Hi,
I have Link sys wireless router, windows XP clients, freeradius
and LDAP server (Linux). I want to make the user authentication for the
windows XP clients against freeradius to connect to Link sys router. I
have all the users in LDAP. The LDAP server is set as user database for
Hi
Is free radius can be used in cluster?? , If so please
provide some links to go through in detail.
Thanks Regards
Ravi
Tech Mahindra,
I have to make a dictionary file, but I have a little
problem:
There is an attribute in the vsa attributes, which has more
than one value. Is it possible to separate it in the
dictionary file? Is there a class attribute, or something?
man 5 users. Use the += operator.
So I get
Hello all
How can I make sqlcounter module for rechargeable account in my
freeradius server with mysql backened.
Bsal
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi GeoffreyI am using Cisco 3600. In my case, I have found out the following issues with AV pairs:Call Leg 1:Cisco sends the following AV pairs to the radius server:User-NameUser-Passwordh323-conf-id
On Wed, 6 Sep 2006, Alan DeKok wrote:
Justin Church [EMAIL PROTECTED] wrote:
OK. The patch worked, since I can now run radiusd -n radrelay w/o the
Abort, but I still am not seeing a way to replicate to multiple
accounting servers with radiusd -n radrelay.
Unfortunately, it doesn't yet do
Hi AlanI replied Geoffrey with all I knew about AV pairs expected by a Cisco VoIP gateway. But I have another problem.I am using rlm_example to develop a module to handle VoIP stuff.My question is, how should I pack and send those AV piars expected by the gateway?
For example, in
On Thu 07 Sep 2006 08:05, Kostas Kalevras wrote:
On Wed, 6 Sep 2006, Alan DeKok wrote:
Justin Church [EMAIL PROTECTED] wrote:
OK. The patch worked, since I can now run radiusd -n radrelay w/o the
Abort, but I still am not seeing a way to replicate to multiple
accounting servers with
Rafiqul Ahsan wrote:
Thanks to Lin, Mercel, and Rob for your input. I am not sure about
Mercel's comment on value of AR, this has been set to false in the
Makefile at libltdl/ directory (where it actually fails). The question
is what value should it be ?
Also, Rob - when I put the
Hi Is it possible to catch Multiple-valued attributes through a C program?I can fetch, for example, User-Name attribute by calling USER_NAME = getenv (USER_NAME); but how should I fetch something like Cisco-AVPair?
Best RegardsAli
-
List info/subscribe/unsubscribe? See
Alan DeKok wrote:
relists [EMAIL PROTECTED] wrote:
The external script in XT Radius checks the username and password
against a postgres database and if username and password match it
returns the details for that user e.g. IP address, Framed-Address etc etc.
We are using the default
Hi Alan,
I've update freeradius version, when i connect a client in WPA mode,
chillispot give no error (but it can't authenticate however), when i
connect a client in WPA2 mode, chillispot returns me the same error,
whitout authenticate. I think that there is also an EAP problem.
Thanks in
Peter Nixon wrote:
Thanks for doing this, however there is already a Solaris section on
the Build page of the wiki at:
My Bad!
http://wiki.freeradius.org/index.php/Build#Building_on_Solaris_10
I think the info you have added should probably be rolled into that page
rather than starting
Hai,
Thanks for your reply.
I was trying to use PAM authentication with freeradius for Win XP client
(PEAP). I was getting error in the tls section. I posted to freeradius
userlist. I got the reply as below. Is this right?. If not, Can I use
LDAP+PEAP+freeradius.
Hello,
I was trying to use PAM authentication with freeradius for Win XP
client (PEAP). I was getting error in the tls section. I posted to
freeradius userlist. I got the reply as below. Is this right?. If not, Can
I use LDAP+PEAP+freeradius.
Yes, the info was right. But _still_, your
Hi,
You can view what is done in the Debian/rules file
Yupp, it works now! My mistake was to use the little bit broken 1.1.0
deb package a few months ago. Source-Build didn't work. If I take the
sources of the official tar.gz I can build now all without problems
under unstable.
Great.
Hi FonciThanks for your attention.I consulted the freeradius documentation about the problem.They have mentioned that the AV pairs which contain multiple values are maintained using arrays. These arrays are available in, for example, shell scripts:
example:%{Cisco-AVPair[0]} references the value
Ah sorry,By the way, in the C code, please change Cisco-AVPair to CISCO_AVPAIR. This is the transformation which freeradius makes with regard to its environment variables and you should take care of the issue in your shell scripts or C code.
Best RegardsAliOn 9/7/06, Ali Majdzadeh [EMAIL
I have a VPN appliance authenticating users (~20
users) against my freeradius server. I have another
radius server running on a windows box authenticating
users on local and trusted domains (250+ users). For
technical reasons I can't point the VPN appliance to
the windows radius server.
relists [EMAIL PROTECTED] wrote:
The problem with your suggestion is that you can enter the wrong
password and it will still authenticate you. We need this to obviously
accept when the password is correct and reject when the password is
incorrect.
Really? I thought I understood how the
Muthu [EMAIL PROTECTED] wrote:
I was trying to use PAM authentication with freeradius for Win XP client
(PEAP).
PAM works only for clear-text passwords. I'll update the
compatibility matrix on my web site.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
Kostas Kalevras [EMAIL PROTECTED] wrote:
Just a side note on the clone packets issue i ve come across it in
another situation. We act as a proxy for various ISPs and we need to
have a way to replicate accounting-on/off packets (which obviously
don't carry a [EMAIL PROTECTED] attribute) to all
Ali Majdzadeh [EMAIL PROTECTED] wrote:
Is it possible to catch Multiple-valued attributes through a C program?
I can fetch, for example, User-Name attribute by calling USER_NAME = getenv
(USER_NAME);
but how should I fetch something like Cisco-AVPair?
You don't. You write a module in the
Giuseppina Venezia [EMAIL PROTECTED] wrote:
I've update freeradius version, when i connect a client in WPA mode,
chillispot give no error (but it can't authenticate however), when i
connect a client in WPA2 mode, chillispot returns me the same error,
whitout authenticate. I think that there is
Hi
All,
I am trying to set
values for more than one attributes in the exec-program-wait for accounting
startpackets.
Below is the code i
am trying in the exec-program-wait
putenv("Calling-Station-ID=10")
putenv("Called-Station-ID=50")
Putenv("Acct-Session-ID="20")
return
0;
I have set
Easier - create a policy in IAS to only authorise the users you want.
josh.
Josh wrote:
I have a VPN appliance authenticating users (~20
users) against my freeradius server. I have another
radius server running on a windows box authenticating
users on local and trusted domains (250+ users).
Cool, I'll have to take a closer look at Method 2.On 9/7/06, Rob Shepherd [EMAIL PROTECTED] wrote:
Peter Nixon wrote: Thanks for doing this, however there is already a Solaris section on
the Build page of the wiki at:My Bad! http://wiki.freeradius.org/index.php/Build#Building_on_Solaris_10
I
Alan DeKok wrote:
relists [EMAIL PROTECTED] wrote:
The problem with your suggestion is that you can enter the wrong
password and it will still authenticate you. We need this to obviously
accept when the password is correct and reject when the password is
incorrect.
Really? I
Shankar Ganesh C [EMAIL PROTECTED] wrote:
Below is the code i am trying in the exec-program-wait
putenv(Calling-Station-ID=10)
That is not the documented way to send attributes back to the server.
See scripts/exec-program-wait
I am trying to set the accounting response packets with
Justin Church [EMAIL PROTECTED] wrote:
How would the proxy.conf work? Would you define N identical realms with
different remote servers, and the 1-N proxy server would replicate to
the first N matches it finds in proxy.conf?
That's an option.
I'm open to suggestions as to how to
Hi,
I just looked at it in 1.1.3. I found the same behaviour you noted,
when the script had not the execute permission. If you put the
equivalent into an exec stanza in the main config file, that does
loudly complain about not being able to run the script and then denies
access therefore. After
Hi,
We did try your suggestion before posting back and you can enter any
pasword and it will accept it. We tried it again and here is the output:
rad_recv: Access-Request packet from host 192.168.1.1:1224, id=1, length=84
User-Name = [EMAIL PROTECTED]
User-Password =
Josh [EMAIL PROTECTED] wrote:
I'm actually running Funk (Juniper) Steel-Belted
Radius on the windows box. I'm working out issues
with the user profiles on that box... I was hoping to
let freeradius take care of who had access to proxy
(if possible).
man rlm_passwd
Put the users into a
On Thu 07 Sep 2006 15:07, Alan DeKok wrote:
Kostas Kalevras [EMAIL PROTECTED] wrote:
Just a side note on the clone packets issue i ve come across it in
another situation. We act as a proxy for various ISPs and we need to
have a way to replicate accounting-on/off packets (which obviously
Hi Alan
Thanks for your help.
Best RegardsOn 9/7/06, Alan DeKok [EMAIL PROTECTED] wrote:
Ali Majdzadeh [EMAIL PROTECTED] wrote: Is it possible to catch Multiple-valued attributes through a C program? I can fetch, for example, User-Name attribute by calling USER_NAME = getenv
(USER_NAME); but how
Ah. It looks like Chillispot doesn't do EAP.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
Now I have removed the RadiusFilterID (radius packet 11) attribute,but
chilli still receive this :
chillispot[22760]:
Thank you Gef that pointed me in the right direction. What I still had
to figure out was that the check-item variable is an extra row in the
radcheck table and that the operator has to be ==.
Kind regards,
Eugene
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
org]
We have multiple remote sites each with it's own NAS, each NAS search
for users in multiple LDAP contexts. Each NAS (read: site) has one or
more primary contexts, which I like to search first before looking
in all others (roaming users). At this time search order is based on
the order of LDAP
On Tue, 22 Aug 2006, Alan DeKok wrote:
|-Keith Woodworth [EMAIL PROTECTED] wrote:
|- One of the things I did try was add PAP to the authorize section, but
|- radius failed to start when I did that.
|-
|- And the error message was...?
Had to put this project a side for the last 2 weeks...Hate
39 matches
Mail list logo
