Tseveendorj wrote:
I didn't know where is the problem.
Neither do I. You haven't posted the debug output, as suggested in
the FAQ, README, INSTALL, man page, and daily on this list.
Really appreciate help on it more detailed.
Did you follow the instructions in the file
I m use db and nas alive/iterium-update packets and rlm_perl scripts.
- Original Message -
From: Alan DeKok al...@deployingradius.com
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Thursday, April 16, 2009 12:02 PM
Subject: Re: how to disable double
Hello!
I've already asked about the very same problem with tagged attributes
and rlm_perl in FreeRADIUS 1.1.7, and Ivan Kalik t...@kalik.net told
me that he tested it on 2.1.4, so I've upgraded to new version:
FreeRADIUS Version 2.1.4, for host i386-portbld-freebsd7.1, built on
Apr 16 2009 at
Another one log file with $RAD_REPLY{'ERX-Service-Activate:2'} =
deny; uncommented attached (crash was not related to freeradius
initially).
On Thu, Apr 16, 2009 at 12:31 PM, Alexandr Kovalenko
alexandr.kovale...@gmail.com wrote:
Hello!
I've already asked about the very same problem with
On Thu, Apr 16, 2009 at 1:34 PM, Alan DeKok al...@deployingradius.com wrote:
Alexandr Kovalenko wrote:
I've already asked about the very same problem with tagged attributes
and rlm_perl in FreeRADIUS 1.1.7, and Ivan Kalik t...@kalik.net told
me that he tested it on 2.1.4, so I've upgraded to
Alexandr Kovalenko wrote:
I've already asked about the very same problem with tagged attributes
and rlm_perl in FreeRADIUS 1.1.7, and Ivan Kalik t...@kalik.net told
me that he tested it on 2.1.4, so I've upgraded to new version:
It doesn't support tagged attributes, either. The source code
Yes, that would be great. One perl interpreter
per freeradius thread, that is. And I suppose the
CLONE function would work again as expected (i.e. each
freeradius thread would have its own perl interpreter and
each script relaying on this interpreter would have its
own connection to the DB). And
dearl list all..don't know how to thanks to you to reply my email and answer my
quest. and sorry for to much question.:Di've run this commandradiusd -X but it
return this
The program 'radiusd' can be found in the following packages: *
radiusd-livingston * yardradius * xtradiusTry: apt-get
I'm using Freeradius to control the access to my Mikrotik APs. In the radius
database I've put at the radcheck table all the mac-addresses of my clients.
When I put accept as a value, the clients connects immediately, but when I
put reject the clients that are connected do not disconnect. I have
From my point of view we should have pool of perl clones per each
module instance.
This way we could have multiple perl instances (each with its own perl
script to run).
Limiting on perl clone or interp per server thread will limit the
multiple instances feature of rlm_perl.
Again playing
Good morning ,
Our organization is trying to set Wireless Users authentication via AD
with Radius in between. The reason for Ext. and Int. Radius based on
our security group recommendations.
I've installed freeradius-1.1.3 from RedHat . It's up on both Ext and
Int boxes. I was able to run
On Thu, Apr 16, 2009 at 09:41:21AM -0400, Podlazov, Lev wrote:
Good morning ,
Our organization is trying to set Wireless Users authentication via AD
with Radius in between. The reason for Ext. and Int. Radius based on
our security group recommendations.
I've installed freeradius-1.1.3
This is the only one officially offered by Redhat for Redhat 5 i386 we
are using .
-Original Message-
From: freeradius-users-bounces+lpodlazov=imf@lists.freeradius.org
[mailto:freeradius-users-bounces+lpodlazov=imf@lists.freeradius.org]
On Behalf Of Kenneth Marshall
Sent:
Podlazov, Lev wrote:
This is the only one officially offered by Redhat for Redhat 5 i386 we
are using .
I've installed freeradius-1.1.3 from RedHat .
Wow, I would really recommend using the latest 2.x release or if you
absolutely have to use 1.x use version 1.1.7. The 2.x is much easier
Being able to verify the mac against the ldap database is the best scenario,
the mysql database we are using for accounting only. I added:
DEFAULT User-Name =~ ([0-9a-fA-F]{2}:){5}[0-9a-fA-F]
Auth-Type := Accept
to the users file, but I am still see it setting auth type to ldap after
I m Ok that the whole point of using a smart card is that we can't extract
keys..
I learned that OPENSSL using the API pkcs#11 must communication with a
middleware called openSC that really comunicate with the card..
the problem is that opensc, do not understand the structure of card if it is
non
team howto disable
nas-port, nas-port-type,nas-identifier, called-station-id,
calling-station-id, i would like to use only username, user-password,
nas-ip-address
2009-04-16 20:55:13,614 ERROR [net.jradius.log.BaseRadiusLog] - Problem:
Request Missing: NAS-Port, NAS-Port-Type, NAS-Identifier,
James Devine wrote:
Being able to verify the mac against the ldap database is the best
scenario, the mysql database we are using for accounting only. I added:
DEFAULT User-Name =~ ([0-9a-fA-F]{2}:){5}[0-9a-fA-F]
Auth-Type := Accept
If you really put that into the users file, you
I can't seem to find anything concrete online for freeradius1 relating to
groupOfNames, so I've just been trying random things that I found online
(for raddb/users) hoping one would work.
RELEVANT CONFIGS (only relevant portions, comments removed)
raddb/sites-enabled/default:
authorize {
Access-Accept returns only IP address. Why it gives only ip address?
That user is not in the sql group that gets the avpair.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Doesnt it makes sense of overwriting user atributes to group attributes.
So I can set group specific attributes and some user specific attributes
for a certain user too?
It does but code doesn't work for := operator. In case of that operator
group overrides the user value. In case of = user
Boian Jordanov wrote:
From my point of view we should have pool of perl clones per each
module instance.
Yes.
This way we could have multiple perl instances (each with its own perl
script to run).
Yes.
Limiting on perl clone or interp per server thread will limit the
multiple
Alexandr Kovalenko wrote:
Then I have few questions:
1. How could this be that it worked in 1.1.7 (but only 1st auth
attempt, all further didn't, until restart)?
shrug Look at the code. I don't want to debug it.
2. Is there any work-in-progress project on adding support for tagged
Alan DeKok wrote:
Boian Jordanov wrote:
From my point of view we should have pool of perl clones per each
module instance.
Yes.
This way we could have multiple perl instances (each with its own perl
script to run).
Yes.
Limiting on perl clone or interp per server thread will limit
I hope this implementation will satisfy Borislav too. Will he be
able to
instantiate different perl scripts for different needs?
So, when do I start testing :)
Hi,
Yes, being able to instantiate and use several rlm_perl instances with
different scripts to take care of different
Borislav Dimitrov wrote:
Sacrificing the *_clones flexibility for lower memory footprint, better
performance and more importantly code is certainly worth doing it, if
people are still able to have multiple rlm_perl instances.
If we update the module to have one Perl thread per system thread,
I have installed :
radiusd: FreeRADIUS Version 2.1.3, for host i386-portbld-freebsd7.1,
built on Feb 26 2009 at 15:47:46
I have not been able figure out how to get it to log failed
authentication attempts
into the radpostauth sql table, like I had it working in Version 1.
--
Guy Fraser
Ivan,
Thank you so much! Perhaps you misunderstood my intention of saying
relevant portions of the configs - this isn't *everything* in the
config, just everything related to LDAP.
Regardless, I just removed all of what I'd added to users and added that
construct to authorize{} in my default
28 matches
Mail list logo