Thanks a lot Alan,I would like to explain what I am trying to develop. If someone has any advise, please tell me. This is my scenario:Until now, we have a RADIUS server (RADIUS PSI) which only receives Access-Request packets.Also we have a CGI application located in the URL
Hi guys,
First sorry for my bad english i am from austria ;-)
i am running freeradius-1.0.2-5.5
i have a big problem here and cant solve it alone:
there are 3 ldap instances:
ldap1,ldap2,ldap3.
and authenticate them all after another in the authentication section like
this:
authenticate {
Hy all,I have a doubt about when FreeRadius server decides to send an Access-Accept or an Access-Reject packet. When the authenticate module returns with a RLM_MODULE_REJECT, does the FR server send an Access-Reject packet? ordoes it occurlater? When the authenticate module returns with a
I'm installing freeradius 1.0.5on a Debian Linux system
I've downloaded tarball, extracted it with #tar zxvf freeradius-1.0.5.tar.gzI did:
./configure
make
make install
But installation stops with following message:
install: radiusd does not exist
make[4]: ***[install] Error 2
Does
[EMAIL PROTECTED] writes:
i am running freeradius-1.0.2-5.5
there are 3 ldap instances:
ldap1,ldap2,ldap3.
and authenticate them all after another in the authentication section like
this:
authenticate {
ldap1
ldap2
ldap3
}
same in
Bjørn Mork [EMAIL PROTECTED] writes:
authorize {
Auth-Type LDAP1 {
ldap1
}
Auth-Type LDAP2 {
ldap2
}
Auth-Type LDAP3 {
ldap3
}
}
Note: This would be a lot easier with
Hi Nicola,
Try compiling the debian stuff by executing
dpkg-buildpackage from freeradius source dir. That will do the trick!
You'll get debian packages ready to install (they will be placed outside
the source dir. For example: src dir /home/nicola/freeradius-XX.YY
debian
Marta Lajas [EMAIL PROTECTED] writes:
I have a doubt about when FreeRadius server decides to send an
Access-Accept or an Access-Reject packet.
When the authenticate module returns with a RLM_MODULE_REJECT,
does the FR server send an Access-Reject packet? or does it occur
later?
Nicola Iotti wrote:
I'm installing freeradius 1.0.5 on a Debian Linux system
I've downloaded tarball, extracted it with
#tar zxvf freeradius-1.0.5.tar.gz
I did :
./configure
make
make install
You should just get the Debian binary package with apt-get.
If you really want to recompile
Hello,
#tar zxvf freeradius-1.0.5.tar.gz
#cd freeradius-1.0.5
#./configure --localstatedir=/var --sysconfdir=/etc
#make
#make install
for command debian;
ozgur:~# apt-cache search freeradius
freeradius - a high-performance and highly configurable server
#apt-get install freeradius
and
#cd
Good day.
I need to use such a construction in radiusd.conf
acct_unique acct_std{
key = User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port
}
acct_unique acct_PIX{
key = Acct-Session-Id, NAS-IP-Address, Login-IP-Host,
Login-TCP-Port
}
preacct {
Thank you very much Bjørn. So it is after the post-auth section when the FreeRadius server decides to send an Access-Accept or an Access-Reject packet (in response of a previous Access-Request packet) depending on the result (success or not, OK or REJECT) of the authenticate method. Am I
I assume you meant
if authentication runs over ldap1 authorize on ldap1
if authentication runs over ldap2 authorize on ldap2
if authentication runs over ldap3 authorize on ldap3
sorry my fault - should check my copy-paste better ;-)
The authenticate processing should set Auth-Type to an
I assume you meant
if authentication runs over ldap1 authorize on ldap1
if authentication runs over ldap2 authorize on ldap2
if authentication runs over ldap3 authorize on ldap3
sorry my fault - should check my copy-paste better ;-)
The authenticate processing should set Auth-Type to an
sorry, now i understand what you meant with that:
ldap1:
dn: cn=radprofile,ou=dialup,o=My Org,c=UA
radiusAuthType: LDAP1
ldap2:
dn: cn=radprofile,ou=dialup,o=My Org,c=UA
radiusAuthType: LDAP2
ldap3:
dn: cn=radprofile,ou=dialup,o=My
i managed it, there is one attribute in our ldap where i can exactly define
where the user should be authorized.
With the radiusAuthType Attribute it works now perfectly.
thanks a lot for this litte hint :-)
Stefan
--- Ursprüngliche Nachricht ---
Von: [EMAIL PROTECTED]
An: FreeRadius users
Hello, I am new to freeradius and need a little help
We are going to be deploying a bunch of Wireless Routers all over the place and
they may have DHCP addresses on them instead of static WAN addresses..When a
client associates to our Wireless Router they are redirected to the Radius
Hi, I must ti configure an authentication server with
freeradius 1.0.5. The authentication method must be
EAP-TLS. I have configured the files:
eap.conf, radiusd.conf, clients.conf
I would to known:
1) If I must configure /etc/raddb/users
2) How to configure /etc/raddb/users
3) Authentication
Hi!
Is it possible to specify a basedn of dc=example,dc=com with a scope
of sub so that my search filters can apply to both ou=People and
ou=Computers for example? It seems from my testing that the scope
is one by default.
The reason I would like to do this is to have the check box in Windows
Marta Lajas [EMAIL PROTECTED] wrote:
I have a doubt about when FreeRadius server decides to send an
Access-Accept or an Access-Reject packet.
Why ask the list when you can run it yourself and see?
When the authenticate module returns with a RLM_MODULE_REJECT, does the FR
server send
Velikanov [EMAIL PROTECTED] wrote:
preacct {
preprocess
Acct-Type PIX{
acct_PIX
}
You put an Acct-Type in a preacct section. That won't work.
Acct-Types have to go into accounting sections.
radiusd.conf[1683] Unknown module
Rob Cleminson [EMAIL PROTECTED] wrote:
Is there a way of identifying the router to our FreeRadius server
without having a static IP address on each Router?
Configure a networked client in clients.conf. See the examples there.
The NASes all have to have the same secret, though.
Alan
I don't believe so. Not if you use the NAS-IP-Address attribute.
Traditionally that was used for access servers on the coporate level and
due to the nature of their work they had static IP addresses. I for one
would not want my APs (if I were deploying a wide area wireless network)
to have
Hello again,I got the DialupAdmin/SQL problem fixed (Thanks) but now I'm running into a problem with FreeRADIUS. I've tried following several different guides I've found on the net for setting up FreeRADIUS and MySQL and each time, I get the same results. Whenever, I enable anything regarding
Mathieu Clément wrote:
Good morning,
Look at this:
---
# radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
Config: including file:
Title: Connection TimeOut!!!
Hello:
RH 9.0, freeRADIUS 1.4
I have been using freeRADIUS for the last 10 Months. Works great. I like to setup a maximum connection time of 120 minutes for each user. I am a complete newbie.
Can somebody direct me to the file I need to set the timeout time?
Hello:
RH 9.0, freeRADIUS 1.4
I have been using freeRADIUS for the last 10 Months. Works great. I like
to setup a maximum connection time of 120 minutes for each user. I am a
complete newbie.
Can somebody direct me to the file I need to set the timeout time? I
also need to know the exact
Stefan Adams wrote:
Hi!
Is it possible to specify a basedn of dc=example,dc=com with a scope
of sub so that my search filters can apply to both ou=People and
ou=Computers for example? It seems from my testing that the scope
is one by default.
From my experience it is a scope of sub by
I've done something like this.
You should write a custom script for the authorization section, put
something like this in radiusd.conf
modules {
.
exec myscript {
program = /path/to/myscript %{User-Name}
wait = yes
input_pairs = request
output_pairs = config
Do you mean max connection time before logging in again? In that case,
you usually just need to add
Session-Timeout = xxx
Yes.
I have looked into various files and can not find out where I enter this
setting. Kindly, point out the file the location (or the module),
where I enter this
hi everybody, well still trying to use freeradius for a wlan. i use debian
sarge kernel 2.6.13, openssl 0.9.8.a to generate certificates and last
freeradius version.
well i followed many tutorials about securing wlans with freeradius and all
of them have this step:
openssl rsa newreq.pem
Please answer if it works
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
got it here's your reply
M T
On 1/5/06, Mathieu Clément [EMAIL PROTECTED] wrote:
Please answer if it works-List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hi,
can anyone please tell me abt the thread pool configurations?
start_servers = 5
... but 5 RADIUS servers aren't started initially.
then what is this attribute for??
--DilipSimha
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
DilipSimha.N.M [EMAIL PROTECTED] wrote:
can anyone please tell me abt the thread pool configurations?
Read the documentation in the comments in radiusd.conf?
start_servers = 5
... but 5 RADIUS servers aren't started initially.
then what is this attribute for??
threads are not processes.
35 matches
Mail list logo
