error starting radiusd
Hi, our server went down due to power complications , the server has been up for +300days before this. Now when I try and start radiusd I get and error , could comeone urgently help or point me in the right direction: rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (sql): Attempting to connect to [EMAIL PROTECTED]:/radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql (sql): Connected new DB handle, #0 rlm_sql (sql): starting 1 rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 rlm_sql_mysql: Starting connect to MySQL server for #1 *** glibc detected *** malloc(): memory corruption: 0x08134288 *** Aborted Freeradius: radiusd: FreeRADIUS Version 1.0.5, for host , built on Nov 10 2005 at 14:50:16 Mysql: Server version 4.1.11 Thanks Paulo - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_perl forking zombies
On Friday 16 June 2006 12:34, [EMAIL PROTECTED] wrote: Thanks for the reply! [EMAIL PROTECTED] wrote: By itself, this works and no zombies are left behind, as expected. I understand the problem... How can I use/call the wrapper from rlm_perl (if it's possible at all)? See src/modules/rlm_perl.c Function XS_radiusd_radlog this is an wrapper for radlog. Take a look at it and make a wrapper for rad_fork. A solution is to modify src/main/threads.c, function reap_children(). Right now it loops over known PIDs, and waits on them. Change it to wait for any PID, and then look that PID up in the list. If it's known, it's updated. Otherwise, the status is tossed. I have glanced at the code, but I'm not sure I can put time to do that at the moment... If there's a way to use the standard wrapper to fork() from rlm_perl, I'll do it... Anyway I'll speak with the bosses about the possibility... thanks! david -- Best Regards, Boian Jordanov SNE Orbitel - Next Generation Telecom tel. +359 2 4004 723 tel. +359 2 4004 002 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius-mysql rpm
First of all Thank You for your response. Actuallu I'm using Redhat Linux Enterprise 4 .I've 4 cds.After installation, I've got Mysql_devel,mysql_client and mysql_server.But I don't get any rlm_mysql.so file in any directory. In the meantime, I found the freeradius_mysql rpm from web and want to install it. But my Q. is where should I install the file.I want your Help... Please help me out of this problem. Thank You again. On 6/19/06, Kofi Adusei Koduah-Sarpong [EMAIL PROTECTED] wrote: It's on the one of cds I can't remember which one which version are you using? Dvd or cds? Just look through the cds. I actually saw it this week while looking for it to make a package for a cobalt RaQ550 box. It has the mysql rpm too. I'll try see which cd it's on when I get home. Hope this helped -Original Message- From: Abul Monsur Mannan [mailto:[EMAIL PROTECTED] Sent: 18 June 2006 14:56 To: FreeRadius users mailing list Subject: freeradius-mysql rpm Dear FR users I've an enquiry.Please response. I'm using RHEL 4.It has no rlm_mysql.so files and I found that it has no freeradius-mysql rpm either. So, can anyone help me providing the info. that where I find that rpm for redhat linux enterprise 4 to use with freeradius-1.1.2? I'm looking fr ur response soon. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
NAS pool
Hello, I have a /24 of NAS IP's . What I want is to have an entry in users file that match every IP from that /24 class . Is this possible ? -- Mircea Harapu Abuse Engineer, RDS NOC in Bucharest t: 021-301.08.50f: 021-301.08.51 e: [EMAIL PROTECTED] w: www.rdslink.ro Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such a case, you should destroy this message and kindly notify the sender by reply e-mail. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Auth Problem !
Hi, i have a freeradius 1.1.1 running in slack-10.1 My radius client is a Access Point wl-5460AP, auth with WPA working with Enterprise (Radius), in ports 1812/1813 with correct secret, but when i try to authenticate in this AP, i configure my PC with this configuration and it auth. But in my radius, running in mode debug (radiusd -X), not show any messages. When i use radtest, it's work. Wich the test i do, to resolv or show the messages. Thank´s a lot. Emerson - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: freeradius-mysql rpm
I am using an older version of freeradius 1.0.2 and Fedora 4. My way to solve the missing rlm_sql_mysql.so problem is the following. 1. I download the freeradius-mysql rpm package from this website. http://rpmfind.net/linux/RPM/fedora/updates/1/i386/freeradius-mysql-0.9. 3-1.1.i386.html 2. Then I used 7-Zip to extract rlm_sql_mysql.so from the rpm. There are two files in the rpm, rlm_sql_mysql-1.0.2.so and rlm_sql_mysql.so. The second file is the link file to the first file. 3. Then load the first file into /use/lib/ folder, which contains all the link library files. Make a link to the file and name it rlm_sql_mysql.so. You also need to use chmod command to change the file permission. 4. Restart freeradius server and it might run. You might need to find the correct rpm package for your system. Jin Fan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Abul Monsur Mannan Sent: Monday, June 19, 2006 8:45 AM To: FreeRadius users mailing list Subject: Re: freeradius-mysql rpm First of all Thank You for your response. Actuallu I'm using Redhat Linux Enterprise 4 .I've 4 cds.After installation, I've got Mysql_devel,mysql_client and mysql_server.But I don't get any rlm_mysql.so file in any directory. In the meantime, I found the freeradius_mysql rpm from web and want to install it. But my Q. is where should I install the file.I want your Help... Please help me out of this problem. Thank You again. On 6/19/06, Kofi Adusei Koduah-Sarpong [EMAIL PROTECTED] wrote: It's on the one of cds I can't remember which one which version are you using? Dvd or cds? Just look through the cds. I actually saw it this week while looking for it to make a package for a cobalt RaQ550 box. It has the mysql rpm too. I'll try see which cd it's on when I get home. Hope this helped -Original Message- From: Abul Monsur Mannan [mailto:[EMAIL PROTECTED] Sent: 18 June 2006 14:56 To: FreeRadius users mailing list Subject: freeradius-mysql rpm Dear FR users I've an enquiry.Please response. I'm using RHEL 4.It has no rlm_mysql.so files and I found that it has no freeradius-mysql rpm either. So, can anyone help me providing the info. that where I find that rpm for redhat linux enterprise 4 to use with freeradius-1.1.2? I'm looking fr ur response soon. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Auth Problem !
Emerson, change log_auth to yes in radiusd.conf Best regards, Leandro Brasil! =D Emerson escreveu: Hi, i have a freeradius 1.1.1 running in slack-10.1 My radius client is a Access Point wl-5460AP, auth with WPA working with Enterprise (Radius), in ports 1812/1813 with correct secret, but when i try to authenticate in this AP, i configure my PC with this configuration and it auth. But in my radius, running in mode debug (radiusd -X), not show any messages. When i use radtest, it's work. Wich the test i do, to resolv or show the messages. Thank´s a lot. Emerson - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Leandro Pereira de Lima e Silva http://www.vialink.com.br/ A verdadeira medida do caráter de um homem é o que ele faria se soubesse que nunca seria descoberto. -- Thomas B. Macaulay - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: error starting radiusd
Paulo, try replacing machine's memory. Best regards, Leandro. Paulo Andre escreveu: Hi, our server went down due to power complications , the server has been up for +300days before this. Now when I try and start radiusd I get and error , could comeone urgently help or point me in the right direction: rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (sql): Attempting to connect to [EMAIL PROTECTED]:/radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql (sql): Connected new DB handle, #0 rlm_sql (sql): starting 1 rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 rlm_sql_mysql: Starting connect to MySQL server for #1 *** glibc detected *** malloc(): memory corruption: 0x08134288 *** Aborted Freeradius: radiusd: FreeRADIUS Version 1.0.5, for host , built on Nov 10 2005 at 14:50:16 Mysql: Server version 4.1.11 Thanks Paulo - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Leandro Pereira de Lima e Silva http://www.vialink.com.br/ A verdadeira medida do caráter de um homem é o que ele faria se soubesse que nunca seria descoberto. -- Thomas B. Macaulay - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius-mysql rpm
Why don't just rpm -i freeradius-mysql-0.9.3-1.1.i386.rpm ? Best regards, Leandro. Jin Fan escreveu: I am using an older version of freeradius 1.0.2 and Fedora 4. My way to solve the missing rlm_sql_mysql.so problem is the following. 1. I download the freeradius-mysql rpm package from this website. http://rpmfind.net/linux/RPM/fedora/updates/1/i386/freeradius-mysql-0.9. 3-1.1.i386.html 2. Then I used 7-Zip to extract rlm_sql_mysql.so from the rpm. There are two files in the rpm, rlm_sql_mysql-1.0.2.so and rlm_sql_mysql.so. The second file is the link file to the first file. 3. Then load the first file into /use/lib/ folder, which contains all the link library files. Make a link to the file and name it rlm_sql_mysql.so. You also need to use chmod command to change the file permission. 4. Restart freeradius server and it might run. You might need to find the correct rpm package for your system. Jin Fan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Abul Monsur Mannan Sent: Monday, June 19, 2006 8:45 AM To: FreeRadius users mailing list Subject: Re: freeradius-mysql rpm First of all Thank You for your response. Actuallu I'm using Redhat Linux Enterprise 4 .I've 4 cds.After installation, I've got Mysql_devel,mysql_client and mysql_server.But I don't get any rlm_mysql.so file in any directory. In the meantime, I found the freeradius_mysql rpm from web and want to install it. But my Q. is where should I install the file.I want your Help... Please help me out of this problem. Thank You again. On 6/19/06, Kofi Adusei Koduah-Sarpong [EMAIL PROTECTED] wrote: It's on the one of cds I can't remember which one which version are you using? Dvd or cds? Just look through the cds. I actually saw it this week while looking for it to make a package for a cobalt RaQ550 box. It has the mysql rpm too. I'll try see which cd it's on when I get home. Hope this helped -Original Message- From: Abul Monsur Mannan [mailto:[EMAIL PROTECTED] Sent: 18 June 2006 14:56 To: FreeRadius users mailing list Subject: freeradius-mysql rpm Dear FR users I've an enquiry.Please response. I'm using RHEL 4.It has no rlm_mysql.so files and I found that it has no freeradius-mysql rpm either. So, can anyone help me providing the info. that where I find that rpm for redhat linux enterprise 4 to use with freeradius-1.1.2? I'm looking fr ur response soon. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Leandro Pereira de Lima e Silva http://www.vialink.com.br/ A verdadeira medida do caráter de um homem é o que ele faria se soubesse que nunca seria descoberto. -- Thomas B. Macaulay - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Fwd: Filter attributes when proxying
try to use rlm_policy I am sure there are other ways. Martin Zuziak wrote: Hello all I didn't get any response the first time I sent this so I'm trying again. Any chance of having such a feature implemented? Sincerely, Martin Zuziak [EMAIL PROTECTED] PS: Don't worry, if I don't get any answer this time, I'll shut up :) - Forwarded message from Martin Zuziak [EMAIL PROTECTED] - Date: Thu, 1 Jun 2006 10:34:19 +0200 From: Martin Zuziak [EMAIL PROTECTED] To: freeradius-users@lists.freeradius.org Subject: Filter attributes when proxying Hello all Is it possible to (easily) remove single attributes sent or received when proxying? I know it can be done with attr_filter but if you only want to remove a single attribute while leaving the rest untouched, you need pass rules for every other attribute. It doesn't look like attr_rewrite can remove attributes. Am I wrong? Otherwise I think this would be a nice feature to implement. The attr_filter module can easily (I think) be changed to include a variable to control whether or not passing rules are needed to allow an attribute. Currently attributes are only allowed if they don't fail any rules in attrs and pass at least one rule: if (fail == 0 pass 0) This could be changed to something like if (fail == 0 (pass 0 || allow_no_match)) where a variable in the attrs file could control if passing rules are required. Sincerely, Martin Zuziak [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - End forwarded message - - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius-mysql rpm
First of all Thank U Jin Fan very much for the detail email. Can U clarify something more ! 1. Where(path) u unzip the rpm file ? 2. Would u please tell me about ur advice Then load the first file - load means what ? copy or move ? Please light on me . On 6/19/06, Jin Fan [EMAIL PROTECTED] wrote: I am using an older version of freeradius 1.0.2 and Fedora 4. My way to solve the missing rlm_sql_mysql.so problem is the following. 1. I download the freeradius-mysql rpm package from this website. http://rpmfind.net/linux/RPM/fedora/updates/1/i386/freeradius-mysql-0.9. 3-1.1.i386.html 2. Then I used 7-Zip to extract rlm_sql_mysql.so from the rpm. There are two files in the rpm, rlm_sql_mysql-1.0.2.so and rlm_sql_mysql.so. The second file is the link file to the first file. 3. Then load the first file into /use/lib/ folder, which contains all the link library files. Make a link to the file and name it rlm_sql_mysql.so. You also need to use chmod command to change the file permission. 4. Restart freeradius server and it might run. You might need to find the correct rpm package for your system. Jin Fan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Auth Problems 2 !!!
Hi, The problem was a error in eap.conf, i change default eap to tls (and not md5), and work. Now has a another problem, i try to authnticate, but this messages appear. My radius client is a Access Point wl-5460AP with IP 10.254.0.254, and my pc with Airlink 802.11g authing in AP, my IP is 10.254.0.240. I use freeradius with auth eap/tls in MYSQL. Anyone can help me Thank's Emerson **Out of radiusd -X** Sending Access-Reject of id 54 to 10.254.0.254 port 2053 Waking up in 2 seconds... rad_recv: Access-Request packet from host 10.254.0.254:2053, id=55, length=173 User-Name = usuario1 NAS-IP-Address = 10.254.0.254 NAS-Port = 0 Called-Station-Id = 004f62087474 Calling-Station-Id = 0014a53c478d NAS-Identifier = Realtek Access Point. 8181 Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 Service-Type = Framed-User Connect-Info = CONNECT 11Mbps 802.11b EAP-Message = 0x020d017573756172696f31 Message-Authenticator = 0x7f0c4bd69d33ce3fe0cb757219d2f05e Processing the authorize section of radiusd.conf modcall: entering group authorize for request 18 modcall[authorize]: module preprocess returns ok for request 18 rlm_eap: EAP packet type response id 0 length 13 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module eap returns updated for request 18 radius_xlat: 'usuario1' rlm_sql (sql): sql_set_user escaped user -- 'usuario1' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'usuario1' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 1 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'usuario1' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'usuario1' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'usuario1' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 1 modcall[authorize]: module sql returns ok for request 18 modcall: leaving group authorize (returns updated) for request 18 rad_check_password: Found Auth-Type Local auth: type Local auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user. Login incorrect: [usuario1/no User-Password attribute] (from client mslink-radius port 0 cli 0014a53c478d) Delaying request 18 for 1 seconds Finished request 18 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Cleaning up request 16 ID 53 with timestamp 4496c6c7 Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 55 to 10.254.0.254 port 2053 Waking up in 1 seconds... --- Walking the entire request list --- Cleaning up request 17 ID 54 with timestamp 4496c6c9 Waking up in 3 seconds... --- Walking the entire request list --- Cleaning up request 18 ID 55 with timestamp 4496c6cc Nothing to do. Sleeping until we see a request. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Active Directory Integration with FreeRADIUS - NTLM_Auth
Alan, Thanks for your reply. Is the plain text kerberos check something that gets configured in the radiusd.conf file? I was hoping to create a OU in AD called Cisco Admins and then have FreeRADIUS authenticate against those user names and passwords. I was told in another post that according to the radiusd -X output FreeRADIUS was attempting to check another location where no user names or passwords were setup. Thanks again, Doug -Original Message- From: [EMAIL PROTECTED] on behalf of [EMAIL PROTECTED] Sent: Fri 6/16/2006 1:25 PM To: FreeRadius users mailing list Subject: Re: Active Directory Integration with FreeRADIUS - NTLM_Auth hi, the guide you are following - using ntlm_auth against AD, binding into AD etc is really geared up for doing EAP (PEAP MSCHAPv2 in particular) what _you_ are attempting to do with RADIUS for login authentication of the cisco switches/routers involves plaintext passwords...int his case you'd want to use a kerberos check against your AD instead alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html winmail.dat- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: NAS pool
Mircea Harapu [EMAIL PROTECTED] wrote: I have a /24 of NAS IP's . What I want is to have an entry in users file that match every IP from that /24 class . Is this possible ? Yes. Read clients.conf. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Auth Problems 2 !!!
Emerson [EMAIL PROTECTED] wrote: modcall: leaving group authorize (returns updated) for request 18 rad_check_password: Found Auth-Type Local auth: type Local auth: No User-Password or CHAP-Password attribute in the request You edited the default config to break it. Don't do that. Don't set Auth-Type := Local. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Active Directory Integration with FreeRADIUS - NTLM_Auth
Doug White [EMAIL PROTECTED] wrote: Thanks for your reply. Is the plain text kerberos check something that gets configured in the radiusd.conf file? Yes. I was hoping to create a OU in AD called Cisco Admins and then have FreeRADIUS authenticate against those user names and passwords. That will work only for PAP. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Active Directory Integration with FreeRADIUS - NTLM_Auth
If you're using AD, plaintext (PAP) authentication, and are wanting to restrict the users to a certain OU, you should probably use the rlm_ldap module. That way you can set the base search DN to your Cisco Admins OU. It'll probably be a little easier to use and set up, too, than the Kerberos module. --Mike On Jun 19, 2006, at 11:12 AM, Doug White wrote: Alan, Thanks for your reply. Is the plain text kerberos check something that gets configured in the radiusd.conf file? I was hoping to create a OU in AD called Cisco Admins and then have FreeRADIUS authenticate against those user names and passwords. I was told in another post that according to the radiusd -X output FreeRADIUS was attempting to check another location where no user names or passwords were setup. Thanks again, Doug -Original Message- From: freeradius-users-bounces [EMAIL PROTECTED] on behalf of [EMAIL PROTECTED] Sent: Fri 6/16/2006 1:25 PM To: FreeRadius users mailing list Subject: Re: Active Directory Integration with FreeRADIUS - NTLM_Auth hi, the guide you are following - using ntlm_auth against AD, binding into AD etc is really geared up for doing EAP (PEAP MSCHAPv2 in particular) what _you_ are attempting to do with RADIUS for login authentication of the cisco switches/routers involves plaintext passwords...int his case you'd want to use a kerberos check against your AD instead alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ users.html winmail.dat - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ users.html smime.p7s Description: S/MIME cryptographic signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: freeradius-mysql rpm
If you're using the 4cd set, all rpms are on the cds just look thru the directories. When you're installing an rpm, the software is setup automatically. Just make sure there are no dependency problems. I would rather go with a Debian distribution which takes care of all dependency issues, unlike Redhat based distros. Install as follows: for SQL Based Authentication ---Mysql based AAA --- Mysql_server Mysql_client Mysql_devel (I'm not sure this is necessary) Freeradius Freeradius-mysql (for mysql based auth. This is dependent on the freeradius daemon being installed) After installing the various components make sure you restart all the necessary server daemons. I hope it makes sense. -Original Message- From: Abul Monsur Mannan [mailto:[EMAIL PROTECTED] Sent: 19 June 2006 14:45 To: FreeRadius users mailing lis Subject: Re: freeradius-mysql rpm First of all Thank You for your response. Actuallu I'm using Redhat Linux Enterprise 4 .I've 4 cds.After installation, I've got Mysql_devel,mysql_client and mysql_server.But I don't get any rlm_mysql.so file in any directory. In the meantime, I found the freeradius_mysql rpm from web and want to install it. But my Q. is where should I install the file.I want your Help... Please help me out of this problem. Thank You again. On 6/19/06, Kofi Adusei Koduah-Sarpong [EMAIL PROTECTED] wrote: It's on the one of cds I can't remember which one which version are you using? Dvd or cds? Just look through the cds. I actually saw it this week while looking for it to make a package for a cobalt RaQ550 box. It has the mysql rpm too. I'll try see which cd it's on when I get home. Hope this helped -Original Message- From: Abul Monsur Mannan [mailto:[EMAIL PROTECTED] Sent: 18 June 2006 14:56 To: FreeRadius users mailing list Subject: freeradius-mysql rpm Dear FR users I've an enquiry.Please response. I'm using RHEL 4.It has no rlm_mysql.so files and I found that it has no freeradius-mysql rpm either. So, can anyone help me providing the info. that where I find that rpm for redhat linux enterprise 4 to use with freeradius-1.1.2? I'm looking fr ur response soon. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius-mysql rpm
RedHat Fedora uses yum, that is supposed to do the same thing that apt-get does. I don't know if RHEL has it. In http://freshrpms.net/ you can get apt-get ported to rpm. Best regards, Leandro. Kofi Adusei Koduah-Sarpong escreveu: If you're using the 4cd set, all rpms are on the cds just look thru the directories. When you're installing an rpm, the software is setup automatically. Just make sure there are no dependency problems. I would rather go with a Debian distribution which takes care of all dependency issues, unlike Redhat based distros. Install as follows: for SQL Based Authentication ---Mysql based AAA --- Mysql_server Mysql_client Mysql_devel (I'm not sure this is necessary) Freeradius Freeradius-mysql (for mysql based auth. This is dependent on the freeradius daemon being installed) After installing the various components make sure you restart all the necessary server daemons. I hope it makes sense. -Original Message- From: Abul Monsur Mannan [mailto:[EMAIL PROTECTED] Sent: 19 June 2006 14:45 To: FreeRadius users mailing lis Subject: Re: freeradius-mysql rpm First of all Thank You for your response. Actuallu I'm using Redhat Linux Enterprise 4 .I've 4 cds.After installation, I've got Mysql_devel,mysql_client and mysql_server.But I don't get any rlm_mysql.so file in any directory. In the meantime, I found the freeradius_mysql rpm from web and want to install it. But my Q. is where should I install the file.I want your Help... Please help me out of this problem. Thank You again. On 6/19/06, Kofi Adusei Koduah-Sarpong [EMAIL PROTECTED] wrote: It's on the one of cds I can't remember which one which version are you using? Dvd or cds? Just look through the cds. I actually saw it this week while looking for it to make a package for a cobalt RaQ550 box. It has the mysql rpm too. I'll try see which cd it's on when I get home. Hope this helped -Original Message- From: Abul Monsur Mannan [mailto:[EMAIL PROTECTED] Sent: 18 June 2006 14:56 To: FreeRadius users mailing list Subject: freeradius-mysql rpm Dear FR users I've an enquiry.Please response. I'm using RHEL 4.It has no rlm_mysql.so files and I found that it has no freeradius-mysql rpm either. So, can anyone help me providing the info. that where I find that rpm for redhat linux enterprise 4 to use with freeradius-1.1.2? I'm looking fr ur response soon. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Leandro Pereira de Lima e Silva http://www.vialink.com.br/ A verdadeira medida do caráter de um homem é o que ele faria se soubesse que nunca seria descoberto. -- Thomas B. Macaulay - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: freeradius-mysql rpm
It didn't work for me. If you look closely, the rpm is for freeradius 1.0.2-2. I am using freeradius 1.0.2. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leandro Pereira de Lima e Silva - ViaLink Sent: Monday, June 19, 2006 10:03 AM To: FreeRadius users mailing list Subject: Re: freeradius-mysql rpm Why don't just rpm -i freeradius-mysql-0.9.3-1.1.i386.rpm ? Best regards, Leandro. Jin Fan escreveu: I am using an older version of freeradius 1.0.2 and Fedora 4. My way to solve the missing rlm_sql_mysql.so problem is the following. 1. I download the freeradius-mysql rpm package from this website. http://rpmfind.net/linux/RPM/fedora/updates/1/i386/freeradius-mysql-0. 9. 3-1.1.i386.html 2. Then I used 7-Zip to extract rlm_sql_mysql.so from the rpm. There are two files in the rpm, rlm_sql_mysql-1.0.2.so and rlm_sql_mysql.so. The second file is the link file to the first file. 3. Then load the first file into /use/lib/ folder, which contains all the link library files. Make a link to the file and name it rlm_sql_mysql.so. You also need to use chmod command to change the file permission. 4. Restart freeradius server and it might run. You might need to find the correct rpm package for your system. Jin Fan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Abul Monsur Mannan Sent: Monday, June 19, 2006 8:45 AM To: FreeRadius users mailing list Subject: Re: freeradius-mysql rpm First of all Thank You for your response. Actuallu I'm using Redhat Linux Enterprise 4 .I've 4 cds.After installation, I've got Mysql_devel,mysql_client and mysql_server.But I don't get any rlm_mysql.so file in any directory. In the meantime, I found the freeradius_mysql rpm from web and want to install it. But my Q. is where should I install the file.I want your Help... Please help me out of this problem. Thank You again. On 6/19/06, Kofi Adusei Koduah-Sarpong [EMAIL PROTECTED] wrote: It's on the one of cds I can't remember which one which version are you using? Dvd or cds? Just look through the cds. I actually saw it this week while looking for it to make a package for a cobalt RaQ550 box. It has the mysql rpm too. I'll try see which cd it's on when I get home. Hope this helped -Original Message- From: Abul Monsur Mannan [mailto:[EMAIL PROTECTED] Sent: 18 June 2006 14:56 To: FreeRadius users mailing list Subject: freeradius-mysql rpm Dear FR users I've an enquiry.Please response. I'm using RHEL 4.It has no rlm_mysql.so files and I found that it has no freeradius-mysql rpm either. So, can anyone help me providing the info. that where I find that rpm for redhat linux enterprise 4 to use with freeradius-1.1.2? I'm looking fr ur response soon. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Leandro Pereira de Lima e Silva http://www.vialink.com.br/ A verdadeira medida do caráter de um homem é o que ele faria se soubesse que nunca seria descoberto. -- Thomas B. Macaulay - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: freeradius-mysql rpm
Please read below. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Abul Monsur Mannan Sent: Monday, June 19, 2006 10:29 AM To: FreeRadius users mailing list Subject: Re: freeradius-mysql rpm First of all Thank U Jin Fan very much for the detail email. Can U clarify something more ! 1. Where(path) u unzip the rpm file ? You can unzip the rpm anywhere you want. I unzipped it in WINDOW using 7-zip, then scp. Lol. 2. Would u please tell me about ur advice Then load the first file - load means what ? copy or move ? Yes, you COPY the file to /usr/lib/ directory. Please light on me . On 6/19/06, Jin Fan [EMAIL PROTECTED] wrote: I am using an older version of freeradius 1.0.2 and Fedora 4. My way to solve the missing rlm_sql_mysql.so problem is the following. 1. I download the freeradius-mysql rpm package from this website. http://rpmfind.net/linux/RPM/fedora/updates/1/i386/freeradius-mysql-0. 9. 3-1.1.i386.html 2. Then I used 7-Zip to extract rlm_sql_mysql.so from the rpm. There are two files in the rpm, rlm_sql_mysql-1.0.2.so and rlm_sql_mysql.so. The second file is the link file to the first file. 3. Then load the first file into /use/lib/ folder, which contains all the link library files. Make a link to the file and name it rlm_sql_mysql.so. You also need to use chmod command to change the file permission. 4. Restart freeradius server and it might run. You might need to find the correct rpm package for your system. Jin Fan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Auth Problems 2 !!
Hi Alan, in mysql table, i remove this options := Local, and now others errors appear: Thank's a Lot Alan. Emerson rlm_sql (sql): Released sql socket id: 1 modcall[authorize]: module sql returns ok for request 3 modcall: leaving group authorize (returns updated) for request 3 rad_check_password: Found Auth-Type EAP auth: type EAP Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 3 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: TLS 1.0 Alert [length 0002], fatal unknown_ca TLS Alert read:fatal:unknown CA TLS_accept:failed in SSLv3 read client certificate A 7791:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1052:SSL alert number 48 7791:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:837: rlm_eap_tls: SSL_read failed in a system call (-1), TLS session fails. In SSL Handshake Phase In SSL Accept mode rlm_eap_tls: BIO_read failed in a system call (-1), TLS session fails. eaptls_process returned 13 rlm_eap: Freeing handler modcall[authenticate]: module eap returns reject for request 3 modcall: leaving group authenticate (returns reject) for request 3 auth: Failed to validate the user. Login incorrect: [usuario1/no User-Password attribute] (from client mslink-radius port 0 cli 0014a53c478d) Delaying request 3 for 1 seconds Finished request 3 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 65 with timestamp 4496e659 Cleaning up request 1 ID 66 with timestamp 4496e659 Cleaning up request 2 ID 67 with timestamp 4496e659 Sending Access-Reject of id 68 to 10.254.0.254 port 2053 EAP-Message = 0x04030004 Message-Authenticator = 0x Cleaning up request 3 ID 68 with timestamp 4496e659 Nothing to do. Sleeping until we see a request. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I want unsubscribe
I want unsubscribe LLama Gratis a cualquier PC del Mundo.Llamadas a fijos y móviles desde 1 céntimo por minuto.http://es.voice.yahoo.com- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
peap cisco edirectory windows xp
Hi,
I'm trying to make windows xp (sp2) work with cisco Aironet 1130AG
series Access Point
with 802.1x authentification on a freeradius server.
I'm using freeradius 1.0.5 from SLES9 SP3.
The eDirectory (LDAP) authentification seems to be working, ntradping
works fine in chap, and logs shows success.
Looks like it's the PEAP that is not working.
After some research, I've even installed KB 885453 from MS, also
KB893357 without any help...
Is someone able to tell me where the problem is ? cisco ? freeradius ?
windows ?
I've seen a similar setup agains a 3com access point, that worked.
Basicly, it's the same cfg file, adapted.
Thanks a lot
Marc
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
Config: including file: /etc/raddb/clients.conf
Config: including file: /etc/raddb/snmp.conf
Config: including file: /etc/raddb/eap.conf
Config: including file: /etc/raddb/sql.conf
main: prefix = /usr
main: localstatedir = /var
main: logdir = /var/log/radius
main: libdir = /usr/lib/freeradius
main: radacctdir = /var/log/radius/radacct
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = /var/log/radius/radius.log
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = yes
main: pidfile = /var/run/radiusd/radiusd.pid
main: user = (null)
main: group = (null)
main: usercollide = no
main: lower_user = no
main: lower_pass = no
main: nospace_user = no
main: nospace_pass = no
main: checkrad = /usr/sbin/checkrad
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = yes
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/lib/freeradius
Module: Loaded exec
exec: wait = yes
exec: program = (null)
exec: input_pairs = request
exec: output_pairs = (null)
exec: packet_type = (null)
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = crypt
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = yes
mschap: require_strong = yes
mschap: with_ntdomain_hack = no
mschap: passwd = (null)
mschap: authtype = MS-CHAP
mschap: ntlm_auth = (null)
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = (null)
unix: shadow = (null)
unix: group = (null)
unix: radwtmp = /var/log/radius/radwtmp
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded LDAP
ldap: server = localhost
ldap: port = 389
ldap: net_timeout = 1
ldap: timeout = 4
ldap: timelimit = 3
ldap: identity = CN=radius_admin,O=GES
ldap: tls_mode = no
ldap: start_tls = yes
ldap: tls_cacertfile = /etc/raddb/certs/rootder.b64
ldap: tls_cacertdir = (null)
ldap: tls_certfile = (null)
ldap: tls_keyfile = (null)
ldap: tls_randfile = (null)
ldap: tls_require_cert = allow
ldap: password = mypassword
ldap: basedn = O=GES
ldap: filter = (cn=%{Stripped-User-Name:-%{User-Name}})
ldap: base_filter = (objectclass=radiusprofile)
ldap: default_profile = (null)
ldap: profile_attribute = (null)
ldap: password_header = (null)
ldap: password_attribute = nspmPassword
ldap: access_attr = (null)
ldap: groupname_attribute = cn
ldap: groupmembership_filter =
(|((objectClass=GroupOfNames)(member=%{Ldap-UserDn}))((objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))
ldap: groupmembership_attribute = (null)
ldap: dictionary_mapping = /etc/raddb/ldap.attrmap
ldap: ldap_debug = 0
ldap: ldap_connections_number = 5
ldap: compare_check_items = no
ldap: access_attr_used_for_allow = yes
ldap: do_xlat = yes
ldap: edir_account_policy_check = yes
rlm_ldap: Registering ldap_groupcmp for Ldap-Group
rlm_ldap: Registering ldap_xlat with xlat_name ldap
rlm_ldap: reading ldap-radius mappings from file
/etc/raddb/ldap.attrmap
rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$
rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$
rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type
rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use
rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id
rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS
Calling-Station-Id
Re: I want unsubscribe
On Mon, Jun 19, 2006 at 08:32:42PM +0200, Maybel Rodriguez said: I want unsubscribe - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html I think the message at the bottom of every single email to the list should probably help. -- -- | Stephen Gran | You love peace. | | [EMAIL PROTECTED] | | | http://www.lobefin.net/~steve | | -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Auth Problems 2 !!
Emerson [EMAIL PROTECTED] wrote: in mysql table, i remove this options := Local, and now others errors appear: Read them. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Change RAD_REPLY item in rlm_perl, not add a new pair
Dear Freeradius Users:
I am trying to use rlm_perl to append a number to one
member of the reply packet using rlm_perl and the %RAD_REPLY
hash. I am running freeradius-1.1.1. Here is the code that
I am using, a modified example.pl:
use strict;
# use ...
# This is very important ! Without this script will not get the filled hashesh
from main.
use vars qw(%RAD_REQUEST %RAD_REPLY %RAD_CHECK);
use vars qw($count_visitor $count_staff $count_student @rad_array);
use Data::Dumper;
# This is hash wich hold original request from radius
#my %RAD_REQUEST;
# In this hash you add values that will be returned to NAS.
#my %RAD_REPLY;
my $count_visitor = 0, $count_staff = 0, $count_student = 0;
#This is for check items
#my %RAD_CHECK;
...
# Function to handle authorize
sub authorize {
# For debugging purposes only
log_request_attributes;
# Here's where your authorization code comes
# You can call another function from here:
test_call;
if ($RAD_REPLY{'Tunnel-Private-Group-Id'} =~ /visitor/i) {
$RAD_REPLY{'Tunnel-Private-Group-Id'} .= $count_visitor % 4;
$count_visitor += 1;
} elsif ($RAD_REPLY{'Tunnel-Private-Group-Id'} =~ /staff/i) {
$RAD_REPLY{'Tunnel-Private-Group-Id'} .= $count_staff % 3;
$count_staff += 1;
} elsif ($RAD_REPLY{'Tunnel-Private-Group-Id'} =~ /student/i) {
$RAD_REPLY{'Tunnel-Private-Group-Id'} .= $count_student % 2;
$count_student += 1;
}
return RLM_MODULE_UPDATED;
}
...
Here is the debug output from radiusd:
/usr/site/freeradius/sbin/radiusd -Xxx
Mon Jun 19 18:09:07 2006 : Info: Starting - reading configuration files ...
Mon Jun 19 18:09:07 2006 : Debug: reread_config: reading radiusd.conf
Mon Jun 19 18:09:07 2006 : Debug: Config: including file:
/usr/site/freeradius-1.1.1/etc/raddb/proxy.conf
Mon Jun 19 18:09:07 2006 : Debug: Config: including file:
/usr/site/freeradius-1.1.1/etc/raddb/clients.conf
Mon Jun 19 18:09:07 2006 : Debug: Config: including file:
/usr/site/freeradius-1.1.1/etc/raddb/snmp.conf
Mon Jun 19 18:09:07 2006 : Debug: Config: including file:
/usr/site/freeradius-1.1.1/etc/raddb/eap.conf
Mon Jun 19 18:09:07 2006 : Debug: Config: including file:
/usr/site/freeradius-1.1.1/etc/raddb/sql.conf
Mon Jun 19 18:09:07 2006 : Debug: main: prefix = /usr/site/freeradius-1.1.1
Mon Jun 19 18:09:07 2006 : Debug: main: localstatedir =
/usr/site/freeradius-1.1.1/var
Mon Jun 19 18:09:07 2006 : Debug: main: logdir =
/usr/site/freeradius-1.1.1/var/log/radius
Mon Jun 19 18:09:07 2006 : Debug: main: libdir =
/usr/site/freeradius-1.1.1/lib
Mon Jun 19 18:09:07 2006 : Debug: main: radacctdir =
/usr/site/freeradius-1.1.1/var/log/radius/radacct
Mon Jun 19 18:09:07 2006 : Debug: main: hostname_lookups = no
Mon Jun 19 18:09:07 2006 : Debug: main: snmp = no
Mon Jun 19 18:09:07 2006 : Debug: main: max_request_time = 30
Mon Jun 19 18:09:07 2006 : Debug: main: cleanup_delay = 5
Mon Jun 19 18:09:07 2006 : Debug: main: max_requests = 1024
Mon Jun 19 18:09:07 2006 : Debug: main: delete_blocked_requests = 0
Mon Jun 19 18:09:07 2006 : Debug: main: port = 0
Mon Jun 19 18:09:07 2006 : Debug: main: allow_core_dumps = no
Mon Jun 19 18:09:07 2006 : Debug: main: log_stripped_names = no
Mon Jun 19 18:09:07 2006 : Debug: main: log_file =
/usr/site/freeradius-1.1.1/var/log/radius/radius.log
Mon Jun 19 18:09:07 2006 : Debug: main: log_auth = no
Mon Jun 19 18:09:07 2006 : Debug: main: log_auth_badpass = no
Mon Jun 19 18:09:07 2006 : Debug: main: log_auth_goodpass = no
Mon Jun 19 18:09:07 2006 : Debug: main: pidfile =
/usr/site/freeradius-1.1.1/var/run/radiusd/radiusd.pid
Mon Jun 19 18:09:07 2006 : Debug: main: user = (null)
Mon Jun 19 18:09:07 2006 : Debug: main: group = (null)
Mon Jun 19 18:09:07 2006 : Debug: main: usercollide = no
Mon Jun 19 18:09:07 2006 : Debug: main: lower_user = no
Mon Jun 19 18:09:07 2006 : Debug: main: lower_pass = no
Mon Jun 19 18:09:07 2006 : Debug: main: nospace_user = no
Mon Jun 19 18:09:07 2006 : Debug: main: nospace_pass = no
Mon Jun 19 18:09:07 2006 : Debug: main: checkrad =
/usr/site/freeradius-1.1.1/sbin/checkrad
Mon Jun 19 18:09:07 2006 : Debug: main: proxy_requests = yes
Mon Jun 19 18:09:07 2006 : Debug: proxy: retry_delay = 5
Mon Jun 19 18:09:07 2006 : Debug: proxy: retry_count = 3
Mon Jun 19 18:09:07 2006 : Debug: proxy: synchronous = no
Mon Jun 19 18:09:07 2006 : Debug: proxy: default_fallback = yes
Mon Jun 19 18:09:07 2006 : Debug: proxy: dead_time = 120
Mon Jun 19 18:09:07 2006 : Debug: proxy: post_proxy_authorize = no
Mon Jun 19 18:09:07 2006 : Debug: proxy: wake_all_if_all_dead = no
Mon Jun 19 18:09:07 2006 : Debug: security: max_attributes = 200
Mon Jun 19 18:09:07 2006 : Debug: security: reject_delay = 1
Mon Jun 19 18:09:07 2006 : Debug: security: status_server = no
Mon Jun 19 18:09:07 2006 : Debug: main: debug_level = 0
Mon Jun 19 18:09:07 2006
Freeradius with Win2K Active Directory
Hi Experts, I am new to freeradius. Can some one point me how to do the Authenticate users in Windows 2000 Active Directory with Freeradius. Is there any how to / step by step document available? Thanks for your Help Regards Naveen - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
