How to delete a attribute
Hello! How can I delete a attribute in request via unlang code? Michael - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Failed to insert event, freeradius 2.0.3
Hi, I got this message and freeradius stoped work: Rejecting request 0 due to lack of any response from home server 192.168.0.10 port 1812 There was no response configured: rejecting request 0 Finished request 0. [event.c:969] Failed to insert event How can I fix that? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
copy-acct-to-home-server example. need help
Hi, I use copy-acct-to-home-server example but the virtual server doesn't sends requests to the home server. I tried to proxy requests by Proxy-To-Realm attribute but it doesn't works. my configuration files: sites-available/copy-acct-to-home-server: server copy-acct-to-home-server { listen { type = detail filename = ${radacctdir}/detail load_factor = 10 } preacct { update control { Proxy-To-Realm := CLD } } accounting { ok } pre-proxy { } post-proxy { } } proxy.conf: realm CLD { type= radius accthost= 10.6.1.91:1813 secret = testing123 } I'm newbie and have no experience with freeradius. Maybe I forgot to add something in configuration files... Log: Polling for detail file /usr/local/var/log/radius/radacct/detail Waking up in 0.9 seconds. User-Name = test User-Password = pass Framed-Protocol = PPP NAS-Port-Id = 11123 +- entering group accounting expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d - /usr/local/var/log/radius/radacct/127.0.0.1/detail-20080403 rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/127.0.0.1/detail-20080403 expand: %t - Thu Apr 3 20:01:53 2008 ++[detail] returns ok Finished request 0. Cleaning up request 0 ID 83 with timestamp +61 Going to the next request Waking up in 0.6 seconds. Polling for detail file /usr/local/var/log/radius/radacct/detail Thank you. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: copy-acct-to-home-server example. need help
Which version are you using? 2.0.3 has some fixes over 2.0.2... I'm using FreeRadius 2.0.3. User-Name = test User-Password = pass Uh... no. That is an authentication request, not an accounting request. The server does NOT read authentication requests from the detail file. I tried to send test requests by following command: $echo User-Name=test,Password=pass,Framed-Protocol=PPP,Nas-Port-ID=11123 | radclient 127.0.0.1:1813 acct testing123 You have a virtual server somewhere with only the detail module listed in the accounting section. I have no idea why that one is being run rather than this one... I use sites-available/default file to configure other virtual server: authorize { } authenticate { } preacct { } accounting { detail } session { } post-auth { } - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: copy-acct-to-home-server example. need help
Polling for detail file /usr/local/var/log/radius/radacct/detail Waking up in 0.9 seconds. User-Name = test User-Password = pass Uh... no. That is an authentication request, not an accounting request. The server does NOT read authentication requests from the detail file. I sent accounting request but virtual server doesn't proxy this request to destination. Polling for detail file /usr/local/var/log/radius/radacct/detail Waking up in 0.9 seconds. Acct-Session-Id = 606B User-Name = Fnord NAS-IP-Address = 192.168.3.5 NAS-Port-Id = 32 NAS-Port-Type = Async Acct-Status-Type = Start Connect-Info = 46000 LAPM/V42BIS Service-Type = Framed-User Framed-Protocol = PPP Framed-IP-Address = 192.168.5.66 Acct-Delay-Time = 0 +- entering group accounting expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d - /usr/local/var/log/radius/radacct/127.0.0.1/detail-20080403 rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/127.0.0.1/detail-20080403 expand: %t - Thu Apr 3 21:31:40 2008 ++[detail] returns ok Finished request 0. Cleaning up request 0 ID 148 with timestamp +98 Going to the next request Polling for detail file /usr/local/var/log/radius/radacct/detail Waking up in 0.9 seconds. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: proxy to 2 servers
How can I confugure the server to read the log file and proxy the requests to another server? raddb/sites-available/copy-acct-to-home-server freeradius proxy server has to send all requests to 2 radius servers but proxy server has to modify attributes (by rule in hints file) in requests to 1 server and hasn't to modify attributes in requests to 2 server. Is this possible? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
build freeradius 2.0.3 on ubuntu(debian)
Hello, After installation freeradius server 2.0.3 on Ubuntu 7.10 with: ./configure ./make ./make install I got this message: $ radiusd x radiusd: error while loading shared libraries: libfreeradius-radius-2.0.3.so: cannot open shared object file: No such file or directory How can I fix that? Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: build freeradius 2.0.3 on ubuntu(debian)
after $ ldconfig it works fine now. On Wed, Apr 2, 2008 at 8:38 PM, Nicolas Goutte [EMAIL PROTECTED] wrote: Am 02.04.2008 um 18:28 schrieb Mikhail Novikov: Hello, After installation freeradius server 2.0.3 on Ubuntu 7.10 with: ./configure ./make ./make install I got this message: $ radiusd x radiusd: error while loading shared libraries: libfreeradius-radius-2.0.3.so: cannot open shared object file: No such file or directory How can I fix that? If you have installed under /usr/local be sure that dynamic libraries are found there too. (For security reasons, it is not always the case unter Linux.) Have a nice day! Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Nicolas Goutte extragroup GmbH - Karlsruhe Waldstr. 49 76133 Karlsruhe Germany Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: proxy to 2 servers
I found example: listen { ... } client one { ... virtual_server = server_one } client two { ... virtual_server = server_two } server server_one { authorize { ... } ... } server server_two { authorize { ... } ... } How can I specify: 1) server_one has to modify and proxy requests to 192.168.0.10:1812 2) server_two has to proxy requests to 192.168.0.11:1812 ? On Wed, Apr 2, 2008 at 6:42 PM, Alan DeKok [EMAIL PROTECTED] wrote: Mikhail Novikov wrote: freeradius proxy server has to send all requests to 2 radius servers but proxy server has to modify attributes (by rule in hints file) in requests to 1 server and hasn't to modify attributes in requests to 2 server. Is this possible? Yes. You can run the requests through different virtual servers. This is documented. There are examples. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: proxy to 2 servers
How can I specify: 1) server_one has to modify and proxy requests to 192.168.0.10:1812 2) server_two has to proxy requests to 192.168.0.11:1812 put the required attribute filters and rewrites into each server section. then they'll do the right thing. I'd use unlang to write the Proxy stuff for each server too. then proxy.conf is easy/easier - you just define the 2 REALMS and have those servers you mentioned within their correct realms. Iserver_one and server_two have to process all requests. Are following realms correct? realm DEFAULT { type= radius authhost= 192.168.0.10:1812 accthost= 192.168.0.10:1813 secret = testing123 } realm DEFAULT { type= radius authhost= 192.168.0.11:1812 accthost= 192.168.0.11:1813 secret = testing123 } - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: proxy to 2 servers
realm DEFAULT1 { type= radius authhost= 192.168.0.10:1812 accthost= 192.168.0.10:1813 secret = testing123 } realm DEFAULT2 { type= radius authhost= 192.168.0.11:1812 accthost= 192.168.0.11:1813 secret = testing123 } and use unlang to set the Proxy-To-Realm for each server Should I put the Proxy-To-Realm code to preacct section? server server_one { ... preacct { preprocess acct_unique suffix update control { Proxy-To-Realm := DEFAULT1 } files } } server server_two { ... preacct { preprocess acct_unique suffix update control { Proxy-To-Realm := DEFAULT2 } files } } Thanks a lot. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hints file and proxy.conf
Hello. This is part of proxy.conf file realm DEFAULT { type= radius authhost= radius.company1.com:1600 accthost= radius.company1.com:1601 secret = testing123 } realm DEFAULT { type= radius authhost= radius.company2.com:1600 accthost= radius.company2.com:1601 secret = testing123 } Requests to radius.company1.com should be modified by rules in hints file. But requests to radius.company2.com should not. Which option have I to add to turn off modifying attributes for radius.company2.com? Thanks. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
proxy to 2 servers
Hello, I have freeradius proxy server which have to send all requests to 2 radius servers. Is freeradius possible to handle this and what the rules should I write in proxy.conf? Thanks. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: proxy to 2 servers
Is freeradius possible to handle this and what the rules should I write in proxy.conf? You have to configure the server to log to the detail file (or multiple detail files), and then read that, and proxy those requests to another server. How can I confugure the server to read the log file and proxy the requests to another server? Which options exactly should I write in configuration files? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hint. Need help
Hello Please, what the hint should I add to hints file to remove Nas-Port-ID attribute Nas-Port-ID = GigabitEthernet 0/0/3.23203101:2321-121 and add PortID like this PortID = 2321-121 ? Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Modifying attributes
Hello. I have another question: FreeRadius is installed and works like proxy RADIUS server. But one attribute in requests should be modified. Proxy have to change this field Nas-Port-ID = GigabitEthernet 0/0/2.12111010:1211-820 to this PortLLID = 1211-820 What should I do? Best regards, Michael Novikov - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Performance and hardware
Hello. I have a question about FreeRadius: RADIUS proxy server (FreeRadius) should perform 150 - 250 requests per second. Some attributes in requests have to be modified (rules is specified in hints file). OS is Debian Linux. How much memory should have the server? What the processor (in GHz) do you recommend? Best regards, Michael - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html