Re: Deployment
tech.subscripti...@shepherdhill.biz wrote:
I am trying to move to the production server after due tests. I
installed version 2.1.6 on CentOS 5.2. Funnily I am getting Segmentation
fault error when my hints file is to be loaded. The debug message is:
...
Segmentation fault
My Hints file gives error when this is inserted:
DEFAULT User-Name =~ '^([...@]+)(@zmobile.com)?$', NAS-IP-Address ==
10.76.100.69
User-Name := %{1}
Alan DeKok wrote:
Please see doc/bugs
It's not a problem on any system I have access to.
I have done the gdb and valgrind dumps. They are on:
http://www.leadservers.com/gdb-radiusd.log
http://www.leadservers.com/valgrind-radiusd.log
Kindly assist.
Cheers,
Chris.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Deployment
Sir,
I am trying to move to the production server after due tests. I
installed version 2.1.6 on CentOS 5.2. Funnily I am getting
Segmentation fault error when my hints file is to be loaded. The debug
message is:
server {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_preprocess
Module: Instantiating preprocess
preprocess {
huntgroups = /etc/raddb/huntgroups
hints = /etc/raddb/hints
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
with_alvarion_vsa_hack = no
}
Segmentation fault
My Hints file gives error when this is inserted:
DEFAULT User-Name =~ '^([...@]+)(@zmobile.com)?$', NAS-IP-Address ==
10.76.100.69
User-Name := %{1}
Kindly assist.
Cheers,
Chris.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User-Id and Calling-Station-Id matching
Put Calling-Station-Id, expression and =~ as operator for that user in radcheck. But regex is not working well in 2.1.3. Better wait a few days for 2.1.4. Please when would version 2.1.4 be released. Cheers, Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User-Id and Calling-Station-Id matching
Sorry, I am newbie and have been using GUI RADIUS Server all through.
You have given *no* details about how or why or where this is coming
from but I'm guessing from your single example you are looking for:
/etc/freeradius/users
DEFAULT Calling-Station-Id !~ [0-9]+%{User-Id}$, Auth-Type := Reject
I presume this expression would do the magic for me. But if for SQL
authentication how do I enforce that from the SQL tables?
This assumes:
1) User-Id is an attribute, I'm guessing you actually mean UserName
Yes, I mean UserName.
Cheers.
Chris.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
User-Id and Calling-Station-Id matching
Hi, To prevent impersonation, we need to match User-Id and Calling-Station-Id during authentication. User-Id of the form 4371104 and Calling-Station-Id of the 234001014371104. Please how do I achieve this? Regards, Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Realms Extraction
Hi,
I added:
DEFAULT User-Name =~ ^([...@]+)@isp.com, NAS-IP-Address == 127.0.0.1
User-Name := %{1}
and this is my debug:
rad_recv: Access-Request packet from host 127.0.0.1 port 36732, id=6,
length=59
User-Name = 4371104
User-Password = 4371104
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
+- entering group authorize {...}
[preprocess]expand: %{User-Name} - 4371104
[preprocess] hints: Matched DEFAULT at 52
[preprocess]expand: %{1} -
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = , looking up realm NULL
[suffix] No such realm NULL
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[sql] expand: %{User-Name} -
[sql] sql_set_user escaped user -- ''
and failed authentication. Kindly assist.
Thanks.
Chris.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Realms Extraction
and failed authentication. Kindly assist. Write a *correct* regular expression that matches the incoming User-Name. That is the assistance I need - writing the correct regular expression. Regards, Chris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Omitting Password
Hi, Our users are CDMA phones. The login credentials are: Username: phone...@isp.com Password: phone_no Please is it possible to make the RADIUS Server not to ask for password again and simply use the phone_no stripped from the username? Cheers. Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Best Config
Hi, From experience, what would be the best server configuration for 200,000 users with 75,000 concurrent users throttling 50,000 connections per second (with 1 NAS Client) in terms of: 1. Hardware configuration 2. Chooise of DB (PostgreSQL or MySQL) 3. FreeRadius Configuration (max_request_time, cleanup_delay, max_requests, max_servers, min_spare_servers, max_spare_servers, etc) Regards, Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Groups Authentication
Quoting freeradius-users-requ...@lists.freeradius.org: I am new to FreeRADIUS. We have these groups and I wonder if FreeRADIUS is capable of handling authentication for them with this time frame: 1. EASY - 24hrs access valid or 1 month 2. BUSY - 24hrs access valid for 14 days 3. BUSINESS - 08:00 - 18:00 valid for 1 month 4. RELAX - Monday to Thursday 18:00 - 23:00, Friday (08:00) - Sunday (23:00) Yes. Look up Expiration and Login-Time attributes. Thanks. Definitely Expiration attribute would have to be per user. But which is better/possible for Login-Time - do I create Login-Time attribute for each user or I create each group with Login-Time and assign each user to the group he belongs? Regards, Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Groups Authentication
Hi, I am new to FreeRADIUS. We have these groups and I wonder if FreeRADIUS is capable of handling authentication for them with this time frame: 1. EASY - 24hrs access valid or 1 month 2. BUSY - 24hrs access valid for 14 days 3. BUSINESS - 08:00 - 18:00 valid for 1 month 4. RELAX - Monday to Thursday 18:00 - 23:00, Friday (08:00) - Sunday (23:00) Regards, Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
