Hi
I'm busy with a FreeRadius Eduroam setup, but it only works with ipv4 and not
with ipv6.
My Setup:
wifi-client -- my-FreeRadius-proxy --- eduroam-proxy --- remote-site
My server:
FreeBSD 8.1-STABLE with freeradius-2.1.10_1 that was build from the ports,
with ipv6 enabled.
Here is a list
Excerpts from Johann Hugo's message of Mon Dec 06 09:01:09 + 2010:
I'm busy with a FreeRadius Eduroam setup, but it only works with ipv4 and not
with ipv6.
You seem to be using the same ipv6 address for your proxy as well as for the
eduroam proxy; is that intentional?
From example 1:
Oops
It should be:
ganymede# ifconfig
em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500
options=219bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC
ether 00:1c:c0:fb:dc:67
inet 146.64.8.17 netmask 0xff00 broadcast 146.64.8.255
Excerpts from Johann Hugo's message of Mon Dec 06 09:41:40 + 2010:
listen {
type = auth
#ipaddr = *
ipv6addr = ::
#ipv6addr = 2001:4200:7000:1:21c:c0ff:fefb:dc67
port = 0
}
radius -X
...
Listening on authentication address * port 1812
On Monday, December 06, 2010 11:58:21 am Thorsten Fischer wrote:
Excerpts from Johann Hugo's message of Mon Dec 06 09:41:40 + 2010:
listen {
type = auth
#ipaddr = *
ipv6addr = ::
#ipv6addr = 2001:4200:7000:1:21c:c0ff:fefb:dc67
port =
Hi,
Listening on authentication address * port 1812
Listening on authentication address :: port 1812
Does it work for you if you bind both, v4 and v6 sockets to specific
addresses? I havea a vague recollection that there might be a problem
with that, but I cannot find a reference at the
Hi,
Could anyone recommend the best web based management for FreeRADIUS 2.x?
Is there a Webmin module?
Thank you
Keith
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi.
There are several web based gui. I like daloradius or dialup admin.
Bye.
2010/12/6 Keith Beeby k.be...@albion.co.uk
Hi,
Could anyone recommend the best web based management for FreeRADIUS 2.x?
Is there a Webmin module?
Thank you
Keith
-
List info/subscribe/unsubscribe? See
Alan Buxey wrote:
ISTR that you cannot listen to v4 and v6 in the same virtual server -
Hmm... There shouldn't be a problem with that.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Johann Hugo wrote:
radius -X
...
Failed binding to authentication address 2001:4200:7000:1:21c:c0ff:fefb:dc67
port 1812: Can't assign requested address
Try and find out why the OS won't let the server bind to that address.
See also the code in src/main/listen.c Maybe there's an issue
miha- wrote:
I am having problems with authentication. I chacked secret on NAS and on
Radius server. Bouth are some but the radius is keep telling to check the
secret.
What could be worng or I am missing ?
The secret is wrong.
Change it on *both* NAS and server to something simple,
Hi,
ISTR that you cannot listen to v4 and v6 in the same virtual server -
Hmm... There shouldn't be a problem with that.
dont shoot me, I'm just the messenger! :-)
from the current supplied default config file
# IP address on which to listen.
# Allowed values are:
On Monday, December 06, 2010 02:05:14 pm Alan DeKok wrote:
Johann Hugo wrote:
radius -X
...
Failed binding to authentication address
2001:4200:7000:1:21c:c0ff:fefb:dc67 port 1812: Can't assign requested
address
Try and find out why the OS won't let the server bind to that address.
On Monday, December 06, 2010 03:24:28 pm Alan Buxey wrote:
Hi,
ISTR that you cannot listen to v4 and v6 in the same virtual server -
Hmm... There shouldn't be a problem with that.
dont shoot me, I'm just the messenger! :-)
from the current supplied default config file
Alan Buxey wrote:
dont shoot me, I'm just the messenger! :-)
...
# IP address on which to listen.
# Allowed values are:
# dotted quad (1.2.3.4)
# hostname(radius.example.com)
# wildcard(*)
ipaddr = *
# OR, you can use
...there was no userPassword (or it wasn't readable)
I think I have a problem with Ldap reading the password correctly. If
i have read correctly, it needs a clear text password
Secondly, the debug output you posted returns an Access-Accept
because, although the LDAP module was
Newbie here.. I badly need help!! This is exactly what I want to achieve.
But it isn't clear to me as to where to place those configurations. Should
it be in the authorize section?? or in the sqlcounter module?
Could someone post their configurations please..
Thanks so much in advance..
On 12/06/2010 02:06 PM, James Winter wrote:
I think I have a problem with Ldap reading the password correctly. If
i have read correctly, it needs a clear text password
If you want FreeRadius to extract information from LDAP, then the LDAP
bindDN that FreeRadius uses must have the
Hey Mikkal-
Im not sure if my last few emails went through the list... I got a msg
stating they were pending approval since they were too long. I kept digging
into this and I came across the eapol_test utility:
http://deployingradius.com/scripts/eapol_test/ I tried running that to take
the
Alan,
In my switch I see that radius send vlan 0 but as Access-chalange send vlan 200
as below.
Sending Access-Challenge of id 155 to 10.0.0.3 port 1645
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = 200
EAP-Message =
hello greetings to all such
I have a question regarding the free radius, the situation is as follows:
installed on my ubuntu computer operating system. then install and configure
free radius and my mac users, as well as clients and the access point. and my
question is:
there is any
NFS?
From: freeradius-users-bounces+ggatten=waddell@lists.freeradius.org
freeradius-users-bounces+ggatten=waddell@lists.freeradius.org
To: freeradius-users@lists.freeradius.org
freeradius-users@lists.freeradius.org
Sent: Mon Dec 06 15:37:01 2010
Subject:
On 12/06/2010 05:00 PM, Hanavan, John (John) wrote:
Hi All,
We have been trying to install FreeRadius with openSSL support on to a
CentOS Sever without much success. The version of FreeRadius and CentOS
are listed below.
http://wiki.freeradius.org/Red_Hat_FAQ
Explains how to build on Red Hat
Hi,
Sending Access-Challenge of id 155 to 10.0.0.3 port 1645
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = 200
EAP-Message = 0x0103001604108840585485ec8c2c8e14826bdf5ec42b
Message-Authenticator =
Hi Alan,
I see my switch log.
When I use freeradius my switch show logs below:
23:27:44: dot1x-ev:dot1x_vlan_assign_authc_success: Successfully assigned VLAN
0 to interface FastEthernet0/22
23:27:44: dot1x-sm:Posting AUTHC_SUCCESS on Client=1A6F44C
23:27:44: dot1x_auth Fa0/22: during
Hi,
already try that syntax but the same is not the syntax that I need,
know any others? or there is no other place?
all you random new people who are mysteriosuly asking for this MAC
authenticationwhatever course you are on, please reprimand the organiser
for not having local
I want an option to do some sort of your authentication is pending
administrative approval. a message has been sent to the administrators,
please try again in a few minutes. AND an option to sya your
authentication has failed completely, I'm sending you to a separate
vlan namely, the
Rangel, Luciano wrote:
I see my switch log.
sigh This is the FreeRADIUS list. Post the *radius* debug log, as
suggested in the FAQ, README, INSTALL, man page, web pages, and daily
on this list.
It's really not that hard.
You're having difficult solving the problem because you're
Christ Schlacta wrote:
1) the user has bad or no credentials
in this case the user should be sent to a captive vlan where all they
can do is connect to the registration webpage to acquire a certificate
and bind it to their wifi MAC address.
You want a captive portal. This has very little
On 12/6/2010 6:31 PM, Alan DeKok wrote:
Christ Schlacta wrote:
1) the user has bad or no credentials
in this case the user should be sent to a captive vlan where all they
can do is connect to the registration webpage to acquire a certificate
and bind it to their wifi MAC address.
You want a
Christ Schlacta wrote:
I know i'll be developing a custom captive portal to run, what I need to
know is how a) freeradius needs to interact with the portal software
The captive portal has a web login page, which ends up sending RADIUS
requests.
(can freeradius run scripts as hooks? or
Never mind. was able to figure out myself..
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/RESOLVED-customize-Post-Auth-Type-REJECT-tp2779460p3295334.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See
VLAN ID assignment should be done in Access-Accept, not in
Access-Challenge. Try to compare Access-Accept sent by Cisco ACS and
Access-Accept sent by FreeRADIUS.
Rangel, Luciano wrote:
Alan,
In my switch I see that radius send vlan 0 but as Access-chalange send vlan 200
as below.
Sending
Hi Rob,
Nope, no EAP with a Captive Portal. But I just configured a VNS with EAP,
so I see what you're talking about. But I think that the problem is that
the Filter-ID isn't being sent in the Access-Accept, and I'm pretty sure
that that's where it should be. I didn't play with my radius
34 matches
Mail list logo
