Apostolos Pantsiopoulos wrote:
I asked this question to the freeswitch mailing list and they responded
with :
Don't do that. The dictionary is for use with the radiusclient
library. FreeRADIUS already includes a dictionary for FreeSWITCH VSAs (
you may need to uncomment it to have it
t...@kalik.net a écrit :
i use the perl example supplied with freeradius for authenticate my
user.
modules {
perl {
module = /etc/raddb/Test-Auth.pl
func_accounting = accounting
func_authenticate = authenticate
func_authorize =
On Tue, Jan 27, 2009 at 9:51 AM, hege hegedus.ga...@euroway.hu wrote:
Hi
I have installed the freeradius 2.1.3 from source, and
and get this error, on first start:
radiusd: error while loading shared libraries:
libfreeradius-radius-2.1.3.so: cannot open shared object file: No such file
or
Hello,
have trouble with freeradius and snmp.
Freeradius log in debug mode:
...
SMUX connect try 1
SMUX SMUX open oid: 1.3.6.1.4.1.11344.1.1.1
SMUX open progname: radiusd
SMUX open password: x
SMUX SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
SMUX register priority: -1
SMUX register operation: 1
Am Dienstag, 27. Januar 2009 13:27:11 schrieb Freeradius Mail List:
Hello,
have trouble with freeradius and snmp.
Freeradius log in debug mode:
...
SMUX connect try 1
SMUX SMUX open oid: 1.3.6.1.4.1.11344.1.1.1
SMUX open progname: radiusd
SMUX open password: x
SMUX SMUX register oid:
thanks for your return. I have added:
$RAD_REPLY{'Framed-IP-Address'} = 10.218.6.1;
return RLM_MODULE_OK;
but no change, he use the pool included into the cisco ASA (10.218.4.5)
a error of me ?
Do a debug (radiusd -X) and see did the attribute
Hi
I have installed the freeradius 2.1.3 from source, and
and get this error, on first start:
radiusd: error while loading shared libraries:
libfreeradius-radius-2.1.3.so: cannot open shared object file: No such
file or directory
what is the problem.
Gabor
-
List info/subscribe/unsubscribe?
Hello,
we are using freeradius 2.1.1 on suse linux enterprise server 10.
We have different Network Access Servers, which are located in different
locations. The users, which login to this NAS, will be assigned an ip-address
by the sqlippool-module.
I read a lot of the documentation and tried
hello for all!
I've configured freeradius to work with 802.x connection, everything
working well but rlm_mschap expanding user name and domain
host/host123.domain.com to:
username - host123$
domain - domain (without .com)
in ntlm_auth i have no correct domain name (without .com) so i've
added
Josh Hiner wrote:
I have a Ruckus ZoneDirector 1025 with waps that I just installed.
Testing out different EAP types I can use. I am using FreeRadius 2.1.3.
I have eap-ttls and eap-peapv0 working perfectly (I am using windows to
control the wireless card for peap and it works great). Was going
Whoops, I thought I solved this but I didnt. I tried setting up eap-tls
on a few different laptops each using windows xp to configure eap-tls
(not the wireless card client). I get the same results there. I have
nothing in my /etc/raddb/users file. I tried putting:
josh Auth-Type := eap
We have different Network Access Servers, which are located in different
locations. The users, which login to this NAS, will be assigned an ip-address
by the sqlippool-module.
I read a lot of the documentation and tried a lot of different things, but i
don't know, how to configure the
hello for all!
I've configured freeradius to work with 802.x connection, everything
working well but rlm_mschap expanding user name and domain
host/host123.domain.com to:
username - host123$
domain - domain (without .com)
in ntlm_auth i have no correct domain name (without .com) so i've
added
t...@kalik.net a écrit :
thanks for your return. I have added:
$RAD_REPLY{'Framed-IP-Address'} = 10.218.6.1;
return RLM_MODULE_OK;
but no change, he use the pool included into the cisco ASA (10.218.4.5)
a error of me ?
Do a debug (radiusd
Josh Hiner wrote:
t...@kalik.net wrote:
Whoops, I thought I solved this but I didnt. I tried setting up eap-tls
on a few different laptops each using windows xp to configure eap-tls
(not the wireless card client). I get the same results there. I have
nothing in my /etc/raddb/users file. I tried
thanks but nope:
rlm_mschap: Unknown expansion string Domain-Name
i'm using freeradius: FreeRADIUS Version 2.0.5, for host x86_64-pc-linux-gnu
in other hands it is possible to get this to work together with
domain\user and host/host123.domain.com ?
regards!
2009/1/27 t...@kalik.net:
hello
t...@kalik.net wrote:
Whoops, I thought I solved this but I didnt. I tried setting up eap-tls
on a few different laptops each using windows xp to configure eap-tls
(not the wireless card client). I get the same results there. I have
nothing in my /etc/raddb/users file. I tried putting:
josh
Your perl script changes this:
rlm_perl: Added pair Framed-IP-Address = 10.218.4.120
into this (use IP pool on the NAS):
rlm_perl: Added pair Framed-IP-Address = 255.255.255.254
I don't see this:
$RAD_REPLY{'Framed-IP-Address'} = 10.218.6.1;
at all. Fix your script.
Ivan Kalik
Kalik
thanks but nope:
rlm_mschap: Unknown expansion string Domain-Name
Sorry it's NT-Domain:
--domain=%{NT-Domain}
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I did find the Makefile. Thanks! I tried to do a make caclient.pem but
it threw this error:
openssl req -new -out caclient.csr -keyout caclient.key -config
../client.cnf
Generating a 2048 bit RSA private key
+++
+++
writing new private key to 'caclient.key'
-
openssl ca
t...@kalik.net a écrit :
Your perl script changes this:
rlm_perl: Added pair Framed-IP-Address = 10.218.4.120
into this (use IP pool on the NAS):
rlm_perl: Added pair Framed-IP-Address = 255.255.255.254
I don't see this:
$RAD_REPLY{'Framed-IP-Address'} = 10.218.6.1;
at
Original Message
Subject:Re: eap-ttls failing
Date: Tue, 27 Jan 2009 11:58:54 -0500
From: Josh Hiner j...@remc1.org
To: Josh Hiner j...@remc1.org
References: o6ukdvry.1233065929.9664600@kalik.net
497f230b.1050...@remc1.org 497f237c.7020...@remc1.org
Ok, made new client cert and now it shows valid and displays Provides
your identity to a remote Computer as the intended purpose and on the
Details tab displays the correct info etc... The Certification Path
displays valid. Still same problem though (exact same problem) of just
sitting there at
sorry, i have change my script for test into the pool:
$RAD_REPLY{'Framed-IP-Address'} = 10.218.4.120;
$RAD_REPLY{'Framed-IP-Netmask'} = 255.255.255.0;
return RLM_MODULE_OK;
OK. That's in sub authorize.
i don't know why i
Hello,
I'm running 2.0.4 on Debian testing. I have a test setup in which I'm
proxying access requests between two virtual servers running inside
the same daemon:
radtest --- [ virtual server A ---(proxy)--- virtual server B ]
Proxing is triggered using the rlm_realm module and all
t...@kalik.net wrote:
Ok, made new client cert and now it shows valid and displays Provides
your identity to a remote Computer as the intended purpose and on the
Details tab displays the correct info etc... The Certification Path
displays valid. Still same problem though (exact same problem) of
Hi list.
I want to know if I can handle VLAN's on file policies and create a
conditions with Calling-Station-Id
this should be make after the authentication with user and pass.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ok, made new client cert and now it shows valid and displays Provides
your identity to a remote Computer as the intended purpose and on the
Details tab displays the correct info etc... The Certification Path
displays valid.
But windows was unable to find a certificate to log you on
..
I want to know if I can handle VLAN's on file policies and create a
conditions with Calling-Station-Id
Can you explain in more detail. Give some examples.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
t...@kalik.net wrote:
Ok, made new client cert and now it shows valid and displays Provides
your identity to a remote Computer as the intended purpose and on the
Details tab displays the correct info etc... The Certification Path
displays valid.
But windows was unable to find a
Good day!
So, I try to INSERT (unlang) data into my sql table;
I made in site-enable/default something like this:
if ( Service-Type == Framed-User ) {
if ( %{sqlauth: INSERT into MYTAB VALUES ('1','2','3','4')} ) {
ok
}
}
and it does not work
Tue Jan 27 23:06:32 2009 :
Hey,
To allow authentication of different realms for 2 different databases
the setup for the authentication
is quite straight forward with the Autz-Type directive as follows:
authenticate {
...
Autz-Type SQL_EXAMPLE2 {
sql_example2
}
...
}
Although the same trick wouldn't work for the
We are setting up freeradius 2.1.3.
We have set read_groups = no in the sql.conf file
Then no matter what we have fall-through attribute set to in radreply table
in sql in nver even queries the group reply table.
I have found references to this problem before but with no fix.
All
Ivan Kalik t...@kalik.net wrote:
We are currently using EAP-TLS authentication with FreeRADIUS at the place
where I work right now. Management would like to be able to restrict the
use
of a given certificate for this authentication to specific MAC addresses.
In
other words, for
Yes the cert is there, does report the correct oid etc.. etc.. Attached
is the client certificate I am using. I even went into the configuration
and made it so XP asks me to select my certificate manually. I select
the certificate manually and it still gives the same error as above
(Error in
/*
* sql xlat function. Right now only SELECTs are supported. Only
* the first element of the SELECT result will be used.
*/
Oh, I am really very interested in INSERT sql. Please, tell me, Is this
right? Can I insert or update any data into my DB? Can I use another way
for INSERT
To allow authentication of different realms for 2 different databases
the setup for the authentication
is quite straight forward with the Autz-Type directive as follows:
authenticate {
Autz-Type SQL_EXAMPLE2 {
sql_example2
}
}
Although the same trick wouldn't work for the
So how would I do the same thing for a certificate instead of a username?
Ther will be a username in EAP-TLS request too.
From everything that I have been able to read, the user name in a EAP-TLS
request should come from the CN value of the certificate. Does this
sound correct?
I haven't
Thanks Ivan,
That works just fine.
On Wed, Jan 28, 2009 at 12:24 AM, t...@kalik.net wrote:
To allow authentication of different realms for 2 different databases
the setup for the authentication
is quite straight forward with the Autz-Type directive as follows:
authenticate {
Autz-Type
We have set read_groups = no in the sql.conf file
Then no matter what we have fall-through attribute set to in radreply table
in sql in nver even queries the group reply table.
It works for me. Post the debug for the same user with read_groups set to
yes and set to no.
Ivan Kalik
Kalik
Does anyone have experience in including freeRADIUS in their project, just like
including openSSL in a project?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
I’m just a novice user trying to help you. How do you want to use FreeRADIUS?
Your questions sound to me as you’re trying to use FreeRADIUS like an external
library?
Please be more specific.
Regards,
Robert.
_
From:
Ok at least I know it does work.
I will post the debug tommorrow.
But in the mean time can you confirm what the exact attribute you have in
your rad reply table is?
- Original Message -
From: t...@kalik.net
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent:
On Tue, 2009-01-27 at 23:05 +0100, t...@kalik.net wrote:
Yes the cert is there, does report the correct oid etc.. etc.. Attached
is the client certificate I am using. I even went into the configuration
and made it so XP asks me to select my certificate manually. I select
the certificate
On Tue, 2009-01-27 at 21:08 -0500, Josh Hiner wrote:
On Tue, 2009-01-27 at 23:05 +0100, t...@kalik.net wrote:
Yes the cert is there, does report the correct oid etc.. etc.. Attached
is the client certificate I am using. I even went into the configuration
and made it so XP asks me to select
Both the LDAP authentication and proxying to RSA are working properly. To get
the two working together I have tried changing the response for the LDAP auth
from Access-Accept to Access-Challenge if the request comes from the correct
NAS-IP.
if(NAS-IP-Address == 10.0.0.1){
Good day!
Thank you for your reply.
I try to add prepaid system to my equipment.
In this case when quota is reached, equipment sends Access-Request with
quota comsumed and I need to store this data in sql. But. Unfortunately,
I must think about how many on-line customers send quota to sql in
47 matches
Mail list logo