Hello,
I have read a lot of docs around, searched among many different archives
on the net but still feel I have not correct solution to my problem:
Very common setup: I have a cisco router which required radius for
authentication and accounting. MySQL is used as backend database.
Everything
Hello,
Quick question: does NAS-IP-Address (in huntgroups) could be equals to
the shortname defined in the clients.conf ? So I can declare in one line
a subnet as a huntgroup in the huntgroups file.
I did a quick grep in the source and didn't find anything useful.
Thanks.
--
Nicolas Justin
-
The install is correct now.
Thanks
Stphane SALELLES
- Original Message -
From:
rashad
To: [EMAIL PROTECTED]
Sent: Saturday, November 06, 2004 1:45
PM
Subject: Freeradius 1.0.1 + Debian Woody
V3R2 + Problem Install
You have to install
I have to replicate my RADIUS databases, one in my central office and the
another in another city. I prepare my RADIUS server to support that. As it
is usual I have a MySQL database.
Do you know if MySQL can fucntion as Distributed DataBase ?
Santiago
On Wed, 10 Nov 2004, George Chelidze wrote:
Hello,
I have read a lot of docs around, searched among many different archives on
the net but still feel I have not correct solution to my problem:
Very common setup: I have a cisco router which required radius for
authentication and accounting.
Do you know if in radiusd.conf is important to set the value
:check_cert_cn=%{User-Name} or i can leave it commented(#)??And if it is
important what i had to write in field User-Name??Thanks Raffaello
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, 10 Nov 2004, [iso-8859-1] Santiago Balaguer Garc?a wrote:
I have to replicate my RADIUS databases, one in my central office and the
another in another city. I prepare my RADIUS server to support that. As it is
usual I have a MySQL database.
Do you know if MySQL can fucntion as
Hi,
I try to connect freeradius on remote backend
database on mysql serverWin XP Pro.
I've this message:
rlm-sql-mysql: Couldn't connect socket to mysql
server [EMAIL PROTECTED]:radius
rlm-sql-mysql:Mysql error 'Client' does not support
authentification protocol request by server;
Hi there,
just to confirm previous posts about this type of configuration: it works!
Freeradius 1.0.1
Fedora Core 1
OpenLDAP with NT and LM hashed samba password
OpenSSL
I don't know it there is a bug in freeradius, but the radeapclient is
not linked correctly by libtool. Instead of the binary,
Hello,
Kostas Kalevras wrote:
On Wed, 10 Nov 2004, George Chelidze wrote:
Hello,
I have read a lot of docs around, searched among many different
archives on the net but still feel I have not correct solution to my
problem:
Very common setup: I have a cisco router which required radius for
Hi,
My task is to check periodicallyaccount of
permanentlyconnected user. Since it is permanent connection, I use my own
client (not PPP client) based on standard radiusclient lib.
What kind of request should be used from client to server to get some
accounting info for client ?
I tried
Hi,
OpenLDAP with NT and LM hashed samba password
After having read similar stuff several times in the past weeks,
what's the real advantage of using NT or LM hashed passwords over
using simple clear text passwords? At least securitywise, I can't
see any.
Regards,
Title: RE: Success PEAP/MSCHAPv2 + LDAP + Samba passwords
Personally think that clear text is bad as anyone intercepting the packets can easily pick up anything in clear text. If one knows specifically that traffic is one a completely secure path from end to end then not such an issue. This
Hi, i am using freeradius-1.0.1 with redhat8. but always have access-reject (i'm using NTRadping on winwdowswp for the test). The user-name, password and secret i use for the test are those i've declared on the users and clients.conf files. the radius server always says "group authorize return
Hi,
Personally think that clear text is bad as anyone intercepting the
packets can easily pick up anything in clear text.
You mean intercepting the packets between LDAP server and
RADIUS server (since the communication with the RADIUS client
isn't affected anyway)? But knowing the LM
On Tue, Nov 09, 2004 at 07:34:33PM +0100, Nicolas Baradakis wrote:
Pasi Kärkkäinen wrote:
How do I add new attribute in post-proxy section?
See module rlm_attr_rewrite.
Thanks for you reply.
Reading the man-page, I didn't see how to _add_ attribute with
rlm_attr_rewrite.
According to
Hello,
I want our Windows-XP-Machines to authenticate with 802.1x. This authentication
should happen before a user logs in to make it possible to contact the domain
controller for the user authentication.
I'm using freeradius 1.01 on a Debian Sarge-System.
When I import the client-certificate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 10 November 2004 05:25, Stéphane SALELLES wrote:
I've this message:
rlm-sql-mysql: Couldn't connect socket to mysql server [EMAIL
PROTECTED]:radius
rlm-sql-mysql:Mysql error 'Client' does not support authentification
protocol
I have a radius server configured for CHAP and PAP (clear password) authentication. Authentication works fine. My problem is that when a CHAP request comes in the server does not seem to be returning the Service-Type or the Framed-Protocol attributes or any other for that matter.
Following are
=?iso-8859-1?Q?St=E9phane_SALELLES?= [EMAIL PROTECTED] wrote:
I've this message:
rlm-sql-mysql: Couldn't connect socket to mysql server
[EMAIL PROTECTED]:radius
rlm-sql-mysql:Mysql error 'Client' does not support authentification
protocol request by server; consider upgrading MySQL client
V.Kukushkin [EMAIL PROTECTED] wrote:
What kind of request should be used from client to server to get some
accounting info for client ?
See the FAQ. The client sends data, and the server logs it. The
client controls what data is sent, and why.
I tried to use request
[EMAIL PROTECTED] wrote:
Do you know if in radiusd.conf is important to set the value
:check_cert_cn=%{User-Name} or i can leave it commented(#)??And if it is
important what i had to write in field User-Name??Thanks Raffaello
The comments in the file above that entry say how to use it, and
Berry, William [EMAIL PROTECTED] wrote:
Personally think that clear text is bad as anyone intercepting the packets
can easily pick up anything in clear text.
RADIUS passwords are encrypted. Connections from FreeRADIUS to an
LDAP server should be encrypted using ldaps, or starttls.
Using
carlos akitani [EMAIL PROTECTED] wrote:
Hi, i am using freeradius-1.0.1 with redhat8. but always have
access-reject (i'm using NTRadping on winwdowswp for the test). The
user-name, password and secret i use for the test are those i've
declared on the users and clients.conf files. the radius
Garry Stanfill [EMAIL PROTECTED] wrote:
I have a radius server configured for CHAP and PAP (clear password)
authentication. Authentication works fine. My problem is that when a
CHAP request comes in the server does not seem to be returning the
Service-Type or the Framed-Protocol
Alan
Thanks for your response. I really do appreciate it.
On Nov 10, 2004, at 10:39 AM, Alan DeKok wrote:
I have a radius server configured for CHAP and PAP (clear password)
authentication. Authentication works fine. My problem is that when a
CHAP request comes in the server does not seem
Garry Stanfill [EMAIL PROTECTED] wrote:
From your FAQ about CHAP and LDAP:
o The := operator should not be used in the users file to set the
Auth-Type since
it will set the Auth-Type regardless of wether it has already being
set to some
other value.
Am I missing the point? I
Pasi Kärkkäinen wrote:
How do I add new attribute in post-proxy section?
See module rlm_attr_rewrite.
Thanks for you reply.
Reading the man-page, I didn't see how to _add_ attribute with
rlm_attr_rewrite.
You can add an attribute with the option new_attribute = yes,
as documented in
Christophe Boyanique [EMAIL PROTECTED] wrote:
I don't know it there is a bug in freeradius, but the radeapclient is
not linked correctly by libtool. Instead of the binary, the libtool
wrapper remains in the installed path. I tried on Debian unstable (with
included or system libtool) and I
Samuel,
A suggestion for whoever maintains the list...perhaps adding an
identifying tag to the subject lines of list messages? Something like
[freeradiuslist] or some-such. Something to make the emails from the
list easier to identify, and in turn filter to a dedicated folder.
while I agree
On Wed, Nov 10, 2004 at 01:33:10PM -0500, Samuel Sullivan wrote:
Hi. I joined this list about a week ago.
A suggestion for whoever maintains the list...perhaps adding an
identifying tag to the subject lines of list messages? Something like
[freeradiuslist] or some-such. Something to make the
Hi there
I'm running FreeRADIUS 1.0.1 and for this release (and previously 0.9x)
have had a problem where radwho doesn't appear to always remove entries
after someone has logged out.
We have a network of Cisco VPN3000 concentrators and use FreeRADIUS as
the accounting backends. When someone
Jason Haar [EMAIL PROTECTED] wrote:
I'm running FreeRADIUS 1.0.1 and for this release (and previously 0.9x)
have had a problem where radwho doesn't appear to always remove entries
after someone has logged out.
It removes people only when it can match the logout record to a
login record.
Hi All
I have had a look thought the source code for this program and can not
see why it would be deleting these record instead of just releasing them.
Could someone have a look at this who is a little more experience with
the source code and give me an idea of whats going on ?
Thanks
Mike
is it possible to use two different Auth-Type, my DEFAULT Auth-Type is
System, and I have one user who needs to be authenticated with Local.
I am getting authentication error with the user who has Local auth-type,
thanks for any help.
Lito
-
List info/subscribe/unsubscribe? See
35 matches
Mail list logo
