Hi,
I have 2 freeradius server: 1 as proxy server, 1 as authentication server.
Everything is working fine (Auth. for WPA2, MSCHAPv2 ) until I implement the
postproxy function:
Then the authentication process did not finished.
Putting the vlanid etc into radreply on the authentication radius,
On 17/11/10 12:31, hans.bornem...@tu-dortmund.de wrote:
Hi,
I have 2 freeradius server: 1 as proxy server, 1 as authentication
server. Everything is working fine (Auth. for WPA2, MSCHAPv2 ) until I
implement the postproxy function:
Post the debugging output, as advised frequently on this
Hello all,
I am using EAP-TTLS/EAP-MSCHAPv2 to authenticate clients
with a FR 2.1.10 backend AAA server. Requests go over an Access Point
(playing the role of the NAS), then get forwarded to a Proxy AAA FR 2.1.10
server and finally get routed to my backend server. My client is
hans.bornem...@tu-dortmund.de wrote:
the debug output:
the differences begin at line 82.
shrug You can try to figure out exactly what is misconfigured, or
you can go back to using the default configuration.
The default configuration works for proxying EAP packets. If your
configuration
The default configuration works for proxying EAP packets. If your
configuration doesn't work, it's because you changed something and broke it.
The default config is working, I wrote that in the first mail. IF I make this
additional config, then eap is broken:
On 17/11/10 14:27, hans.bornem...@tu-dortmund.de wrote:
The default config is working, I wrote that in the first mail. IF I make this
additional config, then eap is broken:
/etc/freeradius/sites-enabled/default:
post-proxy {
post_proxy_log
#attr_rewrite
Hi,
I'm new to RADIUS and I have to configure a rather complex system. Due to
the lack of (well made) documentation on the wiki I googled around and I've
found a good manual for GNU Radius (the old radiusd).
So my question is: how much can I rely on that documentation while writing
configuration
den2k wrote:
I'm new to RADIUS and I have to configure a rather complex system. Due
to the lack of (well made) documentation on the wiki
The server *does* include extensive documentation. See the doc
directory, and the comments in the configuration files.
I googled around
and I've found
Stefan Winter wrote:
when running configure, lots of somewhat important messages scroll by,
like silently disabling something you need :-)
Well... yes.
An untrained eye may miss these easily, leading to confusion afterwards
(I'm currently running a lecture on RADIUS, and pretty much all of
Stefan Winter wrote:
the default queries for mysql log Acct-Delay-Time into the columns
acctstartdelay and acctstopdelay, respectively. They leave the
timestamps for acctstarttime and acctstoptime at %S. For a non-zero
delay, this means that a database reader needs to do math to get the
Could you please share the perl scripts and the corresponding
configuration in radiusd.conf like authorize and post-auth section
related to these logs?
Unfortunately, I would need to get a release from my company as the code
belongs to them. I cannot post it at this time. You may want to
Hi,
my question is what IE/AVP in RADIUS Access-Request identifies the Request as
an EAP-SIM request ?
/TM
--
GRATIS! Movie-FLAT mit über 300 Videos.
Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
I'm using FreeRADIUS 2.1.3.
At the end of the authorize section I need to call a Perl script to do some
LDAP checking and either set the Auth-Type to Reject (to forcibly reject a
user) or leave it set to whatever value FreeRADIUS has previously set (always
LDAP).
I used to do this with
Hello,
I am working with ubuntu 9.10, I installed freeradius server 2.1.10,
Radius server is ok, but I am trying to implement hostapd in order to have
a management of several access points. Thus, I installed the hostapd
program, but I have a question concerning with other software related to
William wrote:
What I want to store int he radpostauth table is:
...
(I want to add these)
Calling_Station,
Called_Station,
See the debug mode for these attribute names. They're in the packet.
Calling-Station-Id and Called-Station-Id.
NAS_Short_name from clients.conf
That's a
mark.le...@stfc.ac.uk wrote:
I have the exec module enabled in the instantiate section of radiusd.conf and
I have the following at the end of the authorize section in the
sites-enabled/default file:
if (control:Auth-Type == LDAP) {
update control {
Auth-Type =
On Wed, Nov 17, 2010 at 04:15:47PM -0500, William wrote:
Greetings,
First, Thanks Alan DeKok. That was exactly what I needed for
NAS_Showt_Name.
Second, I just discovered a new issue. Not sure if this is a radius or a
MySQL issue.
When I crypt a password (MySQL CRYPT command) the
Hi,
when running configure, lots of somewhat important messages scroll by,
like silently disabling something you need :-)
./configure --with-whatever-options | grep WARN
;-)
there are other packages that print out stuff at the end about what
features are not enabled etc - but , being on
Hi,
The default configuration works for proxying EAP packets. If your
configuration doesn't work, it's because you changed something and broke it.
The default config is working, I wrote that in the first mail. IF I make this
additional config, then eap is broken:
Hello
I am lost in Freeradius on Ubuntu
I want to use peap authentication in ubuntu platform, but it seems that the
rlm_eap_tls.so has license problem and not built in the ubuntu freeradius,
then I try to build the source code and find that in hardy 8.04, it need the
debhelper version
Hi,
Hello
I am lost in Freeradius on Ubuntu
I want to use peap authentication in ubuntu platform, but it seems that
the rlm_eap_tls.so has license problem and not built in the ubuntu
freeradius, then I try to build the source code and find that in hardy
8.04, it
Hi Everyone
I have set up a freeRadius in Ubuntu server 10.0.4. I also set up a Cisco
switch as a NAS and enable 802.1x in the switch port. I used the
configuration first (clients.conf, users). The 802.1x authentication just
works fine.
Then I start to use mySql database, instead of clients.conf
Hello,
We're having the following authentication scenario for Wimax User
Authentication :
ASN -- EAP/TTLS --- 2 freeradius used as proxy -- 2 freeradius home
server.
AAA is fine when both home servers are up,but when one of them or both
of them are dead, we're having the following logs
I've currently got a single host configured to have a certificate, the
certificate is issued on a per-host basis. I want to somehow link a
specific machine to a specific ssl certificate. it's my understanding
that openldap or mysql can do this. I'd prefer not to use mysql as the
mysql
Thomas Fagart wrote:
...
WARNING: Internal sanity check failed in event handler for request 6:
Discarding the request!
Segmentation fault
And then the proxy radius dies.
That's not good.
This happens each time at the fifth try while trying to send the request
to a dead home server.
25 matches
Mail list logo
