Hi All,
I
have an existing Freeradius running in Linux box. I
use to authenticate my users in "system" box to /etc/passwd.
I am trying to implement a "callback" feature in
radius, and my entries look like this:-
dialbk Auth-Type :=
System
Service-Type = Callback-Login-User,
Hi,
I've try to use rlm_sqlcounter, it works but I don't see anything happen
after a period of Session-Timeout:
After 64 seconds of Session-Timeout, Radius don't reject that connection.
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: affected rows =
rlm_sql (sql): Released sql
Sorry not to have been clear (forget my NTRadping conf ;).
My problem is: how can I configure FreeRadius to get CVPN-3K-Groups from my
LDAP directory?
instead of having: CVPN-3k-Groups = foo
And:
1. how can I send back more than one attribute to my NAS?
2. how can I do if I want my
Hi,
I use freeradius with gatekeeper. When H323Client tries to register to
gatekeeper it asks freeradius to decide.
While debugging radius messages I found this chunk of information:
..
Service-Type = Login-User
Framed-IP-Address = 192.168.0.120
Cisco-AVPair =
Hi ,
I'm newbie and I've a big problem with rlm_ippool module (version 1.3.0).
I've written corretly configuration files as described, but I've this problems:
1)in function ippool_postauth when ceck if Pool-Name exist ---return RLM_MODULE_NOOP
2)after having comment this , callerid is null and
Is there a command
to send to disconnect a user if you are proxying requests through
FreeRadius?
Any help would be
greatly appreciated?
Troy
Linux Slackware, freeradius and mysql, my problem is that more than one
user with the same username can conect in the same time. I search for a
mode than only one user can be conect with the username. How I can resolve
this problem???
show me your gnugk configuraton =)
I'm can help.
You need to add an entry in ldap for the profile you want the reply items
taken from. Right now you have this entry to have the dial profile.
dn:
cn=dialup,cn=group,cn=radius,cn=config,ou=eaccounts,dc=megashaft,dc=com,dc=au
In that entry you need to have the reply items you want.
example.
dn:
Is testAtr in a dictionary file somewhere? You need to identify that
attribute as a radius attribute in a dictionary file.
On Wed, 3 Mar 2004, Paul Blaich wrote:
Dustin,
rad_recv: Access-Request packet from host 130.194.999.999:1365, id=2,
length=47
User-Name = blaich
I looked through the info in docs/ and didn't see what I was after.
Is it possible to specify allowed logins on a per-client basis?
For example, our Cisco VPN3015 uses freeradius to act as the authentication
server. Any users in the group vpnusers are allowed to authenticate.
What I'd like to
Hi,
I'm running Version 1.0 pre
[EMAIL PROTECTED] radius]# radiusd -v
radiusd: FreeRADIUS Version 1.0.0-pre0, for host , built on Feb 25 2004 at
13:52:30
Copyright (C) 2000-2003 The FreeRADIUS server project.
And in my radius log I keep seeing these errors. Is there a way to get the
software
I think I understand what you are saying.
You could use huntgroups and then check for a different Ldap-Group based
on the NAS-IP.
example huntgroup file
# switches/routers
netadmins NAS-IP-Address == x.x.x.x
netadmins NAS-IP-Address == y.y.y.y
# vpn concentrators
vpnusers
-Original Message-
From: [EMAIL PROTECTED] [mailto:freeradius-
[EMAIL PROTECTED] On Behalf Of Dustin Doris
Sent: Thursday, March 04, 2004 10:15 AM
To: [EMAIL PROTECTED]
Subject: Re: Per-client group matching?
I think I understand what you are saying.
...
Now, when a login comes
Hi All,
I am having difficulties stripping domain name from RADIUS
request before sending it to LDAP. I have the following in the conf file:
filter =
(uid=%{Stripped-User-Name})
However, this produces the following error:
Thu Mar 4 16:56:47 2004 : Debug:
Thread 1 handling
Hello all,
I am using Freeradius 0.9.3 on a X86 machine running
Gentoo Linux. I compiled Freeradius myself from
source. We are authenticating users from
authentication data in a MySql database. My client
machines are Ascend Max 6000 and 4000, running TAOS
9.0.9 and 7.0.28 respectively.
I am
Hello all,
I am using Freeradius 0.9.3 on a X86 machine running
Gentoo Linux. I compiled Freeradius myself fromsource.
We are authenticating users fromauthentication data in
a MySql database. My clientmachines are Ascend Max
6000 and 4000, running TAOS9.0.9 and 7.0.28
respectively.
In detail
Teoh, Chee [EMAIL PROTECTED] wrote:
I have not modified the proxy.conf file at all. So, no default realm or
bulldog realm.
The Stripped-User-Name attribute is set ONLY if you tell the server
how to strip it. The server is not a magical piece of software that
reads your mind to determine
Thanks Dustin and Alan, this works!!!
-Original Message-
From: Dustin Doris [mailto:[EMAIL PROTECTED]
Sent: Thu 04/03/2004 18:04
To: [EMAIL PROTECTED]
Cc:
Subject: RE: Stripping domain names for LDAP filter
Truong Manh Cuong [EMAIL PROTECTED] wrote:
I've try to use rlm_sqlcounter, it works but I don't see anything happen
after a period of Session-Timeout:
After 64 seconds of Session-Timeout, Radius don't reject that connection.
RADIUS doesn't force connections off-line. Read the FAQ about
Maybe somebody has a copy of the original patch without the junk?
Thanks.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Troy
Winemiller
Sent: Thursday, March 04, 2004 12:13 PM
To: [EMAIL PROTECTED]
Subject: Mikrotek + Freeradius Patch?
Hi,
I am
Wolfgang Hottgenroth [EMAIL PROTECTED] wrote:
that it is thread-safe. I assume nevertheless that the global
interpreter lock needs to be acquired before the embedded python
interpreter will run.
Probably.
So, under the assumption of pure python code the module is thread-safe
but execution
I figured it out after that! I needed to change from cn=dialup to
uid=dialup, and then it all started working.
Just a comment - Shouldn't it be possible to specify the ldap search
used to get reply attributes in the rlm_ldap configuration block in
radiusd.conf? It seems really bizzare to have
On Wed, 2004-03-03 at 10:39, Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
Hi, I am running freeradius-0.9.3 on RedHat 9.0. I have found your
documentation and faq page very helpful, however I cannot find an answer to
one question. Can Radius pass a privilege level back to a Cisco switch so
Hi, Im a Radius newb.So I have not deployed a Radius server before.
Are there any good web reviews on FreeRadius?
And does FreeRadius have a web/gui based admin and configuration tool?
And how good is Free Radius in comparison to say IC Radius? IC Radius looks
good, it has a web based admin
After spending some time perusing the mailing list I have been unable to
turn up any info on the problem I am experiencing.
I am attempting to authorise/authenticate xp supplicant to an NT4 domain
through a cisco AP. Freeradius-snapshot-20040302 is compiled with
experimental modules and eap is
Hi,
Also you could do that by including Service-Type = Administrative-User
in your Access-Accept.
So in the users file, you can configure a user like this :
super-cisco Auth-Type := Local, User-Password == whatever
cisco-avpair = shell:priv-lvl=15,
Service-Type =
Hello, your NAS is the one who responsible to disconnect the user. Try to
check your NAS.
- Original Message -
From: Truong Manh Cuong [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, March 04, 2004 4:17 PM
Subject: RE: Session-Timeout and Cisco
Hi,
I've try to use
27 matches
Mail list logo