On 5/8/06, Alan DeKok <[EMAIL PROTECTED]> wrote:
"sumi thra" <[EMAIL PROTECTED]> wrote:> Yes. it works fine when the configuration is like this. But you won't say what version you're running.
I am using version: 1.1.1 > But, when i use ~ symbol( to allow more that one wlan access/rej
Bill Schoolfield wrote:
>
> Last week I reported an issue I had with FreeRadius 1.0.5 on Red Hat
> Enterprise Linux ES release 3. It had to do with dropped MySQL connections.
>
> We continue experience severe problems with FreeRadius. The server will
> run for upwards to 8 hours, sometimes more,
Hello all,
Is this normal?
It looks like it's comparing group ownership against each group even
though the user is a member of only one group. Why does it has to check
group ownership if there is an entry in the usergroup file for this
user?
It looks like it's running 'SELECT GroupName FROM user
Alan DeKok wrote:
With a lock bug. Dang. I'll get it right one of these days.
Now the server segfaults at the first Access-Request with EAP.
Attached the output from valgrind. (not the whole thing this time :)
Bjarni Hardarson
==18068==
==18068== Invalid read of size 4
==18068==at
Bill Schoolfield wrote:
>
> Wed May 3 08:02:52 2006 : Error: rlm_sql_mysql: MYSQL Error: Cannot get
> result
> Wed May 3 08:02:52 2006 : Error: rlm_sql_mysql: MYSQL Error:
> Wed May 3 08:02:52 2006 : Error: rlm_sql_mysql: MYSQL Error: No Fields
> Wed May 3 08:02:52 2006 : Error: rlm_sql_mysql:
--- Bill Schoolfield <[EMAIL PROTECTED]> wrote:
> I have posted two requests to this list concerning
> MySQL issues and
> FreeRadius. To date I haven't gotten a single
> response. As I can also
> use /etc/password and /etc/shadow, I've decided for
> now to drop using
> MySQL (e.g. use Auth-Type
[EMAIL PROTECTED] (Corey Burks) wrote:
> Is it possible to have freeradius bind to ldap using the username and
> password provided in the access-request?
Yes. The server does this by simply enabling LDAP.
Alan DEKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/user
Bill Schoolfield <[EMAIL PROTECTED]> wrote:
> In the users file I have:
>
> DEFAULT Auth-Type := System, Simultaneous-Use == 1
> Fall-Through = Yes
You're comparing the Simultaneous-Use, don't do that. Use := there, too.
> Mon May 8 23:50:01 2006 : Debug: users: Matched entry DE
"Alan DeKok" <[EMAIL PROTECTED]> wrote:
> Sorry, sent the wrong patch.
With a lock bug. Dang. I'll get it right one of these days.
OK, This should work.
Alan DeKok.
Index: src/modules/rlm_eap/eap.h
===
RCS file: /source/ra
Bjarni Hardarson <[EMAIL PROTECTED]> wrote:
> Tried the patch but the build fails with the following errors.
Sorry, sent the wrong patch.
Alan DeKok
Index: src/modules/rlm_eap/eap.h
===
RCS file: /source/radiusd/src/modules/
I have posted two requests to this list concerning MySQL issues and
FreeRadius. To date I haven't gotten a single response. As I can also
use /etc/password and /etc/shadow, I've decided for now to drop using
MySQL (e.g. use Auth-Type := System).
So hopefully my new problem is now more common.
All,
Is it possible to have freeradius bind to ldap using the username and
password provided in the access-request?
For example in the ldap module have some sort of variable in the Identity=
field.
Thank you
Corey
<>-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.h
Alan DeKok wrote:
Ah, OK. That looks like it's a bug that's been there a while. It
only happens when TLS is being used inside of PEAP, apparently.
I got the output from valgrind using EAP-MD5.
Try this patch. If it works, I'll add it into 1.1.2
Tried the patch but the build fails w
Hello All
Just a quick question, i am running Freeradius with Time and Seconds
restriction at the
moment but i want to add another product on my line.
The product is Per Megabyte account, i.e restrict a user to a Max amount of
DATA i.e
1000Megabytes, can someone show me or tell me the key word
Ok, went through and reinstalled everything. I got freeradius working
through text files with test users and got the Accept messages.
Now I am trying to setup Dialup Admin following the installation guide
and this is where I am running into issues.
When running "radiusd" i am getting the foll
Frank Smith wrote:
Thanks for all your replies. This is simply to do 802.1x
authentication. Nothing to do with wireless. This is my first whack at
radius all together. Based on what you guys are saying, it sounds like
Radius -> Pam -> Pam-LDAP -> Active Directory sounds like the way to
go.
hi,
i suggest EAP/PEAP MS-CHAPv2 with ntlm authentication.
bye
Frank Smith wrote:
Thanks for all your replies. This is simply to do 802.1x
authentication. Nothing to do with wireless. This is my first whack
at radius all together. Based on what you guys are saying, it sounds
like Radius
jasonatx0001 <[EMAIL PROTECTED]> wrote:
> Anyone know of a Windows port of freeradius ?
No. I don't think it should be too hard, though. I ported a
version of Livingston to Windows in a few weeks. Most of that was
spent trying to figure out what Windows needed.
Alan DeKok.
-
List info/su
"Frank Smith" <[EMAIL PROTECTED]> wrote:
> Based on what you guys are saying, it sounds like Radius -> Pam
> -> Pam-LDAP -> Active Directory sounds like the way to go. Any objections?
There's no need to use PAM. FreeRADIUS has an LDAP module that works.
Everything PAM can do to Active Direc
Last week I reported an issue I had with FreeRadius 1.0.5 on Red Hat
Enterprise Linux ES release 3. It had to do with dropped MySQL connections.
We continue experience severe problems with FreeRadius. The server will
run for upwards to 8 hours, sometimes more, before getting into some
unknow
Hi Alan,
Sorry, I'm new to this: what does your reply mean? Is there a patch I
can install? Do I have to do an upgrade?
Thanks,
Bogdan.
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
ius.org] On Behalf Of Alan DeKok
Sent: May 8, 2006 12:48 PM
To: FreeRadius user
Thanks for all your replies. This is simply to do 802.1x authentication. Nothing to do with wireless. This is my first whack at radius all together. Based on what you guys are saying, it sounds like Radius -> Pam -> Pam-LDAP -> Active Directory sounds like the way to go. Any objections?
On 5/8
Hi,
> Frank Smith wrote:
> >I am running AD in native mode. By my ancient understanding of samba, I
> >cannot join this domain.
>
> That is not correct, and is indeed ancient. Samba 3 can join an AD
> native-mode domain. See the massive quantity of docs include with samba.
> Once in the domai
Stuart Auchterlonie <[EMAIL PROTECTED]> wrote:
> If you ignore the 'unitialized value' errors in the valgrind log then
> you come to the real errors, 'Invalid Write', 'Invalid Read' to/from
> memory areas that aren't part of the server or were previously freed.
Ah, OK. That looks like it's a bu
Anyone know of a Windows port of freeradius ?
--
View this message in context:
http://www.nabble.com/freeradius-port-to-windows-t1578157.html#a4284227
Sent from the FreeRadius - User forum at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
"raviprakash sunkara" <[EMAIL PROTECTED]> wrote:
> 1)how to insert the users in freeradius server
Edit the "users" file. See the examples.
> 2) When I test with radiusd - X its show somes errors .
> The errors are mention below
> /usr/local/etc/raddb/users[64]: Unexpected trailing comma in c
[EMAIL PROTECTED] wrote:
robiwan: Okay, here is the complete output from my radiusd, when user roka do a
request:
sorry, it's huge
rad_recv: Access-Request packet from host 10.187.0.15:1645, id=231, length=137
NAS-IP-Address = 10.187.0.15
NAS-Port = 50103
NAS-Port-Type
"Bogdan Dumitriu - Technical Support Team" <[EMAIL PROTECTED]> wrote:
> However my
> freeRadius doesn't recognize any of these 2 attributes (rlm_sql: unknown
> attribute SSHA-Password).
This functionality is in the CVS head, and not in 1.1.x
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Frank Smith wrote:
I am running AD in native mode. By my ancient understanding of samba, I
cannot join this domain.
That is not correct, and is indeed ancient. Samba 3 can join an AD
native-mode domain. See the massive quantity of docs include with samba.
Once in the domain, the winbind daem
Yes you can do use the ldap
module of freeradius to hit your AD, I am doing this
now.
Yes you can do ssl/tls
for encryption between the radius server and AD.
Windows server 2000 does not support tls, only ssl.
It is similar to setting up mm_mod_auth_ldap for apache.
You will need
"Miguel Angel Quiles" <[EMAIL PROTECTED]> wrote:
> I would like to find out how to configure freeradius so I don't have to
> save clear text passwords in the users file.
First, which authentication types do your users use? If they use
CHAP, you have no choice but to use clear-text passwords
"sumi thra" <[EMAIL PROTECTED]> wrote:
> Yes. it works fine when the configuration is like this..
...
But you won't say what version you're running.
> But, when i use ~ symbol( to allow more that one wlan access/reject ), The
> above default policy will not work for more than one wlan's.
My
"Gabor Szelei" <[EMAIL PROTECTED]> wrote:
> My last state is the client has been authenticated, but no traffinc is
> going through.
>
> Does anyone have a working config for Cisco350 with PEAP?
I've used a Cisco AP350 before without problems.
I started off with the default config, and added
I am running AD in native mode. By my ancient understanding of samba, I cannot join this domain. I can authenticate using ldap, no? Also, is this insecure due to clear text? Any other ideas for what I want here?
Thanks!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/use
Hi,
> Hi Stepan 10x for your prompt respond
> I Used radrelay and it works fine
You're welcome :-)
> the point is that I would like to do it without additional proccess
> Like u said with the hint file
>
> where can I get this patch for the hint file ?
http://bugs.freeradius.org/show_bug
Ok Phil. That works fine, thanks.
I had to enable with_ntdomain_hack too.
2006/5/5, Phil Mayers <[EMAIL PROTECTED]>:
wekz wrote:
> Hi all,
>
> I use freeradius1.1.1 + ldap. And peap or eap-tls for authorization.
>
> I've been trying to use hints.file for changing the User-Name. When a
> laptop
Title: Message
Hi
Miguel,
Bellow you will find the config I'm using. It works
with Unix Crypt but not with md5 or SHA1. It looks like for md5 or sha1 the
crypt-password attribute has to be changed to MD5-password or SHA1-password.
However my freeRadius doesn't recognize any of these 2 attr
Hello Everybody,
I'm new to openser and also to freeradius.
1)how to insert the users in freeradius server
2) When I test with radiusd - X its show somes errors .
The errors are mention below
/usr/local/etc/raddb/users[64]: Unexpected trailing comma in check item list for entry test
Error
roxies
The big Q is how to I force the freeradius to pass the request and not
to check these header or maybe to use some sort of INJECTION
To the header .
I
Tia
Tal assa
-- next part --
An HTML attachment was scrubbed...
URL:
https://list.xs4all.nl/pipermail/freera
On Fri, 2006-05-05 at 14:00 -0400, Alan DeKok wrote:
> Bjarni Hardarson <[EMAIL PROTECTED]> wrote:
> > Think i have the same problem. I normally use EAP-PEAP but i couldnt get
> > the server to segfault in valgrind with that. Think it was openssl that
> > grinded it to a halt. Tried with EAP-MD5
Hi,
I would like to find out how to configure freeradius so I don't have to save clear text passwords in the users file.
I've been following the mail list but I've seen so many ways of configuring crypted passwords, md5, that right now I've got a mess in my head.
If someone can help me,
On 4/28/06, Alan DeKok <[EMAIL PROTECTED]> wrote:
"sumi thra" <[EMAIL PROTECTED]> wrote: It works in 1.1.1, so my conclusion is that you're running an olderversion, or that there's something broken in your local system.
Yes. it works fine when the configuration is like this..DEFAULT Group-Name ==
Hi,
Ive been trying to get $subject working.
My last state is the client has been authenticated, but no traffinc is
going through.
Does anyone have a working config for Cisco350 with PEAP?
What kindof reply is CISCO expecting from radius?
br, Gabor Szelei
-
List info/subscribe/unsubscribe?
> a telephony service provider is sending Radius req to my RADIUS
> server who proxy them to a backend server
You probably meant he is sending *accounting* requests to you? Please be
specific in your wording.
> I have configured a free radius server Version 1.1.0 to act as a
> prox
Title: PLS Help I get no response for 2 monthe (missing User-name attribute)
Hello All freeradius mailinglist
I would appriciate you help
Description
a telephony service provider is sending Radius req to my RADIUS server who proxy them to a backend server
I have configured
45 matches
Mail list logo