Re: RLM-EAP-MD5 compilation problem

Andre Dieball wrote: > I¹m trying to build a rpm for my CentOS 5.2 system. Everything worked fine > the first time, but I need to do it again, as I need to include some special > rlm-eap-md5 src files in order to make my freeradius to work with Kobil > SecOvid (something similar to RSA SecureID).

Re: R: Logging level

Arrigo Savio wrote: > radmin> set > ERROR: You do not have write permission. > > Where can I specify this permission? Read the example configuration file in raddb/sites-available/control-socket. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

AW: RLM-EAP-MD5 compilation problem

hi Stephen I've seen it. Just check the src of the original 1.x, the 2.x and the modified version and have seen differences apart from some path setting, not sure what they do. I'll need to wait until the developer gets back to me :-( Thanks Andre -Ursprüngliche Nachricht- Von: [EMAI

Re: RLM-EAP-MD5 compilation problem

On Mon, Sep 29, 2008 at 2:44 PM, Andre Dieball <[EMAIL PROTECTED]>wrote: > > Hi Stephen > > the files mentioned are not in the list of file (not even in the package) > which I need to copy to the freeradius sources, which leads me to the > thought, that they might haven been part of freeradius 1.x

AW: RLM-EAP-MD5 compilation problem

Hi Stephen the files mentioned are not in the list of file (not even in the package) which I need to copy to the freeradius sources, which leads me to the thought, that they might haven been part of freeradius 1.x but not available in 2.x anymore, that's why I'm asking Andre -Ursprünglic

Re: RLM-EAP-MD5 compilation problem

On Mon, Sep 29, 2008 at 1:46 PM, Stephen Bowman <[EMAIL PROTECTED]> wrote: > > >> rlm_eap_md5.c:24:22: error: autoconf.h: No such file or directory >> rlm_eap_md5.c:31:24: error: rad_assert.h: No such file or directory >> >> >> > First, fix your paths/includes to resolve those dependencies. Then

Re: RLM-EAP-MD5 compilation problem

> > rlm_eap_md5.c:24:22: error: autoconf.h: No such file or directory > rlm_eap_md5.c:31:24: error: rad_assert.h: No such file or directory > > > First, fix your paths/includes to resolve those dependencies. Then see what can't link. Also, compile against 2.1.1 (it won't fix this, but it's better

Re: Reject from SQL when user is in users file

On Mon, 2008-09-29 at 17:48 +0100, [EMAIL PROTECTED] wrote: > If you would bother to post the debug (radiusd -X) as suggested in RADME, > FAQ, configuration files and almost daily on this list, there would be > no need for guessing. I won't waste any more of your time. The actual authentication w

Re: Reject from SQL when user is in users file

If you would bother to post the debug (radiusd -X) as suggested in RADME, FAQ, configuration files and almost daily on this list, there would be no need for guessing. Ivan Kalik Kalik Informatika ISP Dana 29/9/2008, "Karl Auer" <[EMAIL PROTECTED]> piše: >On Mon, 2008-09-29 at 17:17 +0100, [EMAI

RLM-EAP-MD5 compilation problem

Hi there I¹m trying to build a rpm for my CentOS 5.2 system. Everything worked fine the first time, but I need to do it again, as I need to include some special rlm-eap-md5 src files in order to make my freeradius to work with Kobil SecOvid (something similar to RSA SecureID). When I start to com

Re: Reject from SQL when user is in users file

On Mon, 2008-09-29 at 17:17 +0100, [EMAIL PROTECTED] wrote: > >My question is: Is this to be expected? Does a failure in SQL somehow > >override the entry in the users file? > > Most likely. Do you know or are you guessing? I do want to get SQL working, but on the principle that I should change

Re: Accounting table in MS-CHAP session

++[logintime] returns noop >[pap] Found existing Auth-Type, not changing it. >++[pap] returns noop >Found Auth-Type = MSCHAP >+- entering group MS-CHAP {...} >[mschap] Told to do MS-CHAPv2 for wifi with NT-Password >[mschap] adding MS-CHAPv2 MPPE keys >++[mschap] returns ok >

Re: Reject from SQL when user is in users file

>My question is: Is this to be expected? Does a failure in SQL somehow >override the entry in the users file? Most likely. Run in debug mode and you will see something like "SQL query error; rejecting user" and sql module will fail. If your sql is not working - don't list it. Ivan Kalik Kalik Inf

Accounting table in MS-CHAP session

ost-auth {...} [reply_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d -> /var/log/radius/radacct/10.0.4.223/reply-detail-20080929 [reply_log] /var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d expands to /var/log/radius/radacct/10.0.4.223/reply-deta

MySQL tables for 2.1.1

Hi all. This is the third of my three questions. The second one solved itself (I read the docs - again). 2.1.1 is installed and running it as root, with the user "radius" and the group "radius" have been specified as the user and group in radiusd.conf. I've had to fix permissions on about ten fi

Reject from SQL when user is in users file

Anyway, this is the first of three *actual* questions. I have just set up freeradius 2.1.1. I have an entry in the users file, and when I use radtest, I get the expected correct answers back from the radius server. Then I added "sql" to the default authorize, accounting and post-auth sections in

Re: 2.1.1 - radiusd.sock - permission denied

John Dennis wrote: I have opened the following bugzilla to request the SELinux policy be updated to allow for the new unix domain socket: https://bugzilla.redhat.com/show_bug.cgi?id=464199 This bug has now been fixed and closed, available in selinux-policy-3.5.9-2.fc10 -- John Dennis <[EMAI

Re: Problem with freeradius.org website

On Mon, 2008-09-29 at 16:11 +0200, Leander S. wrote: > I don't face this kind of problems ether. I'm located in Germany close > to Stuttgart ... The problem you face has something to do with you're > internet provider. Thank you all for your swift diagnoses of problems at my end :-) If I went t

R: Logging level

Good. I upgraded to 2.1.1 and I successfully tried the debug_level option. I have a problem with radmin. I configured the listening socket and ran the program. I can run all the "show" commands, but if I try any "set", I receive the error: radmin> set ERROR: You do not have write permission. Whe

Re: Problem with freeradius.org website

Hi Michael I don't face this kind of problems ether. I'm located in Germany close to Stuttgart ... The problem you face has something to do with you're internet provider. Similar things happend to me several times in the US&A with SBC Global or how ever the provider was called again .. and als

Re: Problem with freeradius.org website

Karl Auer wrote: > Is anyone else experiencing problems with the freeradius.org website? Must be a local routing thing. > I'm new to freeradius, so maybe this is normal for the site, but I'm > getting massive waits (minutes) generally ending in timeouts. Both the > addresses are pingable. > > T

Re: Problem with freeradius.org website

Am Montag, 29. September 2008 15:50 schrieb Karl Auer: > Is anyone else experiencing problems with the freeradius.org website? > > I'm new to freeradius, so maybe this is normal for the site, but I'm > getting massive waits (minutes) generally ending in timeouts. Both the > addresses are pingable.

Problem with freeradius.org website

Is anyone else experiencing problems with the freeradius.org website? I'm new to freeradius, so maybe this is normal for the site, but I'm getting massive waits (minutes) generally ending in timeouts. Both the addresses are pingable. The Wiki is OK, it's just the website at freeradius.org. Regar

Re: SLM248G switch

Tomislav Goluza wrote: > On Access Request sentI get no response. I checked with Wireshark and > when I send Access Request I get ICMP(Destination Host Unreachable). Well... that's a routing layer problem. It's not a RADIUS problem. When you fix the routing layer so that you no longer get th

Re: SLM248G switch

I have freeradius properly configured and running. Tried to test it locally with NTRadPing test utility. On Access Request sentI get no response. I checked with Wireshark and when I send Access Request I get ICMP(Destination Host Unreachable). Tomislav 2008/9/29 <[EMAIL PROTECTED]> > Either the

Re: SLM248G switch

Either there is a firewall or you have a little green radius packet eater in your wiring. Let loose the Wireshark to hunt it down. Ivan Kalik Kalik Informatika ISP Dana 29/9/2008, "David Blackman" <[EMAIL PROTECTED]> piše: > > >[EMAIL PROTECTED] wrote: > If requests are not reaching t

RE: Auth-Type question!

You had the answer what to do in freeradius to set up jradius Auth-Type and how to force it. Ask on JRadius list how do you use it for authentication. Ivan Kalik Kalik Informatika ISP Dana 29/9/2008, "Jelena Žagar" <[EMAIL PROTECTED]> piše: >The point is that I do not want to FreeRadius do that

Re: SLM248G switch

[EMAIL PROTECTED] wrote: If requests are not reaching the server you have a firewall/routing issue. I assume that the radius server IP address is correct in switch configuration. Yes, and the ipfw is not running Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http

RE: Auth-Type question!

The point is that I do not want to FreeRadius do that but jRadius because I am familiar with Java programming. The Jradius code must access one web service and one of its method to see whether the combination of username and one-time-password is correct one. If the combination is valid and if all

Re: SLM248G switch

>The server is starting up. Here is the output. > So: >>If requests are not >> reaching the server you have a firewall/routing issue. I assume that the radius server IP address is correct in switch configuration. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://w

RE: Auth-Type question!

>I put the next line: > Auth-Type := Accept >Inside the users.conf file, but it does not do anything. DEFAULT Auth-Type := Accept As JRadius documentation suggests *don't* use it to authenticate (set Auth-Type). Pass the password to Freeradius and let it do the work. Ivan Kalik Kalik Inf

RE: Auth-Type question!

I found on their site how it must be done, but as you can see it does not work what I had in mind. What I must do in order to allow every radius request to be accepted in the authenticate module. I put the next line: Auth-Type := Accept Inside the users.conf file, but it does not do anythin

Re: SLM248G switch

[EMAIL PROTECTED] wrote: I do not see any output from the Freeradius server running radiusd -X. - What? You type radiusd -X and nothing happens or you see server startup but no request reaches the server after that. If requests are not reaching the server you have a firewall/routing i

Re: SLM248G switch

>> I do not see any output from the Freeradius server running radiusd -X. >> - What? You type radiusd -X and nothing happens or you see server startup but no request reaches the server after that. If requests are not reaching the server you have a firewall/routing issue. Ivan Kalik Kalik

Re: SLM248G switch

Stephen Bowman wrote: On Fri, Sep 26, 2008 at 3:05 PM, David Blackman <[EMAIL PROTECTED] > wrote: I have purchased a Linksys SLM248G switch that has 802.1x support. I am new to radius server and would like to use this switch to authenticate ports for

Re: Auth-Type question!

>What else must be done in order for FreeRadius to >recognize auth-type when it is set >inside the Radius request. > Don't add it to the request. It's a configuration item. See JRadius documentation how to add attributes to the appropriate list (request, reply, configuration). Ivan Kalik Kalik I

Re: Logging level

Arrigo Savio wrote: > Hi everybody. I installed Freeradius 2.1.0 on a Fedora 9 server. I suggest using 2.1.1, which was released last week. > I'm trying to understand if is it possible to set the logging level in > radius.log log file. Where can I set up a "radius -X like" level also in > radiu

Logging level

Hi everybody. I installed Freeradius 2.1.0 on a Fedora 9 server. I'm trying to understand if is it possible to set the logging level in radius.log log file. Where can I set up a "radius -X like" level also in radius.log file? Is it eventually possible to change this level "on the fly"? I mean with

Re: Freeradius free zone/content accounting

islouis wrote: Is there any way i can distinguish the traffic couting base on ip or LAN/WAN in freeradius? Or is there any NAS can do this? Your nas should do this. You can do this with Cisco ISG, for example. Or, on linux - http://sourceforge.net/project/showfiles.php?group_id=115151&pack

Re: Not real account stop records ,

On Mon, 2008-09-29 at 05:49 +0200, AHMED KHIDR wrote: > Hi All > > Any one have an Idea about this problem , > > > > I changed the account priodic update in my NASes to be 25 Min , and > all works good except > > > when a session starts , > I found in Acc Start time : 2008-09-28 03:58:56