Setup freeradius for intranet desktop client

2005-11-15 Thread mahesh luhar 
Dear All,

I have installed radius server Version 1.0.5 on linux 9.  I would like to 
use feeradius server following usage.

(1)  Intranet desktop client authentication for internet access with limited no 
of ports as outgoing destination ports.
(2)  Few users on cable modem.  Can i setup radius functionality for such users.

Please guide

Regards,

Mahesh Luhar
   

-- 
___

Search for businesses by name, location, or phone number.  -Lycos Yellow Pages

http://r.lycos.com/r/yp_emailfooter/http://yellowpages.lycos.com/default.asp?SRC=lycos10


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Problem with EAP/TLS and XP SP2

2005-11-10 Thread mahesh luhar 

- Original Message -
From: Hal Pomeranz [EMAIL PROTECTED]
To: freeradius-users@lists.freeradius.org
Subject: Problem with EAP/TLS and XP SP2
Date: Wed, 2 Nov 2005 21:22:55 -0800

 
 Radius Server: Freeradius 1.0.5 on Solaris 8 (Sparc)
 Client:Windows XP (SP2), Intel PRO/Wireless 2915 (a/b/g)
 Access Point:  DLink DI-784
 
 I'm having trouble getting my laptop (running Windows XP SP2) to
 authenticate to my access point using EAP/TLS.  XP shows the wireless
 interface hung forever in Attempting to authenticate state.  I've
 been beating my head against this all day without success, although I
 think I'm close and just missing something stupid and obvious.
 
 In the debugging log from radiusd -X below, I can see my laptop
 communicating with the radius server.  I'm definitely seeing the
 correct username (HalPomeranz) from the certificate I installed
 on the laptop.  The radius server is finding the username entry
 in my users file.  The only thing that looks like an error is
 the lines that read:
 
rlm_eap_tls:  TLS 1.0 Handshake [length 005e], CertificateRequest
  TLS_accept: SSLv3 write certificate request A
  TLS_accept: SSLv3 flush data
  TLS_accept:error in SSLv3 read client certificate A
 
 I Googled a bit for this error message and turned up some mailing list
 traffic describing similar problems, but no solutions.  Perhaps this
 is a red herring, however.
 
 Note that I am successfully using this same radius server to
 authenticate some older clients which use LEAP to connect via a
 different access point, so I'm thinking my radius config is basically
 sound.
 
 Does anybody have any suggestions for how to resolve my problem?
 Anybody seen anything like this before?  Thanks in advance...
 
 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 Hal Pomeranz, Founder/CEO  Deer Run Associates  [EMAIL PROTECTED]
  Network Connectivity and Security, Systems Management, Training
 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 
 Starting - reading configuration files ...
 reread_config:  reading radiusd.conf
 Config:   including file: /var/freeradius/etc/raddb/proxy.conf
 Config:   including file: /var/freeradius/etc/raddb/clients.conf
 Config:   including file: /var/freeradius/etc/raddb/snmp.conf
 Config:   including file: /var/freeradius/etc/raddb/eap.conf
 Config:   including file: /var/freeradius/etc/raddb/sql.conf
   main: prefix = /var/freeradius
   main: localstatedir = /var/freeradius/var
   main: logdir = /var/freeradius/var/log/radius
   main: libdir = /var/freeradius/lib
   main: radacctdir = /var/freeradius/var/log/radius/radacct
   main: hostname_lookups = no
   main: max_request_time = 30
   main: cleanup_delay = 5
   main: max_requests = 1024
   main: delete_blocked_requests = 0
   main: port = 1812
   main: allow_core_dumps = no
   main: log_stripped_names = no
   main: log_file = /var/freeradius/var/log/radius/radius.log
   main: log_auth = no
   main: log_auth_badpass = no
   main: log_auth_goodpass = no
   main: pidfile = /var/freeradius/var/run/radiusd/radiusd.pid
   main: user = radiusd
   main: group = radiusd
   main: usercollide = no
   main: lower_user = no
   main: lower_pass = no
   main: nospace_user = no
   main: nospace_pass = no
   main: checkrad = /var/freeradius/sbin/checkrad
   main: proxy_requests = yes
   proxy: retry_delay = 5
   proxy: retry_count = 3
   proxy: synchronous = no
   proxy: default_fallback = yes
   proxy: dead_time = 120
   proxy: post_proxy_authorize = yes
   proxy: wake_all_if_all_dead = no
   security: max_attributes = 200
   security: reject_delay = 1
   security: status_server = no
   main: debug_level = 0
 read_config_files:  reading dictionary
 read_config_files:  reading naslist
 Using deprecated naslist file.  Support for this will go away soon.
 read_config_files:  reading clients
 read_config_files:  reading realms
 radiusd:  entering modules setup
 Module: Library search path is /var/freeradius/lib
 Module: Loaded exec
   exec: wait = yes
   exec: program = (null)
   exec: input_pairs = request
   exec: output_pairs = (null)
   exec: packet_type = (null)
 rlm_exec: Wait=yes but no output defined. Did you mean output=none?
 Module: Instantiated exec (exec)
 Module: Loaded expr
 Module: Instantiated expr (expr)
 Module: Loaded PAP
   pap: encryption_scheme = crypt
 Module: Instantiated pap (pap)
 Module: Loaded CHAP
 Module: Instantiated chap (chap)
 Module: Loaded MS-CHAP
   mschap: use_mppe = yes
   mschap: require_encryption = no
   mschap: require_strong = no
   mschap: with_ntdomain_hack = no
   mschap: passwd = (null)
   mschap: authtype = MS-CHAP
   mschap: ntlm_auth = (null)
 Module: Instantiated mschap (mschap)
 Module: Loaded System
   unix: cache = no
   unix: passwd = (null)
   unix: shadow = (null)
   unix: group = (null)
   unix: radwtmp = /var/freeradius/var/log/radius/radwtmp
   unix: usegroup = no
   unix: cache_reload = 600
 Module: