Hi All,
getting the following errors in the radius log:
Mon Aug 17 05:45:38 2009 : Error: rlm_radutmp: Logout for NAS Default NAS
Entry port 1239, but no Login record
Mon Aug 17 05:45:38 2009 : Error: rlm_radutmp: Logout for NAS Default NAS
Entry port 712, but no Login record
Mon Aug 17 05:45:38
Using version from GIT.
When DHCP-Message-Type = 0 the server must not sending reply.
But in this code set DHCP-Message-Type value from 0 to 1024 and reply sending
to client.
src/main/dhcpd.c
...
vp = pairfind(request-reply-vps, DHCP2ATTR(53)); /*
DHCP-Message-Type */
if (vp) {
Ok, I got a hint. I was mistaken, it was doing the mess for '\n' and
for '\t' also in accounting but I find from where it comes.
In my default/post-auth I had :
update reply{
Tunnel-Type = 13
Tunnel-Medium-Type = 6
# I use the real ID for setting the vlan
mikoi wrote:
The problem:
When logging in with the user with Cleartext-Password all passwords are
accepted.
Because that's what you told it to do.
mysql select * from radgroupcheck;
++---+++-+
| id | groupname | attribute | op | value
Sergey Korobkov wrote:
Using version from GIT.
When DHCP-Message-Type = 0 the server must not sending reply.
But in this code set DHCP-Message-Type value from 0 to 1024 and reply sending
to client.
Fixed, thanks.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Why is the Auth-Type := Accept in there?
Yes, you are right. This was the cause.
Removed the line from radgroupcheck and added Auth-Type := LOCAL to radcheck
instead and that did the trick. Thanks.
For users that are proxied to the backend RADIUS-server i need Auth-Type :=
Accept otherwise
So... what are the contents of the NT-Password attribute?
In the LDAP data store? is it a hashed (MD4) format which should be able to be
read doing MS-CHAP. I know, I know clear text, but with my current set up
Zimbra with OpenLdap it does not let you do complete clear text. I integrated
mikoi wrote:
Why is the Auth-Type := Accept in there?
Yes, you are right. This was the cause.
Removed the line from radgroupcheck and added Auth-Type := LOCAL
Why? That is NOT necessary. All of the documentation and all of the
examples and many of the messages on this list say DO NOT
Eric Bourkland wrote:
No Cleartext-Password configured. Cannot create LM-Password
No Cleartext-Password configured. Cannot create NT-Password
Told to do MS-CHAPv2 for test.user with NT-Password
FAILED: No NT/LM-Password. Cannot perform authentication.
FAILED: MS-CHAP2-Response is incorrect.
hi,
whoa! you are piping the output via tee to a log file - therefore
the code isnt getting the return value - hence the badness.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Why? That is NOT necessary. All of the documentation and all of the
examples and many of the messages on this list say DO NOT SET AUTH-TYPE.
Especially Auth-Type := Local. That configuration has been NOT
recommended for many years now. Many, many, years.
Yes, you are so right!
I tried to use aythentication via Active Directory domain.
FreeRadius 2.1.6 return error:
Try removing the single double quote () just before the last right curly brace
(}) at the bottom of the mschap file
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
vol...@ufamts.ru wrote:
Alan DeKok wrote:
What do you mean duplicate records?
Alan DeKok.
If home server does not respond, FR does not respond too - NAS repeats
request - FR writes request data to SQL again.
So we got two problems:
1) repeating requests
2) NAS does not receive
Hello,
I need to allow a block of 8 IP addresses in 'nasname' column in NAS table.
Can I use
xx.xx.xx.112/29
Thank you for your help in advance
Kindest Regards,
Irina
===-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
We need to allow a block of 8 IP addresses in 'nasname' column in NAS table.
Can I use
xx.xx.xx.112/29
Thank you for your help in advance
Kindest Regards,
Irina
===-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Le Monday 17 August 2009 16:48:35 Irina, vous avez écrit :
Hello,
I need to allow a block of 8 IP addresses in 'nasname' column in NAS table.
Can I use
xx.xx.xx.112/29
Thank you for your help in advance
Kindest Regards,
Irina
===
No !
/29 give not 8 IP but
It looks like I might have figured it out, I had commented out the line I had
added that I actually needed. I wasn't telling Radius where to look in LDAP
for the password field.
I can get my windows XP laptops to connect without a problem, still having a
bit of a problem with the Mac laptops
2009/8/17 Alan Buxey a.l.m.bu...@lboro.ac.uk
whoa! you are piping the output via tee to a log file - therefore
the code isnt getting the return value - hence the badness.
How can I get return value?
2009/8/17 Garber, Neal neal.gar...@energyeast.com:
Try removing the single double quote (“)
Hi Everyone,
I'm using SQL for Simultaneous Use checking. It works in that if someone
tries to auth when they're already logged in, they're rejected. However,
sometimes the acct stop packet never makes it to freeradius (for whatever
reason) when the user logs off. This leaves the acctstoptime
I've had FR 2.1.6 running on a FreeBSD 7.2 test server for some time now. When
I applied the rlm_mschap / rlm_eap_mschap patch I worked on over the weekend
(which is working great btw - I will upload it shortly), I now get the
following error on FR startup:
Can't load
Anton Brinyov wrote:
2009/8/17 Alan Buxey a.l.m.bu...@lboro.ac.uk
whoa! you are piping the output via tee to a log file - therefore
the code isnt getting the return value - hence the badness.
How can I get return value?
Don't use the pipe. Use ntlm_auth as configured in the mschap
sees? How do I update a user's acctstoptime when the NAS doesn't have a
session for that user, but the DB shows as NULL (i.e. freeradius believes
the user is live)?
It is called stale session. I am also trying to solve the same. I just
discussed this topic few days back. Check the list
2009/8/18 Alan DeKok al...@deployingradius.com:
Don't use the pipe. Use ntlm_auth as configured in the mschap module,
without any extra changes.
Oh, sorry.
I tried to get some about ntlm_auth output and forgot to remove changes.
I delete pipe but it did't remove problem.
-
List
Hi All,
When Radius gets acctterminatecause = Nas Error packets having
Acct-session-time field = 0, user .i see an an error in Raidus log
*Mon Aug 17 05:46:04 2009 : Error: rlm_sql (sql) in sql_accounting: stop
packet with zero session length. [user '', nas 'xx.xx.xx.xx']*
how to count it as
24 matches
Mail list logo