James J J Hooper wrote:
I've may have mis-understood the code, but I think the EAP MS-CHAP-v2
Failure packet, should be an EAP *request* (currently it's EAP failure)??
Yes, thanks.
I've deleted the setting of the EAP code. It's set in the compose
function to eap request.
Alan DeKok.
-
Thomas Fagart wrote:
Then I would wait for 2.1.11, or do you thing it's ok to use git
release in Production
Yes. Use the v2.1.x branch from git. It's fine.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi all
First post to the list ;)
I want to use both mac authentication and username authentication. I
have both working fine separately from mysql, but I want associate
certain mac addresses to certain usernames and have it authenticate
with the username.
I thought I could use the following to
Stephen Vigus wrote:
In mysql this query would display the username associated to the mac
(eg, user1@realm1), although it seems freeradius does not like this.
sigh Post the debug log.
Can anyone point me in the right direction so freeradius would think
its user1@realm1 authenticating when
On 04/09/2011 06:18 PM, James J J Hooper wrote:
On 08/04/2011 08:54, Alan DeKok wrote:
Phil Mayers wrote:
+1 - In my experience it's necessary to cater for windows' weirdness
*first*. Most other clients have sane behaviours. I'm concerned about
the we didn't do much windows testing line...
Hi Alan
I think I'm probably doing things wrong. I realized the query I'm
using is meant to count and allow anything thats not zero... not what
I'm after tho.
Just to double check, any sql queries I want to use are supposed to go
inside sites-available/default under authorize { ?
Below are the
Ah, managed to get it working. Changed things to look like this:
if(%{sql:SELECT radusergroup.username FROM authorized_macs LEFT JOIN
radusergroup ON ( authorized_macs.username = radusergroup.username )
WHERE authorized_macs.macaddr = '%{User-Name}'}){
update control {
Auth-Type :=
W dniu 2011-04-10 11:08, Zeus V Panchenko pisze:
Hi,
may somebody advice, please
i have:
uname
FreeBSD 8.1-RELEASE amd64
radiusd -v
radiusd: FreeRADIUS Version 2.1.10, for host amd64-portbld-freebsd8.1,
built on Apr 4 2011 at 22:44:15
radiusd configured with EAP-TLS only and works fine
On 10/04/2011 07:03, Alan DeKok wrote:
James J J Hooper wrote:
I've may have mis-understood the code, but I think the EAP MS-CHAP-v2
Failure packet, should be an EAP *request* (currently it's EAP failure)??
Yes, thanks.
Also, args to pairmove2 are wrong way around, as attached.
-James
On 10/04/2011 12:16, James J J Hooper wrote:
On 10/04/2011 07:03, Alan DeKok wrote:
James J J Hooper wrote:
I've may have mis-understood the code, but I think the EAP MS-CHAP-v2
Failure packet, should be an EAP *request* (currently it's EAP failure)??
Yes, thanks.
Also, args to pairmove2
On 10/04/2011 12:39, James J J Hooper wrote:
On 10/04/2011 12:16, James J J Hooper wrote:
On 10/04/2011 07:03, Alan DeKok wrote:
James J J Hooper wrote:
I've may have mis-understood the code, but I think the EAP MS-CHAP-v2
Failure packet, should be an EAP *request* (currently it's EAP
joezamosc joezam...@yahoo.com wrote:
Alexander - you have a point - WANN is under OU - I've made an adjustment in
modules/ldap and changed groupname_attribute to ou groupname_attribute =
ou
'groupname_attribute' should be 'cn', unless your LDAP directory is very
broken ;)
And after
Daniel Deptuła (daniel.dept...@gmail.com) [11.04.10 14:16] wrote:
...
the same device works fine (getting authorized well) via one AP in my
LAN and remote VPN, but receiving
...
Have you installed the CA certificate on the phones?? You can check it
propably somewhere in Menu- Settings -
W dniu 2011-04-10 14:25, Zeus V Panchenko pisze:
Daniel Deptuła (daniel.dept...@gmail.com) [11.04.10 14:16] wrote:
...
the same device works fine (getting authorized well) via one AP in my
LAN and remote VPN, but receiving
...
Have you installed the CA certificate on the phones?? You can check
Daniel Deptuła (daniel.dept...@gmail.com) [11.04.10 16:36] wrote:
I assume SSIDs for both WLANs are the same.
yes, they are
all configurations differs only by IP addresses
Have your tried to connect the remote AP in your LAN?
yes, and it works, i mean the device with problems began to get
Hi!
I want to build eap/tls so i need to produce a client certificate. in
the certs catalog there are ca.pem and server.pem,but not
client.pem.so I should use command make client.pem.
in the README file there are some words:Be sure that the commonName
field here is the User-Name that will be used
Hi ! I meet a ERROR in the test of EAP/PEAP
radtest sqluser 123 localhost 1812 testing123 is OK
,I just delete the # before 'eap' in radiusd.conf and default files.
the test eapol_test -c peap.txt -s testing123
my peap.txt is
network={
eap=PEAP
eapol_flags=0
James J J Hooper wrote:
Also, args to pairmove2 are wrong way around, as attached.
Applied, thanks.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
James J J Hooper wrote:
...Although, when you correct the password in the 'allow_retry = yes
popup, I don't think FR has got the bit to handle that yet:
Found Auth-Type = eduroamalieneap-bris-sha-ca
# Executing group from file
/usr/local/etc/raddb/sites-enabled/eduroamalien-inner
+-
On 10/04/2011 12:57, James J J Hooper wrote:
On 10/04/2011 12:39, James J J Hooper wrote:
On 10/04/2011 12:16, James J J Hooper wrote:
On 10/04/2011 07:03, Alan DeKok wrote:
James J J Hooper wrote:
I've may have mis-understood the code, but I think the EAP MS-CHAP-v2
Failure packet, should
/usr/local/freeradius/etc/raddb/sites-enabled/inner-tunnel
[mschapv2] +- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured. Cannot create LM-Password.
[mschap] No Cleartext-Password configured. Cannot create NT-Password.
[mschap] Creating challenge hash with username:
I've tried 2.1.x. (2.1.11)
Seems to work well but after an hour of working
I've got the following
Apr 10 22:20:50 vma-prdaut-08 radiusd[65766]: Exiting due to internal
error: Failed in select: Invalid argument
Apr 10 22:20:50 vma-prdaut-08 radiusd[65766]: Exiting due to internal
error:
On Fri, Apr 8, 2011 at 9:50 PM, u...@3.am wrote:
On my client's wifi network, we are authenticating staff users via
FreeRADIUS against the corporate LDAP database.
I've created a new SSID/WLAN with an IP pool that I've restricted
through
router ACLs that we want to deploy for temporary
23 matches
Mail list logo
