Ok, I will look elsewhere for client info. But what about my server
question? In freeradius, how do I set the RADIUS packet code to 11? So that
when a client contacts the server, an access-challenge will be issued? Can
you help me with the correct syntax? I assume it is done in the users file.
hi,
I am not able to make the freeradius server successfully authenticate the end-user.
I installed freeradius version 1.0.0 in linux redhat 9 server and it successfully compiled. I did all the configuration that is neccessary according to some documents on the net. I am using EAP(PEAP) with
Hi List,
Is there a way to tell/configure detail module to log just specific
attribute-value pairs into detail file?
Say I just need the ff. to be logged:
1. callingstationid
2. calledstationid
3. h323connecttime
4. h323disconnecttime
5. acctdelaytime
6. h323confid
TIA,
Roy
-
List
On Wed, Nov 03, 2004 at 07:27:18PM +0100, Roberto Re wrote:
hi,
I have applied the patch yesterday only, but the problem still exists.
The cursors are allocated and they continuously increase up to the maximum
limit imposed by Oracle to the db.
I have analysed some of the queries
Hello Thor,
Mike Everest wrote:
Mike Everest [EMAIL PROTECTED] wrote:
Well, yes - in many ways it does. Is there no way that I am able
to use a custom table for additional checks then?
Maybe multiple queries in the authorize_check_query would solve a bit.
Hmm - can it be done then?
Hello,
i'm new on Radius. I have this problem: i use Radius on a Fedora Core
2 and a terminal server, a Dec 900 tm. I want to log all the action
of the users of the Dec, but in the file of log i find only this:
User-name
Nas-Ip-Address
Nas-Port
Client-Ip-Address
Time-stamp
The attributes that i
Dear All,
i am using freeradius 0.9.3 and trying to authenticate using crypt
password stored in LDAP, in another field rather that he usual userPassword.
-in the authorize section i added: ldap
-in the authenticate section i added: ldap, as well
-in the ldap section i added:
Kostas Zorbadelos writes:
I am not using RADGROUPCHECK and RADGROUPREPLY either so I have
commented out all the relevant lines for them (including the queries)
in oraclesql.conf. I haven't noticed any problem with cursor
allocating in oracle 8i. Our DBA told me that there are database
parameters
On Thu, 4 Nov 2004, Ossama Suleiman wrote:
Dear All,
i am using freeradius 0.9.3 and trying to authenticate using crypt
password stored in LDAP, in another field rather that he usual userPassword.
-in the authorize section i added: ldap
-in the authenticate section i added: ldap, as well
Matt [EMAIL PROTECTED] wrote:
Ok, I will look elsewhere for client info. But what about my server
question? In freeradius, how do I set the RADIUS packet code to 11?
If you're trying to send a challenge for the same reasons as your
last message, the answer is you're wasting your time.
Frankie Chan [EMAIL PROTECTED] wrote:
I installed freeradius version 1.0.0 in linux redhat 9 server and it
successfully compiled. I did all the configuration that is
neccessary according to some documents on the net. I am using
EAP(PEAP) with MSCHAPv2 for authentication. However the end-user
ROY [EMAIL PROTECTED] wrote:
Is there a way to tell/configure detail module to log just specific
attribute-value pairs into detail file?
No. The detail module logs all of the attributes in the packet.
You can always post-process the detail file with a script, and
grep to get only certain
eLLe By [EMAIL PROTECTED] wrote:
Is the wrong editing of the file radius.conf the reason of this error,
or is the Nas that don't send the right information to Radius?
The NAS isn't sending the right information to RADIUS.
See the FAQ. If an attribute isn't in the detail file, it's because
Daniel Davidson [EMAIL PROTECTED] wrote:
while looking at the radiusd.conf file, I noticed that the ldap area
said something about that to use the sambaNTPassword field that it has
to start with a 0x. Does this mean that in LDAP that this value must be
stored as:
sambaNTPassword:
It never gives one with this configuration, it just keeps repeating the
same request over and over again, never accepting or rejecting after the
Access-Challenge is sent back to the access point.
Dan
On Thu, 2004-11-04 at 10:48, Alan DeKok wrote:
Daniel Davidson [EMAIL PROTECTED] wrote:
Hi all
I have 2 Cisco ATA 186 and in my network exists a server running
FreeRADIUS-1.0.0 and another server running vovida software (vocal-1.5)
- vocal software is about a the server SIP. I want to know if ATA 186
is possible authentication in the FreeRADIUS server - which dictionary
that if
Are you sure that you have the CA certificate you're using with
FreeRADIUS installed on the XP system you're using as a supplicant?
This could be a symptom of XP not recognizing the signer of the
certificate presented in the 802.1x conversation and refusing to
continue authentication.
FYI, here,
Thanks for the info, now we are getting somewhere I just have unchecked
the validate server certificate area for now. Now I am getting a
rejection. Any ideas?
thanks again for the help,
Dan
rad_recv: Access-Request packet from host 128.174.124.2:1024, id=0,
length=224
User-Name =
Daniel Davidson [EMAIL PROTECTED] wrote:
Thanks for the info, now we are getting somewhere I just have unchecked
the validate server certificate area for now. Now I am getting a
rejection. Any ideas?
You said you were storing the passwords in LDAP, but the debug log
doesn't show the LDAP
I uncommented and did appropriate changes (below) to the ldap section of
the modules area. What else needs done? I am deleting the commented
lines.
Dan
ldap {
server = lap server's real name
basedn = ou=People,dc=igb,dc=uiuc,dc=edu
filter
I uncommented and did appropriate changes (below) to the ldap section of
the modules area. What else needs done? I am deleting the commented
lines.
Un-comment other references to ldap in radiusd.conf.
At least in the authorize section.
Alan DeKok.
-
List info/subscribe/unsubscribe?
That did it, thanks everyone,
Dan
On Thu, 2004-11-04 at 12:49, Alan DeKok wrote:
I uncommented and did appropriate changes (below) to the ldap section of
the modules area. What else needs done? I am deleting the commented
lines.
Un-comment other references to ldap in radiusd.conf.
: entering group accounting for request 3
radius_xlat: '/var/log/radius/radacct/10.100.255.17/detail-20041104'
rlm_detail: /var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to /var/log/radius/radacct/10.100.255.17/detail-20041104
modcall[accounting]: module detail returns ok for request 3
Continued from Cisco-AVPair Help (help!!) Part 1:
radiusd.conf file:
##
## radiusd.conf -- FreeRADIUS server configuration file.
##
## http://www.freeradius.org/
## $Id: radiusd.conf.in,v 1.188 2004/05/13 20:10:19 pnixon Exp $
##
# The location of other config files and
#
Hope there is somebody here who can point me in the right direction. I
have been been trying for several weeks to get a freeradius system up
and running. I have been trying to use openssl so that I can generate
certificates in order to use eap-tls. I have had major problems trying
to get openssl
Matthew Ryan [EMAIL PROTECTED] wrote:
I have an ambition to write a module for FreeRadius and am having quite
a bit of difficulty.
- I basically took rlm_example, made a copy and renamed it
- Made all modifications to the C file
- Every other file that needed correct references
-
I am trying to
simulate a scenario and I would like to be able to configure a +1 sec delay in
the radius servers response
to my authentication
request.
Is there something I
can configure to add a delay in the response being sent.
Thanks,
Sharon
Sharon Auby [EMAIL PROTECTED] wrote:
I am trying to simulate a scenario and I would like to be able to configure
a +1 sec delay in the radius servers response
to my authentication request.
Is there something I can configure to add a delay in the response being
sent.
In the users file:
Alan,
Thanks for your response.
The Fall-Through command... will it cause the server to drop the first
request?
I really need the Server to respond to the 1st request after 1-2 seconds of
receiving it.
I imagine sleep 2 will also work.
Thanks for the info!
Sharon
-Original Message-
Let me just make sure I'm clear on this idea... Your AP will give out
private IP addresses from a DHCP pool (presumably with 802.11x so you
get the good WPA-Enterprise security) and then the machine must launch
a PPP tunnel (over PPTP/L2TP I presume?) which then authenticates to
the RADIUS
Odds are you didn't add it to the right place in radiusd.conf, or
tell the server to use it for authentication.
I double checked how I added this module and it seems fine
modules {
mymodule {
}
.. etc etc
}
authorize {
mymodule
.. etc etc
}
Craig Huckabee wrote:
Paul Hampson wrote:
On Wed, Nov 03, 2004 at 07:04:09PM +0800, Chan Min Wai wrote:
I hope that radius server can talk to the DHCP server and tell the DHCP
server what ip address to be allocate...
Write a script in that adds the authenticated client's MAC address and
Matthew Ryan [EMAIL PROTECTED] wrote:
I read through this document and noticed that at startup my module
should be loaded and its init() called.
Well, no. The instantiate method is the important one. See the
rest of the modules.
I'm not even sure if the init method is *ever* called.
I
Hi All
Using Freeradius 1.0.1
I wrote a program to keep my ippool in line with my the online list,
this used the rlm_ippool_tool to set an ip address as inactive when
there was a problem.
After reading the rlm_ippool_tool options I decided that the option '-r:
remove active entries' was the
34 matches
Mail list logo