After I read the attached post, I have a doubt: if I use a MySQL DB to manage freeradius service, how can Ifix specific atributes to all users of a determined realm?
From:"Jóhann B. Guðmundsson" [EMAIL PROTECTED]Reply-To:FreeRadius users mailing list
Hi guys,
Just to let all of you know..
I try the Expiration attribute today and it working find. The NAS used is
Chillispot (ChilliSpot inside of WRT54GS).
The Expiration attribute inserted into radcheck table with op ==
the expiration will block an account since the date put into value field.
PD wrote:
I am using FR 1.1.4 build from FBSD port
do I need to load the module ?
No. If it's not in 1.1.5, it's not in any prior version, either.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List
Hi Alan and list,
I downloaded yesterday the freeradius-1.1.5 via cvs:
cvs -d :pserver:[EMAIL PROTECTED]:/source checkout -r
branch_1_1 radiusd
After downloading:
cd /radiusd
./configure
make
make install
Compilation produced no error.
I think the same too... cause expiration is not the new attribute.
The expiration attribute itself working fine, the only problem is no
explanation to user when the system reject him/her.
CMIIW
PD
On 3/14/2007, Alan DeKok [EMAIL PROTECTED] wrote:
PD wrote:
I am using FR 1.1.4 build from FBSD
Nobody can help me?
-
Romain Mercier - Technicien réseau et sécurité
Université d'Angers - CRI Service Systèmes Réseaux
40 rue de Rennes
49035 Angers Cedex - France
_
De :
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
ius.org] De la part de Romain Mercier
Envoyé : mardi 13
Did you set the reply message in radiusd.conf?
#
# The expiration module. This handles the Expiration attribute
# It should be included in the *end* of the authorize section
# in order to handle user Expiration. It should also be included
# in the instantiate
PD wrote:
I think the same too... cause expiration is not the new attribute.
The expiration attribute itself working fine, the only problem is no
explanation to user when the system reject him/her.
You can edit the code to produce the message, or run the CVS head.
Alan DeKok.
--
I use freeradius for authentication of pppoe wifi.
I need to make new sql query in a table with a list of mac-address, if
the CallingStationId will be equal to the some mac-adress of the table
then will not have to be connected.
A system of mac-adress blacklist.
I tried to make adding one query
use huntgroups:
ohnoyouwont Calling-Station-ID == whatever
SQL-Group == suspended
where suspended is a group with Auth-Type reject.
Ivan Kalik
Kalik Informatika ISP
Dana 14/3/2007, Jean Carlos Oliveira Guandalini
[EMAIL PROTECTED] piše:
I use freeradius for
Dear All,
I successfully used freeradius-1.0.5 on our RedHat 7.3 system for a couple
years to authenticate wireless and VPN clients. I decided to upgrade to the
version 1.1.5 to enable the wireless connection on a few Windows Vista
clients.
I downloaded the source freeradius-1.1.5.tar.gz and
Hi,
clients to work, included the Vista clients) but then invariably it crashed.
Apparently, (from the various logs attached) it always crashed after the
configuration reload, but it is not evident if immedialtely after the reload
or some time later.
are you 'HUP'ing the server at those
Note: forwarded message attached.
$ cat ~/satish/url.txt
System administrator ( Data Center )
please visit this site
http://linux.tulipit.com
-
Heres a new way to find what you're looking for - Yahoo! Answers
Hi Alan,
no, many crashed were spontaneus (I do not know the internals of radiusd, but
from time to time It reloads, maybe as response to a passwd file changed or
so). Then I tried to send an HUP signal, after the server authenticated some
clients, and few seconds (20-40) later the server
[EMAIL PROTECTED] wrote:
are you 'HUP'ing the server at those times to reload the config? I
too have noticed change in behaviour with 1.1.5 regarding HUP of
the server. 1.1.4 was fine, but a HUP on 1.1.5 can kill the process
1.1.4 was fine by accident... see bugs.freeradius.org. A HUP can
On Tue, 13 Mar 2007 13:15:52 -0500 Alan DeKok
[EMAIL PROTECTED] wrote:
Sam Schultz wrote:
This should be solvable by adding something like
'User-Name = %{User-Name}' to the DEFAULT entries in the users
file,
correct?
Yes.
One of my users file DEFAULT entries look like this:
DEFAULT
-Message d'origine-
De :
[EMAIL PROTECTED]
radius.org
[mailto:[EMAIL PROTECTED]
sts.freeradius.org] De la part de Sam Schultz
Envoyé : mercredi 14 mars 2007 17:13
À : freeradius-users@lists.freeradius.org
Objet : Re: EAP-TTLS outer identity accounting
On Tue, 13 Mar
Hi All,
I have a quick question on the shortname attribute for
clients: must it be unique among all clients?
Thanks in advance for your answers
Geoff.
___
Découvrez une nouvelle façon
I did not explain correctly.
I have a table in database with mac-adress registered, when the user
connect, radius makes a verification in this table(on database)
comparing mac-address of the user with mac-address registered in the
database, if the mac-adress of user contain in the table(on
On Wed, 14 Mar 2007 11:25:20 -0500 Thibault Le Meur
[EMAIL PROTECTED] wrote:
-Message d'origine-
De :
[EMAIL PROTECTED]
radius.org
[mailto:[EMAIL PROTECTED]
sts.freeradius.org] De la part de Sam Schultz
Envoyé : mercredi 14 mars 2007 17:13
À :
Alan, Ivan,
Thanks! Between both of your comments, I was able to put two and
two together and get both modules working. I would never have
guessed that one needs to create the groups in the passwd module. It
simply isn't intuitive to use the passwd module for doing this. One
would
Hi,
We're using FreeRadius to authenticating our wireless users (who's
credentials are stored in LDAP). But we'd also like to use it to
authenticate a select few users who need access to our networking gear. Our
networking gear is setup to do this, but I'm not sure how to set this up in
Tim Tyler wrote:
Alan, Ivan,
Thanks! Between both of your comments, I was able to put two and
two together and get both modules working. I would never have
guessed that one needs to create the groups in the passwd module. It
simply isn't intuitive to use the passwd module for doing
Geoffroy Arnoud wrote:
Hi All,
I have a quick question on the shortname attribute for
clients: must it be unique among all clients?
Nope. It's just used for printing. i.e. look up client by IP... if
there's a short name, print it, else print the full name or IP
Alan DeKok.
--
Dario Palmisano wrote:
no, many crashed were spontaneus (I do not know the internals of radiusd, but
from time to time It reloads, maybe as response to a passwd file changed or
so). Then I tried to send an HUP signal, after the server authenticated some
clients, and few seconds (20-40)
Matt Ashfield wrote:
We're using FreeRadius to authenticating our wireless users (who's
credentials are stored in LDAP). But we'd also like to use it to
authenticate a select few users who need access to our networking gear. Our
networking gear is setup to do this, but I'm not sure how to set
Ok, the users file it is! Thanks!
I guess I was hoping for a link to an example of some sort. Because the user
who would be given access is not explicitly defined in the users file (the
users is defined in LDAP), I'm not sure how to setup a rule for that person.
Thanks again,
Cheers
Matt
Hello,
I was working on a solution for having round-robin LNS repartition with
Freeradius. Since I must replace several parameters and they must match
against each other (the Tunnel-Server-Auth-Id name must match the
Tunnel-Server-Endpoint IP), I had trouble with using an external script
Jean Carlos Oliveira Guandalini ha scritto:
I did not explain correctly.
I have a table in database with mac-adress registered, when the user
connect, radius makes a verification in this table(on database)
comparing mac-address of the user with mac-address registered in the
database, if the
I did understand you well. We have the same thing, only with access phone
numbers (mainly spammers) as Calling-Station-ID's that we want to ban.
We also keep them in a table so they can be searched easily when someone
calls and asks why can't I connect when I have time on my account?
but in order
Hi,
Does FreeRADIUS support Level 15 authentication for Cisco PIX?
Regards,
Norman Zhang
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
An entry like:
DEFAULT Realm == test, Autz-Type := sql-test
User-Name = %{User-Name}
does add a new User-Name attribute with the proper value, but I
need a
way to delete the anonymous@ entry still, because I Access-Accepts
like
this:
Sending Access-Accept of id 134 to
Hi Alan,
I downloaded the freeradius-1.1.5 via cvs and compiled it on 14-03-2007
21:51 but i still have the same problem. I tried to compile
freeradius-1.1.3 and i got the same out after radiusd -X. What do you
suggest me to do?
Thanks for you help and your quick replies
On Wed, 2007-03-14
Well... I can see on the source code (auth.c) that FR send the reply.
static int check_expiration(REQUEST *request)
{
VALUE_PAIR *check_item;
VALUE_PAIR *vp;
check_item = pairfind(request-config_items, PW_EXPIRATION);
if (!check_item) return 0;
/*
On Wed, 2007-03-14 at 16:08 -0300, Matt Ashfield wrote:
Ok, the users file it is! Thanks!
I guess I was hoping for a link to an example of some sort. Because the user
who would be given access is not explicitly defined in the users file (the
users is defined in LDAP), I'm not sure how to
35 matches
Mail list logo
