So I put
DEFAULT Auth-Type := Accept
Everyone will be authenticated??
If that is so will the other attributes against the username in the users
file still be applied, such as IP address, if that user is in the file?
Tony
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Hi,
now i have another problem, it seems that the the peap module isnt
loading... because when i will compile ./configure rlm_eap_tls or other
ssl modules he says me that iv not installed openssl but i have
installed it.
whats the problem???
/usr/local/openssl i compiled it by myself...
thanks Alan for your assistance so far.
Sorry for bugging you further but I still got a
question or two.
1. Where is the rlm_detail module? I only see *.so and
*.la files which seem not to be the ones. man
rlm_detail doesn't help either.
2. I managed to use encrypted passwords in the user
file.
Hey.
Does one need to handle it in any special way?
I have deployment like this, where special chars work as good as normal
ones.
Cisco VPN clients - Cisco PIX - FreeRADIUS - OpenLDAP.
A.
on 03/03/2006 00:28 Natalia Escalera wrote:
Hello all,
Do somebody know how to handle passwords
Hi people,
I am using freeradius-1.0.4 for more than two years in a Debian machine. I have all my user configurations in a Postgres DB. Now I migrate the clients.conf to DB successfully. For that porpouse I write at the end of my clients.conf:
# Set to 'yes' to read radius clients from the
Hi list,
I have a Linux box running FreeRADIUS 1.0.4.
What I'd like to do is receive authentication requests for many groups
of users from the same NAS boxes. The identifier for the different
types of users would be the @domain part of their username.
I'd like to proxy requests to different
modcall: entering group authorize for request 0
modcall[authorize]: module preprocess returns ok for request 0
users: Matched entry DEFAULT at line 155
modcall[authorize]: module files returns ok for request 0
radius_xlat: '/var/log/radius/radacct/172.30.10.40/auth-detail-20060303'
rlm_detail
Kristofer Sigurdsson [EMAIL PROTECTED] writes:
1. A request comes in, it's [EMAIL PROTECTED]
2. FreeRADIUS sends a request to RADIUS server 192.168.2.1, because of
the @dadada
part.
3. RADIUS 192.168.2.1 replies with, OK, accepted, Framed-IP-Address is this,
Framed-Route is that...
4.
I have trouble to set up some authorization upon ldap attribute of the user:
I have different SSID for my wireless LAN, using WPA or WPA2 with EAP/TTLS
and ldap auth which work fine right now with Freeradius
How can I prevent user without some ldap special attribute to get
authenticated on a
Any pointers would be appreciated. I've been looking through the
archives, but I can't seem to find a way to modify the replies from
the other RADIUS server.
doc/rlm_attr_filter
Thanks! Don't know how I managed not to find that when I Google'd it. :-)
I tested this, works like a charm.
Hi guys!
I recently install a freeradius for test purpose in a WiFi
environement. But, i still a a problem, and I hope that you will be
able to help me. The radius server version is: 1.0.4.
I try to set a mac authentication and a certificates based
authentication, but in the freeradius.cnf i dont
-Original Message-
yes ssl, is fun :-)
now i have another problem, it seems that the the peap module
isnt loading... because when i will compile ./configure
rlm_eap_tls or other ssl modules he says me that iv not
installed openssl but i have installed it.
whats the
Hi !
I'm trying to set up a freeradius (1.1.0) server to proxy ms-chap-v2 to a ms
ias server.
If I send ms-chap, then the proxy works. But if I send ms-chap-v2 then
i get this error message (from debug) :
Sending Access-Request of id 1 to 192.168.1.1 port 1812
NAS-Identifier =
Hi, I have question, itspossible to put two
radius servers runnig in same server with diferents
ports?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Hi, I have question, its possible to put two radius servers runnig in same
server with diferents ports?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
yes. this is a fairly common question - use the '-d' directive to define
a different config directory
Sure, but do NOT forget to tell your client ( radiusclient ) to use new
server on new ports ;)
Regards,
Edvin
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
g] On Behalf Of [EMAIL PROTECTED]
Sent: Freitag, 03. März 2006 19:07
To: FreeRadius users mailing list
I've got 2 mail containing viruses sent through freeradius-user-request..
was this email spoofed ( my antivirus software deleted the email so I had no
chance to look at the headers etc ) or were email really sent through
mailman?
Regards,
Edvin
-
List info/subscribe/unsubscribe? See
If it does send them, then yes, you'll have to update the sqlcounter
module to handle 64-bit numbers. But you don't need to update any of
the valuepair structures.
Alan DeKok.
So what variable should I alter to handle 64-bit numbers. As far I have
understood the check-name value is written
Seferovic Edvin [EMAIL PROTECTED] wrote:
I've got 2 mail containing viruses sent through freeradius-user-request..
was this email spoofed ( my antivirus software deleted the email so I had no
chance to look at the headers etc ) or were email really sent through
mailman?
It's spoofed. I'm
andre kip [EMAIL PROTECTED] wrote:
1. Where is the rlm_detail module? I only see *.so and
*.la files which seem not to be the ones. man
rlm_detail doesn't help either.
Try looking at the source.
2. I managed to use encrypted passwords in the user
file. Is it possible to store encrypted
James Cort [EMAIL PROTECTED] wrote:
The problem I am having is that I cannot figure out how to get both the
LDAP backend and the EAP parts working simultaneously. If I enable the
with_ntdomain_hack option, LDAP works but EAP gives the rlm_eap:
Identity does not match User-Name, setting
Guillaume [EMAIL PROTECTED] wrote:
I try to set a mac authentication and a certificates based
authentication, but in the freeradius.cnf i dont find any entry for
loading a list of authorised MAC address.
That's because the server doesn't come pre-configured to run on your
local system.
VannMann32 . [EMAIL PROTECTED] wrote:
If I send ms-chap, then the proxy works. But if I send ms-chap-v2 then
i get this error message (from debug) :
That's nice. What does the debug log on the other RADIUS server say?
Is this possible ? Should it work ? Is it possible to proxy ms-chap-v2 ?
Is there a way to send access-accept all of the time?
I've tried to do the DEFAULT in username, but that didn't seem to work
for me.
-Bob
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello all,
Looking for a pointer in the right direction. I want to reject requests
from a particular realm that are not coming from a particular set of
Client-IP-Addresses.
This realm is normally proxied through my servers, so I don't
authorize/authenticate them at the moment, they are simply
25 matches
Mail list logo