Build problem on Debian 3

2004-11-01 Thread rashad 
 Build process breaks down at following point:

 /root/freeradius/freeradius-1.0.1/libtool --mode=link gcc -release 1.0.1 \
 -module -export-dynamic  -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -D
OP
 ENSSL_NO_KRB5  -I../.. -I../../../../include \
 -I'/usr/include/mysql'  -o rlm_sql_mysql.la -rpath /usr/local/lib
 sql_mysql.lo -L'/usr/lib' -lmysqlclient -lz -lcrypt -lnsl -lm
 rm -fr .libs/rlm_sql_mysql.la .libs/rlm_sql_mysql.*
 .libs/rlm_sql_mysql-1.0.1.*
 gcc -shared  sql_mysql.lo  -L/usr/lib

/usr/lib/libmysqlclient.so -lz -lcrypt -lnsl -lm  -Wl,-soname -Wl,rlm_sql_my
 sql-1.0.1.so -o .libs/rlm_sql_mysql-1.0.1.so
 /usr/bin/ld: cannot find -lz
 collect2: ld returned 1 exit status
 make[10]: *** [rlm_sql_mysql.la] Error 1
 make[10]: Leaving directory

`/root/freeradius/freeradius-1.0.1/src/modules/rlm_sql/drivers/rlm_sql_mysql
 '
 make[9]: *** [common] Error 1
 make[9]: Leaving directory
 `/root/freeradius/freeradius-1.0.1/src/modules/rlm_sql/drivers'
 make[8]: *** [dynamic] Error 2
 make[8]: Leaving directory
 `/root/freeradius/freeradius-1.0.1/src/modules/rlm_sql/drivers'
 make[7]: *** [common] Error 1
 make[7]: Leaving directory
 `/root/freeradius/freeradius-1.0.1/src/modules/rlm_sql'
 make[6]: *** [dynamic] Error 2
 make[6]: Leaving directory
 `/root/freeradius/freeradius-1.0.1/src/modules/rlm_sql'
 make[5]: *** [common] Error 1
 make[5]: Leaving directory `/root/freeradius/freeradius-1.0.1/src/modules'
 make[4]: *** [all] Error 2
 make[4]: Leaving directory `/root/freeradius/freeradius-1.0.1/src/modules'
 make[3]: *** [common] Error 1
 make[3]: Leaving directory `/root/freeradius/freeradius-1.0.1/src'
 make[2]: *** [all] Error 2
 make[2]: Leaving directory `/root/freeradius/freeradius-1.0.1/src'
 make[1]: *** [common] Error 1
 make[1]: Leaving directory `/root/freeradius/freeradius-1.0.1'
 make: *** [all] Error 2


 Where is the problem?




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Build problem on Debian 3

2004-11-01 Thread Rens Houben 
In other news for Mon, Nov 01, 2004 at 12:22:04PM +0400, rashad has been seen typing:
  Build process breaks down at following point:

  /usr/bin/ld: cannot find -lz

  Where is the problem?

There.

-- 
Rens Houben   |opinions are mine
Resident linux guru and sysadmin  | if my employers have one
Systemec Internet Services.   |they'll tell you themselves
PGP key at http://swordbreaker.systemec.nl/~shadur/shadur.key.asc

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

problem building from CVS

2004-11-01 Thread Alexander Serkin 
Hi.
While trying to build last CVS snapshot on sunos 5.8 i got some error:
gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DOPENSSL_NO_KRB5 -Wall 
-D_GNU_SOURCE -g -Wshadow -Wpointer-arith -Wcast-qual -Wcast-align 
-Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations 
-Wnested-externs -W -Wredundant-decls -Wundef -I../include 
-DHOSTINFO=\sparc-sun-solaris2.8\ -DRADIUSD_VERSION=\1.1.0-pre0\ -o radrelay 
radrelay.o mainconfig.o util.o nas.o client.o log.o conffile.o files.o xlat.o 
-shared  -L/install/src/frCVS/radiusd/src/lib ../lib/.libs/libradius.a -lnsl 
-lresolv -lsocket -lposix4 -lpthread -lcrypto 
/install/src/frCVS/radiusd/src/lib/.libs/libradius.a -lcrypt
Text relocation remains referenced
against symbol  offset  in file
unknown   0x1744  radrelay.o
...
..very-very long listing..
...
lockf   0x304   ../lib/.libs/libradius.a(misc.o)
ld: fatal: relocations remain against allocatable but non-writable sections
collect2: ld returned 1 exit status
make[4]: *** [radrelay] Error 1
make[4]: Leaving directory `/install/src/frCVS/radiusd/src/main'
make[3]: *** [common] Error 1
make[3]: Leaving directory `/install/src/frCVS/radiusd/src'
make[2]: *** [all] Error 2
make[2]: Leaving directory `/install/src/frCVS/radiusd/src'
make[1]: *** [common] Error 1
make[1]: Leaving directory `/install/src/frCVS/radiusd'
make: *** [all] Error 2

SunOS abs-test 5.8 Generic_108528-29 sun4u sparc SUNW,Sun-Fire-V240
SMClibtool  libtool
(sparc) 1.5
What is it?
--
Sincerely Yours,
Alexander Serkin,
Skylink, Moscow
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

unsubscribe 480096 thc@frognet.net

2004-11-01 Thread T. Howell-Cintron 
On 2004/11/01 10:52 EST [EMAIL PROTECTED]
wrote:

 This is an automated response.
 
 There were problems with the email commands you sent to Mailman via
 the administrative address
 [EMAIL PROTECTED].
 
 To obtain instructions on valid Mailman email commands, send email to
 [EMAIL PROTECTED] with the word help
 in the subject line or in the body of the message.
 
 If you want to reach the human being that manages this mailing list,
 please send your message to
 [EMAIL PROTECTED].
 
 The following is a detailed description of the problems.
 
 
 * unsubscribe
  Usage: unsubscribe password [email-address]
 
 * End: --
 The rest of the message is ignored:
  Tom Howell-Cintron
  Network Operations Center - FrogNet, Inc.
  888.593.3764 - http://www.frognet.net/
  
  


-- 
Tom Howell-Cintron
Network Operations Center - FrogNet, Inc.
888.593.3764 - http://www.frognet.net/

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: How to Aurthenticate users with an external prog

2004-11-01 Thread Payam Shabanian 
but i want to DO authentication by an external program.
from the doc it seems that you can only run an external program
when a user is authenticated.
am i right or there are other ways to do this?

thanks,
Payam Shabanian

On Sat, 30 Oct 2004 11:26:55 -0400 (EDT), Dustin Doris
[EMAIL PROTECTED] wrote:
 Look into the doc directory.
 
 README tells you about Exec-Program and Exec-Program-Wait you can put into
 the users file.
 
 variables.txt shows the variables that you can pass to it.  Pay attention
 to the line with printenv  /tmp/exec-program-wait.  That will show you
 the variables that are actually being passed, very helpful!
 
 In raddb directory
 
 radiusd.conf look for the exec echo section.  You can call an external
 program using that as well.
 
 Here is an example script I am testing.
 
 #!/usr/local/bin/bash
 if [ -z $FRAMED_IP_ADDRESS ]
   then
   exit 1
 else
   exit 0
 fi
 
 I am looking to see if there is a Framed-IP-Address in the reply values.
 if not, I reject them.
 
 I load it in radiusd.conf with
 
 exec reply_check {
 wait = yes
 program = /usr/local/etc/raddb/reply.sh
 input_pairs = reply
 output_pairs = reply
 packet_type = Access-Accept
 }
 and then execute it in the post-auth section
 
 post-auth {
 reply_check
 }
 
 Hope that is helpful.
 
 -Dusty Doris
 
 
 
 
 On Sat, 30 Oct 2004, Payam Shabanian wrote:
 
  hi,
  does anybody  know:
  how to authenticate, Authorize, and do accounting on users
  with an external program?
 
  thanks
  Payam Shabanian
 
  -
  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
 
 
 -
 List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

pppoe auth problem

2004-11-01 Thread Joel n.solanki 
Dear all,

I have configured pppoe+ mysql with free-radius.
Now i have used the sql file camed along with free-radius source.
this is the file
freeradius-0.9.2/src/modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql

Now i made the database according to told by this document

http://www.frontios.com/freeradius.html

So now my mysql look like this.
But by doing this configuration i cant connect to the pppoe server.

I am starting my radius in debug mode with this command: radiusd -X

when connecting from client machine i m getting this error ...radius
tell me like this.

rad_recv: Access-Request packet from host 127.0.0.1:32768, id=237,
length=68
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = joel
User-Password = joel123
NAS-IP-Address = 127.0.0.1
NAS-Port = 1
modcall: entering group authorize for request 1
  modcall[authorize]: module preprocess returns ok for request 1
  modcall[authorize]: module chap returns noop for request 1
rlm_realm: No '@' in User-Name = joel, looking up realm NULL
rlm_realm: No such realm NULL
  modcall[authorize]: module suffix returns noop for request 1
radius_xlat:  'joel'
rlm_sql (sql): sql_set_user escaped user -- 'joel'
radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = 'joel' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql: unknown attribute joel123
rlm_sql (sql): Error getting data from database
rlm_sql (sql): SQL query error; rejecting user
rlm_sql (sql): Released sql socket id: 3
  modcall[authorize]: module sql returns fail for request 1
modcall: group authorize returns fail for request 1
Finished request 1


Here it is telling me that SQL querry error; rejecting use ...something
related to sql query...
What will be the problem 
How can i solve this problem ???
What i have done wrong 


mysql select * from radacct;
Empty set (0.00 sec)

mysql select * from radcheck;
++--+---+++
| id | UserName | Attribute | op | Value  |
++--+---+++
|  1 | d2v  | d2v123| == | d2vdy  |
|  2 | joel | joel123   | == | joelbhai   |
|  3 | dhaval   | dhaval123 | == | dhavalbhai |
++--+---+++
3 rows in set (0.00 sec)


mysql select * from radgroupcheck;
++---+---++---+
| id | GroupName | Attribute | op | Value |
++---+---++---+
|  1 | dynamic   | Auth-Type | := | Local |
|  2 | static| Auth-Type | := | Local |
++---+---++---+
2 rows in set (0.00 sec)


mysql select * from radgroupreply;
++---+++-+--+
| id | GroupName | Attribute  | op | Value   | prio
|
++---+++-+--+
|  1 | dynamic   | Framed-Compresion  | := | Van-Jacobsen-TCP-IP |1
|
|  2 | dynamic   | Framed-Protocol| := | PPP |1
|
|  3 | dynamic   | Service-Type   | := | Framed-User |1
|
|  4 | dynamic   | Framed-MTU | := | 1500|1
|
|  5 | static| Framed-Protocol| := | PPP |2
|
|  6 | static| Service-Type   | := | Framed-User |2
|
|  7 | static| Framed-Compression | := | Van-Jacobsen-TCP-IP |2
|
++---+++-+--+
7 rows in set (0.00 sec)



mysql select * from radreply;
++--+---++--+
| id | UserName | Attribute | op | Value|
++--+---++--+
|  1 | joel | Framed-IP-Address | := | 192.168.0.25 |
|  2 | dhaval   | Framed-IP-Address | := | 192.168.0.30 |
++--+---++--+
2 rows in set (0.00 sec)


mysql select * from usergroup;
++--+---+
| id | UserName | GroupName |
++--+---+
|  1 | d2v  | dynamic   |
|  2 | joel | static|
|  3 | dhaval   | static|
++--+---+
3 rows in set (0.00 sec)

-- 
Joel N.Solanki
Systems Administrator
Mobile: 91-9426353268
Phone No: 0265-550001/2/3/4/5 Ext: 211/212
Digtial 2 Virtual Internet Service Provider.
http://www.packetraptor.com/
http://www.d2visp.com/
Gujarat (India)
-- 
Joel N.Solanki
Network Administrator
Mobile: 91-9426353268
Phone No: 0265-550001/2/3/4/5 Ext: 211/212
Digtial 2 Virtual Internet Service Provider.
http://www.packetraptor.com/
http://www.d2visp.com/
Gujarat (India)



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

help:how to make XP supplicant to get an IP if I use ippool

2004-11-01 Thread 
freeradius-users-request

hello,every boy.

First,I am very sorry for my pool English.

I have configured freeradius1.0.1 to use ippool module for ip assigement.In 
the debug,I can see

freeradius has assign the IP,but I don't know how to make the XP supplicant to obtain 
this IP? Any suggestion?

The following is the output during the debud mode: 
Sending Access-Accept of id 244 to 192.168.80.1:1812
MS-MPPE-Recv-Key = 
0x024b0d4b7d6de98ef53c41dbd1144e8e8bfaaa3e413d0ef043536cecb98722e9
MS-MPPE-Send-Key = 
0x925be1dbba27b4ce9971e4664c833d3c473b2220331ca702a91d261e36e449d5
EAP-Message = 0x03110004
Message-Authenticator = 0x
User-Name = test
Framed-IP-Address = 202.119.24.251
Framed-IP-Netmask = 255.255.255.0



regards!




[EMAIL PROTECTED]
2004-11-01
.+-?m?zm??v+???-??mš

Re: pppoe auth problem

2004-11-01 Thread Vipul Ramani 
HI joe 

 Well can u check out with u 1st table
mysql select * from radcheck;
  ++++--+--+
  | id | UserName   | Attribute  | Value| Op   | 
  ++++--+--+
  |  1 | fredf  | Password   | wilma| ==   |
  |  2 | barney | Password   | betty| ==   |
  |  2 | dialrouter | Password   | dialup   | ==   |
  ++++--+--+

your table does not have Attribute value or Password it shoulde not  value...


Also u can check Using radtest wht will be result...n one more
thing..When  u will ask question write up in details not like i want
to configure pppoe server +mysql+radius server
 do u tell where u configured PPPOE SERVER n what is tht i
guess ( MikroTIK) Ha.ha.a.a.a.a.a.a.
try to write query 
select * from radcheck Where USERNAME='joe'
give this query in your mysql n will get result or not tell me ...

Hope u get...something !





On 01 Nov 2004 16:28:45 +0530, Joel n.solanki [EMAIL PROTECTED] wrote:
 Dear all,
 
 I have configured pppoe+ mysql with free-radius.
 Now i have used the sql file camed along with free-radius source.
 this is the file
 freeradius-0.9.2/src/modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql
 
 Now i made the database according to told by this document
 
 http://www.frontios.com/freeradius.html
 
 So now my mysql look like this.
 But by doing this configuration i cant connect to the pppoe server.
 
 I am starting my radius in debug mode with this command: radiusd -X
 
 when connecting from client machine i m getting this error ...radius
 tell me like this.
 
 rad_recv: Access-Request packet from host 127.0.0.1:32768, id=237,
 length=68
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = joel
User-Password = joel123
NAS-IP-Address = 127.0.0.1
NAS-Port = 1
 modcall: entering group authorize for request 1
  modcall[authorize]: module preprocess returns ok for request 1
  modcall[authorize]: module chap returns noop for request 1
rlm_realm: No '@' in User-Name = joel, looking up realm NULL
rlm_realm: No such realm NULL
  modcall[authorize]: module suffix returns noop for request 1
 radius_xlat:  'joel'
 rlm_sql (sql): sql_set_user escaped user -- 'joel'
 radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
 Username = 'joel' ORDER BY id'
 rlm_sql (sql): Reserving sql socket id: 3
 rlm_sql: unknown attribute joel123
 rlm_sql (sql): Error getting data from database
 rlm_sql (sql): SQL query error; rejecting user
 rlm_sql (sql): Released sql socket id: 3
  modcall[authorize]: module sql returns fail for request 1
 modcall: group authorize returns fail for request 1
 Finished request 1
 
 Here it is telling me that SQL querry error; rejecting use ...something
 related to sql query...
 What will be the problem 
 How can i solve this problem ???
 What i have done wrong 
 
 mysql select * from radacct;
 Empty set (0.00 sec)
 
 mysql select * from radcheck;
 ++--+---+++
 | id | UserName | Attribute | op | Value  |
 ++--+---+++
 |  1 | d2v  | d2v123| == | d2vdy  |
 |  2 | joel | joel123   | == | joelbhai   |
 |  3 | dhaval   | dhaval123 | == | dhavalbhai |
 ++--+---+++
 3 rows in set (0.00 sec)
 
 mysql select * from radgroupcheck;
 ++---+---++---+
 | id | GroupName | Attribute | op | Value |
 ++---+---++---+
 |  1 | dynamic   | Auth-Type | := | Local |
 |  2 | static| Auth-Type | := | Local |
 ++---+---++---+
 2 rows in set (0.00 sec)
 
 mysql select * from radgroupreply;
 ++---+++-+--+
 | id | GroupName | Attribute  | op | Value   | prio
 |
 ++---+++-+--+
 |  1 | dynamic   | Framed-Compresion  | := | Van-Jacobsen-TCP-IP |1
 |
 |  2 | dynamic   | Framed-Protocol| := | PPP |1
 |
 |  3 | dynamic   | Service-Type   | := | Framed-User |1
 |
 |  4 | dynamic   | Framed-MTU | := | 1500|1
 |
 |  5 | static| Framed-Protocol| := | PPP |2
 |
 |  6 | static| Service-Type   | := | Framed-User |2
 |
 |  7 | static| Framed-Compression | := | Van-Jacobsen-TCP-IP |2
 |
 ++---+++-+--+
 7 rows in set (0.00 sec)
 
 mysql select * from radreply;
 ++--+---++--+
 | id | UserName | Attribute | op | Value|

RE: ldap searching

2004-11-01 Thread Ron Wahler 

It seems that one of our customers has a database in which it does
Have duplicate users names, they were asking the following question:

Would also like to know how LDAP handles duplicate user names (if the
baseDN was set to O=ACME instead of OU=Users,O=ACME)

If the basedn Is at the higher level there may be duplicates.





-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kostas
Kalevras
Sent: Sunday, October 31, 2004 9:54 AM
To: [EMAIL PROTECTED]
Subject: Re: ldap searching

On Sun, 31 Oct 2004, Ron Wahler wrote:



 If there are multiple users in an LDAP database with the same login
name
 what is

 The default behavior of the ldap module, will it stop at the first
login
 name that

 Matches and compare the password ? I assume so.  If I wanted it

 To keep comparing all the users it finds in the database until if
either
 passes

 Or there is no more entries how would I configure that.

The ldap module expects to find only *one* corresponding entry when
searching 
for a user. If that does not happen it returns 'not found' That's not
going to 
change, sorry. You could use the ldap_filter configuration directive
and/or 
multiple ldap module instances to maybe get what you want.

In any case, what you are describing is probably not the problem but the

solution you imagine would work. Why don't you just describe the problem
you 
're facing?






 Thanks,

 Ron.



--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED]   National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf

- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: ldap searching

2004-11-01 Thread Ron Wahler 
 If there are multiple users in an LDAP database with the same login
name
 what is

 The default behavior of the ldap module, will it stop at the first
login
 name that

 Matches and compare the password ? I assume so.  If I wanted it

 To keep comparing all the users it finds in the database until if
either
 passes

 Or there is no more entries how would I configure that.

The ldap module expects to find only *one* corresponding entry when
searching 
for a user. If that does not happen it returns 'not found' That's not
going to 
change, sorry. 

So if there are duplicate names in LDAP it returns not found?  That's ok
I just want to understand how it works.

Thanks,
Ron.



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: ldap searching

2004-11-01 Thread Kostas Kalevras 
On Mon, 1 Nov 2004, Ron Wahler wrote:
It seems that one of our customers has a database in which it does
Have duplicate users names, they were asking the following question:
Would also like to know how LDAP handles duplicate user names (if the
baseDN was set to O=ACME instead of OU=Users,O=ACME)
If the basedn Is at the higher level there may be duplicates.
Do you mean that there may be:
uid=user,o=acme and uid=user,ou=users,o=acme ?
If that is the case the solution is simple:
ldap ldap1{
basedn = o=acme
scope = one
}
ldap ldap2{
basedn = ou=users,o=acme
scope = sub
}
authorize{
ldap1
ldap2
}
authenticate{
ldap1
}
The only problem is that a scope directive does not exist yet. Adding one will 
not be hard though if it is needed. If that is what is needed please open a bug 
request in bugs.freeradius.org.

--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED]   National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Access-Reject and freeradius-dialupadmin

2004-11-01 Thread Victor Romero 

As far as I read on this thread,
   
http://lists.freeradius.org/archives/freeradius-users/2004/09/msg00313.html
... theres no problem inserting the Access-Reject on tables, is there 
some reason to use the (I guess cron-called)  
freeradius-dialupadmin/bin/log_badlogins instead inserting directly into 
the db?

Regards
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Don't Proxy Alive Packets

2004-11-01 Thread Joachim Dostal 
hi all,
is it possible to proxy all accounting (start/stop)packets - but not the
alive(update) packets ?

is there any solution ?

thx4allinfos, joachim

-- 
Geschenkt: 3 Monate GMX ProMail + 3 Top-Spielfilme auf DVD
++ Jetzt kostenlos testen http://www.gmx.net/de/go/mail ++


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

mod_auth_radius-2.0 difficulty

2004-11-01 Thread Tippens, Jennifer 
Hello all,

I have used mod_auth_radius with apache 1.x.x with no problems.  We
recently started upgrading the apache servers to 2.0.  I downloaded the
mod_auth_radius-2.0.c from http://www.freeradius.org/mod_auth_radius/ .
It is version 1.5.7.  The module compiled correctly with apxs.  
I configured this module similar to how I configured the old one for
apache 1.3.x.  When I go to the diredtory I want to control, I get a
login box.  When I type in my login name and password, I get Internal
Server Error.  The logs say:
configuration error: couldn't check user. No user file?: /wijsp

Is there a way to increase the log level for this?  

I have:
LoadModule radius_auth_module modules/mod_auth_radius-2.0.so
right after auth_module in the httpd.conf.

I have:
IfModule mod_auth_radius-2.0.c
AddRadiusAuth auth1.mail.vanderbilt.edu:1645 XXX 5
AddRadiusCookieValid 720
/IfModule
at the very end of the httpd.conf file.  Obviously, XXX is our
radius secret.

Within the virtual host in the ssl.conf file (we use ssl), I have:

Alias /wijsp /export/apps/webi/uat/65/nodes/corvette/mycluster/APACHE
SSL FOR TOMCAT/MasterWebServer-129.59.10.49_1443/wijsp
Directory /export/apps/webi/uat/65/nodes/corvette/mycluster/APACHE SSL
FOR TOMCAT/MasterWebServer-129.59.10.49_1443/wijsp
  Options FollowSymLinks
  AllowOverride All
  SSLRequireSSL
  AuthType Basic
  AuthName Webi 6.5
  AuthAuthoritative off
  AuthRadiusAuthoritative on
  AuthRadiusCookieValid 5
  AuthRadiusActive On
  require valid-user
/Directory


I have been trying to get this to work all day, and I am being pressured
by the powers that be to get this working soon.  Does anyone have any
tips, hints, directions that can help me?  If I have grossly
misinterpreted the documentation, please let me know that as well.

I do appreciate any help you can give.

Thanks,
Jennifer

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: dynamic IP addresses with mysql

2004-11-01 Thread Alan DeKok 
Terence Agius [EMAIL PROTECTED] wrote:
 But how do I make that IP Address dynamic ? 

  Use the ippool module.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Access-Reject and freeradius-dialupadmin

2004-11-01 Thread Kostas Kalevras 
On Mon, 1 Nov 2004, Victor Romero wrote:

As far as I read on this thread,
  http://lists.freeradius.org/archives/freeradius-users/2004/09/msg00313.html
... theres no problem inserting the Access-Reject on tables, is there some 
reason to use the (I guess cron-called) 
freeradius-dialupadmin/bin/log_badlogins instead inserting directly into the 
db?
log_badlogins does the equivalent of a 'tail -f radius.log' so it should run all 
the time. The reason to use it instead of sql post-auth is that you can 
distinguish between the various reject reasons (multiple logins,login 
incorrects,invalid user etc) and also that with log_badlogins you can store the 
failed login information in multiple sql servers as well as handle sql server 
problems (the failed logins are kept on a per sql server backlog, so that if an 
sql server goes down we can just wait for it come up to send the info).

Regards
- List info/subscribe/unsubscribe? See 
http://www.freeradius.org/list/users.html

--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED]   National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

help:how make windows xp 802.1X supplicant to obtain the IP if I use IPpool

2004-11-01 Thread ??? 
freeradius-usersfreeradius-users-request,

hello,every boy.

First,I am very sorry for my pool English.

I have configured freeradius1.0.1 to use ippool module for ip assigement.In 
the debug,I can see

freeradius has assign the IP,but I don't know how to make the XP supplicant to obtain 
this IP? Any suggestion?

The following is the output during the debud mode: 
Sending Access-Accept of id 244 to 192.168.80.1:1812
MS-MPPE-Recv-Key = 
0x024b0d4b7d6de98ef53c41dbd1144e8e8bfaaa3e413d0ef043536cecb98722e9
MS-MPPE-Send-Key = 
0x925be1dbba27b4ce9971e4664c833d3c473b2220331ca702a91d261e36e449d5
EAP-Message = 0x03110004
Message-Authenticator = 0x
User-Name = test
Framed-IP-Address = 202.119.24.251
Framed-IP-Netmask = 255.255.255.0 

I am using RedHat9 for freeradius1.0.1 box,cisco 2950() for nas switch
Cisco2950 : C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA1

My configuration for cisco nas is as follows:
aaa new-model
aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa accounting dot1x default start-stop group radius

dot1x system-auth-control

radius-server host radius-server auth-port 1812 acct-port 1813 key keytesting
radius-server retransmit 3
radius-server vsa send accounting

regards!



   
[EMAIL PROTECTED]
  2004-11-02


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: help:how make windows xp 802.1X supplicant to obtain the IP if I use IPpool

2004-11-01 Thread Alan DeKok 
??? [EMAIL PROTECTED] wrote:
 freeradius has assign the IP,but I don't know how to make the XP
 supplicant to obtain this IP? Any suggestion?

  You can't assign IP's that way.

  Use a DHCP server.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: pppoe auth problem

2004-11-01 Thread Joel n.solanki 
Uh Silly Mistake.

I didnt take my tea today morning.

Thanks vipul / Alan Dekok

Regards,

On Mon, 2004-11-01 at 18:56, Vipul Ramani wrote:
 HI joe 
 
  Well can u check out with u 1st table
 mysql select * from radcheck;
   ++++--+--+
   | id | UserName   | Attribute  | Value| Op   | 
   ++++--+--+
   |  1 | fredf  | Password   | wilma| ==   |
   |  2 | barney | Password   | betty| ==   |
   |  2 | dialrouter | Password   | dialup   | ==   |
   ++++--+--+
 
 your table does not have Attribute value or Password it shoulde not  value...
 
 
 Also u can check Using radtest wht will be result...n one more
 thing..When  u will ask question write up in details not like i want
 to configure pppoe server +mysql+radius server
  do u tell where u configured PPPOE SERVER n what is tht i
 guess ( MikroTIK) Ha.ha.a.a.a.a.a.a.
 try to write query 
 select * from radcheck Where USERNAME='joe'
 give this query in your mysql n will get result or not tell me ...
 
 Hope u get...something !
 
 
 
 
 
 On 01 Nov 2004 16:28:45 +0530, Joel n.solanki [EMAIL PROTECTED] wrote:
  Dear all,
  
  I have configured pppoe+ mysql with free-radius.
  Now i have used the sql file camed along with free-radius source.
  this is the file
  freeradius-0.9.2/src/modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql
  
  Now i made the database according to told by this document
  
  http://www.frontios.com/freeradius.html
  
  So now my mysql look like this.
  But by doing this configuration i cant connect to the pppoe server.
  
  I am starting my radius in debug mode with this command: radiusd -X
  
  when connecting from client machine i m getting this error ...radius
  tell me like this.
  
  rad_recv: Access-Request packet from host 127.0.0.1:32768, id=237,
  length=68
 Service-Type = Framed-User
 Framed-Protocol = PPP
 User-Name = joel
 User-Password = joel123
 NAS-IP-Address = 127.0.0.1
 NAS-Port = 1
  modcall: entering group authorize for request 1
   modcall[authorize]: module preprocess returns ok for request 1
   modcall[authorize]: module chap returns noop for request 1
 rlm_realm: No '@' in User-Name = joel, looking up realm NULL
 rlm_realm: No such realm NULL
   modcall[authorize]: module suffix returns noop for request 1
  radius_xlat:  'joel'
  rlm_sql (sql): sql_set_user escaped user -- 'joel'
  radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
  Username = 'joel' ORDER BY id'
  rlm_sql (sql): Reserving sql socket id: 3
  rlm_sql: unknown attribute joel123
  rlm_sql (sql): Error getting data from database
  rlm_sql (sql): SQL query error; rejecting user
  rlm_sql (sql): Released sql socket id: 3
   modcall[authorize]: module sql returns fail for request 1
  modcall: group authorize returns fail for request 1
  Finished request 1
  
  Here it is telling me that SQL querry error; rejecting use ...something
  related to sql query...
  What will be the problem 
  How can i solve this problem ???
  What i have done wrong 
  
  mysql select * from radacct;
  Empty set (0.00 sec)
  
  mysql select * from radcheck;
  ++--+---+++
  | id | UserName | Attribute | op | Value  |
  ++--+---+++
  |  1 | d2v  | d2v123| == | d2vdy  |
  |  2 | joel | joel123   | == | joelbhai   |
  |  3 | dhaval   | dhaval123 | == | dhavalbhai |
  ++--+---+++
  3 rows in set (0.00 sec)
  
  mysql select * from radgroupcheck;
  ++---+---++---+
  | id | GroupName | Attribute | op | Value |
  ++---+---++---+
  |  1 | dynamic   | Auth-Type | := | Local |
  |  2 | static| Auth-Type | := | Local |
  ++---+---++---+
  2 rows in set (0.00 sec)
  
  mysql select * from radgroupreply;
  ++---+++-+--+
  | id | GroupName | Attribute  | op | Value   | prio
  |
  ++---+++-+--+
  |  1 | dynamic   | Framed-Compresion  | := | Van-Jacobsen-TCP-IP |1
  |
  |  2 | dynamic   | Framed-Protocol| := | PPP |1
  |
  |  3 | dynamic   | Service-Type   | := | Framed-User |1
  |
  |  4 | dynamic   | Framed-MTU | := | 1500|1
  |
  |  5 | static| Framed-Protocol| := | PPP |2
  |
  |  6 | static| Service-Type   | := | Framed-User |2
  |
  |  7 | static| Framed-Compression | := | Van-Jacobsen-TCP-IP |2
  |

RE: How do i change the format of Accouting detail file?

2004-11-01 Thread Yyc 
oh, I see,  _-_
Would you like to tell me which modules I can use? rlm_sql? We worry about
the DB performance when too many users,but haven't experiment. 


Regards.
Yyc

And the vision that was planted in my brain.
Still remains with the Sound of Silence. 

Yyc [EMAIL PROTECTED] wrote:
 I notice the attributes logged in detail file were written in
 radiusd.conf:
 acct_unique { key = User-Name, Acct-Session-Id, NAS-IP-Address, 
 Client-IP-Address, NAS-Port }

  So?  Those attributes are referenced all over the place.

 but after i delete Client-IP-Address for acct_unique{}, 
 Client-IP-Address still in detail-2004;

  Because you have completely misunderstood how the configuration files
work.

 what should i do if i want to reduce attributes.
 I'll write a module to read detail file every x(maybe 1-3)min, and 
 store the data to our own DB for accouting.
 So less attributes are easy for my module to read.

  You're not going to write another FreeRADIUS module to do that.
  Alan DeKok.

-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Problems moving from FreeRADIUS 1.0.0 to version 1.0.1

2004-11-01 Thread Geoffroy Arnoud 
Hello,

I'm working with Nicolas - who sent the first mail.

The module failing is not the one showed in the
request (its cod eis too big). When we saw that
something was going wrong, we quickly wrote a very
simple module to stress the failure, and we built it
with release 1.0.1.

Geoffroy

 --- Alan DeKok [EMAIL PROTECTED] a écrit : 
 Chaigneau Nicolas [EMAIL PROTECTED] wrote:
  I've been using FreeRADIUS 1.0.0 so far. I just
 tried
  to install FreeRADIUS 1.0.1, but I'm encountering
 a
  problem : I get a bus error upon receiving an
  access-request.
 
   Did you re-build you module in 1.0.1, or just
 re-use the lobrary
 from 1.0.0?
 
   Alan DeKok.
 
 
 - 
 List info/subscribe/unsubscribe? See
 http://www.freeradius.org/list/users.html
  






Vous manquez d’espace pour stocker vos mails ? 
Yahoo! Mail vous offre GRATUITEMENT 100 Mo !
Créez votre Yahoo! Mail sur http://fr.benefits.yahoo.com/

Le nouveau Yahoo! Messenger est arrivé ! Découvrez toutes les nouveautés pour 
dialoguer instantanément avec vos amis. A télécharger gratuitement sur 
http://fr.messenger.yahoo.com

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Problems moving from FreeRADIUS 1.0.0 to version 1.0.1

2004-11-01 Thread Chaigneau Nicolas 
 Chaigneau Nicolas [EMAIL PROTECTED] wrote:
  I've been using FreeRADIUS 1.0.0 so far. I just
tried
  to install FreeRADIUS 1.0.1, but I'm encountering
a
  problem : I get a bus error upon receiving an
  access-request.
 
   Did you re-build you module in 1.0.1, or just
re-use the lobrary
 from 1.0.0?


I rebuilt my module in 1.0.1






Vous manquez d’espace pour stocker vos mails ? 
Yahoo! Mail vous offre GRATUITEMENT 100 Mo !
Créez votre Yahoo! Mail sur http://fr.benefits.yahoo.com/

Le nouveau Yahoo! Messenger est arrivé ! Découvrez toutes les nouveautés pour 
dialoguer instantanément avec vos amis. A télécharger gratuitement sur 
http://fr.messenger.yahoo.com

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html