On 01/19/2012 12:46 AM, Rui Ribeiro wrote:
Hi list,
I have freeradius working in a EDUROAM federation, all PEAP-MSCHAPv2
and TTLS-EAP working locally, however when roaming to the federation,
PEAP-MSCHAPv2 fails categorically and only TTLS-EAP works with
success.
This is exactly the same
EAP: deinitialize previously used EAP method (25, PEAP) at EAP deinit
MPPE keys OK: 0 mismatch: 1
FAILURE
Hmm. I see from your original email that Samba ntlm_auth are succeeding.
There are a couple of buggy version of Samba out there that return
invalid response values, and generate these
Hi,
freeradius -X
FreeRADIUS Version 2.1.10, for host i486-pc-linux-gnu, built on Nov 14
2010 at 20:41:03
a couple of thingsupgrade - 2.1.10 *will* die at some point when proxying
to a remote server
that doesnt respond
[f_ticks] expand: %{reply:Packet-Type} - Access-Accept
Hi,
I've successfully set up a radius server to support 802.1x
authentication using peap mschapv2 and samba to authenticate users
against AD.
To do this I followed configuration on the freeradius.org website and
the AD integration howto on deployingradius.com, thank you very much
for writing
Il 19/01/2012 10:03, Phil Mayers ha scritto:
EAP: deinitialize previously used EAP method (25, PEAP) at EAP deinit
MPPE keys OK: 0 mismatch: 1
FAILURE
These (plus the timeout one) are the lines printed after FR have already
cloded session.
Hmm. I see from your original email that Samba
On Jan 19, 2012, at 11:00 AM, freeradius-users-requ...@lists.freeradius.org
wrote:
Message: 1
Date: Thu, 19 Jan 2012 08:58:39 +
From: Phil Mayers p.may...@imperial.ac.uk
Subject: Re: eduroam working ok, except for EAP
To: freeradius-users@lists.freeradius.org
Message-ID:
On 19/01/12 11:07, NdK wrote:
Il 19/01/2012 10:03, Phil Mayers ha scritto:
EAP: deinitialize previously used EAP method (25, PEAP) at EAP deinit
MPPE keys OK: 0 mismatch: 1
FAILURE
These (plus the timeout one) are the lines printed after FR have already
cloded session.
Yes.
Hmm. I see
Hi,
I tried to return the value of Filter-ID as:
authorize {
...
ldap
if (distinguishedName =~ /^[^,]+,OU=([^,]+),/) {
update control {
Tmp-String-1 := %{1}
}
}
...
}
post-auth {
update reply {
Filter-Id :=
suggestme wrote:
I tried to return the value of Filter-ID as:
authorize {
...
ldap
if (distinguishedName =~ /^[^,]+,OU=([^,]+),/) {
What's distinguishedName ?
It's not a RADIUS attribute. Read man unlang, which explains how
the attributes variables work.
In my
Thank you so much Alan for pointing out the mistake suggesting the
solution.
Using:
if (control:Ldap-UserDN =~ /^[^,]+,OU=([^,]+),/)
*solved this issue.*
Still trying to become more familiar with attributes and learning.
In my understanding there are different attributes list as :request,
suggestme wrote:
Still trying to become more familiar with attributes and learning.
In my understanding there are different attributes list as :request, reply,
control, proxy-request, proxy-reply, outer.request, outer.reply, etc.
As I said before, see man unlang. This is documented in
Hi,
Does anyone know if FreeRADIUS now supports Microsoft
PEAP/EAP-TLS, i.e. when you select PEAP with Certificates in
Windows (not plain EAP-TLS, or PEAP/MS-CHAPv2, which both work
fine)? This post from 2007 (and FR 1.0.1) indicates that it didn't
work then, wondered if that's changed at all?
Hi everyone,
Is there a way to run a module only during the first EAP-TLS handshake?
for example:
authorize {
preprocess
if (??? == ???) {
echo
}
...
}
I simply want the 'echo' module to run once during thr first auth.
The reason being the 'echo'
Victor Tangendjaja wrote:
Is there a way to run a module only during the first EAP-TLS handshake?
Track the information in a database.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Matthew Newton wrote:
Does anyone know if FreeRADIUS now supports Microsoft
PEAP/EAP-TLS, i.e. when you select PEAP with Certificates in
Windows (not plain EAP-TLS, or PEAP/MS-CHAPv2, which both work
fine)? This post from 2007 (and FR 1.0.1) indicates that it didn't
work then, wondered if
15 matches
Mail list logo
