On Tuesday 29 March 2005 17:56, Jason Frisvold wrote:
On Tue, 29 Mar 2005 07:51:41 -0700, Kenneth Grady [EMAIL PROTECTED] wrote:
One way to do it is to add the users allowed to the huntgroups. Example:
huntgroups...
Ok, so now what happens when you start dealing with other devices like
a
On Wednesday 30 March 2005 04:31, wrote:
each time i connect to the server,the adsl-connect only keep 0.4
minutes,and then the modem hangup,and the auto reconnect.
is there some attribute i didn't set a right value in mysql or other
problem?
thanks.
We have no idea how you are using
Is there any particular reason why you think this problem is related to
FreeRADIUS?
Regards
Peter
On Wednesday 30 March 2005 13:26, wrote:
there is three machine,A install the freeradius 1.0.2 and the mysql,B just
install pppd+radiusclient and pppoe-server,C is my pc,i adsl-connect to the
one man said there is a option session-timeout have to set,but i do not
known where to set...
the other said only the nas can hangup your connect,but i can't found
why
From: Peter Nixon [EMAIL PROTECTED]
Reply-To: freeradius-users@lists.freeradius.org
To:
Title: Redundant Radius with Dynamic Data
Hello Group,
I am just about to set up a radius service and have managed to aquire 2 servers with a view to making the end product redundant.
Just to give you a little background. The radius system will be used for DSL authentication. The user will
Hi,
Sorry about the late reply. I tried your suggestion, but without success. I
don't know if I am using the right parameters in the users, the eap.conf and
the radiusd.conf files. Have you any sample config? Or any suggested docs?
Many thanks
Vitor
-Original Message-
From: [EMAIL
Hi, how many concurrent petitions (AuthRequest) can handle FreeRADIUS? This
number can be changed? Depends of hardware?
Thanks in advance
German P. Santillan
IT Admin
DESETech
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, 30 Mar 2005 18:43:12 +0800, Chan Min Wai [EMAIL PROTECTED] wrote:
Hello all,
Anyone can help me configure the Auth-type
EAP for NAS A,b,c,d,e
plaintext for NAS h,i,j,k
regards.
extract from eap.conf
#
# Whatever you do, do NOT set 'Auth-Type := EAP'. The server
# is smart
[EMAIL PROTECTED] said:
Is an SQL backend the best method? Would a shared SQL backend maintain
the integrity of the allocated IP pool? I have experience with Freeradius
and would like to continue with this platform, but is it the best one for
what I am attempting?
An SQL backend is one
Stefan Winter [EMAIL PROTECTED] wrote:
Hello!
I've searched and searched, and tried every hint I could find, and
cannot seem to make it work using the Windows login name and
password. Is it possible?
Make your users set a password for their login on the XP machine. That is the
On Wed, 30 Mar 2005 06:50:37 -0500 (EST), Jim Seymour
[EMAIL PROTECTED] wrote:
Stefan Winter [EMAIL PROTECTED] wrote:
Hello!
I've searched and searched, and tried every hint I could find, and
cannot seem to make it work using the Windows login name and
password. Is it possible?
Willem Eradus [EMAIL PROTECTED] wrote:
On Wed, 30 Mar 2005 06:50:37 -0500 (EST), Jim Seymour
[EMAIL PROTECTED] wrote:
[snip]
One thing I notice is the client PC sending WINNAME\username, instead
of just username, if I tell it to use the Windows login info.
[At least I think so;
Mine can't if EAP was not set in the Autz-type it will fail to Auth and say
userpassword required...
-Original Message-
From: Willem Eradus [EMAIL PROTECTED]
Subj: Re: Auth-Type=EAP and other
Date: Wed 30 Mar 2005 19:45
Size: 625 bytes
To: freeradius-users@lists.freeradius.org
On
On Tue, 29 Mar 2005, Jarred Cleem wrote:
Thanks Dustin Doris for your reply. I seem to be missing something
because I can not get it to work like you mentioned. Let me provide
some data and config info in hopes that you might be able to help
further. What I am hoping for is that it will send
On Wednesday 30 March 2005 14:40, DESETech - German P. Santillan wrote:
Hi, how many concurrent petitions (AuthRequest) can handle FreeRADIUS? This
number can be changed? Depends of hardware?
Its depends completely on hardware, thread settings and operating system
settings, however I expect a
Michael Griego [EMAIL PROTECTED] wrote:
You should be
Jim Seymour wrote:
Willem Eradus [EMAIL PROTECTED] wrote:
#
#with_ntdomain_hack = no
I tried that. Made no discernable difference.
Be sure you're using the with_ntdomain_hack in the mschap module
configuration, NOT
Does someone have a good howto on setting up Radius to make use of an LDAP
group. I read the ldap docs at freeradius.org and that seemed like
overkill I just want to have a group and put the user in the group to give
them access?
Say you have two groups, one that has access to dial and one
On Tue, 29 Mar 2005, Jarred Cleem wrote:
Thanks Dustin Doris for your reply. I seem to be missing something
because I can not get it to work like you mentioned. Let me provide
some data and config info in hopes that you might be able to help
further. What I am hoping for is that it
If you are setting session-timeout to .4 minutes, then the NAS will
disconnect the user at that time. However, you'd probably know if you set
that up.
If you don't send a session-timeout, then the problem is either your NAS
is disconnecting the user for some reason, or the modem is dropping
Dustin Doris [EMAIL PROTECTED] wrote:
Kostas is correct, but if you really need to use Client-IP-Address for
some reason, then add it to ldap.attrmap as a reply item.
Where it will do *nothing*. Absolutely and totally *nothing*.
It's not a real RADIUS attribute, so it will never go into a
Jamal Taweel [EMAIL PROTECTED] wrote:
Could any one tell us how many users/requests can be
connected/transferred to FreeRADIUS at the same time through NASs for
different issues (Authentication, Authorization, and Accounting
purposes).
As many as you have disk space, CPU time, and memory to
[EMAIL PROTECTED] wrote:
I will most likely use rsync to syncronise the config from the primary
to the secondary. My problem (and hence the reason for this post) is
that the primary would be holding accounting information regarding which
IP addresses have been allocated to each user from the
Willem Eradus [EMAIL PROTECTED] wrote:
Anyone can help me configure the Auth-type
EAP for NAS A,b,c,d,e
plaintext for NAS h,i,j,k
...
extract from eap.conf
#
# Whatever you do, do NOT set 'Auth-Type := EAP'. The server
That's because most people get it wrong. There are SOME
Michael Griego [EMAIL PROTECTED] wrote:
Jim Seymour wrote:
So clearly that output indicates a successful username match, and
just as clearly, setting with_ntdomain_hack = yes in the mschap
module does not strip the leading GARBAGE\ stuff.
You'll have to look quite a bit further
rlm_mschap: No User-Password configured. Cannot create LM-Password.
rlm_mschap: No User-Password configured. Cannot create NT-Password.
rlm_mschap: Told to do MS-CHAPv2 for jseymour with NT-Password
rlm_mschap: FAILED: No NT/LM-Password. Cannot perform authentication.
rlm_mschap:
I think I see what your problem is...
You need to reenable the ntdomain realm module that is preconfigured in
the server and be sure its called before your etc_smbpasswd module in
your authorize section. You seem to have removed it, and, because of
that, it can't find the correct username in
Michael Griego [EMAIL PROTECTED] wrote:
I think I see what your problem is...
You need to reenable the ntdomain realm module that is preconfigured in
the server and be sure its called before your etc_smbpasswd module in
your authorize section. You seem to have removed it, and, because
[EMAIL PROTECTED] (Jim Seymour) wrote:
http://jimsun.linxnet.com/misc/radiusd.out-login_creds_w_hack+ntdomain_realm.txt
...
modcall[authorize]: module etc_smbpasswd returns notfound for request 0
The password isn't being added because the user ADMINNB\jseymour
isn't being found in the
I'm computer science student and I'm working in the my graduated
project. This project is about freeradius and strong authentication.
I Would to know about some documentation for freeradius (code flow
design, description library, description project, etc). There is
something about?
Where do
Dustin Doris [EMAIL PROTECTED] wrote:
Kostas is correct, but if you really need to use Client-IP-Address for
some reason, then add it to ldap.attrmap as a reply item.
Where it will do *nothing*. Absolutely and totally *nothing*.
It's not a real RADIUS attribute, so it will never go
Alan DeKok [EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] (Jim Seymour) wrote:
http://jimsun.linxnet.com/misc/radiusd.out-login_creds_w_hack+ntdomain_realm.txt
...
modcall[authorize]: module etc_smbpasswd returns notfound for request 0
The password isn't being added because the
Helder Lima [EMAIL PROTECTED] wrote:
I'm computer science student and I'm working in the my graduated
project. This project is about freeradius and strong authentication.
I Would to know about some documentation for freeradius (code flow
design, description library, description project,
[EMAIL PROTECTED] (Jim Seymour) wrote:
a) adding ADMINNB\jseymour as a user in the smb passwd file
That's not practical. ADMINNB is that specific laptops NETBIOS
name.
testing != deployment
First, get it to work. Then, get it to work in a real deployment.
If you want to use
Alan DeKok [EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] (Jim Seymour) wrote:
a) adding ADMINNB\jseymour as a user in the smb passwd file
That's not practical. ADMINNB is that specific laptops NETBIOS
name.
testing != deployment
First, get it to work. Then, get it to work
Michael Griego [EMAIL PROTECTED] wrote:
Or you could make sure your DEFAULT realm is set up. Your current
configuration should work if you have a DEFAULT realm in your
proxy.conf. If it doesn't work using the default realm, change your
etc_smbpasswd line to use the Stripped-User-Name,
Michael Griego [EMAIL PROTECTED] wrote:
Or you could make sure your DEFAULT realm is set up.
Actually, a NULL realm was what I think you meant.
Your current
configuration should work if you have a DEFAULT realm in your
proxy.conf.
Hi.
I'm working an wireless network for our local city. I'm using freeRadius
1.0.1 on a Debian server and Alchemy 6.0 with ChilliSpot on Linksys
accesspoints. Everything's working fine but I've a little problem with
the accouting function on freeRadius.
Everything (including the radacct) is
sorry for this response but the failure in that specific scenario is
very unlikely to be on the server.
the Session-Timeout value and the Accounting events have to be
respected/generated at the client. so, if you don't have the Accounting
Stop for a disconnected user, then the client is no
[EMAIL PROTECTED] (Jim Seymour) wrote:
The NULL realm caught it, but the Stripped-User-Name is not stripped of
the stupid 'doze garbage pre-pended to it :(. Observe:
The DEFAULT realm *should* do this. The NULL realm is don't do
realms, which isn't what you want.
Hmm... the reason the
Helo,
Im using Freeradius 1.0.2, and when I tray tu radtest configuration it breaks
down
logs shows taht autenticacion was made, and it says : auth... correct
then, next line,
Segmentation Fault
I have configurate only LDAP, get rid of EAP, UNIX, PAM, CHAP, CHAPv2, PAP
some sugestion,
Now,
i found the reason,in the /etc/sysconfig/network-scripts/ifcfg-ppp0 ,there
are two options
PPPOE_TIMEOUT and CONNECT_TIMEOUT,both i set 0,now it works fine
From: Peter Nixon [EMAIL PROTECTED]
Reply-To: freeradius-users@lists.freeradius.org
To: freeradius-users@lists.freeradius.org
Subject: Re:
On Wed, Mar 30, 2005 at 06:28:46PM +, Mark Wasmer wrote:
Today i've read the Debian-Weekly-News March 29th, 2005 and got worried :
Build-Dependency against libtool 1.4. Andrew Pollock noticed that five
packages still declare a build-dependency against libtool 1.4 which is
orphaned and
Hi,
authorize {
...
#
# If you are using multiple kinds of realms, you probably
# want to set ignore_null = yes for all of them.
# Otherwise, when the first style of realm doesn't match,
# the other styles won't be checked.
#
Hi!
I try to use attr_rewrite and a little confused. From my radiusd.conf:
modules {
...
attr_rewrite normalize_card {
attribute = User-Name
searchin = packet
searchfor = .{4}-([0-9]{8})-.{4}
replacewith =
Title: Nachricht
Hello
Christopher,
here
is another suggestion:
dont
use ippools on radius, use it on the nacs. Then you let the radius decide wich
ippool to use on the nac by name.
The
bad thing is you have to care about pools on nacs, the good one is you haven't
to care about pool
Sebastian Steinhauer [EMAIL PROTECTED] wrote:
Now I've following problem. If a user disconnects without loggin off
from the system over the CilliSpot Logoff-URL the user will be kept
online (AcctStopTime = 0) in the radacct.
See the FAQ. The server can only log information if the NAS sends
i didn't known where to set the session-timeout.i didn't do this...
From: Dustin Doris [EMAIL PROTECTED]
Reply-To: freeradius-users@lists.freeradius.org
To: freeradius-users@lists.freeradius.org
Subject: Re: why my adsl-connect only keep 0.4 miniutes?
Date: Wed, 30 Mar 2005 10:02:46 -0500
47 matches
Mail list logo