i'm on mac os x 10.4.8, with the latest xcode. thank you for your help. i finally discovered a binary available at DarwinPorts, which works like a charm.Markus Krause [EMAIL PROTECTED] wrote: Hi Paul,i compiled it on Mac OS X 10.4.7.Maybe you need XCode? (see
hey freeRADIUS users,
I've installed Entire+OEM,
11:41:05 unknown ~/freeradius-1.1.3 [root]echo $PATH
11:41:09 unknown ~/freeradius-1.1.3 [root]echo $LD_LIBRARY_PATH
/lib:/usr/sfw/lib:/usr/local/lib:/usr/lib:/usr/share/lib:/usr/dt/lib
./configure --sysconfdir=/etc --mandir=/usr/share/man
hey freeRADIUS users,
PEAP auth. works now with *X and MS-clients, the backend is a freeradius
server on centOS with active directory connection.
Now, the user needs a local account to login to the clientmachine and then
he is able to start the PEAP authentication process.
A local login for
Some things I've noticed from your attached
files
Module: Loaded MS-CHAP mschap: use_mppe =
yesmschap: require_encryption = yesmschap: require_strong =
yes
I've never enabled these before, I'm unaware what
affect they will have
tls: pem_file_type = yestls: private_key_file
=
I'm Interpreting your question a little
Please correct the question if I've got it wrong.
You want to user's to be able to have network connectivity at the logon
prompt, so they're username/password is sent to the domain?
You need to use Machine Authentication. (AKA computer account
michael,
The configuration works when i type
in my username as '[EMAIL PROTECTED]', when i let windows fill it in i don't
get in.
My password gets locked after 3 attempts,
and the wifi retries several times. If you look higher in the file you
will see another error:(logon failure)
It works with
Actually this is the exact same problem I have. I need to
type my credentials infor authentication to work. If I let windows do it,
I won't get in.
If any of youcould please help us outwith this
issue, that'd be great
Cheers
Héctor
Von:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Michael Messner [EMAIL PROTECTED] wrote:
Making all in rlm_perl...
If you're not going to use rlm_perl, just delete that directory.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubscribe?
Hi,
I have been reading the list for a couple of days now and maybe I have
missed something - but here goes.
My set up is the following - Linksys Router with DD-WRT running on it.
It does work as it connects to a older version of Radius
on another server. The newer server is CENTOS with
Thanks, this was helpful. I would rather not use LVS. I would prefer
to use the built-in functionality of the NAS to fall back from a primary
to secondary or tertiary auth/accounting servers.
This whole setup would be far simpler and more robust if I could just do
master-master replication
Does CENTOS have a built-in firewall? (IPTABLES) Does it have holes
(Rules, exceptions) poked in it so that the RADIUS packets get thru?
Ports 1812 and 1813. I'm not sure if it's TCP or UDP, I always see them
referenced together, so I opened both.
-Original Message-
From:
[EMAIL
Hello folks,I am trying to setup wireless authentication using a HOWTO guide from www.tldp.org/HOWTO/8021X-HOWTO/cert.html.In that howto guide, Lars Strand guides the user through setting up radius to be configured for peap using tls with MSChapv2 for authentication. Then, at the end, he guides
We're using FreeRadius as the EAP server in a wireless environment. All clients have smart cards, so as such we're using EAP-TLS. My question is in relation to CRL checking. I currently download CRLs nightly, but over the weekend it looks like perhaps the CRL download failed as nobody could
Michelle Manning wrote:
And - the log file in /usr/local/var/log/radius has nothing in it. I was
hoping that that would give me some clues
FYI...you will get either the debug output from running radiusd -X *or*
output in the log file. Not both.
Also, if you want to know if iptables is
G'day Ernie,
Can you sniff on the AS5300 and ensure the Access-Accept packets are
arriving before the 3 second (default) timeout?
Yes, we tried that. The access-accept packets aren't arriving at all!
Does it work if you temporarily disable the Simultaneous-Use check?
No, that doesn't work
G'day Ernie,
Can you sniff on the AS5300 and ensure the Access-Accept packets are
arriving before the 3 second (default) timeout?
Yes, we tried that. The access-accept packets aren't arriving at all!
Does it work if you temporarily disable the Simultaneous-Use check?
No, that doesn't work
Hi Ernie,
* Run radiusd -X and check that Access-Accept is being sent, and how
long after the Access-Request this is.
* Verify with tcpdump that the packet is actually getting onto the wire.
* Check for iptables rules/access-lists that might be dropping/rejecting
the packets.
* Make sure
Chad Best [EMAIL PROTECTED] wrote:
rlm_eap: Failed to link EAP-Type/tls: rlm_eap_tls.so: cannot open shared
object file: No such file or directory
radiusd.conf[10]: eap: Module instantiation failed.
The TLS module wasn't built because you don't have OpenSSL
installed. (Or you're running
Stephen Bowman [EMAIL PROTECTED] wrote:
What determines the expire time of a CRL?
No idea... it's an OpenSSL thing.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubscribe? See
Stephen Bowman wrote:
What determines the expire time of a CRL?
I noticed that within the CRL there is a Next Update field.. is this
what it uses?
yes. You will probably want to make sure that you generate and
distribute new CRLs on a schedule that leaves you with enough time to
/log/freeradius/radacct/127.0.0.1/auth-detail-20061106'
rlm_detail:
/var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/freeradius/radacct/127.0.0.1/auth-detail-20061106
modcall[authorize]: module auth_log returns ok for request 0
modcall[authorize]: module
modcall: entering group authorize for request 0
modcall[authorize]: module preprocess returns ok for request 0
radius_xlat:
'/var/log/freeradius/radacct/127.0.0.1/auth-detail-20061106'
rlm_detail:
/var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/freeradius
22 matches
Mail list logo
