Mike Jakubik [EMAIL PROTECTED] wrote:
First of all, the above can be accomplished in SQL using the checkval
module and the += OP. Thats great and dandy until you need to specify
numbers that users can NOT dial to. In any case that will not work for
me, as i need to do this for each group
Maillists [EMAIL PROTECTED] wrote:
but I know 100% that the password is correct. What appears to be
happening (determined from hours of frustrating testing) is Freeradius
(rlm_unix) is looking for the users passwords in the /etc/passwd file
but my /etc/passwd file doesn't contain any
while trying to compile the fr 1.1.2 with mysql 5.0.22 i got the
following with rlm_sq_mysql configure:
checking for mysql_config... yes
checking for mysql_init in -lmysqlclient (using mysql_config)... no
checking for mysql_init in -lmysqlclient... no
configure: warning: mysql libraries not
Hello !
Hi All,
I am newly joined to this group. I have started working on radius.
I am facing some problems in configuring the free radius for accounting
purpose and to get the IP address of MS.
What do you mean by IP address of MS ? accounting setup is pretty well
described in freeRadius
Hello FR Users
Can anybody here help me out of this problem?
I installed freeradius version 1.1.1 with mysql on RH Linux Enterprise 4 ed.
I've got this result
[EMAIL PROTECTED] ~]# radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config:
hi,
the recent post mentioning Auth-Type = System reminded me
if I've got a Auth-Type = Reject int he users file, then when making
a request with a remote RADIUS client, then the request times
out when freeradius is running as a normal process daemon... on
Fedora, this is running as a service
Hi,
while trying to compile the fr 1.1.2 with mysql 5.0.22 i got the
following with rlm_sq_mysql configure:
you did do
./configure --with-mysql-lib-dir=/opt/mysql/lib/mysql
as per the output bleatings, yes?
alan
-
List info/subscribe/unsubscribe? See
Oh, sorry for flood, found the solution in the archives.
http://lists.freeradius.org/mailman/htdig/freeradius-users/2003-April/017789.html
[EMAIL PROTECTED] пишет:
Hi,
while trying to compile the fr 1.1.2 with mysql 5.0.22 i got the
following with rlm_sq_mysql configure:
you did do
Hello all
Is it possible to (easily) remove single attributes sent or received
when proxying? I know it can be done with attr_filter but if you only
want to remove a single attribute while leaving the rest untouched, you
need pass rules for every other attribute.
It doesn't look like
Hi,
I am going to configure a FreeRADIUS as a RADIUS proxy. My proxy will have to
listen on a couple of ports on 2 interfaces, so I set the following
configuration in radiusd.conf:
listen {
ipaddr = IP1
port = 1812
type = auth
}
listen {
ipaddr = IP1
port = 1813
type =
Hi,
I just get the last CVS update, and I discovered a hidden attribute in
mainconfig.c, name proxy_fail_type.
By reading the source code, my understanding is that setting this attribute to
fail (for example) in proxy.conf, and setting the value fail for
Post-Proxy-Type in
[EMAIL PROTECTED] wrote:
however, when running freeradius is debug mode, with -X, the Reject
reply message is pretty fast...though still a lot slower than an
Access-Accept message for a valid user - even though the valid user
is in a database or a kerberos check. I assumed that a Auth-Type :=
Hi !
Upgrading from 1.1.1 to 1.1.2 and now I get this error message :
Thu Jun 1 12:26:22 2006 : Info: rlm_eap_tls: Loading the certificate file
as a chain
Thu Jun 1 12:26:22 2006 : Error: rlm_eap: SSL error error:02001002:system
library:fopen:No such file or directory
Thu Jun 1 12:26:22
Hi,
# Setting this number to 0 means send rejects immediately
reject_delay = 1
i know this one - but why the change in behaviour when running
in debug mode (where it all works fine - nice 1 second timeout,
no checking against other Authentication methods etc) compared
to running as a real
plz do you have totorial links to PPPoE server + MySQL backend??
strait forward and easy to understand. thanks
this tool really needs Howtos
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hey All,Any body knows how to revoke the certificates? what changes needs to be done in the freeradius
eap.conf file.Im trying to do in the way its given in the default config file:Oopenssl command to revoke the ca-certificate:
openssl ca -gencrl -keyfile ./privatekey.pem -cert cacert.pem revoke
Hi,
I am using freeradius 1.0.5, configured so that when a user fails the password
for X times, a mail is sent to a sysadmin.
I have added the following to modules section:
exec accept_notify {
wait = no
program = /usr/local/etc/raddb/radius_reject_notify %{User-Name} accept
Alan DeKok wrote:
Why did you add Auth-Type = Accept to the server? It's breaking EAP.
Alan DeKok.
Auth-Type = EAP?
A few folks had mentioned to us that using the EAP auth type was a bad
idea. Why? No idea. It seems obvious, so we'll give it a shot.
--
Drew Linsalata
The
Hi,
I have tried reordering the elements in the radiusd.conf file so that the
database is tried first, and then commented out the section to check the users
file, and I am still having the same issues.
Here is the output again:
Ready to process requests.
rad_recv: Access-Request packet from
modcall[authorize]: module sql returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
rad_check_password: Found Auth-Type Local
auth: type Local
auth: No User-Password or CHAP-Password attribute in the request
auth: Failed to validate the user.
Login
Am having a strange problem after my supplicant get authenticated to my active
directory. My supplicant trying to get authenticated to active directory or
validating identity every 60 mins, which disturbs wireless connection that
bother me a lot. Is this normal or can i set the timer to
There is a password in the database (in the radcheck table) associated with
the username. I am also supplying both the username and password on my laptop
as I am trying to connect. I currently have the Auth-Type being set (:=) to
Local in the radgroupcheck table. I believe this should all be
Alan DeKok wrote:
Maillists [EMAIL PROTECTED] wrote:
but I know 100% that the password is correct. What appears to be
happening (determined from hours of frustrating testing) is Freeradius
(rlm_unix) is looking for the users passwords in the /etc/passwd file
but my /etc/passwd file doesn't
We're going to be setting up a few new FreeRADIUS servers on virtual
hardware. The server admin is asking me what I need for specs.
(Virtually, they can allocate whatever I need)
It's about 200-500 simultaneous authentications. (This is my prediction
for the next 4 years, we're about 10 right
Hi,
I have tried reordering the elements in the radiusd.conf file so that the
database is tried first, and then commented out the section to check the
users file, and I am still having the same issues.
Here is the output again:
modcall: leaving group authorize (returns updated) for
Drew Linsalata wrote:
Alan DeKok wrote:
Why did you add Auth-Type = Accept to the server? It's breaking EAP.
Alan DeKok.
Auth-Type = EAP?
A few folks had mentioned to us that using the EAP auth type was a bad
idea. Why? No idea. It seems obvious, so we'll give it a shot.
No.
Drew Linsalata [EMAIL PROTECTED] wrote:
Auth-Type = EAP?
A few folks had mentioned to us that using the EAP auth type was a bad
idea. Why? No idea. It seems obvious, so we'll give it a shot.
NO! Read the documentation in eap.conf for why it's a bad idea.
The solution to one broken
[EMAIL PROTECTED] wrote:
I have tried reordering the elements in the radiusd.conf file so
that the database is tried first, and then commented out the section
to check the users file, and I am still having the same issues.
Re-ordering radiusd.conf won't help. The problem is the broken
Fabio [EMAIL PROTECTED] wrote:
I am using freeradius 1.0.5,
Install 1.1.2.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Shane [EMAIL PROTECTED] wrote:
Read radiusd.conf, and look for /etc/passwd. Odds are that you
enabled caching of /etc/passw. There's a reason it's not enabled by
default, it doesn't work on FreeBSD. Which is explicitly documented.
No, that isn't the cause as I have the following in
King, Michael [EMAIL PROTECTED] wrote:
It's about 200-500 simultaneous authentications.
What do you mean by that? Authentications per second?
I'm guessing 1ghz of cpu, 512MB of RAM, and 30gig of HD. Suggestions,
comments, criticisms?
That should be lots.
Alan DeKok.
-
List
Alan DeKok wrote:
Mike Jakubik [EMAIL PROTECTED] wrote:
First of all, the above can be accomplished in SQL using the checkval
module and the += OP. Thats great and dandy until you need to specify
numbers that users can NOT dial to. In any case that will not work for
me, as i need to do
32 matches
Mail list logo