Dear
Find freeradius + Mysql document on my website
http://geocities.com/satish_patel_2000_2000/
Satish Patel
Alan DeKok [EMAIL PROTECTED] wrote: DESEtech - German P. Santillan wrote:
But I don´t hace records in radacct Table. What is the problem?
See the FAQ. Is the server
Dear
First check your radiusd -X debug log and find mysql connectivity
debug if there any problem regarding connection ??? then check radius.conf
file there is accounting option and put sql key word in it and u can also find
some document on my website
Peter Nixon wrote:
I just checked out OpenID and it seems like a great way to allow the entire
world to spam your wiki! At least with the current system people have to go
You're misunderstanding the intended use. The idea *is* that you sign up
by submitting your ID and waiting for it to be
Hi,
* Apache
* Freeradius
* Chillispot
* Mysql
though note that captive portals are easy to mitigate/spoof and circumvent
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Therein lies the problem. My potential users are a lot of my students.
The idea of having to install certificates in 200+ laptops is not really
feasible. And showing them how to install is an exercise in futility,
since most of our students are not computer savvy enough to do it.
you
Dear
U have to specifiy lib directory or lib directory path in install
option ./configure --help
Satish patel
tzieleniewski [EMAIL PROTECTED] wrote: Hi!
I trying to set up freeradius not in the stadnard directory I would like to
have it installed in the directory specifiedby
Alan DeKok wrote:
Evan Vittitow wrote:
I think a large part of my problem is the creation of a Certificate
authority.
Why? See the various 802.1x howto's (pointed to from freeradius.org
the wiki) for how to create certificates for the server.
Its very possible, that said
Evan Vittitow wrote:
Alan DeKok wrote:
Evan Vittitow wrote:
I think a large part of my problem is the creation of a Certificate
authority.
Why? See the various 802.1x howto's (pointed to from freeradius.org
the wiki) for how to create certificates for the server.
Its very
Phil Mayers napisał(a):
Assuming you want the most common EAP type, PEAP/MS-CHAP, your LDAP
server must contain the users plaintext password or NT/LM hash, and you
must configure FreeRadius to extract this information and add it to the
configure items for a given request.
Hi,
Can you
Rafał Kamiński wrote:
Phil Mayers napisał(a):
Assuming you want the most common EAP type, PEAP/MS-CHAP, your LDAP
server must contain the users plaintext password or NT/LM hash, and you
must configure FreeRadius to extract this information and add it to the
configure items for a given request.
checkItemUser-PasswordclearPassword
HI,
I set in ldap.attrmap
checkItem User-Password userPassword
because my admin say me that password in ldap schema is set by userPassword
in authorize and auth. i have:
authorize {
preprocess
chap
On Mon, January 22, 2007 11:28 pm, David Wood wrote:
This is an rcorder thing - you may find man 8 rcorder and the output of:
rcorder /etc/rc.d/* /usr/local/etc/rc.d/*
interesting.
I probably need to add extra entries to the REQUIRE line of
/usr/local/etc/rc.d/radiusd when some of the
Rafał Kamiński wrote:
because my admin say me that password in ldap schema is set by userPassword
Your users don't seem to have passwords in LDAP.
And why debug mode still write:
Auth: Login incorrect: [rka/no User-Password attribute] (from
client
linksys port 61 cli
Markus Krause wrote:
i found out that if i am doing local proxying (by setting authhost =
LOCAL in proxy.conf)
That's NOT local proxying. It's a hack for telling the server that
the realm exists, and it's authoritative.
the section post-proxy, which contains
attr_filter, is _not_
liran tal wrote:
Is it possible to set the expiration attribute to be of an offset type?
No. Because something has to remember when the offset started.
Say I set an offset of +30 days, and the user logins for the first time
only 6 months from now. So once he
login'ed once then the counter
Jan 23 10:32:46 radius freeradius[6262]: rlm_unix: [mjones]: invalid
password
Jan 23 10:32:46 radius freeradius[6262]: Login incorrect: [mjones/xx]
(from client 192.8.137.103 port 0)
Jan 23 10:32:46 radius freeradius[6260]: Login incorrect: [kjrumble/xx]
(from client 192.8.136.106 port
As some of you may know, RSA SecurID servers now support RADIUS. The
Auth Manager comes with the Funk RADIUS sever embedded into it, and
supports a number of auth types, including EAP-OTP as well as the usual
types such as CHAP.
Is it possible to front end this type of server with FreeRADIUS, so
Rafał Kamiński wrote:
checkItemUser-PasswordclearPassword
HI,
I set in ldap.attrmap
checkItem User-Password userPassword
because my admin say me that password in ldap schema is set by userPassword
Maybe. But your radius server isn't finding it.
I currently use SecurID as the auth back-end for a AAA system utilizing
Radius and TACACS+, both with the native linux PAM agent (as opposed to
integrating with the FUNK (now Juniper) daemon).
I found it easier to troubleshoot if only native SecurID auth requests
were coming into the servers and
I have attached the doc to this post, I have tested this setup tens of
times and will work if followed correctly. If you have any further
queries please email me.
Tas.
Agent Smith wrote:
I am interested. Please post the doc.
Thakns,
--- Tas Dionisakos [EMAIL PROTECTED] wrote:
Im in a
Please elaborate on how the system can be circumvented?
Tas.
[EMAIL PROTECTED] wrote:
Hi,
* Apache
* Freeradius
* Chillispot
* Mysql
though note that captive portals are easy to mitigate/spoof and circumvent
alan
-
List info/subscribe/unsubscribe? See
I frontend our secureID server with FR. but that is
only doing PAP. The way I do this is radius proxy whre
the FR is running on the same box different port.
I don't understand what you are trying to do here. If
a user tried to authenticate you want the PIN to
authenticate on radius? and the
Hi Alan,
thanks for your answer!
Zitat von Alan DeKok [EMAIL PROTECTED]:
Markus Krause wrote:
i found out that if i am doing local proxying (by setting authhost =
LOCAL in proxy.conf)
That's NOT local proxying. It's a hack for telling the server that
the realm exists, and it's
I have the following sql in my sql conf file and this is working.
My only gripe is if there is no info provided then what gets placed in the
log. It appears in the case of User-Password that a default of Chap-Password
is entered as per below.
Does anyone have a list of attributes I can log on
Cory Robson wrote:
I have the following sql in my sql conf file and this is working.
My only gripe is if there is no info provided then what gets placed in the
log. It appears in the case of User-Password that a default of Chap-Password
is entered as per below.
G'day Cory,
In CHAP, the
://www.deakin.edu.au
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
__ NOD32 2000 (20070123) Information __
This message was checked by NOD32 antivirus system.
http://www.eset.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
Hi,
Sorry if the questions have been asked. I have done a lot of searches,
but could not find the answer.
Normally, I proxy a PEAP request whenever the realm is unknown to us
(i.e. using the DEFAULT realm without stripping user name). However, for
some SSIDs, I want requests to be handled
(I'll bite to save Alan the déjà vu)
An attacker sets up a captive portal system that looks exactly the same as
yours (spoof). Users can't distinguish between the two captive portals, and so
some users inevitably enter their credentials into the spoof portal. These
credentials can be used by
Cory Robson wrote:
Does anyone have a list of attributes I can log on failed attempts and the
structure for the SQL statement.
No, because the list of attributes depends on what the NAS sends, and
on your local configuration.
Some modules add Module-Message, but not all do.
Eg
Lai Fu Keung wrote:
Normally, I proxy a PEAP request whenever the realm is unknown to us
(i.e. using the DEFAULT realm without stripping user name). However, for
some SSIDs, I want requests to be handled locally with ldap, independent
of what the realm is (and with the user name stripped).
30 matches
Mail list logo
