How to delete a attribute
Hello! How can I delete a attribute in request via unlang code? Michael - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Failed to insert event, freeradius 2.0.3
Hi, I got this message and freeradius stoped work: Rejecting request 0 due to lack of any response from home server 192.168.0.10 port 1812 There was no response configured: rejecting request 0 Finished request 0. [event.c:969] Failed to insert event How can I fix that? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
copy-acct-to-home-server example. need help
Hi,
I use copy-acct-to-home-server example but the virtual server doesn't
sends requests to the home server.
I tried to proxy requests by Proxy-To-Realm attribute but it doesn't works.
my configuration files:
sites-available/copy-acct-to-home-server:
server copy-acct-to-home-server {
listen {
type = detail
filename = ${radacctdir}/detail
load_factor = 10
}
preacct {
update control {
Proxy-To-Realm := CLD
}
}
accounting {
ok
}
pre-proxy {
}
post-proxy {
}
}
proxy.conf:
realm CLD {
type= radius
accthost= 10.6.1.91:1813
secret = testing123
}
I'm newbie and have no experience with freeradius. Maybe I forgot to
add something in configuration files...
Log:
Polling for detail file /usr/local/var/log/radius/radacct/detail
Waking up in 0.9 seconds.
User-Name = test
User-Password = pass
Framed-Protocol = PPP
NAS-Port-Id = 11123
+- entering group accounting
expand:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
- /usr/local/var/log/radius/radacct/127.0.0.1/detail-20080403
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to /usr/local/var/log/radius/radacct/127.0.0.1/detail-20080403
expand: %t - Thu Apr 3 20:01:53 2008
++[detail] returns ok
Finished request 0.
Cleaning up request 0 ID 83 with timestamp +61
Going to the next request
Waking up in 0.6 seconds.
Polling for detail file /usr/local/var/log/radius/radacct/detail
Thank you.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: copy-acct-to-home-server example. need help
Which version are you using? 2.0.3 has some fixes over 2.0.2...
I'm using FreeRadius 2.0.3.
User-Name = test
User-Password = pass
Uh... no. That is an authentication request, not an accounting
request. The server does NOT read authentication requests from the
detail file.
I tried to send test requests by following command:
$echo User-Name=test,Password=pass,Framed-Protocol=PPP,Nas-Port-ID=11123
| radclient 127.0.0.1:1813 acct testing123
You have a virtual server somewhere with only the detail module
listed in the accounting section. I have no idea why that one is
being run rather than this one...
I use sites-available/default file to configure other virtual server:
authorize {
}
authenticate {
}
preacct {
}
accounting {
detail
}
session {
}
post-auth {
}
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: copy-acct-to-home-server example. need help
Polling for detail file /usr/local/var/log/radius/radacct/detail
Waking up in 0.9 seconds.
User-Name = test
User-Password = pass
Uh... no. That is an authentication request, not an accounting
request. The server does NOT read authentication requests from the
detail file.
I sent accounting request but virtual server doesn't proxy this
request to destination.
Polling for detail file /usr/local/var/log/radius/radacct/detail
Waking up in 0.9 seconds.
Acct-Session-Id = 606B
User-Name = Fnord
NAS-IP-Address = 192.168.3.5
NAS-Port-Id = 32
NAS-Port-Type = Async
Acct-Status-Type = Start
Connect-Info = 46000 LAPM/V42BIS
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Address = 192.168.5.66
Acct-Delay-Time = 0
+- entering group accounting
expand:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
- /usr/local/var/log/radius/radacct/127.0.0.1/detail-20080403
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to /usr/local/var/log/radius/radacct/127.0.0.1/detail-20080403
expand: %t - Thu Apr 3 21:31:40 2008
++[detail] returns ok
Finished request 0.
Cleaning up request 0 ID 148 with timestamp +98
Going to the next request
Polling for detail file /usr/local/var/log/radius/radacct/detail
Waking up in 0.9 seconds.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: proxy to 2 servers
How can I confugure the server to read the log file and proxy the requests to another server? raddb/sites-available/copy-acct-to-home-server freeradius proxy server has to send all requests to 2 radius servers but proxy server has to modify attributes (by rule in hints file) in requests to 1 server and hasn't to modify attributes in requests to 2 server. Is this possible? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
build freeradius 2.0.3 on ubuntu(debian)
Hello, After installation freeradius server 2.0.3 on Ubuntu 7.10 with: ./configure ./make ./make install I got this message: $ radiusd x radiusd: error while loading shared libraries: libfreeradius-radius-2.0.3.so: cannot open shared object file: No such file or directory How can I fix that? Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: build freeradius 2.0.3 on ubuntu(debian)
after $ ldconfig it works fine now. On Wed, Apr 2, 2008 at 8:38 PM, Nicolas Goutte [EMAIL PROTECTED] wrote: Am 02.04.2008 um 18:28 schrieb Mikhail Novikov: Hello, After installation freeradius server 2.0.3 on Ubuntu 7.10 with: ./configure ./make ./make install I got this message: $ radiusd x radiusd: error while loading shared libraries: libfreeradius-radius-2.0.3.so: cannot open shared object file: No such file or directory How can I fix that? If you have installed under /usr/local be sure that dynamic libraries are found there too. (For security reasons, it is not always the case unter Linux.) Have a nice day! Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Nicolas Goutte extragroup GmbH - Karlsruhe Waldstr. 49 76133 Karlsruhe Germany Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: proxy to 2 servers
I found example:
listen {
...
}
client one {
...
virtual_server = server_one
}
client two {
...
virtual_server = server_two
}
server server_one {
authorize {
...
}
...
}
server server_two {
authorize {
...
}
...
}
How can I specify:
1) server_one has to modify and proxy requests to 192.168.0.10:1812
2) server_two has to proxy requests to 192.168.0.11:1812
?
On Wed, Apr 2, 2008 at 6:42 PM, Alan DeKok [EMAIL PROTECTED] wrote:
Mikhail Novikov wrote:
freeradius proxy server has to send all requests to 2 radius servers but
proxy server has to modify attributes (by rule in hints file) in
requests to 1 server and hasn't to modify attributes in requests to 2
server.
Is this possible?
Yes. You can run the requests through different virtual servers.
This is documented. There are examples.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: proxy to 2 servers
How can I specify:
1) server_one has to modify and proxy requests to 192.168.0.10:1812
2) server_two has to proxy requests to 192.168.0.11:1812
put the required attribute filters and rewrites into
each server section. then they'll do the right thing. I'd use
unlang to write the Proxy stuff for each server too. then
proxy.conf is easy/easier - you just define the 2 REALMS
and have those servers you mentioned within their correct realms.
Iserver_one and server_two have to process all requests.
Are following realms correct?
realm DEFAULT {
type= radius
authhost= 192.168.0.10:1812
accthost= 192.168.0.10:1813
secret = testing123
}
realm DEFAULT {
type= radius
authhost= 192.168.0.11:1812
accthost= 192.168.0.11:1813
secret = testing123
}
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: proxy to 2 servers
realm DEFAULT1 {
type= radius
authhost= 192.168.0.10:1812
accthost= 192.168.0.10:1813
secret = testing123
}
realm DEFAULT2 {
type= radius
authhost= 192.168.0.11:1812
accthost= 192.168.0.11:1813
secret = testing123
}
and use unlang to set the Proxy-To-Realm for each server
Should I put the Proxy-To-Realm code to preacct section?
server server_one {
...
preacct {
preprocess
acct_unique
suffix
update control {
Proxy-To-Realm := DEFAULT1
}
files
}
}
server server_two {
...
preacct {
preprocess
acct_unique
suffix
update control {
Proxy-To-Realm := DEFAULT2
}
files
}
}
Thanks a lot.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hints file and proxy.conf
Hello.
This is part of proxy.conf file
realm DEFAULT {
type= radius
authhost= radius.company1.com:1600
accthost= radius.company1.com:1601
secret = testing123
}
realm DEFAULT {
type= radius
authhost= radius.company2.com:1600
accthost= radius.company2.com:1601
secret = testing123
}
Requests to radius.company1.com should be modified by rules in hints
file. But requests to radius.company2.com should not.
Which option have I to add to turn off modifying attributes for
radius.company2.com?
Thanks.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
proxy to 2 servers
Hello, I have freeradius proxy server which have to send all requests to 2 radius servers. Is freeradius possible to handle this and what the rules should I write in proxy.conf? Thanks. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: proxy to 2 servers
Is freeradius possible to handle this and what the rules should I write in proxy.conf? You have to configure the server to log to the detail file (or multiple detail files), and then read that, and proxy those requests to another server. How can I confugure the server to read the log file and proxy the requests to another server? Which options exactly should I write in configuration files? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hint. Need help
Hello Please, what the hint should I add to hints file to remove Nas-Port-ID attribute Nas-Port-ID = GigabitEthernet 0/0/3.23203101:2321-121 and add PortID like this PortID = 2321-121 ? Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Modifying attributes
Hello. I have another question: FreeRadius is installed and works like proxy RADIUS server. But one attribute in requests should be modified. Proxy have to change this field Nas-Port-ID = GigabitEthernet 0/0/2.12111010:1211-820 to this PortLLID = 1211-820 What should I do? Best regards, Michael Novikov - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Performance and hardware
Hello. I have a question about FreeRadius: RADIUS proxy server (FreeRadius) should perform 150 - 250 requests per second. Some attributes in requests have to be modified (rules is specified in hints file). OS is Debian Linux. How much memory should have the server? What the processor (in GHz) do you recommend? Best regards, Michael - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
