Hello,
in wireshark I can see now that the first request for access goes throught
but the second one for accounting is rejected.
Can you help me out why?
What about encryption ? The secret on the nas server and on the radius is
100% same.
Where can I look for this?
I have chacked everything
karnik jain wrote:
*- I understood that ones who wants to use text other than ASCII than
that is up him to convert into UTF-8 first and send it to RADIUS server.*
*- But then How can free RADIUS server can performed the job of
varrifying credentials in above UTF-8 case, because it is not going
On 12/17/2010 08:58 AM, miha- wrote:
Hello,
in wireshark I can see now that the first request for access goes throught
but the second one for accounting is rejected.
Can you help me out why?
What about encryption ? The secret on the nas server and on the radius is
100% same.
Lots of people
Dear all,
I'm looking for possibility to inject the log from radius.log into mysql
DB for some monitoring purpose. Any better suggestion? I tried with
Syslog-NG and it just won't send radius.log to my syslog server but only
system log...
Regards
CK
--
This message has been scanned for
The main reason is to monitor the login activity for my radius server
i.e. Login Accept, Reject or Deny.
cktan wrote:
Dear all,
I'm looking for possibility to inject the log from radius.log into
mysql DB for some monitoring purpose. Any better suggestion? I tried
with Syslog-NG and it just
On 17 Dec 2010, at 11:13 AM, cktan wrote:
I'm looking for possibility to inject the log from radius.log into mysql DB
for some monitoring purpose. Any better suggestion? I tried with Syslog-NG
and it just won't send radius.log to my syslog server but only system log...
Have a look at
Hello,
this is user-name and password for phone that is registered on NAS. NAS is
sending authentication to freeradius server.
Is not shared secret different thing? I have shared secret entered in
clients.conf and in sql NAS table.
First he is trying with password 1122 for user name 081609000
miha- wrote:
this is user-name and password for phone that is registered on NAS. NAS is
sending authentication to freeradius server.
We all know that. Stating the obvious is not helpful.
Is not shared secret different thing? I have shared secret entered in
clients.conf and in sql NAS
Ok. I've been able to monitor another Exiting normally event:
Fri Dec 17 06:38:39 2010 : Info: Exiting normally.
Alan DeKok-2 wrote:
Watch the CPU and memory usage by the server.
I've been monitoring the server using Cacti for the last few days.
Memory usage shows plenty of free memory.
On 2010/12/17 11:41 AM, miha- wrote:
Hello,
this is user-name and password for phone that is registered on NAS. NAS is
sending authentication to freeradius server.
Please do NOT confuse the shared secret and the password that the phone uses.
The shares secret is a secret between the NAS
I noticed something in rlm_sql.c function rlm_sql_process_groups().
group_list is allocated at the top of the function, but
sql_grouplist_free(group_list) is only called at the end. All the various
error exits don't call it.
ISTM that's going to leak memory in event of errors, but perhaps I
Brian Candler wrote:
I noticed something in rlm_sql.c function rlm_sql_process_groups().
group_list is allocated at the top of the function, but
sql_grouplist_free(group_list) is only called at the end. All the various
error exits don't call it.
ISTM that's going to leak memory in event
john decot wrote:
Hi,
I am planing to use freeradius for authentication for lan users. The
following are the radcheck parameters:
mysql select * from radcheck;
++--++++
| id | username | attribute | op | value |
Danial wrote:
If you can, monitor any signals being sent to the server.
I've had a tcpdump session running
Uh... packets are not signals. Use ktrace to monitor signals sent
to a process.
See http://www.gsp.com/cgi-bin/man.cgi?section=1topic=ktrace
Alan DeKok.
-
List
Installed FreeRadius 2.1.8 to authenticate to an LDAP back end (eDirectory)
Set it up per the document link below:
http://www.novell.com/communities/node/11321/freeradius-218-edirectory-integration
Now I'm getting a No authenticate method error. Output of radiusd -X below:
Listening on proxy
On 17/12/10 14:40, discgolfer72 wrote:
Installed FreeRadius 2.1.8 to authenticate to an LDAP back end (eDirectory)
Set it up per the document link below:
http://www.novell.com/communities/node/11321/freeradius-218-edirectory-integration
Now I'm getting a No authenticate method error. Output
Thanks for your reply Alan .
--- On Fri, 12/17/10, Alan DeKok al...@deployingradius.com wrote:
From: Alan DeKok al...@deployingradius.com
Subject: Re: Unable to Authenticate users
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Date: Friday, December 17, 2010, 6:33 AM
What would be the proper service to use for eDirectory? Can I assume
from the document that EAP is the one to use for authenticating to
eDirectory or is another one better for that? Ultimately, we want to
set up a Wireless Access Point to send it's request to the Radius Server
which then
Ben Lewis wrote:
What would be the proper service to use for eDirectory?
ldap.
Read raddb/sites-available/default. Look for ldap.
Can I assume
from the document that EAP is the one to use for authenticating to
eDirectory
No.
or is another one better for that? Ultimately, we
Thanks for the reply, here is what I am trying to do
External Servers Send Requests To - 1812,1813 --- FreeRadiusd --
Backend_Servers_Set01 (1812,1813)
External Servers Send Requests To - 1815,1816 -- FreeRadiusd --
Backend_Servers_Set02 (1815,1816)
I guess I am not sure where the listen
That did the trick. Thanks Alan and Phil!!!
On 12/17/2010 9:20 AM, Alan DeKok wrote:
Ben Lewis wrote:
What would be the proper service to use for eDirectory?
ldap.
Read raddb/sites-available/default. Look for ldap.
Can I assume
from the document that EAP is the one to use for
Hmm my line breaks where removed from my email
External Servers Send Requests To - 1812,1813 --- FreeRadiusd --
Backend_Servers_Set01 (1812,1813)
External Servers Send Requests To - 1815,1816 -- FreeRadiusd --
Brian Carpio wrote:
Thanks for the reply, here is what I am trying to do
External Servers Send Requests To - 1812,1813 --- FreeRadiusd --
Backend_Servers_Set01 (1812,1813)
External Servers Send Requests To - 1815,1816 -- FreeRadiusd --
Backend_Servers_Set02 (1815,1816)
I guess I am
Ben, its sounds like you have everything going, to you still need the screencast?
Congradulations if you have it all worked out ;)
Matthew Stavert
ITSM, ACMT
Information Systems Analyst
NLSD. 69
PH:780-826-3145
Cell: 780-207-1146
Ben Lewis
I think we're good now. Thanks for offering the screencast though!
On 12/17/2010 10:38 AM, Matthew Stavert [via FreeRadius] wrote:
HTMLHEAD /HEAD BODY style=MARGIN: 4px 4px 1px; FONT: 10pt
Tahoma
Ben, its sounds like you have everything going, to you still need the
screencast?
Thanks for your help Alan, but I think I am not giving you the right
information.. (that or I don't understand the README)
So we are using freeradius for proxying requests to different backend servers
only (basically using freeradius as a load balancer), we aren't using it to
actually
Brian Carpio wrote:
Thanks for your help Alan, but I think I am not giving you the right
information.. (that or I don't understand the README)
So we are using freeradius for proxying requests to different backend servers
only (basically using freeradius as a load balancer), we aren't using
Thanks this is working perfectly now!
-Original Message-
From: freeradius-users-bounces+bcarpio=broadhop@lists.freeradius.org
[mailto:freeradius-users-bounces+bcarpio=broadhop@lists.freeradius.org] On
Behalf Of Alan DeKok
Sent: Friday, December 17, 2010 1:32 PM
To: FreeRadius
I changed the /etc/raddb/sites-available/default to the following and
changed Auth-Type to SQL in the radcheck table, and it still rejects the
user.
authorize {
preprocess
mschap
sql
}
authenticate {
Auth-Type MS-CHAP {
mschap
}
}
preacct {
account_unique
}
Hi G,
thank for your suggestion. Just noticed I can log a post-auth reject
message into sql and it was work fine for me. However, it is only for
Reject message but for the Denied message where is the user account's
attribute is set to deny. Is that possible the post-auth can log for
Denied
Todd Bateman wrote:
I have been trying to get freeradius + mysql to play nice together for
the past few days and no mater what HOW TO or Tutorial I follow the end
result is the same when I run radtest from the command line I get
Access-Reject. In the HOW TO/Tutorials I have followed I was
31 matches
Mail list logo