> seconds runs through its hoop, but never processes anything like it had
> nothing to do
Do you mean: the server never gets anything? Then maybe radrelay is blocked on
an intermediate firewall? If the packets get lost en-route, you have to look
there...
In any case, actually *sending* us the *
Randy Evans wrote:
> Newbie Warning!!!
> I'm new to this community, however I am a quick study. I found
> some resources online about this very issue but wasn't able to get a
> resolution. Please clarify for me:
>
>
>
> The step below: Does this go in radiusd.conf as well?
no
>
> The
Newbie Warning!!!
I'm new to this community, however I am a quick study. I found some
resources online about this very issue but wasn't able to get a resolution.
Please clarify for me:
The step below: Does this go in radiusd.conf as well?
attr_rewrite blank_password {
a
Cody Jarrett wrote:
> I originally had "Default Auth-type := pam" but I removed that. Users
> are stored in an ldap database and I am basically trying to get radius
> to use pam for auth info, is this wrong? I don't understand how radius
> will use pam if I don't specify it somewhere.
You canno
[EMAIL PROTECTED] wrote:
> And where is your user/pass stored? It's not in users file and I don't
> see any database configured.
>
> Ivan Kalik
> Kalik Informatika ISP
>
>
> Dana 18/6/2007, "Cody Jarrett" <[EMAIL PROTECTED]> piše:
>
>
>> Oh, I had "Default auth-type := pam" in users. I removed t
And where is your user/pass stored? It's not in users file and I don't
see any database configured.
Ivan Kalik
Kalik Informatika ISP
Dana 18/6/2007, "Cody Jarrett" <[EMAIL PROTECTED]> piše:
>Oh, I had "Default auth-type := pam" in users. I removed that line and
>get a much longer debug output
Oh, I had "Default auth-type := pam" in users. I removed that line and
get a much longer debug output when I try to connect with the xp machine
to the wireless. radtest fails with this message "auth: No authenticate
method (Auth-Type) configuration found for the request: Rejecting the
user. I h
You are forcing Auth-Type PAM and doing EAP. Where is Auth-Type coming
from? One of the DEFAULT entries? Don't set Auth-Type! Let the server
swich to one that's needed.
Ivan Kalik
Kalik Informatika ISP
Dana 18/6/2007, "Cody Jarrett" <[EMAIL PROTECTED]> piše:
>Sorry, 10.1.22.10 is the ip of my 3
Sorry, 10.1.22.10 is the ip of my 3com.
rad_recv: Access-Request packet from host 10.1.22.10:2458, id=0, length=185
Message-Authenticator = 0xb0ba1aec817dfd6ab3fc3b0e49fb1125
Service-Type = Framed-User
User-Name = "cjarrett"
Framed-MTU = 1488
Called-Sta
On Monday 18 June 2007 16:31:37 Cody Jarrett wrote:
> I found a few topics on this issue but nothing quite informative enough.
> I'm trying to get freeradius auth working with pam and peap. When I test
> my config with radtest, I get Access-accept. When I use a windows XP
> supplicant with a 3com a
I found a few topics on this issue but nothing quite informative enough.
I'm trying to get freeradius auth working with pam and peap. When I test
my config with radtest, I get Access-accept. When I use a windows XP
supplicant with a 3com access point, I get:
rlm_pam: Attribute "User-Password" i
Mark J Elkins wrote:
> This gives (in radiusd -X) the debug warning message of
>
> WARNING: Attempt to use unknown xlat function, or non-existent attribute
> in string %{Telkom-Access-Type}
>
> So how do I correctly access and use this value
See doc/variables.txt, which explains how to
My telcom incumberant allows me to authenticate my clients on his
network - providing me with both ADSL and Dialup facilities - which I
then sell on to my clients. I need to be able to distinguish between
these two different service types. My telco sends
%{Telkom-Access-Type} and when I (fo
Alan Dekok <[EMAIL PROTECTED]> said
> Yes. For simplicity:
>
> $ script valgrind.log
> $ valgrind radiusd -xxx
> ...
> $
> $ exit
Okie Dokie. I was going to use --log-file witrh valgrind, but 'script'
works. Done.
So far the only errors I'm seeing are these:
==29820== Thread 2:
==29820==
Hi,
Is the "read_groups" configuration paramter reading strings
intentionally removed from rlm_sql.c? Why?
Let me suggest a patch:
*** rlm_sql.c.orig 2007-05-15 14:10:35.0 +0400
--- rlm_sql.c 2007-06-18 19:46:59.0 +0400
***
*** 57,62
--- 57,64
I tried running both in debug, and basically only thing happening is the info
is going into the
combined file on the server that took the request but radrelay running in the
debug mode on that same server
about ever 50 seconds runs through its hoop, but never processes anything like
it had n
Jeff wrote:
...
> The combined detail work file is created on the two servers and each appear
> to write to it ok.
>
> But they aren't transferring with one another
What *are* they doing? You can run the radrelay *and* server in
debugging mode, to see what is going on.
If you're not doing
I have Freeradius installed on two opensuse 10.2 servers
Running Freeradius 1.16
I am running radrelay on the two too keep the detail files in sync
(New Setup)
The combined detail work file is created on the two servers and each appear to
write to it ok.
But they aren't transferring with one
Read provided instructions in eap.conf.
Ivan Kalik
Kalik Informatika ISP
Dana 18/6/2007, "Cody Jarrett" <[EMAIL PROTECTED]> piše:
>Alan Dekok wrote:
>> Cody Jarrett wrote:
>>
>>> I'm trying to setup freeradius with ldap for use with a wireless
>>> network. I don't want to have to deal with tls
Alan Dekok wrote:
Cody Jarrett wrote:
I'm trying to setup freeradius with ldap for use with a wireless
network. I don't want to have to deal with tls and certificates if
possible,
Then you won't be doing PEAP. It requires TLS and certificates.
Is what I want possible then? And i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Reimer Karlsen-Masur, DFN-CERT wrote:
> Hi!
>
> By commenting the CA_file parameter in the eap->tls section:
>
> # CA_file = ${raddbdir}/certs/trusted-ca-cert-list.pem
>
> *and*
>
> by setting CA_path parameter in the eap->tls section to an *empty*
Hi all,
I have a problem with pam_radius_auth-module, maybe someone can help me.
The situation:
I am running freeradius 1.1.6 and installed the pam_radius_auth-Module
In the file /etc/pam.d/sshd I inserted the line
Auth required pam_radius_auth.so
like it is described in the docu of freeradius
Arran Cudbard-Bell wrote:
>...
> Tailing } breaks sql queries.
>
> Thing that breaks it is the alternate value declaration for
> Calling-Station-Id.
It's a bug in the CVS head. I've committed a fix.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.ht
update request {
Supplicant-Flags = "%{sql_clients:SELECT
EXPORT_SET(master.supplicant_flags,'1','0','',10) FROM `master` WHERE
master.hw_address = '%{Calling-Station-Id:-null}' LIMIT 0,1}"
}
is parsed as
SELECT EXPORT_SET(master.supplicant_flags,'1','0','',10) FROM `master`
WHERE
Milan Holub wrote:
> If you check the timeline we've received conclicting packet after
> 0.000696 sec. Which I think was a duplicate packet due to some network
> problem. Packet 11920 was in the middle of processing(finished writing
> into detail file, but not yet written to database). Segmentation
Hi!
By commenting the CA_file parameter in the eap->tls section:
# CA_file = ${raddbdir}/certs/trusted-ca-cert-list.pem
*and*
by setting CA_path parameter in the eap->tls section to an *empty* directory
CA_path = ${raddbdir}/certs/trustedCAs
should do the trick.
No trusted CAs mean no truste
Cody Jarrett wrote:
> I'm trying to setup freeradius with ldap for use with a wireless
> network. I don't want to have to deal with tls and certificates if
> possible,
Then you won't be doing PEAP. It requires TLS and certificates.
...
> rlm_eap: Unable to load EAP-Type/peap, as EAP-Type/TLS
> rlm_eap: Unable to load EAP-Type/peap, as EAP-Type/TLS is
> required first.
You need to uncomment the tls section in eap.conf, even if yoo're not
intending to use EAP-TLS.
josh.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Felipe Ceglia - PY1NB wrote:
> Running 1.1.6 now. Crypt-Local works ok now.
In 1.1.6, you don't have to do that.
> I would like to know if it is possible to have both User-Password and
> Crypt-Local Auth-Types for sql users.
No. Stop trying to set Auth-Type. It's not necessary.
In 1.1
Arran Cudbard-Bell wrote:
> It's fine so long as you don't do a make install :)
>
> Alan D is on it, i'm sure it'll be fixed in a couple of days ..
It's fixed.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List i
Sam Schultz wrote:
> I was just wondering if the bug from this post has been fixed since 1.1.6:
>
> "Re: EAP-TTLS outer identity & accounting"
No. It should be fixed before 1.1.7 is released, though.
I'm not sure what changed, or why it's broken.
Alan DeKok.
--
http://deployingradius.c
31 matches
Mail list logo