Juergen Koller wrote:
freeradius checks now for authorization against the LDAP-database and
gets back if the user exists or not (according to the debug output). But
the user will not be rejected, if not in the LDAP-database.
Perhaps I did not read the right document file right now. Perhaps
WWF wrote:
Hello, all!
I use fr 2.1.9 on ubuntu 10.04, installed from source code. Use mysql as
database.
Now I add a VSA in radreply, then, if a user passes the auth, the VSA
will be returned back to NAS.
I find that for other auth types like PAP/EAPMD5/EAPTLS, this VSA VALUE
is returned
Wingman wrote:
For example, i need to parse several conditions, regarding to sql queries
results. I'm confusing in how to use custom vars and custom sql queries in
sites-enabled/dhcp ?
i.e. i need somthing like this pseudocode:
dhcp DHCP-Discover {
.
sql
MYVAR := %{sql:
Martin v. Wittich wrote:
I believe I have exactly the same issue; only Windows 7 clients are
affected. Windows XP, Windows Vista and iPhone all work fine.
I believe that the issue is my unsigned server certificate. In the
previous Windows versions I can do an initially unsuccessful connect
Great, thx, Alan!
I've allready written most functionality with rlm_perl, now will try
to move it to native freeradius.
Wingman wrote:
For example, i need to parse several conditions, regarding to sql queries
results. I'm confusing in how to use custom vars and custom sql queries in
Thank you very much. The solution was too easy. :-)
Juergen
Alan DeKok wrote:
Juergen Koller wrote:
freeradius checks now for authorization against the LDAP-database and
gets back if the user exists or not (according to the debug output). But
the user will not be rejected, if not in the
Hi,
I am using FreeRADIUS 2.1.8 and JRadius 1.0.0 in my machine. When I send the
Access-Request, it gives me the error No authenticate method (Auth-Type)
configuration found for the request: Rejecting the user. Please help me. Did I
missed any configuration?
In sites-available/default file, I
Hmm, only one more question
Is there a sense to try to build functionality without rlm_perl?
I mean, is there a strong performance difference between rlm_perl and
native freeradius, especially in production usage?
Вы писали 2 июня 2010 г., 10:31:53:
Wingman wrote:
For example, i need to
42954, id=253,
length=71
User-Name = pru...@temp.unex.es
User-Password = prueba
NAS-IP-Address = 127.0.1.1
NAS-Port = 0
. . .
+- entering group authorize {...}
. . .
++- entering switch %{Realm} {...}
+++- entering case temp.unex.es {...}
expand: %D - 20100602
[request
Karuna G. Kumar wrote:
Hi,
I am using FreeRADIUS 2.1.8 and JRadius 1.0.0 in my machine. When I send the
Access-Request, it gives me the error No authenticate method (Auth-Type)
configuration found for the request: Rejecting the user. Please help me. Did
I missed any configuration?
You
Hello,
When proxing some eap-type by real to an external radius, is it possible
to configure a normal and a backup proxy server ?
I saw (in proxy.conf comments) it was possible when proxying to a local
virtual server, but I don't understand what to do for normal/backup
externals radius we have
On Tue, Jun 01, 2010 at 02:19:31PM +0200, joy wrote:
On Sat, May 29, 2010 at 10:42:06AM +0200, Alan DeKok wrote:
Even Apache reads the entire directory:
...
# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/
...
So what's the solution? Why isn't
I am trying to authorize / authenticate the user from a JRadius handler. I want
to validate the user name and password both from our application's data
repository using EJB calls. Hence, I don't want to look in to users file at
all. Do I need to still enable PAP for it?
Please let me know if I
Hi All!
It's a situation in which i have two authorize_check_query.
I'm using pppoe+sql and I also want to implement dhcp.
But the thing is that when dhcp nas asks freeradius it uses mac
address as username.
So i want sth like two sql { } sections with two different
authorize_check_query for two
Hi,
I've configured FreeRADIUS (version 1.1.7, supplied with SLES10) to
authenticate from Novell eDirectory with LDAP. The problem is that I can't
connect to the network when I check the Automatically use my Windows
logon name and password on a WinXP client's PEAP properties. This is the
Switch to the newsiest freeradius version. Maybe it will help.
2010/6/2 Andras Dosztal adosz...@gmail.com:
Hi,
I've configured FreeRADIUS (version 1.1.7, supplied with SLES10) to
authenticate from Novell eDirectory with LDAP. The problem is that I can't
connect to the network when I check
Karuna G. Kumar wrote:
I am trying to authorize / authenticate the user from a JRadius handler. I
want to validate the user name and password both from our application's data
repository using EJB calls. Hence, I don't want to look in to users file at
all. Do I need to still enable PAP for
Hi,
Now I got some improvement than before I guess.
Now, I am getting the error like...
[pap] login attempt with password testing
[pap] Using CRYPT encryption.
[pap] Passwords don't match
I am passing the Clear text password to FreeRADIUS. but, why is this failing ?
Please help me.
Logs:
Hi,
[pap] login attempt with password testing
[pap] Using CRYPT encryption.
yes, crypt...which means
++[unix] returns updated
..tht you have a matching entry in /etc/passwd - hence CRYPT
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I've upgraded to 2.1.8, but now I can't even authenticate with the pop-up
box.
Debug output: http://pastebin.ca/1875922
Regards,
Andras
On Wed, 02 Jun 2010 12:35:11 +0200, Maciej Drobniuch mac...@drobniuch.pl
wrote:
Switch to the newsiest freeradius version. Maybe it will help.
In freeradius 2.x use ClearText-Password instead of User-Password!
2010/6/2 Andras Dosztal adosz...@gmail.com:
I've upgraded to 2.1.8, but now I can't even authenticate with the pop-up
box.
Debug output: http://pastebin.ca/1875922
Regards,
Andras
On Wed, 02 Jun 2010 12:35:11 +0200,
Josip Rodin wrote:
It occurs to me that it would be a good idea to add an option that would
allow users to log the entire initial configuration parsing on startup to
the main log file, IOW log that part even if the server did not run with -X.
Hmm... OK.
When they run it with -X, they'll
Sorry for the dumb question, but where can I configure that?
On Wed, 02 Jun 2010 13:34:29 +0200, Maciej Drobniuch mac...@drobniuch.pl
wrote:
In freeradius 2.x use ClearText-Password instead of User-Password!
2010/6/2 Andras Dosztal adosz...@gmail.com:
I've upgraded to 2.1.8, but now I
I used different user name (karun) and password (karunkarun) also. But the
result is same.
I am using Ubuntu. Very new to this OS. Can you please explain me little more
about what's going wrong here ?
Found Auth-Type = PAP
+- entering group PAP {...}
[pap] login attempt with password
I've been having the same problem lately. Restarting the smbd, winbind, and
radius services does not solve the problem, only rebooting.
Thomas E. Casartello, Jr.
Staff Assistant - Wireless/Linux Administrator
Information Technology
Wilson 105A
Westfield State College
-Original Message-
Hi,
I used different user name (karun) and password (karunkarun) also. But the
result is same.
do you have karun in the /etc/passwd file? from the logs you do
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I run 2.1.8, server 2008 R2 and samba 3.5.2. It's something to do with
winbind, but I have not nailed it down on my installation yet.
Sent via Verizon Wireless
-Original Message-
From: Casartello, Thomas tcasarte...@wsc.ma.edu
Date: Wed, 2 Jun 2010 08:28:23
To: 'FreeRadius users
If you are using users file, you have it located there.
exp:
testuser Cleartext-Password := test123
2010/6/2 Andras Dosztal adosz...@gmail.com:
Sorry for the dumb question, but where can I configure that?
On Wed, 02 Jun 2010 13:34:29 +0200, Maciej Drobniuch mac...@drobniuch.pl
wrote:
Hi,
I have a freeradius server set up with chap authentication. I was wondering
if it is possible to also do mac authentication at the same time?
Thanks,
Jon
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I'm using LDAP with an eDirectory backend.
On Wed, 02 Jun 2010 16:26:19 +0200, Maciej Drobniuch mac...@drobniuch.pl
wrote:
If you are using users file, you have it located there.
exp:
testuser Cleartext-Password := test123
2010/6/2 Andras Dosztal adosz...@gmail.com:
Sorry for the dumb
I'm not using ldap(and i've never used before) so try to find some
where the variable User-Password and replace it with
ClearText-Password.
2010/6/2 Andras Dosztal adosz...@gmail.com:
I'm using LDAP with an eDirectory backend.
On Wed, 02 Jun 2010 16:26:19 +0200, Maciej Drobniuch
On 06/02/2010 12:03 PM, Maciej Drobniuch wrote:
I'm not using ldap(and i've never used before) so try to find some
where the variable User-Password and replace it with
ClearText-Password.
This has been answered multiple times on this list (including recently).
Try searching the archives.
Thanks Alan. I've got that bit working now.
However, I can't get my check on the NAS-IP-Address attribute to work.
I now have this config:
File dictionary
ATTRIBUTE User_Group_Name 3003string
ATTRIBUTE Nas_Group_Name 3004string
File modules/etc_group
passwd
Hi all,
Did someone encountered automatic startup at boot-time with freeradius
2.1.9-2 on CentOS 5.5 ?
chkconfig --list show OK
radiusd -X show OK
/etc/init.d/radiusd start is OK
service radiusd stop passes OK
service radiusd start does not work.
radiusd does not start at boot.
Any idea ?
Best
On 06/02/2010 12:54 PM, Fred MAISON wrote:
Hi all,
Did someone encountered automatic startup at boot-time with freeradius
2.1.9-2 on CentOS 5.5 ?
chkconfig --list show OK
radiusd -X show OK
/etc/init.d/radiusd start is OK
service radiusd stop passes OK
service radiusd start does not work.
On 06/02/2010 12:54 PM, Fred MAISON wrote:
Hi all,
Did someone encountered automatic startup at boot-time with freeradius
2.1.9-2 on CentOS 5.5 ?
chkconfig --list show OK
It does say on for levels 2,3,4,5 right?
/etc/init.d/radiusd start is OK
service radiusd start does not work.
The
Hello,
I'm using freeradius 2.1.8 with wpa_supplicant 0.7.1, both on
32bit-linux with openssl 1.0.0 or openssl 0.9.8. AP is a Linksys WAP610N.
In eap.conf, the option eap - tls - cache - enable is switched off
and fast_reauth in wpa_supplicant is enabled.
The initial login works fine. But there
jon jon wrote:
Hi,
I have a freeradius server set up with chap authentication. I was
wondering if it is possible to also do mac authentication at the same time?
Yes.
Alan DneKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Andreas Hartmann wrote:
In eap.conf, the option eap - tls - cache - enable is switched off
and fast_reauth in wpa_supplicant is enabled.
Uh... that makes no sense.
You've disabled caching (i.e fast re-auth) on the server, and enabled
it on the client. Why are you surprised that fast
According to the rlm_sql:
5. For each group this user is a member of, the corresponding check items
are pulled from radgroupcheck table and compared with the request. If
there is a match, the reply items for this group are pulled from the
radgroupreply table and applied.
How
Jiann-Ming Su wrote:
According to the rlm_sql:
5. For each group this user is a member of, the corresponding check items
are pulled from radgroupcheck table and compared with the request. If
there is a match, the reply items for this group are pulled from the
radgroupreply
On 06/02/2010 05:35 PM, Jiann-Ming Su wrote:
According to the rlm_sql:
5. For each group this user is a member of, the corresponding check
items are pulled from radgroupcheck table and compared with the
request. If there is a match, the reply items for this group are
pulled from the
Alan DeKok wrote:
Andreas Hartmann wrote:
In eap.conf, the option eap - tls - cache - enable is switched off
and fast_reauth in wpa_supplicant is enabled.
Uh... that makes no sense.
You've disabled caching (i.e fast re-auth) on the server, and enabled
it on the client. Why are you
Alan DeKok schrieb:
Andreas Hartmann wrote:
In eap.conf, the option eap - tls - cache - enable is switched off
and fast_reauth in wpa_supplicant is enabled.
Uh... that makes no sense.
Yes, you're right - I meant option eap - tls - cache - enable is
switched _on_ and fast_reauth is on too
David Mitchell schrieb:
Alan DeKok wrote:
Andreas Hartmann wrote:
In eap.conf, the option eap - tls - cache - enable is switched off
and fast_reauth in wpa_supplicant is enabled.
Uh... that makes no sense.
You've disabled caching (i.e fast re-auth) on the server, and enabled
it on the
Yes. As you said, I found 'karun' in /etc/passwd file. Now, I used different
credentials and it's working fine. I am able to do PAP authentication now.
Thanks alot.
Thanks alot to Alan DeKok too for his valuable response.
-Original Message-
From:
Andreas Hartmann schrieb:
David Mitchell schrieb:
Alan DeKok wrote:
Andreas Hartmann wrote:
In eap.conf, the option eap - tls - cache - enable is switched off
and fast_reauth in wpa_supplicant is enabled.
Uh... that makes no sense.
You've disabled caching (i.e fast re-auth) on the
47 matches
Mail list logo