Queenie de Melo wrote:
When I use windows as my suplicant, I do not get all the optioons
supported by my AP.
The AP does not support *any* EAP types. EAP types are supported
*only* by the supplicant.
But In case I RightClick on the wireless connection in the Network
connections, and goto
Jouni Malinen wrote:
The following RFC 3580 Chapter 2.1 text is one reason for hostapd behavipr:
Hmm... OK.
As far as I can tell, that is describing multiple re-authentications
for a single RADIUS session. Should the Supplicant decide to change
its identity (e.g., switch between user and
User goa connects and when he turns machine off, new user
host/filteria(his machine name) appears.
Maybe the problems is inside hostapd(which I can't find), but I
don't understand why host/filteria is updated with goa info.
Hello
That is the same what i have seen (with vista and windows xp
Hi,
I got the same issue and I solved it modifying the file :
/usr/local/etc/raddb/radiusd.conf
I replaced the line :
db_dir = $(raddbdir)
By :
db_dir = ${raddbdir}
I use freeRadius 2.0.5 on a freeBSD 6.3
[EMAIL PROTECTED] a crit:
Message: 2
Date: Thu, 13 Nov 2008 18:21:17 -0500
Alan DeKok wrote:
Jouni Malinen wrote:
The following RFC 3580 Chapter 2.1 text is one reason for hostapd behavipr:
Hmm... OK.
As far as I can tell, that is describing multiple re-authentications
for a single RADIUS session. Should the Supplicant decide to change
its identity (e.g., switch
Hi,
I am running FreeRADIUS Version 1.1.7 for host i386-redhat-linux-gnu and I
have finally managed to get it to work. I use Allied Telesyn routers and
used SSH to authenticate to it. To get a more flexible method I decided to
go to Radius authentication, using the passwd of the server in wich
Just to be sure, all EAP types require the radius server to have a
certificate right?
and this certificate, i.e. it's parent needs to be installed in the
supplicants, right?
--
damjan | дамјан
This is my jabber ID -- [EMAIL PROTECTED]
-- not my mail address, it's a Jabber ID --^ :)
-
Jouni Malinen wrote:
The exact behavior here depends on the definition of session. From
hostapd viewpoint, IEEE 802.11 association is the session and there is
nothing that would prevent the Supplicant from changing its identity
string (User-Name in RADIUS) during the re-association if an EAPOL
On Fri, Nov 14, 2008 at 1:41 AM, [EMAIL PROTECTED] wrote:
b. The authorizations are changed as a result of a successful
re-authentication. In this case, the Service Unavailable (15)
termination cause is used. For accounting purposes, the portion
of the session after the
Hello
I'm trying to use the ippool for wlan users. But without success.
I now get tis error: [main_pool] Could not find Pool-Name attribute .
And I have no idea why.
The logile can be read at:
http://pastebin.com/m50a78a30
Thanks for every help.
robbe
--
View this message in context:
Then move reply attributes to a different DEFAULT entry:
DEFAULT Auth-Type = System
Fall-Through = yes
DEFAULT Group = whatever
Service-Type = whatever
Ivan Kalik
Kalik Informatika ISP
Dana 14/11/2008, Artur Rodrigues [EMAIL PROTECTED] piše:
Hi,
I am
I am upgrading an old machine to a newer version of FreeRadius and i am
having a few problems.
on old system the user file was similar to:
user1 Password=whatever
user2 Password=kdkdkd
etc
I hae ried to copy this idea over to the new version along with the old
You have not enabled the module which is supposed to provide Pool-Name
from the configuration in inner-tunnel. But forget that. AP is going to
use DHCP to assign IP address and will ignore Framed-IP-Address.
Ivan Kalik
Kalik Informatika ISP
Dana 14/11/2008, robbe [EMAIL PROTECTED] piše:
Hello
Change use_tunneled_reply to yes in peap section of eap.conf.
Ivan Kalik
Kalik Informatika ISP
Dana 14/11/2008, Tod A. Sandman [EMAIL PROTECTED] piše:
Ivan Kalik wrote:
Why don't you map that in ldap.attrmap?
Thanks so much. I removed all LDAP settings from users, and I have
TTLS-PAP
I am upgrading an old machine to a newer version of FreeRadius and i am
having a few problems.
on old system the user file was similar to:
user1 Password=whatever
user2 Password=kdkdkd
etc
I hae ried to copy this idea over to the new version along with the old
Hello,
I'm running FreeRADIUS on a shiny-new CentOS 5.2 machine.
I'm trying to figure out how to configure FreeRADIUS to authenticate against an
OpenLDAP server using MSCHAPv2. I Googled a lot of different phrases, and came
up with some things that were mildly helpful. Right now, I have
I'm running FreeRADIUS on a shiny-new CentOS 5.2 machine.
I'm trying to figure out how to configure FreeRADIUS to authenticate against
an OpenLDAP server using MSCHAPv2. I Googled a lot of different phrases, and
came up with some things that were mildly helpful. Right now, I have
FreeRADIUS
There is nothing to do. It's already active
in default configuration.
Really? Because the default config seems to want to use ntlm_auth to
authenticate mschapv2 users, which is a samba helper designed to authenticate a
user against a samba server, not an OpenLDAP server.
I'm thinking what I
There is nothing to do. It's already active
in default configuration.
Really? Because the default config seems to want to use ntlm_auth to
authenticate mschapv2 users, which is a samba helper designed to authenticate
a user against a samba server, not an OpenLDAP server.
ntlm_auth line is
ntlm_auth line is commented out by default.
Ok, I see that.
From what I understand, MSCHAPv2 needs access to the unencrypted user
password, and OpenLDAP doesn't offer that. I'm guessing I'll have to add an
unencrypted password field to the LDAP server to make this work, but that's
not been
Hostapd should not change. The supplicants that change Identity in
the middle of a session need to be fixed.
I've tried with Ubuntu machine and it's doing things as expected so I can
keep tracking users login time and bandwidth(although sometimes there are no
User-Request inside Termination
We seek to take advantage of FreeRadius 2.0.5's ability to run multiple
virtual servers.
All our other servers are working except one, which has a complex
authentication.
As a stand-alone configuration this looks as follows:
##
Thank you. I'll try it out.
2008/11/14 [EMAIL PROTECTED]
Then move reply attributes to a different DEFAULT entry:
DEFAULT Auth-Type = System
Fall-Through = yes
DEFAULT Group = whatever
Service-Type = whatever
Ivan Kalik
Kalik Informatika ISP
Dana
ntlm_auth line is commented out by default.
Ok, I see that.
From what I understand, MSCHAPv2 needs access to the unencrypted user
password, and OpenLDAP doesn't offer that. I'm guessing I'll have to add an
unencrypted password field to the LDAP server to make this work, but that's
not been
And so much more (peap is misconfigured, as is ldap,
mschap auth type is gone, there is nothing to get
the password from ...). That will not work.
I have fixed that; the copy that I sent you was indeed broken. I can now
authenticate using standard (non-MSCHAP) authentication against the LDAP
Wow, had to look at that for a while before I spotted the difference.
Mine, however, already uses {}, so that's not it either. Thanks though.
-Ted-
Romain Mercier wrote:
Hi,
I got the same issue and I solved it modifying the file :
/usr/local/etc/raddb/radiusd.conf
I replaced the line :
Tim Gustafson wrote:
I have fixed that; the copy that I sent you was indeed broken. I can now
authenticate using standard (non-MSCHAP) authentication against the LDAP
server. I haven't been able to get the radeapclient program working yet - it
keeps crashing with an error that apparently
SOLVED: Found the problem. Its the dreaded SELinux. Its tripping over
one of the policies.
Ted Lum wrote:
Wow, had to look at that for a while before I spotted the difference.
Mine, however, already uses {}, so that's not it either. Thanks though.
-Ted-
Romain Mercier wrote:
Hi,
I got the
Dear All,
Kndly help with the following setup:
SETUP;
wifi client (Windows-XPservice pack 2) - AP
--- freeradius-2.1.1 on red hat fedora-9
auth type:PEAP-EAP-MD5
wpa-enterprise (external Radius Server)
user: client
password
29 matches
Mail list logo