I wish I could be very specific here. But I fixed it.
I reinstalled PPP and I looked very close at all its options and the config for
XL2TP and removed every option that wasn't required (didn't break my non-radius
connection). I tried the connection again. Wasn't even talking to radius so I
Bruce Marriner wrote:
> On all examples of setting up FreeRadius with VPN configurations against AD
> they all just say to basicly.. change the radiusd.conf file to turn on mppe
> in the mschap section and setup winbindd so it works. But I read some place
> that I also need EAP or.. PEAP to get
abhishek singh wrote:
> I am using Free radius to perform EAP_TLS negotiations. When we send
> client certificates for validations, does free radius imposes any depth
> on the certification validation. What i mean to say , if the certificate
> is self signed , then certificate will not be accepted
Carl aniams wrote:
> i understood clearly your explanation doing a little litterature(rfc
> 2865 SECTION 4.1) i understood it.
> I'm using a linksys box with dd-wrt and chillispot enable, and i have
> been going round
> i really don't see what brings about CHAP in my client and radius exchange.
> M
Alan,
sorry coming back to you
i understood clearly your explanation doing a little litterature(rfc 2865
SECTION 4.1) i understood it.
I'm using a linksys box with dd-wrt and chillispot enable, and i have been
going round
i really don't see what brings about CHAP in my client and radius exchange.
On Mon 20 Aug 2007, Sayan S wrote:
> Thanks Alan for the quick response.
> I am referring to realm here, as RADIUS support realms, and we are using
> RADIUS to authenticate the users to Linux, so seems like we need to have
> all users contained in the same realm.
>
> Is having username in [EMAIL PR
I am using Free radius to perform EAP_TLS negotiations. When we send client
certificates for validations, does free radius imposes any depth on the
certification validation. What i mean to say , if the certificate is self
signed , then certificate will not be accepted by the Free radius.
If the fr
I am setting up a Linux VPN for Windows clients via L2TP/IPSEC. I had
everything working using basic PPPD chap-secrets authentication via MSCHAPv2
and am trying to add on the Radius part. I’ve read a bunch of how-to’s but
they all seem to be wrote for a different setup or different versions an
Hi all,
Sorry if this question has been answered (I did search the archives and
google to no avail): I have subscribers that connect with 2 realms as the
prefix. How do I strip both and just authenticate locally?
IE: username: realm1/realm2/username or realm1/realm3/username. Realm1
will alwa
Alan DeKok a écrit :
> Guillaume Rousse wrote:
>> If that matters, the whole package, including patches and spec file, are
>> available from the:
>> http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/freeradius/current/
>
> Some of your site-specific patches are problematic. The patch t
Carl aniams wrote:
> I installed freeradius 1.1.6 with mysql for storing users login.
> i created some users through dialup admin page and had their password
> stored in User-password attribute.(i checked in the database select from
> radcheck)
As of 1.1.5, it should be in Cleartext-Password.
Hi Sayan,
I think I have tried this previously, and it was possible (on
Linux/glibc anyway - YMMV with other unices).
TBH, I don't really see the point in using RADIUS when you'll (probably)
want to use LDAP anyway for nss resolution, so you might as well just
use LDAP for PAM.
josh.
> -Or
Hi all
I installed freeradius 1.1.6 with mysql for storing users login.
i created some users through dialup admin page and had their password
stored in User-password attribute.(i checked in the database select from
radcheck)
when i fire up radius in debug i notice that there is a CHAP challenge
Thanks Alan for the quick response.
I am referring to realm here, as RADIUS support realms, and we are using RADIUS
to authenticate the users to Linux, so seems like we need to have all users
contained in the same realm.
Is having username in [EMAIL PROTECTED] form a valid unix format? I was
th
Use:
Auth-Type := reject
From: Kevin J <[EMAIL PROTECTED]>Reply-To: FreeRadius users mailing list To: freeradius-users@lists.freeradius.orgSubject: healthcheck?Date: Thu, 16 Aug 2007 09:40:56 -0700 (PDT)
We want to reject slb health checks immediately. What is the best way to do that?
Sayan S wrote:
> Greetings, I am very new to RADIUS and PAM RADIUS.
> I am trying to configure PAM Radius to authenticate users on a Linux
> host. I would like to know, how to configure PAM Radius to authenticate
> users from different realms, as the current configuration doesn't seem
> to take rea
Hi,
I am testing freeradius with :radclient.
I use sqlcounter module for monthly and add max-monthly-session in users file.
then I send this tests:
radclient -f filename localhost auth testing123
radclient -f filename localhost acct testing123 : with acct-status-type=start
after "max-monthly-seesi
Greetings, I am very new to RADIUS and PAM RADIUS.
I am trying to configure PAM Radius to authenticate users on a Linux host. I
would like to know, how to configure PAM Radius to authenticate users from
different realms, as the current configuration doesn't seem to take realm.
please help me with
Guillaume Rousse wrote:
> If that matters, the whole package, including patches and spec file, are
> available from the:
> http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/freeradius/current/
Some of your site-specific patches are problematic. The patch to
un-comment "/etc/shadow" isn
Fred Zinsli wrote:
> This is a wifi system, so we are using chillispot as a captive portal
> with hotcakes as a manager. Hence when an unautherized user attempts to
> use the network there requests are trapped and they have to logon via a
> web client. Once the user is logged on a small web pa
Alan DeKok a écrit :
> Guillaume Rousse wrote:
>>> Then file a bug with Mandriva. Their package is broken.
>> Maybe you should read my original message again: the bug report is
>> already open, and I'm the guy trying to fix it...
>
> Forgive me for getting large volumes of mail, and not remem
Guillaume Rousse wrote:
>> Then file a bug with Mandriva. Their package is broken.
> Maybe you should read my original message again: the bug report is
> already open, and I'm the guy trying to fix it...
Forgive me for getting large volumes of mail, and not remembering all
of the details of e
This is a wifi system, so we are using chillispot as a captive portal
with hotcakes as a manager. Hence when an unautherized user attempts to
use the network there requests are trapped and they have to logon via a
web client. Once the user is logged on a small web page is left open so
the cli
On Sun 19 Aug 2007, Douglas Lane wrote:
> On 8/19/07, Peter Nixon <[EMAIL PROTECTED]> wrote:
> > On Sun 19 Aug 2007, Douglas Lane wrote:
> > > Hi All,
> > >
> > > I have a little project for a small ISP that I would like to execute,
> > > however, am just wondering about the infrastructure.
> > >
>
Alan DeKok a écrit :
> Guillaume Rousse wrote:
>>> 2007.1? What's that?
>> mandriva 2007.1, the only version where the problem occurs. Both
>> mandriva 2007.0 (previous mandriva version) and cooker (development
>> version) are OK.
>
> Then file a bug with Mandriva. Their package is broken.
M
Fred Zinsli wrote:
> Freeradius starts up properly without errors and the user can logon and
> logout as expected. However, when the screen is presented to the user
> showing the current session details, nothing is updated as expected,
> only thye clock cycles over.
What screen are you talki
Guillaume Rousse wrote:
>> 2007.1? What's that?
> mandriva 2007.1, the only version where the problem occurs. Both
> mandriva 2007.0 (previous mandriva version) and cooker (development
> version) are OK.
Then file a bug with Mandriva. Their package is broken.
When anyone else uses 1.1.7 o
Alex French wrote:
> It can, but it doesn't. Not freeradius.
FreeRADIUS can run radclient. At that point, it's irrelevant whether
or not the code is "internal" to FreeRADIUS. You can make disconnect
messages part of your FreeRADIUS policy: that's the only important thing.
> Look, we can go ba
28 matches
Mail list logo