Garber, Neal wrote:
> I just cloned and built the latest 2.1.10 to do some testing. I did a
> PEAP-MSCHAPv2 authentication, with bad credentials, using eapol_test. What I
> found seems to indicate the problem I was referring to still exists in 2.1.10
> (probably because I wasn't clear enough i
> IIRC, it was to remember replies better. When the inner tunnel
> returns accept and the outer sends a challenge... remember the
> accept for later.
I just cloned and built the latest 2.1.10 to do some testing. I did a
PEAP-MSCHAPv2 authentication, with bad credentials, using eapol_test. Wha
> I'll take a look...
Thanks.
> I'd like to get some feedback on the pre-release of 2.1.10,
> especially the changes to the proxy code.
I'll download the latest 2.1.10 tomorrow; unfortunately, I won't have a chance
to test it until next week. Also, we don't use proxying, at the moment, but I
On Tue, 2010-09-07 at 22:28 +0200, Alan DeKok wrote:
> Alan Buxey wrote:
> >> Please test it out, and give feedback on issues / benefits. The file
> >> doc/ChangeLog contains all of the changes and new features in the server.
> >
> >
> > fails to compile on older redhats with python :
>
What
On Tue, 2010-09-07 at 22:26 +0200, Alan DeKok wrote:
> John Horne wrote:
> > We have been running 3 servers with 2.1.10 (taken from git a while ago)
>
> The proxy change went in August 4.
>
Ah. Our versions date back to June. I'll see about upgrading them to a
later 2.1.10 version. (Hopefully t
Alan Buxey wrote:
>> Please test it out, and give feedback on issues / benefits. The file
>> doc/ChangeLog contains all of the changes and new features in the server.
>
>
> fails to compile on older redhats with python :
Huh? Did 2.1.9 compile on those versions of Redhat? The last change
John Horne wrote:
> We have been running 3 servers with 2.1.10 (taken from git a while ago)
The proxy change went in August 4.
> for some time with no problems. They act as a proxy, receiving requests
> from wireless lan controllers and (mostly) proxying them on to MS IAS.
> Is there any partic
On Tue, 2010-09-07 at 21:19 +0200, Alan DeKok wrote:
>
> I'd like to get some feedback on the pre-release of 2.1.10, especially
> the changes to the proxy code.
>
We have been running 3 servers with 2.1.10 (taken from git a while ago)
for some time with no problems. They act as a proxy, receivin
Garber, Neal wrote:
>> Fixed in 2.1.9.
>
> Great (I guess missed that in the change log). Was the change to eliminate
> the extra round trip?
IIRC, it was to remember replies better. When the inner tunnel
returns accept and the outer sends a challenge... remember the accept
for later.
> If
> Fixed in 2.1.9.
Great (I guess missed that in the change log). Was the change to eliminate the
extra round trip? If so, would you accept a patch to set
Module-Failure-Message upon failure of ntlm_auth in rlm_mschap (as was
originally implemented in the fix for bug 398 in v1.1.4)?
Thanks Al
Jan Zacharias wrote:
> Version is "radiusd: FreeRADIUS Version 2.1.9, for host
> i386-portbld-freebsd8.1, built on Aug 5 2010 at 14:17:48"
Maybe the Perl installation on your system isn't thread-safe. This is
possible...
> rad2vmps is part of freenac. Can freerad and freenac work w/a this thi
Version is "radiusd: FreeRADIUS Version 2.1.9, for host i386-portbld-freebsd8.1,
built on Aug 5 2010 at 14:17:48"
rad2vmps is part of freenac. Can freerad and freenac work w/a this thing in
between out of the box?! That would be great!
Maybe I should post full debug output of freerad, but
Jan Zacharias wrote:
> I'm running into some very bad issue: when running freeradius in
> threaded mode (default)
> it's mixing up CONCURRENT requests resulting in a wrong vlan assignment.
That sounds bad.
> Now let's check what Vlans got assigned (this is the vmps log, vmps gets
> only this MA
Garber, Neal wrote:
>> but it seems the next packet sent is a Challenge, not reject/accept.
>> Therefore the message does not persist until reject/accept time.
>
> Hmm.. It seems I've heard that before:
>
> http://lists.cistron.nl/pipermail/freeradius-users/2009-August/msg00326.html
Fixed in
homyang cha wrote:
>
> Thank you for the help. I am now able to authenticate users from both
> windows xp(2) and windows 7 using PEAP authentication type. But in Windows
> Vista I have a problem. Initially I am able to authenticate from windows
> vista but after some time its diconnects itself. I
Hi Folks,
I'm running into some very bad issue: when running freeradius in threaded mode
(default)
it's mixing up CONCURRENT requests resulting in a wrong vlan assignment.
Here are the logs of two clients (OSX and Ubuntu). The Ubuntu supplicant
(wpa-suppl.)
always fails the first login try, but
Murray Long wrote:
> That switch statement has no condition for *cp == "\\". Which is what
> I have added. (Please see patch attached to my previous message)
OK, I didn't see that. I'll look into a fix for 2.1.10.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/
> but it seems the next packet sent is a Challenge, not reject/accept.
> Therefore the message does not persist until reject/accept time.
Hmm.. It seems I've heard that before:
http://lists.cistron.nl/pipermail/freeradius-users/2009-August/msg00326.html
-
List info/subscribe/unsubscribe? See
--On Tuesday, September 07, 2010 14:11:42 +0100 Sion
wrote:
On Tue, Sep 7, 2010 at 8:45 AM, Alan DeKok
wrote:
Sion wrote:
On Mon, Sep 6, 2010 at 12:54 PM, Alan DeKok
wrote:
Sion wrote:
I've also tried outer.reply, but I'm still not seeing it show up in
my logs.
And the debug log s
On Tue, Sep 7, 2010 at 8:45 AM, Alan DeKok wrote:
> Sion wrote:
>> On Mon, Sep 6, 2010 at 12:54 PM, Alan DeKok
>> wrote:
>>> Sion wrote:
I've also tried outer.reply, but I'm still not seeing it show up in my
logs.
>>> And the debug log says... ?
>
> Just set "use_tunneled_reply =
Hi Alex
Thank you for the help. I am now able to authenticate users from both
windows xp(2) and windows 7 using PEAP authentication type. But in Windows
Vista I have a problem. Initially I am able to authenticate from windows
vista but after some time its diconnects itself. I have to disable the
ne
Hello,
I hope this is not too Off Topic, but I am looking for a company with
FreeRADIUS expertise for a substantial Project in Switzerland ?
Would greatly appreciate it if someone could recommend a reliable and competent
partner for this.
Regards
Oliver Steudler
steudler (at) netcloud (dot)
That switch statement has no condition for *cp == "\\". Which is what
I have added. (Please see patch attached to my previous message)
On Tue, Sep 7, 2010 at 12:37 PM, Alan DeKok wrote:
> Murray Long wrote:
>> When passing variables to the perl module,
>> "void fr_print_string(const char *in, s
Murray Long wrote:
> When passing variables to the perl module,
> "void fr_print_string(const char *in, size_t inlen, char *out, size_t outlen)"
> Escapes all special characters (including '\')
Yes.
> When variables are returned from perl,
> VALUE_PAIR *pairparsevalue(VALUE_PAIR *vp, const char
What seems to be happening here:
When passing variables to the perl module,
"void fr_print_string(const char *in, size_t inlen, char *out, size_t outlen)"
Escapes all special characters (including '\')
When variables are returned from perl,
VALUE_PAIR *pairparsevalue(VALUE_PAIR *vp, const char *v
Nasser Heidari wrote:
> I've done it in test environment , problem is that same configuration is
> not working in heavy load.
> If NAS does not send MAC address , I update request with a
> .. mac , but in production environment, users who does not
> have mac address , RADIUS request upd
Sion wrote:
> On Mon, Sep 6, 2010 at 12:54 PM, Alan DeKok wrote:
>> Sion wrote:
>>> I've also tried outer.reply, but I'm still not seeing it show up in my logs.
>>And the debug log says... ?
Just set "use_tunneled_reply = yes"
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www
27 matches
Mail list logo