Please help me ...thanks in advance
Hi , I am a newbie in Radius field. I have a Linux machine which has RHEL WS 4 Update 5 OS loaded. I have installed freeRadius server version 2.1.5. in another machine. I want to authenticate the linux machine login through Radius server. I have tried several ways to configure the linux machine as published in several groups but did not work.Tried through PAM module. If some body can help me out in this matter or point to some good links,will be helpful to me. Best Regards Praveen - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Please help me ...thanks in advance
I have a Linux machine which has RHEL WS 4 Update 5 OS loaded. I have installed freeRadius server version 2.1.5. in another machine. I want to authenticate the linux machine login through Radius server. I have tried several ways to configure the linux machine as published in several groups but did not work.Tried through PAM module. If some body can help me out in this matter or point to some good links,will be helpful to me. http://freeradius.org/pam_radius_auth/ Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuring Freeradius
Hi, I am new to freeradius. I am trying to get my freeradius server setup but I find I am having trouble. I am running slackware 12.1 as my OS and running freeradius version 2.1.5. All I want to do is get started on the right track. My question is the three main config files I need to edit are clients.conf, users.conf, and radiusd.conf, right? I did the radtest from the command line and get a accept reject message. Can anyone just tell me what I have to change to get me started off in the right direction? Enter a user entry at the top of the users file. Exapmles are - in users file. You just need a username and password for testing. That's it. Don't make any changes to default radiusd.conf and clients.conf for locahost radtest. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re :checking authorization in the duration of connection
what about this document? http://www.netexpertise.eu/en/freeradius/daily-accounting.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re :checking authorization in the duration of connection
what about this document? http://www.netexpertise.eu/en/freeradius/daily-accounting.html Outdated. Freeradius has gigaword accounting enabled by default now. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re :checking authorization in the duration of connection
On 5/5/09 14:20, Ivan Kalik wrote: what about this document? http://www.netexpertise.eu/en/freeradius/daily-accounting.html Outdated. Freeradius has gigaword accounting enabled by default now. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html It's possible even if the NAS doesn't support PoD, so long as the NAS supports the 802.1X mib, you should be able to fire off an SNMP-SET with the exec module and force re-authentication. All the required information is available in the Accounting Request the server just received. If you're really having trouble and ask nicely i'll write some example code. Arran -- Arran Cudbard-Bell (a.cudbard-b...@sussex.ac.uk), Authentication, Authorisation and Accounting Officer, Infrastructure Services (IT Services), E1-1-08, Engineering 1, University Of Sussex, Brighton, BN1 9QT DDI+FAX: +44 1273 873900 | INT: 3900 GPG: 86FF A285 1AA1 EE40 D228 7C2E 71A9 25BB 1E68 54A2 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Re :checking authorization in the duration of connection
Hi Ivan, This is outdated since Freeradius 2 but the basics remain true, ie: Create a new record each time an accounting update is received to get (as much as possible) an up-to-date database, especially when sessions last for a long time. This helps to get an updated traffic every hour for instance. I'll write a new version as soon as I get a chance for FR2. David what about this document? http://www.netexpertise.eu/en/freeradius/daily-accounting.html Outdated. Freeradius has gigaword accounting enabled by default now. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
High CPU usage after SQL failure when using buffered-sql
Hi all, First, I've used FreeRADIUS for a number of years in a number of installations, and I'm fairly comfortable with it. I have looked through the archives, as well as read the documentation, FAQ, wiki and the notes within each of the configuration files that make up FR, such as the virtual servers and modules that would be used. Now onto the issue: During testing of a new RADIUS cluster, I implemented the buffered-sql virtual server, which works fine, with the detail file poll interval set to 10 seconds. However, when I simulate a failure of the accounting MySQL server to which it normally writes, CPU usage spikes significantly, from an average of ~ 1-2% to 30+ over time. If the accounting MySQL server is unavailable for longer than 2-3 minutes, the spikes occur much more frequently. Once the SQL server returns to service, accounting records stored in the detail file are properly read and inserted into the DB, then the files are cleared, as I expected. However, the RADIUS process still maintains a higher than normal CPU load (according to top) of around 10%, which spikes to 30-40% when it is handling a new request (note the singular). The server is a dual Xeon 3.something, with 2GB RAM and SCSI disks. The server is running Debian Linux 2.6.26-2-686. FreeRADIUS is running version 2.1.4, compiled manually. During previous debugging, while running FR in debugging mode, I noted that it was attempting to read the detail file every second, sometimes less. This matches a comment made by Alan in a similar sounding issues discussed on the list in April 2008. (http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg44137.html) Is there any way to mitigate these CPU issues in version 2.1.4? -- Stephen - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: High CPU usage after SQL failure when using buffered-sql
Stephen Fulton wrote: Is there any way to mitigate these CPU issues in version 2.1.4? No. You will need to either upgrade, or *manually* pull the patches from git into a local copy of 2.1.4. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: High CPU usage after SQL failure when using buffered-sql
Thanks Alan, I'll do that. -- Stephen Alan DeKok wrote: Stephen Fulton wrote: Is there any way to mitigate these CPU issues in version 2.1.4? No. You will need to either upgrade, or *manually* pull the patches from git into a local copy of 2.1.4. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: High CPU usage after SQL failure when using buffered-sql
Alan, I forgot to ask, is the fix part of stable or development? Thanks, -- Stephen Stephen Fulton wrote: Thanks Alan, I'll do that. -- Stephen Alan DeKok wrote: Stephen Fulton wrote: Is there any way to mitigate these CPU issues in version 2.1.4? No. You will need to either upgrade, or *manually* pull the patches from git into a local copy of 2.1.4. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: High CPU usage after SQL failure when using buffered-sql
Stephen Fulton wrote: I forgot to ask, is the fix part of stable or development? Both. The next release will be off of the stable tree. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: High CPU usage after SQL failure when using buffered-sql
Thanks Alan. To follow-up, 2.1.5 was tested using my parameters, and the condition did not reappear. Cheers, -- Stephen Alan DeKok wrote: Stephen Fulton wrote: I forgot to ask, is the fix part of stable or development? Both. The next release will be off of the stable tree. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: ldap filter depending on NAS
I try to ask my questions more precisely: * what are the radius ldap attributes meant for? Is only for accounting or can we use them for something else? Nothing in any of my messages said anything about the LDAP attributes being used only for accounting. Yet here you are... ignoring all of my comments about what those attributes do, and inventing that they are only for accounting. This is known as being rude. You might disagree, but the reality is you've gone out of your way to ignore, distort, and misinterpret what I've said. There's a proverb Don't attribute to malice that what can be explained by incompetence maybe his english skills are just not so great so he mis-represented what he was trying to do. -- damjan | дамјан This is my jabber ID -- dam...@bagra.net.mk -- not my mail address, it's a Jabber ID --^ :) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re :checking authorization in the duration of connection
Hi Arran I have trouble.would you please send me codes? I don't know how those support adsl do ? when users are online during all the days and there is limitation on the traffic amount? It's possible even if the NAS doesn't support PoD, so long as the NAS supports the 802.1X mib, you should be able to fire off an SNMP-SET with the exec module and force re-authentication. All the required information is available in the Accounting Request the server just received. If you're really having trouble and ask nicely i'll write some example code. Arran - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
