dear all
i have install and follow in web site ( freeradius.org) i use default
konfiguration , when in try query radtes like this
[EMAIL PROTECTED] /usr/local/free_rd/bin/radtest steve testing
localhost 1645 testing123
Sending Access-Request of id 144 to 127.0.0.1:1812
User-Name = "steve
On 4 Oct 2004 at 15:05, Alan DeKok wrote:
am trying something like
./radclient -s 192.168.1.1 disconnect secret User-Name=username
and on NAS:
aaa pod server server-key secret
but radclient, hangs, and I done on NAS a debug aaa pod but no request is being
sent
have you manage it to work?
bu
Hi,
Thx for you help
I've commented out the sql { } lines, causes it doesn't want to work
with it.
I've this line in my radiusd.conf
sql sql1 {
$INCLUDE ${confdir}/sql_local.conf
}
If I don't comment the sql { } line in sql_local.conf the debug tells me
that it doesn't know th
On Mon, 4 Oct 2004, cris boisvert wrote:
> My Mysql database is about 50 megs right now.. because of the accounting
> table.
> How large does most people let it get before rolling it?
>
> I Guess other people will just roll it on a Time/Date basis in cron..
>
> But what if I want to keep it for a
cris boisvert escreveu:
I got 4 gigs of ram.. I hope its enough..
I've only got 1 so you should be fine.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I got 4 gigs of ram.. I hope its enough..
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Keith
Yoder
Sent: Monday, October 04, 2004 3:52 PM
To: [EMAIL PROTECTED]
Subject: Re: MYSQL Accounting Table Size?
cris boisvert escreveu:
>My Mysql database is ab
cris boisvert escreveu:
My Mysql database is about 50 megs right now.. because of the accounting
table.
How large does most people let it get before rolling it?
My radacct table is over 500 MB / 1.3 million records right now. For
now I'm just letting it grow. Make sure you have plenty of RAM
"Christopher Price" <[EMAIL PROTECTED]> wrote:
> Well, I had the LDAP auth working when I passed a cleartext password, so
> I assumed that they were stored in the clear.
No. Read the debug log to see what kind of passwords are read from LDAP.
> I attempted to use the Microsoft built-in 802.1x
Well, I had the LDAP auth working when I passed a cleartext password, so I assumed that they were stored in the clear. (I am not the administrator of the eDirectory server that I am authenticating against) I attempted to use the Microsoft built-in 802.1x client in conjunction with
My Mysql database is about 50 megs right now.. because of the accounting
table.
How large does most people let it get before rolling it?
I Guess other people will just roll it on a Time/Date basis in cron..
But what if I want to keep it for a year so I can pull stats out of it?
Can it get to a c
No wireless, wired environment! Authentication is required because the port
goes into unauthenticated state and I haven't got any network access.
[EMAIL PROTECTED] said...
-Original Message-
From: Alan DeKo
"Christopher Price" <[EMAIL PROTECTED]> wrote:
> I am running freeradius 1.0.0 and I am attempting to configure an LDAP
> backend DB to authenticate Windows users. The Windows users are using
> PEAP with MSCHAPv2. Earlier I got the LDAP authentication working with
> clear passwords, but now that th
"M.Cerqui - PUBLISHERIA" <[EMAIL PROTECTED]> wrote:
> Sorry for my bad english... the problem is, that I can't post any debug
> information because there isn't any. I start "freeradius -X" and turn "debug
> radius" on my catalyst on, but with the following windows xp configuration
> nothing occurs
[EMAIL PROTECTED] wrote:
> I been trying to find how to disconnect an actual logged user,
> radclient has a disconnect option, I wonder if anyone on the list
> has managed to work it out with it.
>
> The nas is a Cisco AS5300
Check the NAS documentation to see if it accepts disconnect packets,
Sorry for my bad english... the problem is, that I can't post any debug
information because there isn't any. I start "freeradius -X" and turn "debug
radius" on my catalyst on, but with the following windows xp configuration
nothing occurs on the server and switch until I have logged in and the
desk
I am running freeradius 1.0.0 and I am attempting to configure an LDAP
backend DB to authenticate Windows users. The Windows users are using
PEAP with MSCHAPv2. Earlier I got the LDAP authentication working with
clear passwords, but now that the passwords are being hashed. I know
that LDAP stores c
I been trying to find how to disconnect an actual logged user,
radclient has a disconnect option, I wonder if anyone on the list
has managed to work it out with it.
The nas is a Cisco AS5300
Thanks
Armando Leal.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I rather preffer pap, you just only put on risk one account not everibody
Le lundi 4 Octobre 2004 10:59, [EMAIL PROTECTED] a écrit :
> Luis Daniel Lucio Quiroz schrieb:
> > Isn't it a seccurity problem clear tex password to permit
> > CHAP?
>
> Depending on your configuration, it may be one.
> Ess
Hernan Cortez schrieb:
>
> Hi, thanks for the answer.
> Which config.h file?
> The find command show me 13 config.h files:
Sorry, I should have mentioned I was working from
memory, without access to the sources at that moment
- and of course I got the name wrong:
The file I modified is src/incl
Luis Daniel Lucio Quiroz schrieb:
> Isn't it a seccurity problem clear tex password to permit
> CHAP?
Depending on your configuration, it may be one.
Essentially, there are two possible points of attack:
- the network: Try to intercept "the password" during
transfer.
- the configuration files: T
"M.Cerqui - PUBLISHERIA" <[EMAIL PROTECTED]> wrote:
> Are you sure with this?
If cofnigured correctly, yes.
> The catalyst and Freeradius don't even move a bit before a
> successful windows login if I only use this "use user information
> from windows login" option.
So you've configured the
Isn't it a seccurity problem clear tex password to permit CHAP?
Le lundi 4 Octobre 2004 09:18, Alan DeKok a écrit :
> "Mahesh S Kudva" <[EMAIL PROTECTED]> wrote:
> > I did the same:
> >
> > username Auth-Type:= CHAP, CHAP-Password == "test"
> > Service-Type = Framed-Us
Hello,
i'm finding in logs such errors. But i know that there is 40MB free
memory on the radius server, so how it could be explained?
Mon Oct 4 17:02:58 2004 : Error: No memory
Mon Oct 4 17:02:58 2004 : Auth: Login OK: [edgars/] (from client Test port 46 cli 1.1.1.2)
Mon Oct 4 17:04:05 2004 :
Philip Ershler <[EMAIL PROTECTED]> wrote:
> OK, so here is where I'm confused.Andreas Wolf put together a binary
> distribution of freeradius with a module for osxauth.
Ah, OK.
> He made the statement that if one sets auth_type to system, the server
> would figure out which module to call.
It looks like some of the CISCO 2950 switches are sending the point to point addresses instead of the loopback addresses to the Radius server when authentication.
Does anyone know of a command that will force the switch to send the loopback address instead ?
Hi everybody,
I just followed the howto http://dslrcs.clanspace.com/forum/remark,9286052
+ the EAPTLS howto, using the some hw as the document:
AP ZyAIR B1000v2,
PCMCIA XP ZyAIR G-100,
I dont see any log between the AP and Freeradius...
The certified were installed on XP like a charm but still I do
"
That will happen automatically when you use PEAP.
..."
Are you sure with this? The catalyst and Freeradius don't even move a bit before a successful windows login if I only use this "use user information from windows login" option. Only when I activate "Authenticate as computer when i
On Mon, 4 Oct 2004, Norbert Wegener wrote:
> We are using freeradius 1.0.1 for eap/tls authentication with no
> problems so far.
>
> One of our customers has has a pki infrastructure, where some employees
> have the same name and therefore the same CN in their certificate.
>
> To distinguish betwe
Elad Kugman <[EMAIL PROTECTED]> wrote:
> I just wondering about the vendor dictionaries you told about i will be glad
> if you can be more specific .
About what? You haven't said what you want to do.
Read your NAS documentation to see what vendor attributes it
expects. Read through the vend
"M.Cerqui - PUBLISHERIA" <[EMAIL PROTECTED]> wrote:
> 1. How do I have to configure the Windows XP Client? I
> found out, that the only setup that tries to authenticate before the
> users logs in is PEAP with "Authenticate as computer when information is
> available". Is that c
"Giovanni Torrisi" <[EMAIL PROTECTED]> wrote:
> i would know if is it possible using cisco ap350 to authenticate a user =
> by radius using a login and password
Using EAP, yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
"Jankowski, Jan" <[EMAIL PROTECTED]> wrote:
> Is there a problem of "translating" the digest password into an LDAP
> password or something like that?
> I really don't understand what's going on :(
The default configuration for the "digest" module in the server is
commented out, but correct. Unc
=?iso-8859-1?Q?=D8ystein_G=E5sdal?= <[EMAIL PROTECTED]> wrote:
> Does this mean I don't have to edit the config files for winbindd and
> nmbd?
I have no idea.
> The freeradius server is not on the same subnet as the domain
> controller (NT4), and neither are my clients, and the clients locate
>
Christoph Litauer <[EMAIL PROTECTED]> wrote:
> I want to setup EAP-TTLS/PEAP for my wlan. I can find lots of howtos for
> setting up EAP-TLS with freeradius. But is there any howto for EAP-TTLS
> or PEAP?
Nope. Configure EAP-TLS, and then the ttls{} and peap{} subsections
of the eap{} configu
"Mahesh S Kudva" <[EMAIL PROTECTED]> wrote:
> I did the same:
>
> username Auth-Type:= CHAP, CHAP-Password == "test"
> Service-Type = Framed-User,
> Framed-Protocol = PPP
>
> But still the server rejects the user.
Configure a CLEAR-TEXT
We are using freeradius 1.0.1 for eap/tls authentication with no
problems so far.
One of our customers has has a pki infrastructure, where some employees
have the same name and therefore the same CN in their certificate.
To distinguish between them, we would like to use the certificate's
subje
Sorry, i didn't post the answer in the last reply.
Hi, thanks for the answer.
Which config.h file?
The find command show me 13 config.h files:
bash-3.00# find . -name config.h -print
./libltdl/config.h
./src/modules/rlm_attr_rewrite/config.h
./src/modules/rlm_che
Hi, thanks for the answer.
Which config.h file?
The find command show me 13 config.h files:
bash-3.00# find . -name config.h -print
./libltdl/config.h
./src/modules/rlm_attr_rewrite/config.h
./src/modules/rlm_checkval/config.h
./src/modules/rlm_counter/config.h
./src/modules/rlm_eap/types/rlm_eap
Kostas Kalevras wrote:
On Mon, 4 Oct 2004, Evert Meulie wrote:
Kostas Kalevras wrote:
On Mon, 13 Sep 2004, Evert Meulie wrote:
Hi everyone!
When I go into dialup_admin and then click on RADIUS clients, no clients
are showing, even though I know that one/more clients are active.
How do I fix this.
On Sun, 3 Oct 2004, EROS wrote:
> I'm still trying to make the radgroupreply work but it doesn't want
>
> Is somebody has it working (which freeradius version...) and how do I do
> to succeed ?
>
>
> thx
>
> modcall: entering group redundant for request 0
> radius_xlat: 'test001'
> rlm_sql (
On Mon, 4 Oct 2004, Jankowski, Jan wrote:
> Hi Freeradius Users,
>
> I want digest auths to be validiated against an LDAP Database and I get
> the error:
>
> rlm_ldap: - authenticate
> rlm_ldap: Attribute "User-Password" is required for authentication.
> modcall[authenticate]: module "ldap" retu
Title: Define Vendor-Specific Attribute in MYSql freeradius with vendor dictionaries how?
Hi
Alan DeKok 10x for the help
I just wondering about the vendor dictionaries you told about i will be glad if you can be more specific .
10x again
Elad
On Mon, 4 Oct 2004, Evert Meulie wrote:
> Kostas Kalevras wrote:
> > On Mon, 13 Sep 2004, Evert Meulie wrote:
> >
> >
> >>Hi everyone!
> >>
> >>When I go into dialup_admin and then click on RADIUS clients, no clients
> >>are showing, even though I know that one/more clients are active.
> >>
> >>Ho
Kostas Kalevras wrote:
On Mon, 13 Sep 2004, Evert Meulie wrote:
Hi everyone!
When I go into dialup_admin and then click on RADIUS clients, no clients
are showing, even though I know that one/more clients are active.
How do I fix this...?
Enable sql_debug. Also do you have clients configured in sq
On Mon, Oct 04, 2004 at 02:20:49AM -0700, Ivo Petrov wrote:
> I have a problem using Exec-Program. I've put the line
> in radreply table
> (4,'test1','Exec-Program',':=','/path/script') but the
> script was not executed.
> Can anybody tell me why?
> script :
> #!/bin/bash
> ps aux | grep radiusd
Hello,
see what's written in logs. Try Exec-Program-Wait instead.
Edgars
Ivo Petrov wrote:
Hi all,
I have a problem using Exec-Program. I've put the line
in radreply table
(4,'test1','Exec-Program',':=','/path/script') but the
script was not executed.
Can anybody tell me why?
script :
#!/bin/bash
p
Title: [EMAIL PROTECTED]
Hi
10x for your help..
I just wondering about the vendor dictionaries you told about i will be glad if you can be more specific .
10x again
Elad
On Sun, Oct 03, 2004 at 02:22:17AM -0700, Ivo Petrov wrote:
> Hi all,
>
> I'm trying to shape ppp+ interfaces after successful
> authentication using Exec-Program. radiusd runs as
> root,
> in mysql radreply table the last row for the user
> contains: Exec-Program = '/etc/ppp/shd %f'. Freeradius
>
Hi all,
I have a problem using Exec-Program. I've put the line
in radreply table
(4,'test1','Exec-Program',':=','/path/script') but the
script was not executed.
Can anybody tell me why?
script :
#!/bin/bash
ps aux | grep radiusd > result
When I executed the script from the shell(Linux) it
works
Hello,
RouterOS will have such a feature that you can kick user from radius
server off while he is online.
Edgars
Nurul Faizal Bin M.Shukeri wrote:
Hi again,
How am I going to kill online users other than radkill, may be
ucd-snmp. Anyone can help me..
**Nurul Faizal Bin M.Shukeri**
Pusat
Hello
I'm now trying more than a week to find a solution for my needs:
Equipment: Windows XP Client, Cisco Catalyst 2950, Freeradius Server
(Debian Linux) and Windows 2000 Domain.
Scenario:
1. Windows XP Client boots up.
2. Windows XP authenticates and brings the
hi all,
i would know if is it possible using cisco ap350 to
authenticate a user by radius using a login and password
i've try to use mac authentication and i haven't
any problem, but i have trouble to use a simple authentication with login and
passwd.
anyone can help me?
regards,
gio
Hi Freeradius Users,
I want digest auths to be validiated against an LDAP Database and I get
the error:
rlm_ldap: - authenticate
rlm_ldap: Attribute "User-Password" is required for authentication.
modcall[authenticate]: module "ldap" returns invalid for request 2
modcall: group Auth-Type return
53 matches
Mail list logo