Shame on me!
For information my config(working) for the file /sites-enabled/default is
now :
Auth-Type CHAP {
#Modification du mdp venant du LDAP pour comparaison CHAP (fontionne
enfin!):
if (control:Cleartext-Password =~ /ethernet (.*)/i ) {
update control {
Hi All,
Can i log the NAS-PORT-ID in the log file instead of the NAS-PORT?
Thu Sep 3 10:53:10 2009 : Auth: Login OK: [627...@tedata.net.eg] (from
client MNSREST port 4060295476)
thanks
Amr
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Tue, Sep 01, 2009 at 09:49:20PM -0300, Carlos Eduardo Tavares Terra wrote:
++---+--+---+
| id | groupname | nasipaddress | nasportid |
++---+--+---+
| 5 | wireless | 192.168.2.5 | NULL |
| 4 | adsl | 192.168.2.6
John Dennis wrote:
On 09/02/2009 04:46 AM, Alan DeKok wrote:
It's been a while since 2.1.6, and it's getting close to time for
2.1.7. In order to ensure the stability of the software, we need your help.
Build it, install it, and see if there are issues.
I've done a basic sanity check.
://lists.freeradius.org/pipermail/freeradius-users/attachments/20090903/2f6c141e/attachment.bin
--
Message: 6
Date: Thu, 3 Sep 2009 01:00:57 -0700 (PDT)
From: pfafenback ouioui.bam...@laposte.net
Subject: Re: Cleartext-Password not found + CHAP and LDAP
To: freeradius-users
Hi,
I deactivated buffered-sql and logging directly to mysql by deafult module.
Just one basic question :
this means that slow SQL system will kill your AAA capabilities
- hence detail file, buffered-sql etc
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Thu, Sep 3, 2009 at 6:30 AM, George Koulyabinju...@vinf.ru wrote:
++--+++--+
| id | username | attribute | op | value |
++--+++--+
| 5 | jack | Huntgroup-Name | == | wireless |
|
this means that slow SQL system will kill your AAA capabilities
- hence detail file, buffered-sql etc
Am doing only accounting.
Kindly clarify: fre
Is Buffered_SQL is single threaded module? and does not make use of
available mysql threads to complete the job in parallel?
Hi,
I deactivated
I deactivated buffered-sql and logging directly to mysql by deafult
module.
Just one basic question :
Buffered_SQL is single threaded module? and does not make use of available
mysql threads to complete the jobs in parallel?
No, but near enough. Detail reader deliberately reads packets at a
On Thu, Sep 3, 2009 at 6:30 AM, George Koulyabinju...@vinf.ru wrote:
++--+++--+
| id | username | attribute | op | value |
++--+++--+
| 5 | jack | Huntgroup-Name | == | wireless |
|
Hi,
This could be related to a similar problem reported a couple of weeks ago.
We have a FreeRADIUS 2.1.6 installation running on 64bit CentOS 5.3. The
radiusd process is allocating more and more memory with time (around 0.5GB a
day). There are only around 5-6 requests/s and other than chewing
2009/9/1 Ivan Kalik t...@kalik.net:
I have configured three virtual servers: default, inner (uses
eap-ttls), inner-peap (uses eap-peap). I guess that out of tunnel
attempts go to default server log files.
cron performs a daily task that more or less perform something like
that:
Please I
Amr el-Saeed wrote:
Can i log the NAS-PORT-ID in the log file instead of the NAS-PORT?
Thu Sep 3 10:53:10 2009 : Auth: Login OK: [627...@tedata.net.eg] (from
client MNSREST port *4060295476)
In 2.1.7 you can customize that message to include anything you want.
Alan DeKok.
-
List
Thanks Ivan. How to increase the speed at which detail reader works. Can
you suggest? Thanks.
It's documented. Just read the comments in buffered-sql. There aren't that
many configuration items so you will find it easily.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe?
Arran Cudbard-Bell wrote:
This is pretty much a none issue. Just have the detail file writer start
a new file every minute/hour, then the number of repeated entries is
very small. It's only when you have it start a new file every day, or
use one monolithic detail file that you run into
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/09/2009 19:17, nf-vale wrote:
On Wednesday 02 September 2009 09:46:01 Alan DeKok wrote:
It's been a while since 2.1.6, and it's getting close to time for
2.1.7. In order to ensure the stability of the software, we need your
help.
2009/9/3 Sergio Belkin seb...@gmail.com:
2009/9/1 Ivan Kalik t...@kalik.net:
I have configured three virtual servers: default, inner (uses
eap-ttls), inner-peap (uses eap-peap). I guess that out of tunnel
attempts go to default server log files.
cron performs a daily task that more or less
Thanks Ivan. How to increase the speed at which detail reader works. Can
you suggest? Thanks.
Ivan Kalik
Thu, 03 Sep 2009 04:19:06 -0700
I deactivated buffered-sql and logging directly to mysql by deafult
module.
Just one basic question :
Buffered_SQL is single threaded module? and does not
Szymon Roczniak wrote:
I've followed the advise from the previous thread and run radiusd under
valgrind for around 10-15 minutes with some generated traffic and
the output is:
valgrind --tool=memcheck --leak-check=full /usr/sbin/radiusd -f
You should add -m to the radiusd command line, so
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Will try OSX build shortly...
Builds fine with OSX Server 10.5.7:
./configure --prefix=/usr/local/freeradius-2.1.7 --with-dhcp --with-vmps=no
--with-openssl --without-rlm_perl --enable-ltdl-install=no
- --
Arran Cudbard-Bell
Arran Cudbard-Bell wrote:
...
gcc .libs/radiusdS.o -o .libs/radiusd .libs/acct.o .libs/auth.o
.libs/client.o .libs/conffile.o .libs/crypt.o .libs/exec.o .libs/
.libs/modules.o: In function `setup_modules':
/usr/local/src/freeradius-server-2.1.7/src/main/modules.c:1259: undefined
reference
Dear Freeradius-user,
I have faceing some problemCould not
find Pool-Name attribute.
have any solution.
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
Dear Freeradius-user,
I have faceing some problemCould not
find Pool-Name attribute.
have any solution.
...
users: Matched entry amritap at line 100
...
How does your users file entry look like?
Ivan Kalik
Kalik Informatika ISP
-
Ryan Steinmetz wrote:
The dictionary.airespace file should probably be updated.
Airespace is now owned by Cisco and the VSAs that are published are different
from those included with the FR distribution. See
John Dennis wrote:
I've done a basic sanity check.
* it builds
* it installs
* it runs
* it can do pap
sorry, but I don't have more time at the moment for further testing.
Thanks to you (and everyone else) for the feedback.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Phil Mayers wrote:
FYI we've been running with this patch:
Added, thanks.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Damjan wrote:
Build it, install it, and see if there are issues. The directory also
includes Debian packages for Ubuntu 8.0.4.
Would this packages work on Debian Lenny?
No idea, sorry.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
my user file look like:--
#
# Please read the documentation file ../doc/processing_users_file,
# or 'man 5 users' (after installing the server) for more information.
#
# This file contains authentication security and configuration
# information for each user.
Hi,
I'm running FreeRADIUS 2.1.6 on FreeBSD 7.2 and I need to proxy incoming radius
accounting requests to two different ports at the same destination ip. I'm
quite inexperienced with freeradius and I'm not sure I've understood completely
what I need to do.
I've set up realms, home_servers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/09/2009 14:16, Alan DeKok wrote:
Arran Cudbard-Bell wrote:
...
gcc .libs/radiusdS.o -o .libs/radiusd .libs/acct.o .libs/auth.o
.libs/client.o .libs/conffile.o .libs/crypt.o .libs/exec.o .libs/
.libs/modules.o: In function `setup_modules':
Builds okay on Fedora 7 and Fedora 10:
./configure --with-system-libtool --prefix=/opt/radius --localstatedir=/var
make tests also passes on both, FWIW. But I won't be able
to actually install it for a week or two.
Alan, thanks for all of your hard work on FreeRADIUS!
-Matt
-
List
From users man page:
EXAMPLES
bob User-Password == hello
Requests containing the User-Name attribute, with value bob,
will be authenticated using the password bob. There are no
reply items, so the reply will be empty.
Surely this is incorrect - right? Should this not
Hi,
From users man page:
EXAMPLES
bob User-Password == hello
Requests containing the User-Name attribute, with value bob,
will be authenticated using the password bob. There are no
reply items, so the reply will be empty.
Surely this is incorrect - right?
v2.1.6. AFAIK FR was never installed on this box - it's fairly new - so
I don't think it could've been some legacy doc that didn't get
overwritten when 2.1.6 was installed.
-Original Message-
From: freeradius-users-bounces+ggatten=waddell@lists.freeradius.org
From users man page:
EXAMPLES
bob User-Password == hello
Requests containing the User-Name attribute, with value bob,
will be authenticated using the password bob. There are no
reply items, so the reply will be empty.
Surely this is incorrect - right? Should this
H. Fresh install (built from source) of FR 2.1.6 on a new box. I
wonder if there are other goofy things about my install?
Interesting
-Original Message-
From: freeradius-users-bounces+ggatten=waddell@lists.freeradius.org
You do. Current documentation should be in man 5 users.
Ivan Kalik
Kalik Informatika ISP
v2.1.6. AFAIK FR was never installed on this box - it's fairly new - so
I don't think it could've been some legacy doc that didn't get
overwritten when 2.1.6 was installed.
-Original Message-
Hi,
v2.1.6. AFAIK FR was never installed on this box - it's fairly new - so
I don't think it could've been some legacy doc that didn't get
overwritten when 2.1.6 was installed.
oh deary yes - i see that its only recently been fixed 8-)
2.14.4 and 2.1.5 also happily proclaim the confusing
RPM shows nothing FR related installed. I did run man 5 users.
v2.1.6 is current, no?
-Original Message-
From: freeradius-users-bounces+ggatten=waddell@lists.freeradius.org
[mailto:freeradius-users-bounces+ggatten=waddell@lists.freeradius.or
g] On Behalf Of Ivan Kalik
Sent:
Am 03.09.2009 um 21:02 schrieb Gary Gatten:
RPM shows nothing FR related installed. I did run man 5 users.
v2.1.6 is current, no?
If you want something newer than the last released version, see http://git.freeradius.org
, especially the stable tree.
Have a nice day!
Nicolas Goutte
Build it, install it, and see if there are issues.
On FreeBSD 7.2 with libtool 2.2.6a:
- Built
- Installed
- Tested EAP-PEAP/MSCHAPv2, rlm_perl with no issues so far
No LD_PRELOAD needed for libperl.so with libtool 2.2.6.
Do you think the MS-CHAP related patch I submitted will make 2.1.8?
Gary Gatten wrote:
From users man page:
EXAMPLES
bob User-Password == hello
That's fixed in 2.1.7.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi everyone,
I'm using freeradius-2.1.4 with MySQL and would like to set up realms
without proxying. The reason is that I'd like to keep all the requests
to a single Radius server, however would like to separate the users'
radreplies based on their username/groups. I know that I can use
Just proxy the realm locally..
realm managers {
auth = LOCAL
acct = LOCAL
nostrip
}
You may want to make sure you acct query is not using the stripped user name
though.
-Leigh
On Thu, Sep 3, 2009 at 4:27 PM, James Wu ja...@connection.ca wrote:
Hi everyone,
I'm using
Hi again,
This subject is misleading and should rather read: How to proxy an accounting
request to the same destination twice
I've now also tried with robust-proxy-accounting but it only sends to one of
the home_servers.
Any advice or pointers in the right direction will be greatly
, version of virus signature
database 4392 (20090903) __
The message was checked by ESET Smart Security.
http://www.eset.com
__ Information from ESET Smart Security, version of virus signature
database 4392 (20090903) __
The message was checked by ESET Smart Security
/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
__ Information from ESET Smart Security, version of virus signature
database 4392 (20090903) __
The message was checked by ESET Smart Security.
http://www.eset.com
__ Information from
This subject is misleading and should rather read: How to proxy an
accounting request to the same destination twice
Why? What is home server supposed to do with the duplicate packet (that it
couldn't do with the first one)?
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe?
Home_server is a firewall which forwards them to two different servers which
are not directly accessible.
This setup has previously been achieved with freeradius 1.x using combined
logs and two radrelays on two subinterfaces.
--
Dánial
From:
Hi,
I read from a post back in 2007 that freeRADIUS ippool or sqlippool does
not support assigning IP via EAP/TLS. I was wondering if this is still
the case?
Alan mentioned that there would be options that might be part of 2.0
release. Is there any solution for this with the current
Victor Tangendjaja wrote:
I read from a post back in 2007 that freeRADIUS ippool or sqlippool does
not support assigning IP via EAP/TLS. I was wondering if this is still
the case?
Yes. Because when 802.1X is used, IP address assignment is done via DHCP.
Alan mentioned that there would be
Dánial Olsen wrote:
Yes, this has also been my assumption and I've tried this but I've failed
in making both instances proxy the packet.
So what does the debug log say?
There must be something I'm not getting because I don't see how I can
have two realms with one pool and home_server
52 matches
Mail list logo