Alexsander wrote:
how can I could know what kind of error it is?
What part of the error message is unclear?
AD account is ok (I'm using that)
the password works fine when I run ntlm_auth command manually:
ntlm_auth --request-nt-key --domain=REFAP --username=dadfh9
password:
(Success)
Hi,
I guess I just need a RTFM reminder here, but I failed to find something on
first glance:
I would like to set up a rule in 1.1.7 that matches a subnet of
Client-IP-Addresses. I did
DEFAULT Client-IP-Address == 158.64.14.224/28, Proxy-To-Realm := NULL
in acct_users. I used to think it
Stefan Winter wrote:
I would like to set up a rule in 1.1.7 that matches a subnet of
Client-IP-Addresses. I did
DEFAULT Client-IP-Address == 158.64.14.224/28, Proxy-To-Realm := NULL
Nope. There's no ip/mask data type. You've got to use a regular
expression to do the matching.
Maybe
Just for information.
I made a new xen domU radius/ldap server on another Xen dom0 server.
There, it works perfectly with the same configuration. There was a
really big problem on the network of the firt borked domU.
the borked dom0 is a SLES 10
the new dom0 is a SLES 10 SP1
Alan DeKok
DEFAULT Client-IP-Address == 158.64.14.224/28, Proxy-To-Realm := NULL
Nope. There's no ip/mask data type. You've got to use a regular
expression to do the matching.
Ok, using regex matching fixed it. Thanks!
Maybe this can be fixed in unlang in 2.0.
IMHO that would be a good thing.
After much waiting, 2.0.0-pre2 has been released. It contains MAJOR
functionality upgrades from 2.0.0-pre1. The new unlang feature can be
used to easily implement most policies. The virtual server support
makes running complicated configurations much easier than before.
For full details,
Alan T DeKok wrote:
After much waiting, 2.0.0-pre2 has been released. It contains MAJOR
functionality upgrades from 2.0.0-pre1. The new unlang feature can be
used to easily implement most policies. The virtual server support
makes running complicated configurations much easier than before.
On 8/29/07, Alan T DeKok [EMAIL PROTECTED] wrote:
After much waiting, 2.0.0-pre2 has been released. It contains MAJOR
functionality upgrades from 2.0.0-pre1. The new unlang feature can be
used to easily implement most policies. The virtual server support
makes running complicated
ram wrote:
is there any distributed model and failover model available.
iam looking Central one SERVER and other Servers are distributed model.
like client server model
any suggestion on same
Read the documentation in 2.0.0-pre2.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Hi!
I had a problem with radius choking on a failed assertion (probably sth
to do with high load on the server, that is, the physical computer, not
the radius server). As recommended
(https://lists.freeradius.org/pipermail/freeradius-users/2007-August/065179.html),
I upgraded to version 1.1.7,
Alan T DeKok wrote:
ram wrote:
is there any distributed model and failover model available.
iam looking Central one SERVER and other Servers are distributed model.
like client server model
any suggestion on same
Read the documentation in 2.0.0-pre2.
Alan DeKok.
-
List
Hello,
I installed freeradius 1.1.7 on a RedHat 9 system and
after making a few basic changes to configuration
files I tried to test the authentification with a
program called NTRadPing. It doesnt work and gives :
recvfrom() error, last error 10054
The configs I made are:
In the radiusd.conf :
well if u are testing freeradius with NTRADPING then this wat i did some
time back
*add the following in user file*
# Framed-MTU = 1500,
# Framed-Compression = Van-Jacobsen-TCP-IP
###punith added this for testing#
*punith Cleartext-Password := test123
root
Ok, now it works...the problem was that I was sending
to port 1645 instead of 1812 which is supposed to be
the default port.(or I didnt set that port in
radiusd.conf ?)
Response: Access-Accept :D
I still need to make it somehow work with Quintum so
if anyone knows how it's done please give me
Arran Cudbard-Bell wrote:
/usr/local/freeradius-2.0pre2/etc/raddb/radiusd.conf[1572]: Failed to
link to module 'rlm_exec':
dlopen(/usr/local/freeradius-2.0pre2/lib/rlm_exec-2.0.0-pre2.so, 9):
Symbol not found: _debug_flag Referenced from:
Janne Peltonen wrote:
I had a problem with radius choking on a failed assertion (probably sth
to do with high load on the server, that is, the physical computer, not
the radius server). As recommended
(https://lists.freeradius.org/pipermail/freeradius-users/2007-August/065179.html),
I
/radius/radius-MAC/radacct/auth-detail-20070829'
rlm_detail:
/var/log/radius/radius-MAC/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/radius/radius-MAC/radacct//auth-detail-20070829
modcall[authorize]: module auth_log returns ok for request 2
users: Matched entry
Alan T DeKok wrote:
Arran Cudbard-Bell wrote:
/usr/local/freeradius-2.0pre2/etc/raddb/radiusd.conf[1572]: Failed to
link to module 'rlm_exec':
dlopen(/usr/local/freeradius-2.0pre2/lib/rlm_exec-2.0.0-pre2.so, 9):
Symbol not found: _debug_flag Referenced from:
: entering group authorize for request 2
radius_xlat: '/var/log/radius/radius-MAC/radacct/auth-detail-20070829'
rlm_detail:
/var/log/radius/radius-MAC/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/radius/radius-MAC/radacct//auth-detail-20070829
modcall[authorize
On Wed, Aug 29, 2007 at 06:30:33PM +0200, Alan DeKok wrote:
Janne Peltonen wrote:
I had a problem with radius choking on a failed assertion (probably sth
to do with high load on the server, that is, the physical computer, not
the radius server). As recommended
Testing the access via radtest, I get the expected info AFAICT:
rad_recv: Access-Reject packet from host 10.218.212.15:1812, id=24,
length=133
Cisco-AVPair = vpdn:tunnel-type=l2tp
Cisco-AVPair = vpdn:ip-addresses=10.221.1.34
Cisco-AVPair =
Arran Cudbard-Bell wrote:
Alan T DeKok wrote:
Arran Cudbard-Bell wrote:
/usr/local/freeradius-2.0pre2/etc/raddb/radiusd.conf[1572]: Failed to
link to module 'rlm_exec':
dlopen(/usr/local/freeradius-2.0pre2/lib/rlm_exec-2.0.0-pre2.so, 9):
Symbol not found: _debug_flag Referenced from:
Hello,
I need to configure freeradius to make accounting with
Quintum. Where do I start ? What do I need to know in
order to do that ?
I already installed and tested version 1.1.7 and have
a mysql or pgsql server but I dont know what steps to
take yet.
What structure should the tables in the
You can't disable radutmp in sql.conf. You change session database
from radutmp to sql in radiusd.conf.
Ivan Kalik
Kalik Informatika ISP
Dana 28/8/2007, Michael Ziemann [EMAIL PROTECTED] piše:
Hi Guys!
I've another problem ...
When I enter radwho, it displays user1, user2 and user3 ...
But
Arran Cudbard-Bell wrote:
Alan T DeKok wrote:
Arran Cudbard-Bell wrote:
/usr/local/freeradius-2.0pre2/etc/raddb/radiusd.conf[1572]: Failed to
link to module 'rlm_exec':
dlopen(/usr/local/freeradius-2.0pre2/lib/rlm_exec-2.0.0-pre2.so, 9):
Symbol not found: _debug_flag Referenced from:
Hi,
...Because you have to have at least one site in sites-enabled else the
server has nothing to do...
yep - the server should ship with an 'exaple' or defauly' entry...but
if you have copied over old config etc then it wouldnt be there...i'd guess
a 'no enabled sites, you want me to do
Hi,
Has anyone come across decent EAP testing suite for Darwin ?
I know WPA_Supplicant has eapol_test , but it refuses to compile :(
Thanks,
Arran
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
1 - but freeradius don't prints out any message using ntlm_auth
(except this one: mschap: ntlm_auth =
/usr/bin/ntlm_auth...%{ntdomain} ...)
2 - the windows machine already on the network and logged on (with my
username), i'm just swap swtch port that this machine is connected -
swapping between
On 8/29/07, Pretty Woman [EMAIL PROTECTED] wrote:
Hello,
I need to configure freeradius to make accounting with
Quintum. Where do I start ? What do I need to know in
order to do that ?
I already installed and tested version 1.1.7 and have
a mysql or pgsql server but I dont know what steps
On Wed 29 Aug 2007, Alan T DeKok wrote:
After much waiting, 2.0.0-pre2 has been released. It contains MAJOR
functionality upgrades from 2.0.0-pre1. The new unlang feature can be
used to easily implement most policies. The virtual server support
makes running complicated configurations
Estimados, alguno de ustedes me puede ayudar a saber en que parte del
código de freeradius puedo ver información sobre las alarmas SNMP que se
envían?
Gracias.
Saludos.
--
---
Claudio Enrique González Argote
Service Application Plus.
Departamento de
Hi everyone,
a bit irrelevant but i am looking for a client with a GUI to test my
freeradius server. Something that can actually show me responses et
cetera. Is there anything like this around?
regards
George
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 8/29/07, George Beitis [EMAIL PROTECTED] wrote:
Hi everyone,
a bit irrelevant but i am looking for a client with a GUI to test my
freeradius server. Something that can actually show me responses et
cetera. Is there anything like this around?
NTRadPing is pretty nice for testing
I have more info.. I turned on debugging on the Radius Server and this is what
I saw..
EAP-Message = 0x03030004
Message-Authenticator = 0x
State = 0x4432dbd90b6b53254567784c2809c028
rad_recv: Access-Request packet from host 10.0.x.x:1645, id=195,
Hi everyone
I have a problem. I set up freeradius to use a local ldap server to
authenticate a user. When i say authenticate i mean check if the user
is there, check their password, and accept or reject them. When i do
such an authentication i get a message from freeradius saying that user
is
Richard Elder wrote:
I have more info.. I turned on debugging on the Radius Server and this
is what I saw..
...
rlm_eap: Either EAP-request timed out OR EAP-response to an unknown
EAP-request
The supplicant is broken.
But then I use a newer wireless NIC, and it works perfectly..
shrug
Janne Peltonen wrote:
I restarted the server, didn't HUP. And the assertion failure appeared
in the dead of the night (admittedly, there was a small load peak on the
server that runs radius).
Hmm... OK.
For now, I have a cron job that starts a dead server up again. I'll look
at 2.0.0 when
[EMAIL PROTECTED] wrote:
yep - the server should ship with an 'exaple' or defauly' entry...but
if you have copied over old config etc then it wouldnt be there...i'd guess
a 'no enabled sites, you want me to do something?' error message
might be more useful
Which it does when I simply
Alexsander wrote:
1 - but freeradius don't prints out any message using ntlm_auth
(except this one: mschap: ntlm_auth =
/usr/bin/ntlm_auth...%{ntdomain} ...)
Are you sure you're running a recent version? It SHOULD be printing
out the entire ntlm_auth command.
2 - the windows machine
On Thu, Aug 30, 2007 at 06:07:39AM +0200, Alan DeKok wrote:
For now, I have a cron job that starts a dead server up again. I'll look
at 2.0.0 when it's no longer at -pre ;)
sigh The whole point of issuing pre-releases is so that problems
are found before the official release.
That's
40 matches
Mail list logo