Could you share your config with us?
-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Namens Peter T. Breuer
Verzonden: zaterdag 4 december 2004 4:38
Aan: [EMAIL PROTECTED]
Onderwerp: Re: How to add a field to the reply that contains data from the
request?
Also
Also sprach David Luyens:
Could you share your config with us?
I'm sure I could - but please note that I would be very grateful if you
did NOT quote a 200 line mail of mine (or someone elses) without
commenting on a word of it! What was the point of attaching the stuff
below (apart from
Also sprach David Luyens:
Could you share your config with us?
Here is radiusd.conf. I have stripped every line that begins with *#,
and every empty line.
---
prefix = /usr/home/ptb
exec_prefix = ${prefix}
sysconfdir = ${prefix}/etc
Alan DeKok wrote:
But in this case freeradius will fork process on every request.
Yes.
It's not good, fork very slow.
Can freeradius fork external script at startup and send attributes to
him through pipe w/o forking ? (as in openradius)
--
TARANTUL
-
List info/subscribe/unsubscribe?
Peter T. Breuer [EMAIL PROTECTED] wrote:
Because the other is in capital letters, called PPP, and does not begin
with an x or contain a -, all things which would indicate
variables. It looks like a constant. PPP. If it is a variable, then it
does not look like one. It's the name of a well
Nick 'TARANTUL' Novikov [EMAIL PROTECTED] wrote:
It's not good, fork very slow.
Yes.
Can freeradius fork external script at startup and send attributes to
him through pipe w/o forking ? (as in openradius)
No.
Feel free to write a module which implements that, though.
Alan DeKok.
Hi
i want to configure freeradius and Linksys WRT54G . I want EAP-MD5
authentication but as fas as i have seen this AP has WPA
authentication(WPA/Radius). It seems to me very strange that i cannt use EAP
so do i miss something? Can i use freeradius with WPA-AES or WPA_TKIP?
thanks
Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
Otherwise, it should theoretically be possible to translate
PEAP-MSCHAPv2 to plain MSCHAPv2 and use that for
communication with your simple radius server - however,
that still requires writing suitable code
In eap.conf, peap{} subsection,
Also sprach Alan DeKok:
Peter T. Breuer [EMAIL PROTECTED] wrote:
Because the other is in capital letters, called PPP, and does not begin
with an x or contain a -, all things which would indicate
variables. It looks like a constant. PPP. If it is a variable, then it
does not look like one.
On Saturday 04 December 2004 13:19, Panagiotis Mavros wrote:
Hi
i want to configure freeradius and Linksys WRT54G . I want EAP-MD5
authentication but as fas as i have seen this AP has WPA
authentication(WPA/Radius).
EAP-MD5 is not offered for wireless ports on any equipment of which I am
Everytime an user
tries to connect the answer is the following
rad_recv:
Access-Request packet from host 209.127.82.2:1645, id=189,
length=94 NAS-IP-Address =
209.127.82.2 NAS-Port =
40 NAS-Port-Type =
Virtual User-Name =
"rgomez" Called-Station-Id =
"9933" Calling-Station-Id =
Yes, you've missed something. Read the documentation of the AP and
freeradius.
Freeradius works fine for this and will most likely work immediately upon
install after only some very small configuration.
Whether you use WPA AES or TKIP is between your AP and supplicant. Radius
doesn't care about
Peter T. Breuer [EMAIL PROTECTED] wrote:
I am not assuming anything, I am _telling_ you that about the only place
anyone uses - signs in identifiers is in cobol and jcl record field
names, and other languages which share portions of the same evolutionary
history.
RADIUS isn't a language.
On Saturday 04 December 2004 14:33, Panagiotis Mavros wrote:
AP and freeradius use EAP over Radius when i configure the AP to use
WPA-Radius authentication ?I dont get it.
Check the documentation on the AP to be sure, but that's usually the way it
is.
I have windows XP as client , WRT54G as
Alan DeKok wrote:
Gerald Krause [EMAIL PROTECTED] wrote:
Are there still problems in v1.0.1, when using usernames like user1%test:
I've put a fix into CVS, and will also put it into 1.0.2.
It's not *perfect*, but it will now avoid 99.999% of the cases
people care about.
Ok, I'll try it. Thx
Hi,
character, and has no special meaning of field name.
Oh yes it does. I'm afraid the rest of the universe disagrees with you!
We use conventions for a reasonm, no?
Right. Notice however, that there are many different and sometimes
contracdicting
conventions. Would you agree that
I have had success with EAP-TLS and EAP-TTLS with a Linksys WRT54G and
Mac OS X Server backend and Mac OS X client.
For the WRT54G, set it to WPA-Radius, and put in your radius server IP
along with passphrase. On your radius server, add an entry in the
clients.conf file for your router with ip
Also sprach [EMAIL PROTECTED]:
Right. Notice however, that there are many different and sometimes
contracdicting
conventions. Would you agree that it is perfectly reasonable for a RADIUS
implementation (and its documentation) to use the conventions that are
detailed in
the RADIUS RFC and
Also sprach Alan DeKok:
Then why is it showing a different reply below?
Because it is NOT saying I sent no response here! It should.
When you don't get mail, does the post office send you a letter
saying you didn't get mail today?
If I ask them to tell me when I get a reply, yes, I
When starting radius, i get the following...any ideas?
radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
Config: including file: /etc/raddb/clients.conf
Config: including file: /etc/raddb/snmp.conf
Config:
Well, as everyone could have guessed, they talk aboout fields.
A summary of the RADIUS data format is shown below. The fields
are transmitted from left to right.
They then switch to calling them attributes, for no good reason.
If you were REALLY comprehending the document, then
I particularly like this one (at end of 4.3):
Attributes
The Attribute field is variable in length, and contains a list
of zero or more Attributes.
!!! Yeah. Are they trying to make a pastiche comedy sketch takeoff of
themselves?
Section 4 is clearly describing PACKETS, a
Also sprach Anson Rinesmith:
Well, as everyone could have guessed, they talk aboout fields.
A summary of the RADIUS data format is shown below. The fields
are transmitted from left to right.
They then switch to calling them attributes, for no good reason.
If you were
Also sprach Anson Rinesmith:
I particularly like this one (at end of 4.3):
Attributes
The Attribute field is variable in length, and contains a list
of zero or more Attributes.
!!! Yeah. Are they trying to make a pastiche comedy sketch takeoff of
themselves?
Yes, -X is telling you that TLS is configured incorrectly. Read the
documentation on TLS and you will find out exactly where your problem
is.
On Dec 4, 2004, at 7:52 PM, Carl wrote:
tls: certificate_file = (null)
...
...
...
rlm_eap_tls: Error reading certificate file
-
List
Peter,
All I have to say is that your attitude normally determines the response
you get. You came in here telling many people who have worked with
RADIUS for a long time how the specs are wrong and how you are much
better than they. This is a fatally flawed approach when trying to
learn
Also sprach Michael Griego:
All I have to say is that your attitude normally determines the response
you get. You came in here telling many people who have worked with
RADIUS for a long time how the specs are wrong and how you are much
No I haven't. I'm sure radius is fine. OTOH I'm quite
When you're given a gift for FREE do you give it back complaining that
the shade of red is not quite what you wanted?
Perhaps if you're not happy with freeRADIUS you should go PAY for
something you like better. Then you can make demands of the people that
provide the product to fix it. Afterall,
Also sprach Mitchell, Michael:
When you're given a gift for FREE do you give it back complaining that
the shade of red is not quite what you wanted?
Nobody gave me a gift - I was kind enough to evaluate your product. I
didn't have to. It took time to do so. If I were paying you for it I
If you feel so strongly about changes needing to be made, then why not make
an official comment to the RFC and try to make things better? An RFC is, by
the way, a Request For Clarification.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Peter T.
Breuer
On Sat, 2004-12-04 at 21:16, Peter T. Breuer wrote:
No I haven't. I'm sure radius is fine. OTOH I'm quite sure the rfc is
probably a load of badly written rubbish, because they normally are.
So? Is there something new? Have you read a rfc lately? I certainly
haven't! ;)
Yes, I have. As such,
31 matches
Mail list logo