EAP/TLS problem: Received unexpected tunneled data after successf ul handshake

I was hoping the list could assist with a particular problem using EAP/TLS. The version of freeradius is : FreeRADIUS Version 1.0.0-pre0, for host , built on Mar 3 2004 at 01:53:39. The setup involves an XP supplicant, Cisco AP and freeradius. System authentication using PEAP is successful. >From

EAP-MD5 problem!

Hello, I need to help about EAP-MD5 Authentication. (B (BI have LD-WL54G/AP(LANEED) and LD-WL54AG/PCI(LANEED). (BThese are wireless products. (BAnd I use FreeRadius 0.9.3 on FreeBSD. (B (BEthereals on bothends report that EAP-MD5 Challenge Response is Success. (BI can see 'EAP-Success' on 'R

how to configure my radius server as a proxy

hi all i want to know how i can configure my radius server as a proxy server which sends requests to another main server. where all do i have to make changes. what changes do i have to make in the realms configuration . i dont understand where realms fit in and what are the hints file. please help.

unsubscribe

unsubscribe Do you Yahoo!? Yahoo! Search - Find what you’re looking for faster.

Configuring Server for Access-Challenge Response

How does one configure the server to generate an Access-Challenge response when it gets an Access-Request from the client? I do not want to use CHAP or MS-CHAP or any extentions like EAP. Basically, I have a situation where I want the Radius client to accept a user name and password and sends an

Accounting-Response sent on failure

Hi, I'm using Freeradius v0.8.1 with an accounting module that I developed, along with "detail", "acct_unique", and the other methods that come with the distribution. The problem I'll describe here may have been fixed in a later release - let me know if so. My module returns "RLM_OK" if it wor

How to configure RADIUS attribute Session-timeout

Title: How to configure RADIUS attribute Session-timeout All: In RFC 2869: If RADIUS attribute Session-Timeout is present in an Access-Challenge packet that also contains an EAP-Message, the value of the Session-Timeout provides the NAS (in our case, a Cisco AiroNet 350) with the maximum

Re: EAP-FAST

[EMAIL PROTECTED] wrote: > Any plans on supporting EAP-FAST? Sure, submit a patch and we'll add it in. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Accounting-Request!!!!

Where it is the archive that goes off the command sql for the Mysql? the command is Accounting-Request Thank's Herbert Souza __ Yahoo! Mail - O melhor e-mail do Brasil! Abra sua conta agora: http://br.yahoo.com/info/mail.html

Re: radiusd stopps after receiving a proxyradius answer with an Cisco-AVPair

On Wed, 10 Mar 2004 10:34:11 -0500 "Alan DeKok" <[EMAIL PROTECTED]> wrote: > > I have now following problem: > > as soon the proxyradius includes Cisco-AVPairs in its replay the freeradiusd > > stopps to handle packets. I can see that the radiusd receives the answer, but > > it sends never this

Re: WinXP and Framed-IP-Address (OT?)

> Hello! > >Thankx for stright answers :). > > > > Or, can the Framed-IP-Address somehow update the win xp ip address? > > > Is this possible? > > > > No. > > Is there some way how to map clients (from accounting log) to for example > dhcp ip address assigments? > Or is there some way to get

EAP-FAST

Any plans on supporting EAP-FAST? Seems to be a good option to LEAP. http://www.cisco.com/en/US/products/hw/wireless/ps430/products_qanda_item091 86a00802030dc.shtml Please comment. Advertencia:La informacion contenida en este mensaje es confidencial y restringida, por lo tanto esta destinada un

Re: freeradius-0.9.3 error

Bernie Liwanag escreveu: What is the meaning of the error below: Error: Discarding new request from client :1645 - ID: 178 due to live request 590 Thanks! Bernie I think someone said on this list a while back that it could be your cpu is overloaded or your database is taking too long to re

Re: Duplicate login

Bernie Liwanag escreveu: Thanks for the reply I found that there are certain users that has -00-00 00:00:00 value in their AcctstopTime in my SQL database.Unless I change the the Simultaneous-Use = 2 they will not be able to login again. So temporarily I changed the affected dialup users Simul

Help sql.conf error!!!!!!!!

Helo I am mounting one abiente of VOIP, I installed the GateKeeper Gnugk and that to enter with the Freeradius. I installed the Mysql in version 4.0.18 and freeradius in version 0.8.1 and 0.9.3 and when gatekeeper goes to make the Account on/of occurs the error of command of sql.conf: rlm_sql (s

Re: decoding cisco vpn3k vsa

Didier Conchaudron <[EMAIL PROTECTED]> wrote: > I'm using FR 0.9.3 with lastest snapshot dictionary and I've still my cisco > vpn3k vsa not decoded. The VPN 3000 dictionary is commented out in the default configuration, because the Altiga dictionary is identical to it. You can comment-out the

Re: Configuring freeradius for BBSM Hotspot

"Tobias Bergs" <[EMAIL PROTECTED]> wrote: > Well it seems to be easy for you but I'm totally new to Radius in general > and I don't know what to do next. Then buy the RADIUS book, and read the FreeRADIUS documentation. > I have modified the client.conf file in the following way: ... That's a

Re: WinXP and Framed-IP-Address (OT?)

"Pavol Zibrita" <[EMAIL PROTECTED]> wrote: > Is there some way how to map clients (from accounting log) to for example > dhcp ip address assigments? Look at the logs, and try to compare MAC addresses. > Or is there some way to get dhpc "communicate" with freeradius? Not right now. I'd lik

Re: LDAP and EAP-MD5 authentication problems

Thanks Kostas ... MS 802.1x clients (challenger-md5) with freeradius and ldap never will work For success, chose PEAP and MS-CHAPv2 (thanks Rogerio) I will post all config files later ... Kostas Kalevras wrote: On Mon, 8 Mar 2004, Fernando Lunardelli wrote: Hi, Im still with problems in ld

freeradius-0.9.3 error

What is the meaning of the error below:   Error: Discarding new request from client :1645 - ID: 178 due to live request 590   Thanks!   Bernie

Re: LDAP and EAP-MD5 authentication problems

On Mon, 8 Mar 2004, Fernando Lunardelli wrote: > Hi, Im still with problems in ldap and eap-md5 authentication > > Local eap-md5 authentication is fine ... radtest with ldap is fine too > without authorize and authenticate eap > > Both eap-md5 and ldap doesnt work ... [] > > rlm_ldap: perf

Re: EAP-TTLS-EAP-*

"Tom Rixom" <[EMAIL PROTECTED]> wrote: > That seems to do the trick ;) I'll commit that change, then. > Still getting a double EAP-Message but SecureW2 always read the last > EAP-Message so the authentication succeeds :) I'm leery of shipping software to work around bugs in oher software. If

Re: radiusd stopps after receiving a proxyradius answer with an Cisco-AVPair

ueli heuer <[EMAIL PROTECTED]> wrote: > I have now following problem: > as soon the proxyradius includes Cisco-AVPairs in its replay the freeradiusd > stopps to handle packets. I can see that the radiusd receives the answer, but > it sends never this answer back to the NAS It's a bug in he ser

Re: Configuring freeradius for BBSM Hotspot

Hi there, I fixed my problem. Thank's a lot for your effort. It was more a problem of the Radius Client than of the server. Bye busche > Yes I tried that one. The server starts, gives some output(output seems to > be normal for me, no errors) and when I test the server with radtest > locally >

radiusd stopps after receiving a proxyradius answer with an Cisco-AVPair

Hi, I'm using different radius-serversfor our NAS. The NAS are configuerd to use the freeradiusd as there aaa servers. the freeradius servers works then as a proxy server to the other radius-servers with the userdata. the other radiusserver are not under my control :( I have now following pr

Re: Duplicate login

Thanks for the reply I found that there are certain users that has -00-00 00:00:00 value in their AcctstopTime in my SQL database.Unless I change the the Simultaneous-Use = 2 they will not be able to login again. So temporarily I changed the affected dialup users Simultaneous-Use = 2 until I so

Re: Configuring freeradius for BBSM Hotspot

Yes I tried that one. The server starts, gives some output(output seems to be normal for me, no errors) and when I test the server with radtest locally from the Radius server I get an Access Accept from the server. So I think the problem is somewhere between the Radius Server and the Radius Client

Re: Duplicate login

Bernie Liwanag escreveu: Hi to All, I would like to find out the reason why are my dialup users can not login/authenticate to my freeradius server, the message is "Auth: Multiple logins (max 1)" but I dont see any user currently login in my Cisco 5350 RAS. Please give some advise. Thanks a lot!

Re: Configuring freeradius for BBSM Hotspot

Might be stating the obvious in which case I apologies but ... Have you tried running freeradius in debug mode and looking through the output ? radiusd -xx http://www.zurowski.btinternet.co.uk";>John Zurowski From: "Tobias Bergs" <[EMAIL PROTECTED]

decoding cisco vpn3k vsa

Hi all, I'm using FR 0.9.3 with lastest snapshot dictionary and I've still my cisco vpn3k vsa not decoded. User-Name = "full_radius_group" NAS-Port = 0 Service-Type = Framed-User Framed-Protocol = PPP Tunnel-Client-Endpoint:0 = "10.3.25.1" Attr-201588758 =

Relocation error in eap-sim

Hi, I am using freeradius-snapshot-20040302.tar.gz version. I am getting error in EAP-SIM module, I configured the radiusd.conf to have eap default as sim module and in users file I have a sim user, as shown below [EMAIL PROTECTED] Auth-Type := EAP, Autz-Type:= EAP, EAP-Type := SIM and in

Re: Configuring freeradius for BBSM Hotspot

Hi, Well it seems to be easy for you but I'm totally new to Radius in general and I don't know what to do next. So here is what I did so far: I have modified the client.conf file in the following way: client { secret = shortname = nastype = cisco (not quite sure if that is right also tried other)

Duplicate login

Hi to All, I would like to find out the reason why are my dialup users can not login/authenticate to my freeradius server, the message is "Auth: Multiple logins (max 1)" but I dont see any user currently login in my Cisco 5350 RAS. Please give some advise. Thanks a lot! Bernie - List info/

VSA to SQL

Hi ALL I have some trouble. I cant insert to sql database the VSA from my NAS (Xpgk). In dictionary I have record: ATTRIBUTE h323-remote-id 264 string Cisco In mssql.conf I put the @Service='%{h323-remote-id}' but to sql table put null. Help pls. WBR, Da

Re: WinXP and Framed-IP-Address (OT?)

Hello! Thankx for stright answers :). > > Or, can the Framed-IP-Address somehow update the win xp ip address? > > Is this possible? > > No. Is there some way how to map clients (from accounting log) to for example dhcp ip address assigments? Or is there some way to get dhpc "communicate" wi

RE: EAP-TTLS-EAP-*

Hi Alan, That seems to do the trick ;) Still getting a double EAP-Message but SecureW2 always read the last EAP-Message so the authentication succeeds :) Thanks! Tom > -Original Message- > From: Alan DeKok [mailto:[EMAIL PROTECTED] > Sent: Tuesday, March 09, 2004 6:08 PM > To: [EMAIL P