Tseveendorj wrote:
Sorry for bothering you. Have a nice day.
I've never understood why people buy equipment from a vendor, and then
ask for for support on this list.
It's OK to ask other people about experience with *undocumented*
features of a product. i.e. incompatibilities, experiences,
Ivan,
There is no change in that values, if I increase the max database
connections. So I think it might be a problem, that there are not enough
requests produced from the radclient(s) aprox 800 per minute.
Could that be?
Yes. Database will start coming into play with some 100 requests per
Uwe Kastens wrote:
OK, thats strange. One radclient only generates 15 requests per sec in
my tests - and causes load on the system. The 100 requests per sec were
statefull or fire and forget without parsing the answer?
What arguments are you using for radperf? -n doesn't really work.
-p
On Apr 22, 2009, at 7:25 PM, Borislav Dimitrov wrote:
On 22.04.2009, at 13:23, Alan DeKok wrote:
Apostolos Pantsiopoulos wrote:
If any changes are to be made to the current
implementation to support multiple interpreters (one per thread)
would they show up in a 2.1.x release or a future one
What arguments are you using for radperf? -n doesn't really work.
-p will send requests as fast as the server can handle them, but no
faster. So if oyu're using -p 10, and only seeing 15 pps, it's
because the server can handle only 15 pps.
Ok. RTFM is sometimes helpfull. I am using
Alan DeKok a écrit :
Matthieu Lazaro wrote:
rlm_ldap manual covers the options to use with the ldap module like
server , tls binding, basic filters, etc... not how to use extended
ldap attributes based on the content of the RADIUS-LDAPv3.schema.
Exactly. It describes how the
Matthieu Lazaro wrote:
OK, so tell me where to implement complex policies?
I've been trying.
You need to write down what you have (in RADIUS packets, LDAP, etc.).
You need to write down what you want (contents of reply packets,
behaviors, etc.). You then need to write down a process for
Alan DeKok a écrit :
Matthieu Lazaro wrote:
OK, so tell me where to implement complex policies?
I've been trying.
You need to write down what you have (in RADIUS packets, LDAP, etc.).
You need to write down what you want (contents of reply packets,
behaviors, etc.). You
hi
i have installed freeradius version 1.0.3 on windows xp.
any body have resource to generate certificates on windows.
thanks,
mitul modi
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
And finally, can you say that when a dumb users plugs in the wrong VLAN,
like a admin VLAN, I cannot deny him or put him automatically in the
right VLAN with radius?
If he can plug into a switch and get access to admin VLAN it's network
admin that is dumb, not the user. If your switch
I try to ask my questions more precisely:
* what are the radius ldap attributes meant for? Is only for accounting
or can we use them for something else?
They can be used for authorization as well. You put them in your
Access-Accept packet (reply) and if your switch supports those attributes
I was running freeradius 2.0.5 on my Centos 5.2 server
using rlm_perl. When I upgraded to 5.3 I get :
rlm_perl: perl_parse failed: /billing/bin/billing.pl not found or has
syntax errors.
I googled it and found that this may be caused by libperl.so not being
linked properly or Data::Dumper
i have installed freeradius version 1.0.3 on windows xp.
any body have resource to generate certificates on windows.
1.0.3 will not work with Vista. It might not work with XP SP3 either. You
have 1.1.7 on freeradius.net that will. It supports most basic things +
mysql.
You can't generate
It was a cifs problem.
The script was being shared by a samba server and
after the upgrade I got : Setuid/gid script is writable by world.
And this made radius to fail.
I moved the script locally and it works.
Apostolos Pantsiopoulos wrote:
I was running freeradius 2.0.5 on my Centos 5.2 server
I was running freeradius 2.0.5 on my Centos 5.2 server
using rlm_perl. When I upgraded to 5.3 I get :
rlm_perl: perl_parse failed: /billing/bin/billing.pl not found or has
syntax errors.
I googled it and found that this may be caused by libperl.so not being
linked properly or Data::Dumper
Matthieu Lazaro wrote:
I think we didn't understand each other and this is probably because my
questions are not clear enough because I have such precise idea of what
I want radius to do.
I disagree that that is the cause of the confusion.
I should have explained the problem the other way
Alan DeKok al...@deployingradius.com wrote:
Tseveendorj wrote:
Sorry for bothering you. Have a nice day.
I've never understood why people buy equipment from a vendor, and then
ask for for support on this list.
Not just this list, don't worry. The wn.arg[1] mailing lists are much
the
t...@kalik.net a écrit :
I try to ask my questions more precisely:
* what are the radius ldap attributes meant for? Is only for accounting
or can we use them for something else?
They can be used for authorization as well. You put them in your
Access-Accept packet (reply) and if your
I am now trying to figure how to have the replyItem in my accept-accept
message.
Just map appropriate attributes in ldap.attrmap as replyItem. I can see
tunnel attributes in default ldap.attrmap in stable branch now, so that
will be there in future. For PEAP you should list ldap only in
I've checked in some code to git that allows HUP to reload virtual
server configurations. For now, all it does is reload the authorize,
authenticate, accounting, pre-proxy, etc. sections. It does NOT reload
listen sections, client sections, or anything else.
However, it now allows you to
Hi
I'm having troubles setting up EAP-PEAP with freeradius (2.1.0) +
hostapd (0.6.9) + wpa_supplicant (0.6.6)
What I've done is mostly to follow
http://tldp.org/HOWTO/8021X-HOWTO/freeradius.html
Which basically is to update eap.conf to use peap and add my login
details to the users file:
Hi
I'm having troubles setting up EAP-PEAP with freeradius (2.1.0) +
hostapd (0.6.9) + wpa_supplicant (0.6.6)
What I've done is mostly to follow
http://tldp.org/HOWTO/8021X-HOWTO/freeradius.html
Which basically is to update eap.conf to use peap and add my login
details to the users file:
Per Hermansson wrote:
I'm having troubles setting up EAP-PEAP with freeradius (2.1.0) +
hostapd (0.6.9) + wpa_supplicant (0.6.6)
What I've done is mostly to follow
http://tldp.org/HOWTO/8021X-HOWTO/freeradius.html
I should update the man page to say IGNORE ALL THIRD PARTY HOWTOs
Nearly
On Thu, Apr 23, 2009 at 15:34, Glen Millard glenmill...@gmail.com wrote:
How are you sir?
I will post this to the group if you want , but this is making me crazy:
I am wondering the best way to troubleshoot this.
Installing FreeRADIUS on CentOS 5:
radiusd: FreeRADIUS Version 2.1.5, for
-
/var/log/freeradius/radacct/127.0.0.1/detail-20090423
[detail] /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to /var/log/freeradius/radacct/127.0.0.1/detail-20090423
expand: %t - Thu Apr 23 21:46:18 2009
++[detail] returns ok
++[unix] returns noop
expand: /var/log
Thanks for your quick response.
I purged all my old configuration and did a reinstall.
This time only updated the users file by adding the line above but with
the same result.
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 43395, id=1,
length=168
When I start it for the first time, it builds all of the 'fake' certs
okay
and runs properly.
(I am not sure if this would be an OpenSSL error or FreeRADIUS error.
What would you think the best way to troubleshoot this would be?
Or do you have any helpful hints?)
However, when I attempt
Sorry - neglected to put that in there!
I followed the instructions in the README file in /usr/local/etc/raddb/certs
If you want to see any files/info/parameters, please ask!
Thanks
Glen
On Thu, Apr 23, 2009 at 16:32, t...@kalik.net wrote:
When I start it for the first time, it builds all
Hi,
Nearly all of them haven't been updated in *years*. i.e. Since long
before 2.0 was released. They are not just wrong, they are actively
harmful.
yeh. most of them are from 2006/2007 era and are 'heres how I configured
FreeRADIUS 1.x in some wierd way to do this' - which, whilst may
Hi,
Per, if you read the debug log you will clearly
see the problem.
(cutting everything until the auth occurring.
rad_recv: Access-Request packet from host 127.0.0.1 port 43395, id=1,
length=168
User-Name = 0016dbd4b7d5
User-Password = 0016dbd4b7d5
NAS-IP-Address = 192.168.1.1
Hi,
When I start it for the first time, it builds all of the 'fake' certs okay
and runs properly.
(I am not sure if this would be an OpenSSL error or FreeRADIUS error.
What would you think the best way to troubleshoot this would be?
Or do you have any helpful hints?)
However, when
When I start it for the first time, it builds all of the 'fake' certs
okay
and runs properly.
(I am not sure if this would be an OpenSSL error or FreeRADIUS error.
What would you think the best way to troubleshoot this would be?
Or do you have any helpful hints?)
However, when I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan DeKok wrote:
I've checked in some code to git that allows HUP to reload virtual
server configurations. For now, all it does is reload the
authorize, authenticate, accounting, pre-proxy, etc. sections. It
does NOT reload listen sections,
Arran Cudbard-Bell wrote:
Interesting indeed. I can see a use for this. How do you initiate the
HUP ? Via the radmin tool ?
HUP is a Unix signal, originally meaning Hang Up but since has been
co-opted to mean reload your configuration when the signal is sent to
a service (e.g. a daemon).
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi John,
Interesting indeed. I can see a use for this. How do you initiate the
HUP ? Via the radmin tool ?
I know what HUP is :) But thank you for expounding on the history.
I was just wondering if there was a way to reload specific virtual
Hello,
Do I understand right or not about checkrad? Please drive me right
direction.
radius# checkrad
Usage: checkrad nas_type nas_ip nas_port login session_id
What is nas_port ? is it mean 1645, 1646 ?
I found the session_id from cisco router with following command
hostname#sh pppoe
Arran Cudbard-Bell wrote:
Interesting indeed. I can see a use for this. How do you initiate the
HUP ? Via the radmin tool ?
$ kill -HUP pid
or
$ radmin
radmin hup
:)
There's currently no way of reloading just *one* virtual server. The
reason is that they are all loaded into one big
37 matches
Mail list logo
