Alexander Serkin wrote:
Edit oraclesql.conf to use the query you want. That's why the
queries are configurable.
Shure i will. I've seen them occasionally :-)
The question was to guys who may did the trick already. Because in Oracle
You can parse the string "May 18 2005 12:08:18 +0400" easily
Hi Guys,
Im not sure which forum to post this to, freeradius or poptop?.
i've been using poptop and freeradius now for a while and it works
great, im using dynamic ip addresses for clients via poptop, so trying
to keep everything dynamic.
My problem is that i want to have diffrent ip pools for d
Alan DeKok wrote:
Alexander Serkin <[EMAIL PROTECTED]> wrote:
I did not think radiusd rewrites unix timestamp into date.
Just because previous radius i was using used to put the timestamp into
accounting as an integer.
Which I, for one, have a hard time understanding.
Does it mean that %S tak
Hi,
FreeRADIUS is trying to do LDAP authentication and not PEAP
authentication. This is probably because you have not configured the
peap module. Please read eap.conf on how to configure the peap module.
Rest of the comments inline.
On Wed, 2005-05-18 at 16:49 -0500, Matt McFarlane wrote:
> To
Thomas Boutell <[EMAIL PROTECTED]> wrote:
> My goal, ultimately, is to try to authorize users in both a local Samba PDC
> (with an LDAP back end) and in another NT domain, WITHOUT forcing
> the use of a domain name in the user name. For various reasons we (or
> our readers) need to have two separat
Lucas Aimaretto wrote:
>>> Hi all,
>>>
>>> This is not related to freeradius directly, but to Cisco. I thought
>>> somebody could have had the same problem. I'm willing to send a
>>> reply-message to Cisco ( which I'm allready sending using radius )
>>> and, according to what string I'm sending al
Hi folks,
I'm writing on a publication deadline and hoping to show how
FreeRADIUS can solve an intriguing problem. Unfortunately so far
I can't seem to get it to do the job.
My goal, ultimately, is to try to authorize users in both a local Samba PDC
(with an LDAP back end) and in another NT domain,
"Matt McFarlane" <[EMAIL PROTECTED]> wrote:
> Two things I've noticed are that the password appears to not be
> received (via PEAP)
That's how PEAP works.
> and that the bind password is being sent as "aassword" instead of
> "password" no matter what I enter on the supplicant.
The "aassword"
Totally new to radius. I've installed freeradius 1.02 --with-edir on Suse 9.
Attempting to use 802.1X auth from wireless user behind HP 420 AP using WinXP
to an eDir tree via LDAP. When I use radtest the bind is successful. However
when using the 802.1X supplicant I get the output below. Tw
> > Hi all,
> >
> > This is not related to freeradius directly, but to Cisco. I thought
> > somebody could have had the same problem. I'm willing to send a
> > reply-message to Cisco ( which I'm allready sending using radius )
> > and, according to what string I'm sending along with reply-messa
On Wed, 2005-05-11 at 17:28 -0500, Douglas G. Phillips wrote:
> The problem is this: If I pass the radtest client a clear-text password,
> authentication is successful. If either I pass the client an encrypted
> password (copied from the logs) or point the 5350 at the radius server,
> it doesn't
On Wed, 18 May 2005, Dustin Doris wrote:
> On Wed, 18 May 2005, John Sorel wrote:
>
> > I was able to get both the group and user authenticated on
> > the Radius server now but there is no matching of the user
> > to the group.
> >
> > This user can login using any group, not just the one I want
>
On Wed, 18 May 2005, John Sorel wrote:
> I was able to get both the group and user authenticated on
> the Radius server now but there is no matching of the user
> to the group.
>
> This user can login using any group, not just the one I want
> them to use.
>
> How does the radius server match / ch
John Sorel wrote:
I was able to get both the group and user authenticated on
the Radius server now but there is no matching of the user
to the group.
This user can login using any group, not just the one I want
them to use.
How does the radius server match / check the user to the
group?
Sorry f
I was able to get both the group and user authenticated on
the Radius server now but there is no matching of the user
to the group.
This user can login using any group, not just the one I want
them to use.
How does the radius server match / check the user to the
group?
-
List info/subscribe/
arun <[EMAIL PROTECTED]> wrote:
> I have successfully used Freeradius1.0.1 to authenticate my clients
> using EAP-MD5 and EAP-TLS.
> But i am not able to get EAP -TTLS working.
The supplicant you're using is doing something bad:
> rlm_eap: Either EAP-request timed out OR EAP-response to an unk
"Matthew Hunter" <[EMAIL PROTECTED]> wrote:
> How do I get freeradius to check both ldap servers for a user. I have
> ldap configured already for redundency but I want it to look at the
> first ldap server and if the user is not found then check the second
> ldap server.
doc/configurable_failov
"Oleg M. Golovanov" <[EMAIL PROTECTED]> wrote:
> DEFAULT Acct-Status-Type == Start, Huntgroup-Name == "vpn"
> Exec-Program = "/usr/local/4net/vpn_acct.pl start"
Huntgroups aren't used for accounting packets.
I believe this is fixed in the CVS head.
Alan DeKok.
-
L
Alexander Serkin <[EMAIL PROTECTED]> wrote:
> I did not think radiusd rewrites unix timestamp into date.
> Just because previous radius i was using used to put the timestamp into
> accounting as an integer.
Which I, for one, have a hard time understanding.
> Does it mean that %S takes the time
>>
>>
>> I would like to know if anyone has a work around to support PEAP (ms
>> chap v2) client access authenticate against a LDAP server with bind
>> operation. Currently, retrieving clear text password from LDAP is
>> not an option.
>>
>
>No this is not possible. Only way you can authenti
Luis Daniel Lucio Quiroz wrote:
> May do this with just a "cat cacert.pem crl.pem" > ca.pem comand?
Yes. Then set CA_file = ca.pem
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http
ot;
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.0.1:1812, i
May do this with just a "cat cacert.pem crl.pem" > ca.pem comand?
Le Mercredi 18 Mai 2005 08:50, Michael Griego a écrit :
> There are no "crl_dir" and "crl" configuration options recognized by the
> server. You must have added those. The correct way to do this is to
> add the PEM encoded CRL t
Just configure the group on the concetrator as "external". Then on the
freeradius create a user with
the same name. IMPORTANT: Use the attribute "VPN IPSec-Authentication == 1"
if you like to
authenticate them through radius.
Here are the other possible values:
0=None
1=Radius
2=Ldap
3=NT Domain
4
I have a Cisco VPN concentrator and am trying to get group authentication
working
with the FreeRadius server. User authentication works fine but the radius
server
doesn't seem to care what group the user logs in with.
Does anyone have a similar working setup?
If I configure the group on the co
Hi,
This is entirely dependent upon the NAS. Some vendors' NASes provide
great flexibility in per-user authorization while others provide very
limited functionality beyond a simple permit/reject. IIRC, the Cisco
Aironet 1200 relies (or at least used to rely) on the SSID selected by
the user to i
Hello, here is my question:
In theory, it is possible for a NAS to honore and send a lot of RADIUS
and VSA attributes, to permit precise per-user authorization tunning
(for exemple per-user ACL, with Filter-Id or VSA...). But in the case
where the NAS is an Access-Point, is it possible to manage
There are no "crl_dir" and "crl" configuration options recognized by the
server. You must have added those. The correct way to do this is to
add the PEM encoded CRL to the end of your PEM encoded CA certificate,
referenced by the CA_file configuation option, then set check_crl = yes.
--Mike
[
Does anyone know if HP Procurve switches support MAC
authentication?
George Schoggins
How do I get freeradius to check both ldap servers for a user. I have
ldap configured already for redundency but I want it to look at the
first ldap server and if the user is not found then check the second
ldap server.
Matt Hunter
Network Analyst
Waukesha County Technical College
-
List info/
Alexander Serkin wrote:
Ok. RFC says exactly that
"The Value field is four octets encoding an unsigned integer with
the number of seconds since January 1, 1970 00:00 UTC."
I did not think radiusd rewrites unix timestamp into date.
Just because previous radius i was using used to put the times
Hi,
I am currently doing some research into how I can make FreeRADIUS
support other token card methods. Novell eDirectory already provides
I have FreeBSD 4.10 & FreeRADIUS 1.0.2 with Postgres SQL 7.4.7.
The problem is following:
I wrote
DEFAULT Acct-Status-Type == Start, Huntgroup-Name == "vpn"
Exec-Program = "/usr/local/4net/vpn_acct.pl start"
DEFAULT Acct-Status-Type == Stop, Huntgroup-Name == "vpn"
Have no one a solution of this problem?
thanks for help
Alain
> Hi,
>
> I work with freeradius 1.0.2
>
> If I configure in the TLS section of eap.conf (without this entries the
> autentification process works fine)
>
> CA_path = /path
> check_crl = yes
> crl_dir = /path
> crl = file
>
> Not
34 matches
Mail list logo
