Benjamin Marvin wrote:
Any other suggestions on where I should look to see why the servers
are marking the upstream servers as Zombie?
The only log message is that it's marking the server zombie. Until
it's marked zombie, it *might* be alive. The reason it's marked zombie
is because the
_Stefan_H wrote:
Hi,
I thought that my Access-Point is able to handle VLAN-Attributes like my
Switch but I was wrong.
I don't want to tell the whole story.
Is there an attribute which returns the authenticator IP-Address?
Packet-Src-IP-Address
I looked at this site:
Benjamin Marvin wrote:
I don't believe this is my problem. The debug and packet captures
show all of the accounting packets are replied to within the
Response_Window and Max_Request_Time frames. (5-10 seconds being at
the extreme high end of response times.)
If the responses are all within
If someone could help me...
Or see a right configuration file or what files I have to configure,
something...
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
I have a problem to change vlan on a Catalyst 2950 switch using the 802.1x
protocol. The problem is that no changes to the vlan you specified. The
authentication and validation of the user is correct, but does not change vlan.
Freeradius User Configuration:
steve Cleartext-Password :=
Jesús Jiménez wrote:
If someone could help me...
Or see a right configuration file or what files I have to configure,
something...
I think you need to disable UDPFROMTO:
$ ./configure --without-udpfromto
Or, edit src/lib/dhcp.c to forcibly disable it.
Alan DeKok.
-
List
On Wed, Apr 21, 2010 at 05:47:43PM +0200, Alan DeKok wrote:
Without status_check, you rely on the timeouts - revive_interval and
zombie_period.
Which is much worse than status checks.
But, if you're talking to FR 1.1.7, that should be able to make it respond
negatively to a single
Guillermo Borrallo guilleb...@hotmail.com wrote:
I have a problem to change vlan on a Catalyst 2950 switch using the
802.1x protocol. The problem is that no changes to the vlan you
specified. The authentication and validation of the user is correct,
but does not change vlan.
You might
Hi all,
This is my first post. I'm trying to make a AAA server based on
freeRadius and MySQL. After I configure radius server and run server in
debug mode, I get some problem with rlm_sql about User-Password and
Chap-Password. It seems that the server can't expand User-Password and
Hi,
steve Cleartext-Password := testing Service-Type = Framed-User,
Tunnel-Type = VLAN, Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-ID = 2
I have no idea why people keep insisting on doing this, but make
'Tunnel-Private-Group-ID' the VLAN *name*. You are only going to end
On Thu, Apr 22, 2010 at 04:50:50PM +0700, VU VAN HUNG wrote:
It looks like you have a problem with this INSERT query:
[..]
[sql] expand: INSERT INTO radpostauth
(username, pass, reply, authdate) VALUES
(
szymon roczniak wrote:
On Thu, Apr 22, 2010 at 04:50:50PM +0700, VU VAN HUNG wrote:
It looks like you have a problem with this INSERT query:
[..]
[sql] expand: INSERT INTO radpostauth
(username, pass, reply, authdate) VALUES
(
On Thu, Apr 22, 2010 at 05:38:04PM +0700, VU VAN HUNG wrote:
szymon roczniak wrote:
On Thu, Apr 22, 2010 at 04:50:50PM +0700, VU VAN HUNG wrote:
I know, but in the output, I see the following lines:
*sql] expand: %{User-Password} -
[sql] expand: %{Chap-Password} - *
no
Hi, FreeRadius.
How to force radiusd -X to do logging to log file too?
--
mailto:kes-...@yandex.ru
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan Buxey a.l.m.bu...@lboro.ac.uk wrote:
steve Cleartext-Password := testing Service-Type = Framed-User,
Tunnel-Type = VLAN, Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-ID = 2
I have no idea why people keep insisting on doing this, but make
'Tunnel-Private-Group-ID' the
Alan Buxey a.l.m.bu...@lboro.ac.uk wrote:
steve Cleartext-Password := testing Service-Type = Framed-User,
Tunnel-Type = VLAN, Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-ID = 2
I have no idea why people keep insisting on doing this, but make
'Tunnel-Private-Group-ID' the
Josip Rodin wrote:
One thing that we talked I believe in private mail is good to point out on
the mailing list as well - the current request cleaning up logic isn't
really being kind to proxy settings and how the admins might interpret them
- meaning there is nothing in the proxying code that
/radacct/192.168.2.1/auth-detail-20100422
Thu Apr 22 14:17:59 2010 : Info: [auth_log]
/var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands
to /var/log/freeradius/radacct/192.168.2.1/auth-detail-20100422
Thu Apr 22 14:17:59 2010 : Info: [auth_log] expand: %t - Thu Apr 22
14:17:59
Johnny R wrote:
The authentication worked well locally against openldap (in the same
server). When an user try to connect to internet in the Blue Zone
(WLAN), it generates the following error in the radius-server. I am
really stuck here, any help will be welcome.
Look at the debug log.
kes-...@yandex.ru wrote:
Hi, FreeRadius.
How to force radiusd -X to do logging to log file too?
$ radiusd -X /var/log/radius/radius.log 21
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Maybe (so you both see and log):
Radiusd -X | tee -a /var/log/radius/radius-debug.log
-Original Message-
From: Alan DeKok al...@deployingradius.com
Sent: Thursday, April 22, 2010 12:45 PM
To: ??? ??? kes-...@yandex.ru; FreeRadius users mailing list
On 2010/04/22 06:45 PM, Alan DeKok wrote:
kes-...@yandex.ru wrote:
Hi, FreeRadius.
How to force radiusd -X to do logging to log file too?
$ radiusd -X /var/log/radius/radius.log 21
Or for both file and console.
radiusd -X 21 | tee /var/log/radius/radius.log
--
Johan Meiring
Cape
Well, stderr in a foreground process is normally stdout.
-Original Message-
From: Johan Meiring jmeir...@pcservices.co.za
Sent: Thursday, April 22, 2010 1:09 PM
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Subject: Re: radiusd does not logging while debug
On
Alan DeKok-2 wrote:
_Stefan_H wrote:
Hi,
I thought that my Access-Point is able to handle VLAN-Attributes like my
Switch but I was wrong.
I don't want to tell the whole story.
Is there an attribute which returns the authenticator IP-Address?
Packet-Src-IP-Address
Thanks
Hi everyone,
I have a question about proxy request with freeradius : is it possible to run
multiple instance of proxy (not the same but the same daemon) which use
different realm configuration.
example :
proxy 1 (port UDP 1812) :
- realm @test.com
- realm @test1.com
proxy 2 (port UDP 1646) :
Hi all,
The radius spec currently identifies a Nas (client) by the Nas's IP address
(Packet-Src-Ip-Addres?). That is how radius works.
We have a bunch of hotspots out in the field which could be behind any kind
of internet connection. Broadband/Dynamic IP, natted, etc.
Because we have no
Hi again List,
Thank very much Alan,
I am so sorry if I am a little bit bothering ... but all seems to be jumbled
in my head. So I have some questions:
- is the cipher login/password which comes from CopSpot(or any captive
portal) deciphered before ipcop sends it to freeradius-server? (It's
Hi,
* is the cipher login/password which comes from CopSpot(or any captive
portal) deciphered before ipcop sends it to freeradius-server? (It's a kind
of question which can not be asked here but ... never know)
if the server says its CHAP then its probably sent as CHAP rather than PAP...
On 4/6/2010 11:22 AM, Alan DeKok wrote:
I don't know. Try using a tool to watch the server memory over time.
If it keeps growing... that would be an issue
After research, SIGKILL, SIGXFSZ, SIGXCPU are the only signals sent by
the kernel - userland on the part of setrlimit(2).
29 matches
Mail list logo