PEAP gives the opportunity to solve this problem, but maybe there's an
option in the windows 802.1x client that,
if checked, passes the logon information...I thinks it's like Use computer
information if available(?).
Hope this helps...
Michael Schwartzkopff wrote:
we set up a system for 802.1x
Hello!
I'm trying to restrict client access to my access point by radius using EAP.
It seems to work fine up tp Stage 4, where it sends Access-Challenge.
After that everything seems to fail.
I've included a dump of radius chat, radiusd debug output and my
radiusd.conf
Thanks in advance for any
So, it will reject users that is not in the /etc/raddb/users file?
Regards,
ro0ot
NGUYEN Tuan Anh wrote:
It works!!
Thank you very much Artur!!
Ciao
Artur Hecker wrote:
hi
ok, that's a bit messy though. take a look at the mysql config and
the queries mentioned in the sql.conf file. see also the
It works!!
Thank you very much Artur!!
Ciao
Artur Hecker wrote:
hi
ok, that's a bit messy though. take a look at the mysql config and the
queries mentioned in the sql.conf file. see also the default profile.
play with it and its options and add an Auth-Type := Reject to the
default profile.
On Thu, May 27, 2004 at 09:36:18PM -0500, Michael Griego wrote:
Try the attached patch to the sha1.c file and see if that takes care of
the problem.
I've been working and coding on this all night, and I might have an answer.
Seems that endianess isn't an issue - more probably the SHA1 code and
hi
i m trying to configure peap with xp clients
i ve differents problems :
first when i click properties for peap for a dell true mobile i have an
error of windows ( explorer.exe send to microsoft etc )
if someone has had this problem ( i have all the services packs and hotfixes )
seconf
On Thu, 27 May 2004, Joseph Silvin wrote:
Hi,
I am not putting the brackets. It is coming automatically.
So use rlm_attr_rewrite to cut them off.
Also, just check this link and tell me does it have any bearing on what we
are trying to achieve.
On Thu, 27 May 2004, Jean-Marie GUILLEMOT wrote:
Hello everybody,
I'm using Freeradius 0.9.3 on a RedHat 7.3.
I'm trying to make a kind of hot spot thanks to the counter module of
freeradius.
I want people to authenticate one time for a defined amount of seconds (120
in
my example).
Hi ro0ot,
Actually, I don't use users files, all users' information is kept in
MySQL, the serveur will send a Acess-reject if the user is not in the
DataBase
Regards,
ro0ot wrote:
So, it will reject users that is not in the /etc/raddb/users file?
Regards,
ro0ot
NGUYEN Tuan Anh wrote:
It works!!
Kostas Kalevras
I'm having problems to change the user in windows xp. I tried peap the first time with
a correct user and everything was fine but now I want to do a prove with another user
but I'm not prompted anymore to intro a new one and it uses the previous one all the
time(and I have reconfigured the
I'm having problems to change the user in windows xp. I tried peap the
first time with a correct user and everything was fine but now I want to
do a prove with another user but I'm not prompted anymore to intro a new
one and it uses the previous one all the time(and I have reconfigured the
Hi,
Thanks, I change my value to "jujai" but it still give me the same error!
Any Suggestion?
Regards
AlexanderKiran [EMAIL PROTECTED] wrote:
You need to have "jujai" in your table.--- Alexander Khoo <[EMAIL PROTECTED]>wrote: Hi all, My goal is to use Freeradius with the sql module for
Hi,
I was sorry but i really do not know what u trying to say.
Can expain in more detail.
apprrciate you can do that.
AlexanderAlan DeKok [EMAIL PROTECTED] wrote:
Alexander Khoo <[EMAIL PROTECTED]>wrote: auth: type "System" modcall: entering group authenticate for request 0
Hello.
I´ve got a serious problem with customers connection the freeradius-
server
with username an password.
We are using a MAX2000 and freeradius.
Connection-profiles configured on freeradius with CLID a working very
well.
Only those with username and passwort are making trouble:
Here is
Hi,
I was sorry but i really do not know what u trying to say.
Can expain in more detail.
apprrciate you can do that.
Use a usual unix login/password to authenticate on Radius, and this
password is in /etc/passwd.
Fred
Alexander
Alan DeKok [EMAIL PROTECTED] wrote:
Alexander Khoo
Hi,
How should I configure the clients.conf if I would like that each nas,
which want to connect to my Radius can do it.
Beacuse they have dinamic ip address, so I can't set this in the
clients.conf.
Maybe you can use hostname and dns resover..
client 0.0.0.0{
secret= mysecret } any
I had that problem too. Typical for Microsoft isn't it. Always doing
you a favour. I worked around this by rechecking the automatically use
my windows login checkbox and then unchecking it again. I hope this helps.
-Barry
BLANCA FERRERO RODRIGUEZ wrote:
I'm having problems to change the
There's a Microsoft KB article on this. I can't remember the title
offhand, though. It tells you which registry entry to delete in order
to force the eapol client to re-ask for credentials.
--Mike
On Fri, 2004-05-28 at 07:38, Barry Stewart wrote:
I had that problem too. Typical for
hi all,
i'm using freeradius with EAP-TLS and windows clients ( xp/2000). with the
user certificates i have no problem but with the machine certificate there
is no tls-handshake.
i installed the certificate in the local computer store and the
certificate CN match the FQDN .
i think the reason
Hi,
Sorry, I can't help you, but maybe you can help me, what answer your
windows 2k send to the A.P EAP request Identity packet ?
Thx
Fred
hi all,
i'm using freeradius with EAP-TLS and windows clients ( xp/2000). with the
user certificates i have no problem but with the machine certificate
Hallo,
i'm using the last cvs copy of radiusd annd i get the following error message
when eap-sim request reaches the freeradius server:
--LOG START
rad_recv: Access-Request packet from host 192.168.192.168:6001, id=1,
length=142
- Mensaje original -
De: Michael Griego [EMAIL PROTECTED]
Fecha: Viernes, Mayo 28, 2004 2:48 pm
Asunto: Re: how to change xp client using peap
There's a Microsoft KB article on this. I can't remember the title
offhand, though. It tells you which registry entry to delete in order
to
Hallo,
some more information:
$ nm /usr/lib/rlm_eap_sim-1.0.0-pre0.so
2a3c A _DYNAMIC
2b44 A _GLOBAL_OFFSET_TABLE_
w _Jv_RegisterClasses
2a2c d __CTOR_END__
2a28 d __CTOR_LIST__
2a34 d __DTOR_END__
2a30 d __DTOR_LIST__
1a24 r __FRAME_END__
2a38 d
Hi group
Im new to linux and RADIUS and have a few questions regarding configuring my
radius server
I have installed Cistron Radius 1.6.6 on my redhat 9.0 machine. My goal is
to authenticate all users on a wireless 802.1x network, and here are the
specs.
Router: 10.10.0.1
Gateway(Clark
Hi group
Im new to linux and RADIUS and have a few questions regarding configuring
my
radius server
I have installed Cistron Radius 1.6.6 on my redhat 9.0 machine. My goal is
to authenticate all users on a wireless 802.1x network, and here are the
specs.
Router: 10.10.0.1
Gateway(Clark
Bill Thompson [EMAIL PROTECTED] wrote:
I actually have the system working, but with one show stopping problem. I
am able to authenticate through PAM, but certain attributes such as
FilterId, SessionTimeout, and IdleTimeout are not being passed from PAM to
radius.
Why would they *ever* be
On Thu, May 27, 2004 at 05:03:26PM -0400, Alan DeKok wrote:
You can then run it on two machines, use 'grep' to pull out the
MSCHAP lines from the debug log, and then use 'diff' to see where they
differ. This will let you track down where the problem occurs.
I've traced the bug down to SHA1
ro0ot [EMAIL PROTECTED] wrote:
So, it will reject users that is not in the /etc/raddb/users file?
No.
If that was true, then people using SQL + users wouldn't be able
to use SQL.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Dinko Korunic [EMAIL PROTECTED] wrote:
I've been working and coding on this all night, and I might have an answer.
Seems that endianess isn't an issue - more probably the SHA1 code and macros,
which confuse gcc (3.3, 2.95, etc.) on Alpha architecture.
Ah. That's why it works fine on
Markus Ebel [EMAIL PROTECTED] wrote:
I've got a serious problem with customers connection the freeradius-
server with username an password.
I'll say. You're trying to authenticate users, but you haven't told
FreeRADIUS what their password is.
modcall: entering group Auth-Type
rlm_chap:
Simeon Penev [EMAIL PROTECTED] wrote:
radiusd: error while loading shared
libraries: /usr/lib/rlm_eap_sim-1.0.0-pre0.so: undefined symbol:
map_eapsim_basictypes
Try statically linking the server.
$ ./configure --disable-shared
$ make
$ make install
This issue happens mainly on certain
sorry for off-topic postings..a thought of a commercial break perhaps
check this out... http://212.165.141.4/sell/test.htm
interested? pls. let me know your thoughts.
thank you. :)
//milver
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hi everybody,
is there a way to configure freeradius to NOT answer to a NAS if the
mysql-backend is down, so that the nas can switch to the next secondary
configured freeradius server with its own mysql-backend?
i tested freeradius and shutted down the mysqlserver, the request from
the nas came
Hi,all.
(B
(BI want to set up freeradius which use users file and sql database for
(Buser authenticating.
(B
(BBut I can not set up well.
(BCan I set up freeradius as follow?
(B
(B
(B1.Checking users file
(B If the User-Name is found,check the User-Password.
(B if the User-Password
Hi,
after running configure --prefix=/usr/local/raddb --with-experimental-modules
--disable-shared i get the following error message:
rm -f .libs/radiusdS.c .libs/radiusd.nm .libs/radiusd.nmS .libs/radiusd.nmT
gcc .libs/radiusdS.o -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS
On Fri, May 28, 2004 at 03:53:21PM +0200, Simeon Penev wrote:
Hallo,
i'm using the last cvs copy of radiusd annd i get the following error message
when eap-sim request reaches the freeradius server:
--LOG START
rad_recv:
Hi,
my system is fedora core 2. The libtool has version 1.5.6-1.
Actually i had the problem on fedora core 1 too (libtool-libs-1.5-8.i386).
Regards,
Simeon
Am Friday 28 May 2004 17:42 schrieb Paul Hampson:
On Fri, May 28, 2004 at 03:53:21PM +0200, Simeon Penev wrote:
Hallo,
i'm using the
On Sat, May 29, 2004 at 01:42:03AM +1000, Paul Hampson wrote:
If so, this is a known problem due to a change in how libltdl loads
shared libraries. See FreeRADIUS bug #75. If you're using Debian, get a
copy of libltdl3 1.5.2-1 and see if it fixes the problem. Also see
Debian bug #244578
On Fri, May 28, 2004 at 05:05:04PM +0200, Dinko Korunic wrote:
void SHA1Final(uint8_t *out, void* ctx);
uint32_t rol(uint32_t value, uint32_t bits);
Doh. Sorry, I've missed that you've added SHA1FinalNoLen() as SHA1-M
implementation of FIPS 186-2 Appendix 3.3 in recent CVS sha1. Here's the
It seems that this should not be so hard; I am sure I am making a stupid
mistake somewhere, but I just don't see it.
I am attempting to set up freeradius 0.9.3 (redhat) to use (initially) one
of several Windows 2003 AD for authentication. I am, however, unable to
get the first one to work. I
Jens Riecken [EMAIL PROTECTED] wrote:
modcall: entering group authenticate for request 1
rlm_eap: EAP packet type notification id 1 length 42
rlm_eap: EAP Start not found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - leap
rlm_eap: processing type leap
Yes I am interested in your app. What are the details?
Is it complete, is it commercial or free?
Are you looking for testers?
Original Message
From: Milver S. Nisay [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, May 28, 2004 10:28 AM
Subject: web based account administration
Dinko Korunic [EMAIL PROTECTED] wrote:
Here's the updated version - which is working well according to test
vectors I've got from your old code. I hope I didn't break EAP-SIM
:)
I've just commited an update to the existing SHA1 code. I realized
that I had hacked md4/md5, to use uint32_t
Is CN=User\\, Asteroid,OU=System Accounts... a valid user with read
access to AD?
It seems that this should not be so hard; I am sure I am making a stupid
mistake somewhere, but I just don't see it.
I am attempting to set up freeradius 0.9.3 (redhat) to use (initially) one
of several
On Fri, May 28, 2004 at 06:09:19PM +0200, Simeon Penev wrote:
my system is fedora core 2. The libtool has version 1.5.6-1.
Actually i had the problem on fedora core 1 too (libtool-libs-1.5-8.i386).
Try it now, using a snapshot which has
src/modules/rlm_eap/types/rlm_eap_sim/Makefile.in v1.2 in
On Fri, May 28, 2004 at 01:08:26PM -0400, Alan DeKok wrote:
The new code passes my tests, and should pass yours, too.
Yeps, works. It looks a bit messy, though, but works for both padded and
unpadded outputs for test vectors.
Excellent, I'm glad that's fixed.
--
| |--..-. Dinko
Thanks for the reply. Yes, it is a goofy name, but I am told it does
have read access on AD (it is in the 'domain user' group).
From: Dustin Doris [EMAIL PROTECTED] on Fri, 28 May 2004 13:16:20 -0400
Is CN=User\\, Asteroid,OU=System Accounts... a valid user with read
access to AD?
It
hello
i need access for my user form switch extreme networks wireless, but
extreme only use radius server, and i need use my LDAP server for
validation on my users.
the free radius recibe calls from extreme switch but the radius recibe
EAP signal. follow text
auth: type EAP
modcall: entering
Alan, the User Change Password Administrator etc., are already part
of the LDAP schema (under the attribute securityRole) e.g.
Uid=testuser
Attribute Value
securityRoleUsers
Alan DeKok wrote:
The value should have the operator in it. e.g.
Hi
I am running freeradius 0.9.3 on RH 9. Authentication works fine using the
radtest tool. But when I try to set authentication for sshd located under
/etc.pam.d/sshd as per the documentation give in the site, freeradius just
fails to authenticate. pam module is also installed under the
51 matches
Mail list logo