Vincent Guardiola wrote:
> Ok I will try this :),
>
> I don't use inner-tunnel file it's required or not ?, I just use file
> sites-enable/default
Please read the documentation and examples that come with the server.
It's MUCH nicer than asking questions which are already answered.
Alan D
Hi Alan,
thanks for a quick response, would this how it is suppose to be done:
if (User-Name =~ /^(.*)@(.*)/) {
update request {
NT-Domain := "staff"
}
} else {
mschap
}
Thanks in advance
Cheers
Vikash
On
Hi,
>+- entering group MS-CHAP {...}
>[mschap] Told to do MS-CHAPv2 for [2]u...@example.com.au with NT-Password
>[mschap] � � � �expand: --username=%{mschap:User-Name} ->
>--username=[3]u...@example.com.au
>[mschap] No NT-Domain was found in the User-Name.
>[mschap] � � � �
On Fri, Dec 16, 2011 at 1:02 AM, Nathan M wrote:
> @Fajar - the intent in having them dropped is exactly that. I don't
> want the end-user trying to authenticate to fail authentication, I do
> want the NAS to retry. I just want to control how quickly it can
> retry from my end.
Have you actuall
I appreciate the replies and suggestions to upgrade the SQL
infrastructure. What I'm attempting to do is to basically limit a
friendly DOS attack. I think throttling the offender is a better
approach than adding more hardware in this case. Maybe inside
freeradius isn't the answer, and maybe a fi
On 15/12/11 16:14, Vincent Guardiola wrote:
Ok I will try this :),
I don't use inner-tunnel file it's required or not ?, I just use file
sites-enable/default
Not sure. Try it.
I would always advise using inner-tunnel; it makes a lot of logical
sense to have the PEAP inner processed separatel
Ok I will try this :),
I don't use inner-tunnel file it's required or not ?, I just use file
sites-enable/default
2011/12/15 Phil Mayers
> On 15/12/11 15:12, Vincent Guardiola wrote:
>
>> Humm yes, but with this i can use mschapv2 for authenticate or my
>>
>
> Yes.
>
>
> authentification wil
On 15/12/11 15:12, Vincent Guardiola wrote:
Humm yes, but with this i can use mschapv2 for authenticate or my
Yes.
authentification will be used by client certificat ?
No.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
I am using FreeRADIUS Version 2.1.12, for host i686-pc-linux-gnu,
built on Dec 6 2011 at 19:51:34, and I'd like to set up a quota using
rlm_sqlcounter.
However, the quota I'd like to use is over 4GB and the module will
than overflow, not allowing a user who still has quota left.
The user with
Humm yes, but with this i can use mschapv2 for authenticate or my
authentification will be used by client certificat ?
2011/12/15 Phil Mayers
> On 15/12/11 14:29, Vincent Guardiola wrote:
>
>> Hi all,
>>
>> I have just one question about client certificats with EAP-TTLS or
>> EAP-PEAP.
>>
>> I w
On 15/12/11 14:29, Vincent Guardiola wrote:
Hi all,
I have just one question about client certificats with EAP-TTLS or EAP-PEAP.
I would like use certificats client with authentication MSCHAPv2 it's
possible ?
Yes. This is documented in the "eap.conf":
# You can make PEAP require a client c
Hi all,
I have just one question about client certificats with EAP-TTLS or EAP-PEAP.
I would like use certificats client with authentication MSCHAPv2 it's
possible ?
It's possible to use client certificats for create TLS tunel and use
mschapv2 auth inside ?
In my test the authentication is MSCHA
I don't understand even single word but when I see "Simultaneous-Use"...
On 12/15/2011 2:23 PM, Caio wrote:
Bom dia pessoal.
Uso ubuntu-server 10.10.
Tenho freeradius 2.1.9 + Postgres 8.2 integrados a mikrotik.
Situação:
Toda vez que preciso reiniciar o meu mikrotik com aproximadamente 600
cli
2011/12/15 Caio :
> Bom dia pessoal.
> Uso ubuntu-server 10.10.
> Tenho freeradius 2.1.9 + Postgres 8.2 integrados a mikrotik.
>
> Situação:
> Toda vez que preciso reiniciar o meu mikrotik com aproximadamente 600
> clientes autenticados, log após o reboot, o freeradius não suporta a carga
> de soli
Bom dia pessoal.
Uso ubuntu-server 10.10.
Tenho freeradius 2.1.9 + Postgres 8.2 integrados a mikrotik.
Situação:
Toda vez que preciso reiniciar o meu mikrotik com aproximadamente 600
clientes autenticados, log após o reboot, o freeradius não suporta a
carga de solicitação das autenticações do m
Fajar A. Nugraha-2 wrote
>
>> server copy-acct-to-home-server {
>> +- entering group preacct {...}
>> ++[preprocess] returns ok
>> [suffix] No '@' in User-Name = "pruebas", looking up realm NULL
>> [suffix] No such realm "NULL"
>> ++[suffix] returns noop
>> ++[files] returns noop
>> +- entering g
On Thu, Dec 15, 2011 at 3:52 PM, KatsuroKurosaki wrote:
> realm radrelay {
> acct_pool = radrelay
> }
... so that is your realm
> server copy-acct-to-home-server {
> modules {
> Module: Checking preacct {...} for more modules to load
> Module: Linked to module rlm_preprocess
> Modu
On Thu, Dec 15, 2011 at 3:38 PM, Hitesh Vinzoda wrote:
> Hi Fajar,
>
> We have uncommented the pool-key for NAS-PORT & CALLING-STATION-ID under
> sqlippool.conf and hence want the calling-station-id to be used when the
> lease expires/new session such that user has more chances of getting the
> sa
Hi,
> Error: rlm_sql (sql): There are no DB handles to use!
improve your SQL performance - eg use InnoDB instead of myISAM , or postgresQL
instead of MySQL
increase number of PERL and SQL instances
use another 'non-inline' method to handle the accounting - so its buffered
and put into DB when
Hi,
>I want to know which reference I can use to make a certicate request for a
>third party ca.� This certificate is for peap with mschap v2.� In terms of
>adding the extensions for peap.
http://support.microsoft.com/kb/814394/en-us
you know, this is written in plain clear text in '
Hi Fajar,
We have uncommented the pool-key for NAS-PORT & CALLING-STATION-ID under
sqlippool.conf and hence want the calling-station-id to be used when the lease
expires/new session such that user has more chances of getting the same ip
address again.
pool-key = "%{NAS-Port}"
pool-key = "%{Ca
21 matches
Mail list logo
