Re: [RADIATOR] SIGHUP restart and AuthByRADSEC opens an additional socket

2013-07-11 Thread Karl Gaissmaier 
Hi,

didn't get any response for this request:

Am 10.07.2013 11:50, schrieb Karl Gaissmaier:
> Hi Radiator team,
>
> a SIGHUP to a running radiator (Version 4.11) opens an additional socket
> for AuthByRADSEC:
>
>
> before SIGHUP
>> mizar:.../~# netstat -f inet -P tcp -n | grep 193.*2083
>> 134.60.Y.X.45917 193.174.Y.X.2083  64128  0 128872  0 ESTABLISHED
>
>
> after SIGHUP
>> mizar:.../~# netstat -f inet -P tcp -n | grep 193.*2083
>> 134.60.Y.X.45917 193.174.Y.X.2083  64128  0 128872  0 ESTABLISHED
>> 134.60.Y.X.57680 193.174.Y.X.2083   9792  0 128872  0 ESTABLISHED
>
>

Please check it whether it's a local oder general problem.

Regards
Charly

___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

Re: [RADIATOR] logging EAP method

2013-07-11 Thread Stuart Kendrick 
Thank you Hugh

--sk

On 7/11/2013 7:03 PM, Hugh Irvine wrote:
> Hello Stuart -
>
> Have a look at the code in "Radius/EAP.pm".
>
> The EAPType is added to the current request as 
>
>   $p->{EAPType}
>
> and the name is added as
>
>   $p->{EAPTypeName}
>
> You can easily write a little hook to use one or the other or both.
>
> regards
>
> Hugh
>
>
> On 12 Jul 2013, at 04:32, Stuart Kendrick  wrote:
>
>> Is there a way to log the EAP method employed?
>>
>> I'm doing this currently:
>> LogSuccess 1
>> SuccessFormat%l: wap: OK: %U: %n: %c: %{NAS-Identifier}: %T: 
>> %{Calling-Station-Id}: %{Called-Station-Id}
>> LogFailure 1
>> FailureFormat%l: wap: FAIL: %U: %n: %c: %{NAS-Identifier}: %T: 
>> %{Calling-Station-Id}: %{Called-Station-Id}
>>
>> I was imagining something like %{EAP Method} ... but I don't see such a 
>> token defined in "Section 5.2 Special characters" of the manual (pp. 
>> 20-24) ...
>>
>> [I'm trying to figure out which clients are still using LEAP ... ergo my 
>> desire to log the EAP method ...]
>>
>> --sk
>>
>> Stuart Kendrick
>> FHCRC
>> ___
>> radiator mailing list
>> radiator@open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>
> --
>
> Hugh Irvine
> h...@open.com.au
>
> Radiator: the most portable, flexible and configurable RADIUS server 
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER etc. 
> Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
>

___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

Re: [RADIATOR] logging EAP method

2013-07-11 Thread Hugh Irvine 

Hello Stuart -

Have a look at the code in "Radius/EAP.pm".

The EAPType is added to the current request as 

$p->{EAPType}

and the name is added as

$p->{EAPTypeName}

You can easily write a little hook to use one or the other or both.

regards

Hugh


On 12 Jul 2013, at 04:32, Stuart Kendrick  wrote:

> Is there a way to log the EAP method employed?
> 
> I'm doing this currently:
> LogSuccess 1
> SuccessFormat%l: wap: OK: %U: %n: %c: %{NAS-Identifier}: %T: 
> %{Calling-Station-Id}: %{Called-Station-Id}
> LogFailure 1
> FailureFormat%l: wap: FAIL: %U: %n: %c: %{NAS-Identifier}: %T: 
> %{Calling-Station-Id}: %{Called-Station-Id}
> 
> I was imagining something like %{EAP Method} ... but I don't see such a 
> token defined in "Section 5.2 Special characters" of the manual (pp. 
> 20-24) ...
> 
> [I'm trying to figure out which clients are still using LEAP ... ergo my 
> desire to log the EAP method ...]
> 
> --sk
> 
> Stuart Kendrick
> FHCRC
> ___
> radiator mailing list
> radiator@open.com.au
> http://www.open.com.au/mailman/listinfo/radiator


--

Hugh Irvine
h...@open.com.au

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. 
Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.

___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

[RADIATOR] logging EAP method

2013-07-11 Thread Stuart Kendrick 
Is there a way to log the EAP method employed?

I'm doing this currently:
 LogSuccess 1
 SuccessFormat%l: wap: OK: %U: %n: %c: %{NAS-Identifier}: %T: 
%{Calling-Station-Id}: %{Called-Station-Id}
 LogFailure 1
 FailureFormat%l: wap: FAIL: %U: %n: %c: %{NAS-Identifier}: %T: 
%{Calling-Station-Id}: %{Called-Station-Id}

I was imagining something like %{EAP Method} ... but I don't see such a 
token defined in "Section 5.2 Special characters" of the manual (pp. 
20-24) ...

[I'm trying to figure out which clients are still using LEAP ... ergo my 
desire to log the EAP method ...]

--sk

Stuart Kendrick
FHCRC
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

[RADIATOR] Radiator + libtnc + tpm platform authentication IMC

2013-07-11 Thread Florian Kabus 
Hello,

I know this is maybe not the right place to ask, but as my last hope:

Are there any experiences, resources, hints regarding implementation of 
an TPM platform authentication on windows clients in conjunction with 
radiator?

classic scenario:
We would like to authenticate Win 7 endpoints with certificates stored 
on the TPM and thus based on the identity deny or permit access to the 
enterprise network.

Regards,

Florian Kabus
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator