Re: Deployment
tech.subscripti...@shepherdhill.biz wrote: I am trying to move to the production server after due tests. I installed version 2.1.6 on CentOS 5.2. Funnily I am getting Segmentation fault error when my hints file is to be loaded. The debug message is: ... Segmentation fault My Hints file gives error when this is inserted: DEFAULT User-Name =~ '^([...@]+)(@zmobile.com)?$', NAS-IP-Address == 10.76.100.69 User-Name := %{1} Alan DeKok wrote: Please see doc/bugs It's not a problem on any system I have access to. I have done the gdb and valgrind dumps. They are on: http://www.leadservers.com/gdb-radiusd.log http://www.leadservers.com/valgrind-radiusd.log Kindly assist. Cheers, Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Deployment
Sir, I am trying to move to the production server after due tests. I installed version 2.1.6 on CentOS 5.2. Funnily I am getting Segmentation fault error when my hints file is to be loaded. The debug message is: server { modules { Module: Checking authenticate {...} for more modules to load Module: Checking authorize {...} for more modules to load Module: Linked to module rlm_preprocess Module: Instantiating preprocess preprocess { huntgroups = /etc/raddb/huntgroups hints = /etc/raddb/hints with_ascend_hack = no ascend_channels_per_line = 23 with_ntdomain_hack = no with_specialix_jetstream_hack = no with_cisco_vsa_hack = no with_alvarion_vsa_hack = no } Segmentation fault My Hints file gives error when this is inserted: DEFAULT User-Name =~ '^([...@]+)(@zmobile.com)?$', NAS-IP-Address == 10.76.100.69 User-Name := %{1} Kindly assist. Cheers, Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User-Id and Calling-Station-Id matching
Put Calling-Station-Id, expression and =~ as operator for that user in radcheck. But regex is not working well in 2.1.3. Better wait a few days for 2.1.4. Please when would version 2.1.4 be released. Cheers, Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User-Id and Calling-Station-Id matching
Sorry, I am newbie and have been using GUI RADIUS Server all through. You have given *no* details about how or why or where this is coming from but I'm guessing from your single example you are looking for: /etc/freeradius/users DEFAULT Calling-Station-Id !~ [0-9]+%{User-Id}$, Auth-Type := Reject I presume this expression would do the magic for me. But if for SQL authentication how do I enforce that from the SQL tables? This assumes: 1) User-Id is an attribute, I'm guessing you actually mean UserName Yes, I mean UserName. Cheers. Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
User-Id and Calling-Station-Id matching
Hi, To prevent impersonation, we need to match User-Id and Calling-Station-Id during authentication. User-Id of the form 4371104 and Calling-Station-Id of the 234001014371104. Please how do I achieve this? Regards, Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Realms Extraction
Hi, I added: DEFAULT User-Name =~ ^([...@]+)@isp.com, NAS-IP-Address == 127.0.0.1 User-Name := %{1} and this is my debug: rad_recv: Access-Request packet from host 127.0.0.1 port 36732, id=6, length=59 User-Name = 4371104 User-Password = 4371104 NAS-IP-Address = 127.0.0.1 NAS-Port = 0 +- entering group authorize {...} [preprocess]expand: %{User-Name} - 4371104 [preprocess] hints: Matched DEFAULT at 52 [preprocess]expand: %{1} - ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = , looking up realm NULL [suffix] No such realm NULL ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop [sql] expand: %{User-Name} - [sql] sql_set_user escaped user -- '' and failed authentication. Kindly assist. Thanks. Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Realms Extraction
and failed authentication. Kindly assist. Write a *correct* regular expression that matches the incoming User-Name. That is the assistance I need - writing the correct regular expression. Regards, Chris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Omitting Password
Hi, Our users are CDMA phones. The login credentials are: Username: phone...@isp.com Password: phone_no Please is it possible to make the RADIUS Server not to ask for password again and simply use the phone_no stripped from the username? Cheers. Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Best Config
Hi, From experience, what would be the best server configuration for 200,000 users with 75,000 concurrent users throttling 50,000 connections per second (with 1 NAS Client) in terms of: 1. Hardware configuration 2. Chooise of DB (PostgreSQL or MySQL) 3. FreeRadius Configuration (max_request_time, cleanup_delay, max_requests, max_servers, min_spare_servers, max_spare_servers, etc) Regards, Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Groups Authentication
Quoting freeradius-users-requ...@lists.freeradius.org: I am new to FreeRADIUS. We have these groups and I wonder if FreeRADIUS is capable of handling authentication for them with this time frame: 1. EASY - 24hrs access valid or 1 month 2. BUSY - 24hrs access valid for 14 days 3. BUSINESS - 08:00 - 18:00 valid for 1 month 4. RELAX - Monday to Thursday 18:00 - 23:00, Friday (08:00) - Sunday (23:00) Yes. Look up Expiration and Login-Time attributes. Thanks. Definitely Expiration attribute would have to be per user. But which is better/possible for Login-Time - do I create Login-Time attribute for each user or I create each group with Login-Time and assign each user to the group he belongs? Regards, Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Groups Authentication
Hi, I am new to FreeRADIUS. We have these groups and I wonder if FreeRADIUS is capable of handling authentication for them with this time frame: 1. EASY - 24hrs access valid or 1 month 2. BUSY - 24hrs access valid for 14 days 3. BUSINESS - 08:00 - 18:00 valid for 1 month 4. RELAX - Monday to Thursday 18:00 - 23:00, Friday (08:00) - Sunday (23:00) Regards, Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html