response. There were problems with the email commands you sent to Mailman via the administrative address [EMAIL PROTECTED]. To obtain instructions on valid Mailman email commands, send email to [EMAIL PROTECTED] with the word help in the subject line or in the body of the message. If you want to reach the human being that manages this mailing list, please send your message to [EMAIL PROTECTED]. The following is a detailed description of the problems. * unsubscribe Usage: unsubscribe password [email-address] * End: -- The rest of the message is ignored: Tom Howell-Cintron Network Operations Center - FrogNet, Inc. 888.593.3764 - http://www.frognet.net/ -- Tom Howell-Cintron Network Operations Center - FrogNet, Inc. 888.593.3764 - http://www.frognet.net/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: How to Aurthenticate users with an external prog
but i want to DO authentication by an external program. from the doc it seems that you can only run an external program when a user is authenticated. am i right or there are other ways to do this? thanks, Payam Shabanian On Sat, 30 Oct 2004 11:26:55 -0400 (EDT), Dustin Doris [EMAIL PROTECTED] wrote: Look into the doc directory. README tells you about Exec-Program and Exec-Program-Wait you can put into the users file. variables.txt shows the variables that you can pass to it. Pay attention to the line with printenv /tmp/exec-program-wait. That will show you the variables that are actually being passed, very helpful! In raddb directory radiusd.conf look for the exec echo section. You can call an external program using that as well. Here is an example script I am testing. #!/usr/local/bin/bash if [ -z $FRAMED_IP_ADDRESS ] then exit 1 else exit 0 fi I am looking to see if there is a Framed-IP-Address in the reply values. if not, I reject them. I load it in radiusd.conf with exec reply_check { wait = yes program = /usr/local/etc/raddb/reply.sh input_pairs = reply output_pairs = reply packet_type = Access-Accept } and then execute it in the post-auth section post-auth { reply_check } Hope that is helpful. -Dusty Doris On Sat, 30 Oct 2004, Payam Shabanian wrote: hi, does anybody know: how to authenticate, Authorize, and do accounting on users with an external program? thanks Payam Shabanian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
pppoe auth problem
Dear all, I have configured pppoe+ mysql with free-radius. Now i have used the sql file camed along with free-radius source. this is the file freeradius-0.9.2/src/modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql Now i made the database according to told by this document http://www.frontios.com/freeradius.html So now my mysql look like this. But by doing this configuration i cant connect to the pppoe server. I am starting my radius in debug mode with this command: radiusd -X when connecting from client machine i m getting this error ...radius tell me like this. rad_recv: Access-Request packet from host 127.0.0.1:32768, id=237, length=68 Service-Type = Framed-User Framed-Protocol = PPP User-Name = joel User-Password = joel123 NAS-IP-Address = 127.0.0.1 NAS-Port = 1 modcall: entering group authorize for request 1 modcall[authorize]: module preprocess returns ok for request 1 modcall[authorize]: module chap returns noop for request 1 rlm_realm: No '@' in User-Name = joel, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop for request 1 radius_xlat: 'joel' rlm_sql (sql): sql_set_user escaped user -- 'joel' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'joel' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 rlm_sql: unknown attribute joel123 rlm_sql (sql): Error getting data from database rlm_sql (sql): SQL query error; rejecting user rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module sql returns fail for request 1 modcall: group authorize returns fail for request 1 Finished request 1 Here it is telling me that SQL querry error; rejecting use ...something related to sql query... What will be the problem How can i solve this problem ??? What i have done wrong mysql select * from radacct; Empty set (0.00 sec) mysql select * from radcheck; ++--+---+++ | id | UserName | Attribute | op | Value | ++--+---+++ | 1 | d2v | d2v123| == | d2vdy | | 2 | joel | joel123 | == | joelbhai | | 3 | dhaval | dhaval123 | == | dhavalbhai | ++--+---+++ 3 rows in set (0.00 sec) mysql select * from radgroupcheck; ++---+---++---+ | id | GroupName | Attribute | op | Value | ++---+---++---+ | 1 | dynamic | Auth-Type | := | Local | | 2 | static| Auth-Type | := | Local | ++---+---++---+ 2 rows in set (0.00 sec) mysql select * from radgroupreply; ++---+++-+--+ | id | GroupName | Attribute | op | Value | prio | ++---+++-+--+ | 1 | dynamic | Framed-Compresion | := | Van-Jacobsen-TCP-IP |1 | | 2 | dynamic | Framed-Protocol| := | PPP |1 | | 3 | dynamic | Service-Type | := | Framed-User |1 | | 4 | dynamic | Framed-MTU | := | 1500|1 | | 5 | static| Framed-Protocol| := | PPP |2 | | 6 | static| Service-Type | := | Framed-User |2 | | 7 | static| Framed-Compression | := | Van-Jacobsen-TCP-IP |2 | ++---+++-+--+ 7 rows in set (0.00 sec) mysql select * from radreply; ++--+---++--+ | id | UserName | Attribute | op | Value| ++--+---++--+ | 1 | joel | Framed-IP-Address | := | 192.168.0.25 | | 2 | dhaval | Framed-IP-Address | := | 192.168.0.30 | ++--+---++--+ 2 rows in set (0.00 sec) mysql select * from usergroup; ++--+---+ | id | UserName | GroupName | ++--+---+ | 1 | d2v | dynamic | | 2 | joel | static| | 3 | dhaval | static| ++--+---+ 3 rows in set (0.00 sec) -- Joel N.Solanki Systems Administrator Mobile: 91-9426353268 Phone No: 0265-550001/2/3/4/5 Ext: 211/212 Digtial 2 Virtual Internet Service Provider. http://www.packetraptor.com/ http://www.d2visp.com/ Gujarat (India) -- Joel N.Solanki Network Administrator Mobile: 91-9426353268 Phone No: 0265-550001/2/3/4/5 Ext: 211/212 Digtial 2 Virtual Internet Service Provider. http://www.packetraptor.com/ http://www.d2visp.com/ Gujarat (India) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
help:how to make XP supplicant to get an IP if I use ippool
freeradius-users-request hello,every boy. First,I am very sorry for my pool English. I have configured freeradius1.0.1 to use ippool module for ip assigement.In the debug,I can see freeradius has assign the IP,but I don't know how to make the XP supplicant to obtain this IP? Any suggestion? The following is the output during the debud mode: Sending Access-Accept of id 244 to 192.168.80.1:1812 MS-MPPE-Recv-Key = 0x024b0d4b7d6de98ef53c41dbd1144e8e8bfaaa3e413d0ef043536cecb98722e9 MS-MPPE-Send-Key = 0x925be1dbba27b4ce9971e4664c833d3c473b2220331ca702a91d261e36e449d5 EAP-Message = 0x03110004 Message-Authenticator = 0x User-Name = test Framed-IP-Address = 202.119.24.251 Framed-IP-Netmask = 255.255.255.0 regards! [EMAIL PROTECTED] 2004-11-01 .+-?m?zm??v+???-??m
Re: pppoe auth problem
HI joe Well can u check out with u 1st table mysql select * from radcheck; ++++--+--+ | id | UserName | Attribute | Value| Op | ++++--+--+ | 1 | fredf | Password | wilma| == | | 2 | barney | Password | betty| == | | 2 | dialrouter | Password | dialup | == | ++++--+--+ your table does not have Attribute value or Password it shoulde not value... Also u can check Using radtest wht will be result...n one more thing..When u will ask question write up in details not like i want to configure pppoe server +mysql+radius server do u tell where u configured PPPOE SERVER n what is tht i guess ( MikroTIK) Ha.ha.a.a.a.a.a.a. try to write query select * from radcheck Where USERNAME='joe' give this query in your mysql n will get result or not tell me ... Hope u get...something ! On 01 Nov 2004 16:28:45 +0530, Joel n.solanki [EMAIL PROTECTED] wrote: Dear all, I have configured pppoe+ mysql with free-radius. Now i have used the sql file camed along with free-radius source. this is the file freeradius-0.9.2/src/modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql Now i made the database according to told by this document http://www.frontios.com/freeradius.html So now my mysql look like this. But by doing this configuration i cant connect to the pppoe server. I am starting my radius in debug mode with this command: radiusd -X when connecting from client machine i m getting this error ...radius tell me like this. rad_recv: Access-Request packet from host 127.0.0.1:32768, id=237, length=68 Service-Type = Framed-User Framed-Protocol = PPP User-Name = joel User-Password = joel123 NAS-IP-Address = 127.0.0.1 NAS-Port = 1 modcall: entering group authorize for request 1 modcall[authorize]: module preprocess returns ok for request 1 modcall[authorize]: module chap returns noop for request 1 rlm_realm: No '@' in User-Name = joel, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop for request 1 radius_xlat: 'joel' rlm_sql (sql): sql_set_user escaped user -- 'joel' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'joel' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 rlm_sql: unknown attribute joel123 rlm_sql (sql): Error getting data from database rlm_sql (sql): SQL query error; rejecting user rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module sql returns fail for request 1 modcall: group authorize returns fail for request 1 Finished request 1 Here it is telling me that SQL querry error; rejecting use ...something related to sql query... What will be the problem How can i solve this problem ??? What i have done wrong mysql select * from radacct; Empty set (0.00 sec) mysql select * from radcheck; ++--+---+++ | id | UserName | Attribute | op | Value | ++--+---+++ | 1 | d2v | d2v123| == | d2vdy | | 2 | joel | joel123 | == | joelbhai | | 3 | dhaval | dhaval123 | == | dhavalbhai | ++--+---+++ 3 rows in set (0.00 sec) mysql select * from radgroupcheck; ++---+---++---+ | id | GroupName | Attribute | op | Value | ++---+---++---+ | 1 | dynamic | Auth-Type | := | Local | | 2 | static| Auth-Type | := | Local | ++---+---++---+ 2 rows in set (0.00 sec) mysql select * from radgroupreply; ++---+++-+--+ | id | GroupName | Attribute | op | Value | prio | ++---+++-+--+ | 1 | dynamic | Framed-Compresion | := | Van-Jacobsen-TCP-IP |1 | | 2 | dynamic | Framed-Protocol| := | PPP |1 | | 3 | dynamic | Service-Type | := | Framed-User |1 | | 4 | dynamic | Framed-MTU | := | 1500|1 | | 5 | static| Framed-Protocol| := | PPP |2 | | 6 | static| Service-Type | := | Framed-User |2 | | 7 | static| Framed-Compression | := | Van-Jacobsen-TCP-IP |2 | ++---+++-+--+ 7 rows in set (0.00 sec) mysql select * from radreply; ++--+---++--+ | id | UserName | Attribute | op | Value|
RE: ldap searching
It seems that one of our customers has a database in which it does Have duplicate users names, they were asking the following question: Would also like to know how LDAP handles duplicate user names (if the baseDN was set to O=ACME instead of OU=Users,O=ACME) If the basedn Is at the higher level there may be duplicates. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kostas Kalevras Sent: Sunday, October 31, 2004 9:54 AM To: [EMAIL PROTECTED] Subject: Re: ldap searching On Sun, 31 Oct 2004, Ron Wahler wrote: If there are multiple users in an LDAP database with the same login name what is The default behavior of the ldap module, will it stop at the first login name that Matches and compare the password ? I assume so. If I wanted it To keep comparing all the users it finds in the database until if either passes Or there is no more entries how would I configure that. The ldap module expects to find only *one* corresponding entry when searching for a user. If that does not happen it returns 'not found' That's not going to change, sorry. You could use the ldap_filter configuration directive and/or multiple ldap module instances to maybe get what you want. In any case, what you are describing is probably not the problem but the solution you imagine would work. Why don't you just describe the problem you 're facing? Thanks, Ron. -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: ldap searching
If there are multiple users in an LDAP database with the same login name what is The default behavior of the ldap module, will it stop at the first login name that Matches and compare the password ? I assume so. If I wanted it To keep comparing all the users it finds in the database until if either passes Or there is no more entries how would I configure that. The ldap module expects to find only *one* corresponding entry when searching for a user. If that does not happen it returns 'not found' That's not going to change, sorry. So if there are duplicate names in LDAP it returns not found? That's ok I just want to understand how it works. Thanks, Ron. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: ldap searching
On Mon, 1 Nov 2004, Ron Wahler wrote: It seems that one of our customers has a database in which it does Have duplicate users names, they were asking the following question: Would also like to know how LDAP handles duplicate user names (if the baseDN was set to O=ACME instead of OU=Users,O=ACME) If the basedn Is at the higher level there may be duplicates. Do you mean that there may be: uid=user,o=acme and uid=user,ou=users,o=acme ? If that is the case the solution is simple: ldap ldap1{ basedn = o=acme scope = one } ldap ldap2{ basedn = ou=users,o=acme scope = sub } authorize{ ldap1 ldap2 } authenticate{ ldap1 } The only problem is that a scope directive does not exist yet. Adding one will not be hard though if it is needed. If that is what is needed please open a bug request in bugs.freeradius.org. -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Access-Reject and freeradius-dialupadmin
As far as I read on this thread, http://lists.freeradius.org/archives/freeradius-users/2004/09/msg00313.html ... theres no problem inserting the Access-Reject on tables, is there some reason to use the (I guess cron-called) freeradius-dialupadmin/bin/log_badlogins instead inserting directly into the db? Regards - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Don't Proxy Alive Packets
hi all, is it possible to proxy all accounting (start/stop)packets - but not the alive(update) packets ? is there any solution ? thx4allinfos, joachim -- Geschenkt: 3 Monate GMX ProMail + 3 Top-Spielfilme auf DVD ++ Jetzt kostenlos testen http://www.gmx.net/de/go/mail ++ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
mod_auth_radius-2.0 difficulty
Hello all, I have used mod_auth_radius with apache 1.x.x with no problems. We recently started upgrading the apache servers to 2.0. I downloaded the mod_auth_radius-2.0.c from http://www.freeradius.org/mod_auth_radius/ . It is version 1.5.7. The module compiled correctly with apxs. I configured this module similar to how I configured the old one for apache 1.3.x. When I go to the diredtory I want to control, I get a login box. When I type in my login name and password, I get Internal Server Error. The logs say: configuration error: couldn't check user. No user file?: /wijsp Is there a way to increase the log level for this? I have: LoadModule radius_auth_module modules/mod_auth_radius-2.0.so right after auth_module in the httpd.conf. I have: IfModule mod_auth_radius-2.0.c AddRadiusAuth auth1.mail.vanderbilt.edu:1645 XXX 5 AddRadiusCookieValid 720 /IfModule at the very end of the httpd.conf file. Obviously, XXX is our radius secret. Within the virtual host in the ssl.conf file (we use ssl), I have: Alias /wijsp /export/apps/webi/uat/65/nodes/corvette/mycluster/APACHE SSL FOR TOMCAT/MasterWebServer-129.59.10.49_1443/wijsp Directory /export/apps/webi/uat/65/nodes/corvette/mycluster/APACHE SSL FOR TOMCAT/MasterWebServer-129.59.10.49_1443/wijsp Options FollowSymLinks AllowOverride All SSLRequireSSL AuthType Basic AuthName Webi 6.5 AuthAuthoritative off AuthRadiusAuthoritative on AuthRadiusCookieValid 5 AuthRadiusActive On require valid-user /Directory I have been trying to get this to work all day, and I am being pressured by the powers that be to get this working soon. Does anyone have any tips, hints, directions that can help me? If I have grossly misinterpreted the documentation, please let me know that as well. I do appreciate any help you can give. Thanks, Jennifer - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: dynamic IP addresses with mysql
Terence Agius [EMAIL PROTECTED] wrote: But how do I make that IP Address dynamic ? Use the ippool module. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Access-Reject and freeradius-dialupadmin
On Mon, 1 Nov 2004, Victor Romero wrote: As far as I read on this thread, http://lists.freeradius.org/archives/freeradius-users/2004/09/msg00313.html ... theres no problem inserting the Access-Reject on tables, is there some reason to use the (I guess cron-called) freeradius-dialupadmin/bin/log_badlogins instead inserting directly into the db? log_badlogins does the equivalent of a 'tail -f radius.log' so it should run all the time. The reason to use it instead of sql post-auth is that you can distinguish between the various reject reasons (multiple logins,login incorrects,invalid user etc) and also that with log_badlogins you can store the failed login information in multiple sql servers as well as handle sql server problems (the failed logins are kept on a per sql server backlog, so that if an sql server goes down we can just wait for it come up to send the info). Regards - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
help:how make windows xp 802.1X supplicant to obtain the IP if I use IPpool
freeradius-usersfreeradius-users-request, hello,every boy. First,I am very sorry for my pool English. I have configured freeradius1.0.1 to use ippool module for ip assigement.In the debug,I can see freeradius has assign the IP,but I don't know how to make the XP supplicant to obtain this IP? Any suggestion? The following is the output during the debud mode: Sending Access-Accept of id 244 to 192.168.80.1:1812 MS-MPPE-Recv-Key = 0x024b0d4b7d6de98ef53c41dbd1144e8e8bfaaa3e413d0ef043536cecb98722e9 MS-MPPE-Send-Key = 0x925be1dbba27b4ce9971e4664c833d3c473b2220331ca702a91d261e36e449d5 EAP-Message = 0x03110004 Message-Authenticator = 0x User-Name = test Framed-IP-Address = 202.119.24.251 Framed-IP-Netmask = 255.255.255.0 I am using RedHat9 for freeradius1.0.1 box,cisco 2950() for nas switch Cisco2950 : C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA1 My configuration for cisco nas is as follows: aaa new-model aaa authentication dot1x default group radius aaa authorization network default group radius aaa accounting dot1x default start-stop group radius dot1x system-auth-control radius-server host radius-server auth-port 1812 acct-port 1813 key keytesting radius-server retransmit 3 radius-server vsa send accounting regards! [EMAIL PROTECTED] 2004-11-02 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: help:how make windows xp 802.1X supplicant to obtain the IP if I use IPpool
??? [EMAIL PROTECTED] wrote: freeradius has assign the IP,but I don't know how to make the XP supplicant to obtain this IP? Any suggestion? You can't assign IP's that way. Use a DHCP server. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: pppoe auth problem
Uh Silly Mistake. I didnt take my tea today morning. Thanks vipul / Alan Dekok Regards, On Mon, 2004-11-01 at 18:56, Vipul Ramani wrote: HI joe Well can u check out with u 1st table mysql select * from radcheck; ++++--+--+ | id | UserName | Attribute | Value| Op | ++++--+--+ | 1 | fredf | Password | wilma| == | | 2 | barney | Password | betty| == | | 2 | dialrouter | Password | dialup | == | ++++--+--+ your table does not have Attribute value or Password it shoulde not value... Also u can check Using radtest wht will be result...n one more thing..When u will ask question write up in details not like i want to configure pppoe server +mysql+radius server do u tell where u configured PPPOE SERVER n what is tht i guess ( MikroTIK) Ha.ha.a.a.a.a.a.a. try to write query select * from radcheck Where USERNAME='joe' give this query in your mysql n will get result or not tell me ... Hope u get...something ! On 01 Nov 2004 16:28:45 +0530, Joel n.solanki [EMAIL PROTECTED] wrote: Dear all, I have configured pppoe+ mysql with free-radius. Now i have used the sql file camed along with free-radius source. this is the file freeradius-0.9.2/src/modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql Now i made the database according to told by this document http://www.frontios.com/freeradius.html So now my mysql look like this. But by doing this configuration i cant connect to the pppoe server. I am starting my radius in debug mode with this command: radiusd -X when connecting from client machine i m getting this error ...radius tell me like this. rad_recv: Access-Request packet from host 127.0.0.1:32768, id=237, length=68 Service-Type = Framed-User Framed-Protocol = PPP User-Name = joel User-Password = joel123 NAS-IP-Address = 127.0.0.1 NAS-Port = 1 modcall: entering group authorize for request 1 modcall[authorize]: module preprocess returns ok for request 1 modcall[authorize]: module chap returns noop for request 1 rlm_realm: No '@' in User-Name = joel, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop for request 1 radius_xlat: 'joel' rlm_sql (sql): sql_set_user escaped user -- 'joel' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'joel' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 rlm_sql: unknown attribute joel123 rlm_sql (sql): Error getting data from database rlm_sql (sql): SQL query error; rejecting user rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module sql returns fail for request 1 modcall: group authorize returns fail for request 1 Finished request 1 Here it is telling me that SQL querry error; rejecting use ...something related to sql query... What will be the problem How can i solve this problem ??? What i have done wrong mysql select * from radacct; Empty set (0.00 sec) mysql select * from radcheck; ++--+---+++ | id | UserName | Attribute | op | Value | ++--+---+++ | 1 | d2v | d2v123| == | d2vdy | | 2 | joel | joel123 | == | joelbhai | | 3 | dhaval | dhaval123 | == | dhavalbhai | ++--+---+++ 3 rows in set (0.00 sec) mysql select * from radgroupcheck; ++---+---++---+ | id | GroupName | Attribute | op | Value | ++---+---++---+ | 1 | dynamic | Auth-Type | := | Local | | 2 | static| Auth-Type | := | Local | ++---+---++---+ 2 rows in set (0.00 sec) mysql select * from radgroupreply; ++---+++-+--+ | id | GroupName | Attribute | op | Value | prio | ++---+++-+--+ | 1 | dynamic | Framed-Compresion | := | Van-Jacobsen-TCP-IP |1 | | 2 | dynamic | Framed-Protocol| := | PPP |1 | | 3 | dynamic | Service-Type | := | Framed-User |1 | | 4 | dynamic | Framed-MTU | := | 1500|1 | | 5 | static| Framed-Protocol| := | PPP |2 | | 6 | static| Service-Type | := | Framed-User |2 | | 7 | static| Framed-Compression | := | Van-Jacobsen-TCP-IP |2 |
RE: How do i change the format of Accouting detail file?
oh, I see, _-_ Would you like to tell me which modules I can use? rlm_sql? We worry about the DB performance when too many users,but haven't experiment. Regards. Yyc And the vision that was planted in my brain. Still remains with the Sound of Silence. Yyc [EMAIL PROTECTED] wrote: I notice the attributes logged in detail file were written in radiusd.conf: acct_unique { key = User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port } So? Those attributes are referenced all over the place. but after i delete Client-IP-Address for acct_unique{}, Client-IP-Address still in detail-2004; Because you have completely misunderstood how the configuration files work. what should i do if i want to reduce attributes. I'll write a module to read detail file every x(maybe 1-3)min, and store the data to our own DB for accouting. So less attributes are easy for my module to read. You're not going to write another FreeRADIUS module to do that. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems moving from FreeRADIUS 1.0.0 to version 1.0.1
Hello, I'm working with Nicolas - who sent the first mail. The module failing is not the one showed in the request (its cod eis too big). When we saw that something was going wrong, we quickly wrote a very simple module to stress the failure, and we built it with release 1.0.1. Geoffroy --- Alan DeKok [EMAIL PROTECTED] a écrit : Chaigneau Nicolas [EMAIL PROTECTED] wrote: I've been using FreeRADIUS 1.0.0 so far. I just tried to install FreeRADIUS 1.0.1, but I'm encountering a problem : I get a bus error upon receiving an access-request. Did you re-build you module in 1.0.1, or just re-use the lobrary from 1.0.0? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Vous manquez despace pour stocker vos mails ? Yahoo! Mail vous offre GRATUITEMENT 100 Mo ! Créez votre Yahoo! Mail sur http://fr.benefits.yahoo.com/ Le nouveau Yahoo! Messenger est arrivé ! Découvrez toutes les nouveautés pour dialoguer instantanément avec vos amis. A télécharger gratuitement sur http://fr.messenger.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems moving from FreeRADIUS 1.0.0 to version 1.0.1
Chaigneau Nicolas [EMAIL PROTECTED] wrote: I've been using FreeRADIUS 1.0.0 so far. I just tried to install FreeRADIUS 1.0.1, but I'm encountering a problem : I get a bus error upon receiving an access-request. Did you re-build you module in 1.0.1, or just re-use the lobrary from 1.0.0? I rebuilt my module in 1.0.1 Vous manquez despace pour stocker vos mails ? Yahoo! Mail vous offre GRATUITEMENT 100 Mo ! Créez votre Yahoo! Mail sur http://fr.benefits.yahoo.com/ Le nouveau Yahoo! Messenger est arrivé ! Découvrez toutes les nouveautés pour dialoguer instantanément avec vos amis. A télécharger gratuitement sur http://fr.messenger.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html