When will this be fixed. I would like to user the latest released version
1.0.4 - but I need the Expiration module - which is not included with
1.0.4
What do I need to do to add the expiration module to 1.0.4?
Jaco van Tonder
-Original Message-
From: [EMAIL PROTECTED]
Hello,
I am currently configuring a setup where an AD server is used to authenticate
users via password _and_ supplemental attributes.
So far I think I figured out that I need to use mschap {} with ntlm_auth to
verify the password, but would need to use the ldap {} module to get the
checkItems
Alan DeKok wrote:
See wire diameter, from Taiwan. I recall it's a student project,
but it does give a minimal diameter server.
I took a look at it two months ago or so. It may implement the Diameter
protocol, but does not have any backends on board, so the use case I
mentioned (AD) or a
Hello,
I search a HowTo for Freeradius+PPPoe.
MFG.
--
5 GB Mailbox, 50 FreeSMS http://www.gmx.net/de/go/promail
+++ GMX - die erste Adresse für Mail, Message, More +++
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi
When will Radius Server will challenge with Access-Challenge packet
during authentication? Is it depends on any configuration?
--
Thanks Regards
Srinivasa Rao Chigurupati
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Mon, 11 Jul 2005 11:16:04 +0200 (MEST)
Dumpfbacke 102731 [EMAIL PROTECTED] wrote:
Hello,
I search a HowTo for Freeradius+PPPoe.
You need a network access server running PPPoE service which talks to Radius.
You can do that with any BSD or Linux or check out www.mikrotik.com for
Hi Charles,
Also run the same setup but not for alot users with rp-pppoe-server on
linux debian , they say pppoe is for testing only, how do u find the
load on on the pppoe-server when many users connect, cpu?, memory? etc?
Thanks
Jandre
Charles Price wrote:
You need a network access
Hi Jandre,
Also run the same setup but not for alot users with rp-pppoe-server on
linux debian , they say pppoe is for testing only, how do u find the
load on on the pppoe-server when many users connect, cpu?, memory?
I'm running pppoe-server from rp-pppoe-3.5 with ppp-3.4.3 using
the radius
Jaco van Tonder [EMAIL PROTECTED] wrote:
What do I need to do to add the expiration module to 1.0.4?
Copy it over?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Srinivasa Rao Chigurupati [EMAIL PROTECTED] wrote:
When will Radius Server will challenge with Access-Challenge packet
during authentication? Is it depends on any configuration?
It depends on the authentication method used. Some require
Access-Challenge, so FreeRADIUS implements it. Some
Stefan Winter [EMAIL PROTECTED] wrote:
see also open diameter. it even does EAP...
Well, it does packet handling, providing only a library for the
server. But in order to really use it, you must first wrap daemon
glue code around the libraries, and you must be able to do something
with the
Unfortunatly this solution must be able to scale up. We have already
assesed other technologies but they are not to our liking. Since there
will be many APs in a certain area so they must be abble to grab account
info from a central server.
[EMAIL PROTECTED] wrote:
On Sun, Jul 10, 2005 at
Stefan Winter [EMAIL PROTECTED] wrote:
So far I think I figured out that I need to use mschap {} with ntlm_auth to
verify the password, but would need to use the ldap {} module to get the
checkItems and replyItems I need to do the supplemental checking, and do the
actual checking in the
[EMAIL PROTECTED] wrote:
My first question is:
How do I tie all of this together with a DHCPd server, so that they
authenticated clients can be assigned an IP address.
That will happen automatically.
How can I implement a DHCPd server into my configuration?
Configure
Artur Hecker [EMAIL PROTECTED] wrote:
you might be right. yet i think that we might ignore some opportunities
which would be possible/supported by diameter.
Like... what?
i really believe that current usage produces demand in the same
manner as demand influences the usage. using
[EMAIL PROTECTED] wrote:
Attached the codes of error when I am compiling Radius 1.0.4
When I finish ./configure, then MAKE, the error happens.
Did the configure process finish without errors?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi.
Cant you just have a subscribe.somesite.com which points to a unofficial IP and
there let your users subscribe?
Use local DNS servers for hostname mapping.
The subscribe site would be just some PHP scripts adding users to a database.
Then let radius talk to it to authenticate your users.
Michael Langer [EMAIL PROTECTED] wrote:
i get the listet log. The freeradius server identify the request as EAP. But
why it startet rlm_eap_tls?
Because PEAP uses TLS.
I thought he gots the message, notice its EAP and take the password from
users (file). But it start tls handshake, and
Hi my name is Tom and I am installing FreeRadius for the first time.
Specifications:
OS: Fedora Core 4
Linux Kernel 2.6.11smp
Freeradius version : 1.0.2
MySQL version : 4.1.11
DEBUG Info:
Mon Jul 11 14:05:01 2005 : Error: rlm_sql (sql): Failed to connect DB handle
#4
Mon
Tim Tyler [EMAIL PROTECTED] wrote:
So, is it possible to support eap-ttls from a wireless
client to the freeradius proxy server, but use open text
from the freeradius proxy server to our Livingston radius
servers?
Yes.
DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-Realm :=
Check out the Cisco SSG/SESM solution. You route all the traffic through
one (or many) SSG's. The SSG will determine whether or not the session is
authenticated based on IP address. If not, it will redirect the user to
the SESM page, where they will login. The SESM will send the
On Mon, 11 Jul 2005 14:20:51 -0500
Thomas Tinsley [EMAIL PROTECTED] wrote:
Hi my name is Tom and I am installing FreeRadius for the first time.
Specifications:
OS: Fedora Core 4
Linux Kernel 2.6.11smp
Freeradius version : 1.0.2
1.0.2 has security holes. Use 1.0.4
Thx for response!!!
i get the listet log. The freeradius server identify the request as EAP.
But
why it startet rlm_eap_tls?
Because PEAP uses TLS.
TLS is used between windows 2000 and freeradius, or freeradius and cisco
switch?
I thought windows talk to cisco by ms-chapv2?
Sorry now im
[EMAIL PROTECTED] wrote:
rlm_mschap: Told to do MS-CHAPv2 for johnk with NT-Password
rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
That's pretty definitive.
My thoughts are that SQL and MSCHAP should be in the authorization section,
and MSCHAP and EAP should be in authentication.
[EMAIL PROTECTED] wrote:
I am trying to do EAP-PEAP, using FreeRadius 1.0.4. Here are the debug logs,
at the breaking points:
It doesn't appear you are sending the whole log. There should be another
section where the user is being authorized against the SQL database. It
appears your
On Mon, Jul 11, 2005 at 05:26:54PM -0400, Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
rlm_mschap: Told to do MS-CHAPv2 for johnk with NT-Password
rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
That's pretty definitive.
I thought so as well. I am 99% sure that the NTLM passwords
[EMAIL PROTECTED] wrote:
When using NT-Password, I was noticing that the sql authorization phase
would not return OK. Switching it to User-Password seemed to fix that
(albeit not correctly). I have switched radcheck back to using Attributes
of NT-Password.
Make sure you have both NT-Password
On Mon, Jul 11, 2005 at 03:40:32PM -0600, Vladimir Vuksan wrote:
I believe this is incorrect. You may want to split off the two password
hashes and put them in separate variables ie. LM-Password and
NT-Password. User-Password usually refers to either a crypted or
cleartext password.
I
Michael Langer [EMAIL PROTECTED] wrote:
TLS is used between windows 2000 and freeradius, or freeradius and cisco
switch?
I thought windows talk to cisco by ms-chapv2?
PEAP is EAP-TLS with EAP-MSCHAPv2 inside of the TLS tunnel.
but both, the client and the root, certificates are installed
[EMAIL PROTECTED] wrote:
I thought so as well. I am 99% sure that the NTLM passwords I am
using are valid.
What you put into SQL wasn't valid.
I am including two URLs. One with debug logs showing user 'johnk'
trying to AAA, using NT-Password. The other shows testacct
(using the same
On Mon, Jul 11, 2005 at 06:56:44PM -0400, Alan DeKok wrote:
Try using just MS-CHAP with an NT password in SQL. Once that works,
PEAP will work.
Alan DeKok.
I am not entirely sure what you mean, so I tried a two different combinations.
johnk has only a NT-Password. testacct has
[EMAIL PROTECTED] wrote:
Try using just MS-CHAP with an NT password in SQL. Once that works,
PEAP will work.
I am not entirely sure what you mean, so I tried a two different combinations.
Find a RADIUS client that implements MS-CHAPv.
See src/tests/mschapv1 for a sample script
** Your attention is drawn to the note at the end of this message. **
MESSAGE
Sent [EMAIL PROTECTED]
by: ists.freeradius.org
Ok, now I'm really confused :(
Can someone please clarify exactly what does the sqlcounter module do ?
Basically I need to calculate the data on a daily basis for each user.
Thanks for your patience :)
Regards,
--
Ross
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
34 matches
Mail list logo