helloI want to use Proxy Freeradius
features.I have 2 proxy with 2 server A B (primary).Home
Radius A - Proxy A --- Proxy B - Home Radius
Bwhen i use radtest testuser password proxya auth secret. It works
!but when i use radtest testuser password proxya:1814 auth secret.
Proxy A tell me :
N3DERJID Max-All-Session := 18000, User-Password=="7US7VZBH", Expiration == "Sep 11 2004" Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Netmask = 255.255.255.254rashad [EMAIL PROTECTED] wrote:
I want some users account to be expired starting from certain date. Someonewrote in
Pe 27 Jan 2005, la 03:13, Graeme Lee [EMAIL PROTECTED] a scris:
Siderite wrote:
Hello... I am trying to make freeradius authenticate some access
packets using the output of SQL stored procedures (that eventually would
do the billing as well). Can it be done? And if yes, how?
thank you
Pe 26 Jan 2005, la 23:16, =?iso-8859-1?Q?Fabio_Vira=E7=E3o?= [EMAIL
PROTECTED] a scris:
Hi ;
How can I send all these information to a Mysql Database ??
If you look in the src/billing directory in the freeradius source packet you
will see how to do billing with postgres. Also the reasons
Hello freeradius users,
I use two freeradius servers and two mysql db's (master and slave)
On the first db (sql1) is works great.. fast starting and fast response.
When is stop the master db (first sql1 db for radius) he must use the second db
(slave)
When is start radiusd i can wait 80 second
Well, I had a similar problem when starting freeradius, it took a loong time,
and everybody accused a slow db.
But I found out a bit later that the problem was in configuring the host of
the database as localhost and not 127.0.0.1. When I used the numeric IP it
started immediately. Maybe it's
Quoting Michael Griego [EMAIL PROTECTED]:
I'm guessing you're using the Windows XP supplicant? This looks like a
classic case of your CA certificate not being present on the client machine.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The
I use already the outsite ip address in my second config /etc/raddb/sql2.conf
Only on testing radtest is use localhost. But on my radius client i use te
outsite ip address.
Thank you Mandy
Well, I had a similar problem when starting freeradius, it took a loong
time, and everybody accused
Hello,
Iam trying to configure My Cisco 1100 AP to use differentSSID's and
VLAN's. There is a default SSID and the definite one must be given from
freeradius as a result of the authentication process.
As authentication is done with LDAP, I have modified ldap.attrmap to read the
value,
Hi!
Through this list I have been able to authenticate users against a nt-domain
using ntlm_auth using this line in radiusd.conf:
ntlm_auth = /usr/bin/ntlm_auth --request-nt-key
--username=%{mschap:User-Name} --domain=%{mschap:NT-Domain}
--challenge=%{mschap:Challenge:-00}
Hi Christian,
are you sure you are seeing 10 authentications? Probably they are just
10
messages of a unique authentication process.
Best Regards,
Alejandro
-Mensaje original-
De: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] nombre de
Christian
Enviado el: jueves, 27 de
Try Aalesund\\Test
From: [EMAIL PROTECTED] on behalf of Øystein Gåsdal
Sent: Thu 27/01/2005 11:32
To: 'freeradius-users@lists.freeradius.org'
Subject: ntlm_auth and Windows Groups
Hi!
Through this list I have been able to authenticate users against a nt-domain
Title: ntlm_auth and Windows Groups
that worked!
thank you very much!
-
Øystein
From: Mike Barber
[mailto:[EMAIL PROTECTED] Sent: 27. januar 2005
12:57To: freeradius-users@lists.freeradius.orgSubject:
RE: ntlm_auth and Windows Groups
Try
Aalesund\\Test
Hi
again,
here is more information about my problem, this is what I
get in the AP logs:
*Mar 3 21:42:07.767: RADIUS: Received from id 21646/105 IP:PORT,
Access-Challenge, len 78*Mar 3 21:42:07.767: RADIUS:
authenticator (HEX STRING) - (HEX STRING)*Mar 3 21:42:07.767:
RADIUS: Vendor,
Jeff Stout schrieb:
Has any one out there configured FreeRadius to work with
RSA?
You can either activate the RADIUS-frontend of ACE
(at least the windows version of newer ACE server should have
such a beast) and proxy to that from FreeRadius or you
could obtain Radiator (which is able to
Hello freeradius users,
When is start radiusd (master db is down) i use failover db.
See log, it take from 13:41 to 13:44 to start connect to the second db.
Can any one see in this log whats go wrong?
Thu Jan 27 13:41:32 2005 : Info: Using deprecated naslist file. Support for
this will go
hi,
I have a freeradius installed and would like to test it...how can i
test it???
ntradping does it?
[]'s
Bruno Ricci
smime.p7s
Description: S/MIME Cryptographic Signature
Alejandro,
Yes im sure because radiusd -X counts the Requests and the count of the
last one is allways 10 higher than the last ...
Hi Christian,
are you sure you are seeing 10 authentications? Probably they
are just 10 messages of a unique authentication process.
Best Regards,
why this Expiration attribute is not mentioned in the link below?:
http://www.freeradius.org/rfc/attributes.html
Edgars
Julius Igugu wrote:
N3DERJID Max-All-Session := 18000, User-Password==7US7VZBH,
Expiration == Sep 11 2004
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Netmask =
There is a frequntie in it. So i can when i have lucky i can login every 240
seconds.
I use second db failover first db is down.
Thu Jan 27 14:29:07 2005 : Auth: Login OK: [user/password] (from client
nas3.domain.nl port 1812)
Thu Jan 27 14:29:10 2005 : Info: rlm_sql (sql1): Trying to
When I run a /etc/init.d/radiusd reload or restart, the first 20
minutes
I get a lot of
Fri Jan 21 10:33:51 2005 : Info: The maximum number of threads (32)
are
active, cannot spawn new thread to handle request
It takes a bit of time to reload/restart the server, and during that
time, the
On Thursday 27 January 2005 07:59, Christian wrote:
Alejandro,
Yes im sure because radiusd -X counts the Requests and the count of the
last one is allways 10 higher than the last ...
It's hard to tell what you are seeing without a debug output. Take a closer
look at the exchanges that are
Thanks Raza,
But I tried 'AuthRadiusAuthoritative On' too and it does not recognize
this syntax either.
My extensive search brought me a new scenario possible, i.e, we need a
specific module for Apache2 to talk to PAM and later PAM will talk to
freeradius. e.g.
APACHE2
for request 0
modcall[authorize]: module preprocess returns ok for request 0
radius_xlat:
'/usr/local/var/log/radius/radacct/192.168.1.5/auth-detail-20050127'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /usr/local/var/log/radius/radacct
To support radius assigned vlans, you need to supply the AP with
Tunnel-Type, Tunnel-Medium-Type, and Tunnel-Private-Group-ID replies.
For wireless networks, use these values in the radius profiles.
Tunnel-Medium-Type = 802
Tunnel-Type = VLAN
Tunnel-Private-Group-ID = vlan-id
-
List
I use this simple old script to restart freeRadius once our dialup person
has edited the users file with a file editor on our server. What I want is
for it to email a specific email address in the case of a typo being made in
the users file and freeRadius could not be restarted.
Can anyone
Manda Costin [EMAIL PROTECTED] wrote:
But I found out a bit later that the problem was in configuring the
host of the database as localhost and not 127.0.0.1. When I used the
numeric IP it started immediately. Maybe it's the same problem.
If you don't set up DNS, then the process of mapping
What is the limiting factor in this case? Is it the fact that I want
to use the XP Client, or is it the fact that I want to use the
/etc/passwd file?
If this wont work, what setup would you guys recommend that I use for
WIRED .1x auth to a Cisco switch?
BB
On Mon, 24 Jan 2005 20:51:23 -0500,
Hello all
I would like to allow realm company.com to send
multiple reply-message
i have chosenbut not all other
reply-message.
for example
In attrs
Company.com
Reply-Message == "Ok",
Reply-Message == "remote radius"
But it doens't work. is it possible to do
that ?
I have test with
Marc-Henri Boisis-Delavaud [EMAIL PROTECTED] wrote:
I have put this in users file
DEFAULT Cisco-AVPair == ssid=criTLS
Auth-Type = EAP,
EAP-Type = EAP-TLS,
Reply-Message = Test Reussi
but I succed to authenticate with eap-ttls on this ssid , why ?
Run it in
Edgars [EMAIL PROTECTED] wrote:
why this Expiration attribute is not mentioned in the link below?:
http://www.freeradius.org/rfc/attributes.html
It's not a RADIUS attribute. It's a FreeRADIUS internal attribute.
You won't see Auth-Type listed there, either.
Alan DeKok.
-
List
Brandon Blank [EMAIL PROTECTED] wrote:
What is the limiting factor in this case? Is it the fact that I want
to use the XP Client, or is it the fact that I want to use the
/etc/passwd file?
The combination of the two.
If this wont work, what setup would you guys recommend that I use for
I have tried running the gdb program and it didn't mean much to me. Here
is the output I got:
(gdb) attach 53964
Attaching to program: /usr/local/sbin/radiusd, process 53964
Symbols already loaded for /usr/lib/libcrypt.so.2
Symbols already loaded for /usr/lib/libcipher.so.2
Symbols already
Ok, here is my log-file for _1_ request to authenticate my client
(radiusd -X -A)
You can see that there are 10 (0-9) requests for auth, is it ok or am i
doin something wrong ?
Thank you all
Christian
--snip---
Starting - reading configuration files ...
reread_config: reading radiusd.conf
I have already make the sub-domains in my named server.
I change the domain names in the log i send to this mailinglist.
I think this is not a dns problem but i am not a exper. When i change
sql1.conf to sql2.conf it works.
So second db is working and i use same nas radius client. So i have also
Christian [EMAIL PROTECTED] wrote:
Ok, here is my log-file for _1_ request to authenticate my client
(radiusd -X -A)
Yes and no.
You can see that there are 10 (0-9) requests for auth, is it ok or am i
doin something wrong ?
You are confusing client is requesting to be authenticated with
Joe H [EMAIL PROTECTED] wrote:
I am new to using gdb so if I did something wrong let me know.
See doc/bugs
Type 'bt' in gdb, which will tell you where in the code it's
currently executing.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[EMAIL PROTECTED] wrote:
I hacked rlm_eap_md5 to actually generate a fake request
containing FreeRADIUS-Proxied-To, Username, CHAP-Challenge
and CHAP-Response attributes and call rad_authenticate
rad_authenticate doesn't do proxying.
However, the whole point of my modification was to be
Hi folks,
I
have unsuccessfully attempted to authenticate an XP SP2 supplicant using
PEAP MSCHAPv2. I am using freeradius 1.0.1, Solaris 8, and a Cisco
1100 AP. The problem appears to be with freeradius not having an
NT-Password and perhaps not having a correct challenge value when the
[EMAIL PROTECTED] wrote:
I have unsuccessfully attempted to authenticate an XP SP2
supplicant using PEAP MSCHAPv2. I am using freeradius 1.0.1, Solaris 8,
There are known problems with 1.0.1 on Solaris.
1.0.2 should be out in a week or two, or if you don't want to wait, do:
$ cvs
Thank you Alan,
I think the better solution is to learn/understand how it works !
Anyway thanks for your answer !
Christian
You can see that there are 10 (0-9) requests for auth, is
it ok or am
i doin something wrong ?
You are confusing client is requesting to be
I see the problem, when both mysql servers started i can switch sql1 and
sql2 files and it works.
When i stop one db the first or the second. Freeradius get slow
I check a again the mysql connections, i change the radiusd.conf server
working on one db, both mysql server working good.
So mysql
Hello list,
I've just joined in here. My name is Sebastian and I am from Germany. I
work as adminstrator at an ISP and I also am a maintainer of a private
wlan project called wlan-r.
Now wlan-r uses chillispot to authenticate wireless users on hotspots
via freeradius against mysql and it works
Hello,
I am new to this, so I hope I'm not stepping on anybody's toes by asking the
following question:
can the expiration attribute include a time as well?
right now we have something like:
Expiration := 2005-01-27 and we would like to send to the NAS something
like Expiration := 2005-01-27
Take a look at Dialupadmin that's bundled with the freradius server.
Should do that if setup correctly.Sebastian Wild [EMAIL PROTECTED] wrote:
Hello list,I've just joined in here. My name is Sebastian and I am from Germany. I work as adminstrator at an ISP and I also am a maintainer of a private
and "January 1 2005 12:33:44"Adrian [EMAIL PROTECTED] wrote:
Hello,I am new to this, so I hope I'm not stepping on anybody's toes by asking thefollowing question:can the expiration attribute include a time as well?right now we have something like: Expiration := "2005-01-27" and we would like to
Hello all,
After hours of googling, I'm almost hopeless.
Can't believe, there is no howto or script, on how to get the
combination freeradius/windows xp with SP2 running.
The doc section on freeradius.org is quite poor and the doc's about
windows integration are quite old (they don't consider SP1
Manda Costin wrote:
Pe 27 Jan 2005, la 03:13, Graeme Lee [EMAIL PROTECTED] a scris:
Siderite wrote:
Hello... I am trying to make freeradius authenticate some access
packets using the output of SQL stored procedures (that eventually would
do the billing as well). Can it be done? And if yes,
On Thursday 27 January 2005 17:24, freeradius-users wrote:
The doc section on freeradius.org is quite poor and the doc's about
windows integration are quite old (they don't consider SP1 or SP2).
The HOWTOs are quite helpful if you don't consider the OS and consider the
concepts. Everything is
I got the EAP-TLS + WPA + WinXP SP2 work before with a snap shot
version of Freeradius (20041220).
Zhenliu
On Thu, 27 Jan 2005 23:24:28 +0100, freeradius-users
[EMAIL PROTECTED] wrote:
Hello all,
After hours of googling, I'm almost hopeless.
Can't believe, there is no howto or script, on
Greeting all,
After sometime on this mailing list I found most of the problem for LDAP
is the EAP stuff.
And always the passwords in LDAP MUST be clear text.
I've one question here.
Is there anyway to put encrypted password in LDAP so free radius will
work with it? (Anyway that is in your
Chan Min Wai wrote:
Greeting all,
After sometime on this mailing list I found most of the problem for LDAP
is the EAP stuff.
And always the passwords in LDAP MUST be clear text.
I've one question here.
Is there anyway to put encrypted password in LDAP so free radius will
work with it? (Anyway that
Chan Min Wai [EMAIL PROTECTED] wrote:
And IF I really insane and want to put an MD5 encrypted password for eap
usage in the LDAP, what kind of modification I'll be looking into and
which program would it be?
Openldap? freeradius LDAP module?
As was pointed out, EAP-TTLS with PAP will work.
Hello Manda;
Thank you very much for your help... Now i am using postgrep and I can send
the CDR to the DB. But now I have another question ... :-) how can I get
tha Callduration ?? I know thar I have to use disconect and connectime , but
i do not know how . Can you pls help me ?
Thanks
Fabio
Hi All,
I m a new member of this fast growing mailing list. i had just started
working on FreeRadius version 1.0.1 on RedHat Linux release 2.4.18-3
I had encountered problem in authenticating user based on his/he password.
As per man radiusd,
When testing, start off by configuring a user
Hello!
I think the better solution is to learn/understand how it works !
Anyway thanks for your answer !
The answer why there are so many requests is that during an EAP session,
lots of data has to be exchanged, not just some small attributes that fit
into a single RADIUS packet.
The
Hello!
Reply-Message == Ok,
Reply-Message == remote radius
Hm, haven't done that yet, but how about trying operator += instead of == for
the second one? I.e.:
Reply-Message == Ok,
Reply-Message += remote radius
Stefan
--
Stefan WINTER
Fondation RESTENA - Réseau Téléinformatique de
57 matches
Mail list logo