Networking
10.192.1.0/24 or 10.192.0.0/16
On Friday 03 December 2004 20:53, Brian Ammons wrote:
is this NOT supposed to be 10.192.1.11/32?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf
Of Michael
Basso
Sent: Friday, December 03, 2004
Yes but if I try get access from my router or dialup the auth fails.
Adam
On Friday 03 December 2004 11:02, Lim Han Shyong wrote:
Hi,
Not understand what u want... radius already authenticate and send the
Access accept packet back.
HSL
-Original Message-
From: [EMAIL
On Fri, 2004-12-03 at 15:53 -0500, Alan DeKok wrote:
John Horne [EMAIL PROTECTED] wrote:
The problem is that if the first server fails and the local server
receives a request then it tries to talk to the first DEFAULT server and
fails, eventually marking it as 'dead'. This is fine but the
I'm using mysql for authentication.
On Monday 06 December 2004 10:29, Lim Han Shyong wrote:
Hi:
Hmm.. What u set in your user file ?
user Auth-Type:= Local, User-Password = testing
Service-Type = NAS-Prompt-User
this mine, it can done basic authentication.
There are settings in the Cisco IOS that will
allow you to authenticate an administrator through
a freeradius server
Lim Han Shyong wrote:
Hi all:
I would like use freeradius to authenticate telnet service
into cisco. Its work after setup. So now my further questions are .
1. How i
I 've been working on a few changes to radrelay, mainly regarding making
the
sleep time configurable and adding a few more things. The changes have
been
made
in radsqlrelay initialy but they 'll go in radrelay also. That won't
change
your
numbers but at least make a few things configurable.
On Mon, 6 Dec 2004, Bruno Lague wrote:
Well, NR_SLOTS does not really matter if your accounting is quick enhough.
Try commenting out the ms_sleep() between the do_send() calls.
I had tried this too, and just retried again, and the rate goes down to ~30
packets/sec.
Looks like the trafic becomes
Andree Toonk [EMAIL PROTECTED] wrote:
Now I want to proxy all requests with @test.nl to another radius server.
This works for ttls but when I use PEAP the authentication always fails.
You are stripping the User-Name attribue when proxying. Don't do that.
realm test.nl {
type
On Dec 6, 2004, at 12:57 PM, Alan DeKok wrote:
Jason Lixfeld [EMAIL PROTECTED] wrote:
Hi. I'm reposting this in hopes that someone will be able to give me
some insight as to what I've missed...
There were issues with the huntgroup code, but I think they've been
fixed in 1.0.x.
We're using 1.0.1
/log/radius/radacct/127.0.0.1/auth-detail-20041206'
rlm_detail:
/usr/local/freeradius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/usr/local/freeradius/var/log/radius/radacct/127.0.0.1/auth-detail-20041
206
modcall[authorize]: module auth_log returns ok for request 7
threading sound like an idea yes. Another idea is to get load-balancing
code
inside freeradius. Then you could do something like the following:
accounting {
loadbalance {
relay_detail1
relay_detail2
Bruno Lague [EMAIL PROTECTED] wrote:
- added the above loadbalance section in accounting section of
radiusd.conf,
The name was implemented as load-balance.
- start radiusd, and get this:
radiusd.conf[1808] Unknown module rcode 'relay_detail1'.
It's trying to load a module called
Andree Toonk [EMAIL PROTECTED] wrote:
With the nostrip option the response always is rlm_mschap: FAILED:
MS-CHAP2-Response is incorrect
But it's no longer complaining about User-Name not matching EAP identity.
rlm_realm: Looking up realm test.nl for User-Name = [EMAIL PROTECTED]
Hello,
I'm researching what it would
take to have strong encryption of the channel between Linux client machines and
a FreeRadius server. It looks like FreeRadius supports PEAP and
EAP-TTLS.
Both these are supported by the
Open 802.1x package, however I am interested in using PEAP or
Steve Chan wrote:
What we're looking to do is pass a cleartext password over a
cryptographically secure Radius connection from Unix/Linux clients to a
Radius server. Users will be trying to login via ssh or on the console,
and PAM is configured to go to Radius for authentication. The
Josh,
Thanks for the
reply.
From Josh Howlett [EMAIL PROTECTED]
The User-Password attribute is protected
to a reasonable degree of security if you make the effort to generate
(and protect) a "good" secret for your RADIUS peers. This generally
satisfies the cryptowonks in the places
Steve Chan [EMAIL PROTECTED] wrote:
The problem is that for a large deployment (say, hundreds of client
hosts), managing those secrets becomes an issue. If you share secrets
then the compromise of 1 system reveals the secret for all systems
sharing it, if you keep individual secrets, you
Hi:
Mean did u add the
Service-Type = NAS -Prompt-User
into your sql database..? i mean in the reply message.
HSL
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Frog
Sent: Monday, December 06, 2004 8:02 PM
To: [EMAIL PROTECTED]
Hi
I'm using users file for authentication.the problem is
there are no radius directory inside var directory. so
there are no record or information about users.
1. is this directory automatically created when I
installed freeradius?
2. What may caused this to happen? Insatllation?
Hi.
There's a problem when I try something in radiusd -...
failed writing process id to file
/usr/local/var/run/radiusd.pid ...no such file or
directory...
is the file need to be created by ourselves? or is
there any misconfiguration or installation problem?
how can I make radius server to
Have you checked the permissions of the directories freeradius is trying
to write to (/usr/local/var/run), to ensure the user that is running
radiusd can write to it?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of zack
musa
Sent: Tuesday, 7 December
Hi
I'm using users file for authentication.the problem is
there are no radius directory inside var directory. so
there are no record or information about users.
1. is this directory automatically created when I
installed freeradius?
2. What may caused this to happen? Insatllation?
Hi to all,
I'm using freeradius 1.0.1. I'm trying to check multiple calling-station-id
store in mysql but return message access-reject. I don't know how and whats
the problem is. Anyone plz help me. TQ
+++---++---+
| id | UserName | Attribute | op |
On Tuesday 07 December 2004 03:25, Lim Han Shyong wrote:
Hi Lim
Thanks for all your help. I found the problem, on the cisco router i had
radius bound to the loopback Interface therefor it was not part of the Lan
address, Basically ID10T Problem..
Adam
Hi:
Mean did u add the
Hi,
I have a couple of questions. Would greatly appreciate any help.
1- I keep getting the following error
rlm_eap_mschapv2: Response contains contradictory length 0 54
while using PEAP-EAP-MSCHAPv2 to authenticate the XSupplicant with
FreeRADIUS. Following is the partial lof from FreeRADIUS run
25 matches
Mail list logo