Hello All,
We are using EAP-MSCHAPV2 for authentication with LDAP and using version
2.2.0. So actually who control the session validity for how long the client
will be authenticate after connecting to the wireless AP? So for example i
key in my username / password in Windows popup, then how long
Dear Fajar A. Nugraha
thanks for your reply. and your guide
i reduce the database connection and it solved :)
Best regards.
On Mon, Apr 22, 2013 at 11:43 AM, Fajar A. Nugraha l...@fajar.net wrote:
On Mon, Apr 22, 2013 at 12:59 PM, Mehdi Ravanbakhsh baba...@gmail.comwrote:
i get this
On Tue, Apr 23, 2013 at 1:27 PM, Mehdi Ravanbakhsh baba...@gmail.com wrote:
Dear Fajar A. Nugraha
thanks for your reply. and your guide
i reduce the database connection and it solved :)
Wow.
Though I'm glad to hear it solves your problem, personally I don't see
how it could work.
Or to be
Controlled by the NAS and/or the RADIUS server depending on NAS settings. ie
you should be able to set session-timeout on the NAS and then override/update
the value on the RADIUS server depending on your chosen policies...eg for
particular users/clients etc...and if proxying you may have
Hi all,Have anyone test the performance about FreeRADIUS+jRadius on
authentication?I recently did several numbers of load test with radclient in
FreeRADIUS.I used radclient -c 1 to attack my radius server(with jradius),
and found that the results are pretty bad...The call per second was
thanks
On Tue, Apr 23, 2013 at 11:12 AM, Fajar A. Nugraha l...@fajar.net wrote:
On Tue, Apr 23, 2013 at 1:27 PM, Mehdi Ravanbakhsh baba...@gmail.com
wrote:
Dear Fajar A. Nugraha
thanks for your reply. and your guide
i reduce the database connection and it solved :)
Wow.
I get something like
'aolnet/aol.dsl.newuser.10A50001000300010001US92C1..prod' in
User-Name attribute .
I think it should be connect-info attribute !
and In this case all %{connect-info} is empty (not null) .
i increase the connect-info to 150 character but nothing happens.
I am
On Tue, Apr 23, 2013 at 12:58:11PM +0430, Mehdi Ravanbakhsh wrote:
I get something like
'aolnet/aol.dsl.newuser.10A50001000300010001US92C1..prod' in
User-Name attribute .
I think it should be connect-info attribute !
Check your NAS. That is what is sending the data to FreeRADIUS
Hi,
I get something like
'aolnet/aol.dsl.newuser.10A50001000300010001US92C1..prod' in
User-Name attribute .
yep
I think it should be connect-info attribute !
why? have ou debugged the packets - that looks like what I'd expect in
a User-Name if looking at dialup kit
Hello,
Le 2013-04-22 15:33, Alan DeKok a écrit :
gregoire.le...@retenodus.net wrote:
First, I want to check is the user has the right password. If he has
the
right password, I want to give him a configuration and if he's in
the
one_huntgroup_name (i.e he's from a special NAS), I want to give
Hi Alan,
In which config files do i need to look / edit / add the session timeout in
freeradius?
Thanks
Danny
On Tue, Apr 23, 2013 at 3:11 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote:
Controlled by the NAS and/or the RADIUS server depending on NAS settings.
ie you should be able to set
Hi,
In which config files do i need to look / edit / add the session timeout
in freeradius?
that would depend on how your configuration is done and what options and methods
you are using. 'users' file is basic way, SQL tables are another, unlang is yet
another way...eg
update reply {
Thanks Alan, let me try that. So i can apply this only if the Wireless AP
is sending packet with Session-Timeout too right? I don't see this setting
in Meraki Wireless AP.
I'm using ldap and all the authentication just simple username / password
from ldap. Is the the exact syntax to apply with?
gregoire.le...@retenodus.net wrote:
I have actually read the documentation, and the wiki about SQL. Really.
Otherwise, I wouldn't have sent the first email. I'm going to be more
specific about what I don't understand.
OK. That's good.
In my user files, I have two lines to check.
First,
Hi,
Thanks Alan, let me try that. So i can apply this only if the Wireless AP
is sending packet with Session-Timeout too right? I don't see this setting
in Meraki Wireless AP.
as i said, depends on your settings and what the NAS is willing to take from
the
RADIUS server - you'll
Hello,
I am planning to upgrade our FR from 2.1.10 to 2.2.0 to address increasing NTLM
authentication failures using EAP-MSCHAPv2 in our wireless systems. I would
welcome and appreciate advice on precautions I should take before, during, and
after upgrade. Any issue did you run into in your
Wang, Yu wrote:
I am planning to upgrade our FR from 2.1.10 to 2.2.0 to address
increasing NTLM authentication failures using EAP-MSCHAPv2 in our
wireless systems. I would welcome and appreciate advice on precautions
I should take before, during, and after upgrade. Any issue did you run
into
Hi,
I am planning to upgrade our FR from 2.1.10 to 2.2.0 to address increasing
NTLM authentication failures using EAP-MSCHAPv2 in our wireless systems.
I would welcome and appreciate advice on precautions I should take before,
during, and after upgrade. Any issue did you run into
Thanks again Alex, i will try your syntax.
Thanks
Danny
On Tue, Apr 23, 2013 at 9:25 PM, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
Thanks Alan, let me try that. So i can apply this only if the
Wireless AP
is sending packet with Session-Timeout too right? I don't see this
setting
in
hi,
docs/ChangeLog
* 100% configuration file compatible with 2.1.x.
The only fix needed is to disallow hashsize=0 for rlm_passwd
so..if you havent played around with modules/passwd you'll find it just runs.
alan
-
List info/subscribe/unsubscribe? See
Hi,
Thanks again Alex, i will try your syntax.
do you deliberately change words?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
What you mean? Sorry i think you might mis-understand my previous 2
message. I mean 2 ask what is the correct syntax for update reply
Is it exactly like what you said in previous email or else :
update reply {
Session-Timeout : = 7200
}
I will search the documentation again
Hi,
What you mean?
see bottom of email
Is it exactly like what you said in previous email or else :
update reply {
Session-Timeout : = 7200
}
no, its exactly liek I typed. if you add spaces like you have then the server
wont like it
alan
-
List
Thanks for the advice. I'll make a backup copy as we do have some customized
scripts.
Yu Wang
Network Architect
Core Networking, FSU
-Original Message-
From: freeradius-users-bounces+ywang10=fsu@lists.freeradius.org
Wang, Yu wrote:
Thanks for the advice. I'll make a backup copy as we do have some customized
scripts.
Installing a new version will *never* over-write your existing
configuration files, scripts, etc. It *will* over-write binaries and
libraries.
Alan DeKok.
-
List
On 04/23/2013 11:38 AM, Wang, Yu wrote:
Thanks for the advice. I'll make a backup copy as we do have some customized
scripts.
As has been stated numerous times on this list you should keep any FR
config file you modify or any file you add under source code control.
Your repository located
Hi Danny,
On Tue, Apr 23, 2013 at 11:13:46PM +0800, Danny Kurniawan wrote:
What you mean? Sorry i think you might mis-understand my previous 2
message. I mean 2 ask what is the correct syntax for update reply
Is it exactly like what you said in previous email or else :
update reply {
...have a little test/dev server. Copy your current config onto it and run the
new version in full debug mode, see what it might complain about
Alternatively, compare your config against vanilla config and then just start
from vanilla making required changes...this can really help to clean up
This is indeed a very considerate design, much better than some other software,
like dhcp, that overwrites conf files every time.
Thanks,
Yu Wang
-Original Message-
From: freeradius-users-bounces+ywang10=fsu@lists.freeradius.org
Thanks all.
-Danny
On Tue, Apr 23, 2013 at 11:59 PM, Matthew Newton m...@leicester.ac.ukwrote:
Hi Danny,
On Tue, Apr 23, 2013 at 11:13:46PM +0800, Danny Kurniawan wrote:
What you mean? Sorry i think you might mis-understand my previous 2
message. I mean 2 ask what is the correct syntax
Chuang Okis wrote:
Have anyone test the performance about FreeRADIUS+jRadius on authentication?
Not me.
The test was just for authentication load test from gateway to radius
server. My jradius handler would just do some easy string splitng for
one VSA.
Use Perl. It's integrated into
Hi All
i use Cisco and mikrotik as Access server in my network and i need to
limit user access by MAC address.
in this case i can use Calling-Station-Id , it works for mikrotik :
AUTH Detail
Packet-Type = Access-Request
Service-Type = Framed-User
Framed-Protocol = PPP
Thanks for Alan's quick and kindly reply!
Yes, I'm under this slow performance trouble now
Actually I tried let it not going into jradius and completing my easy job
only in FreeRADIUS yesterday. And it did it well.
It can finish 1 auth request in 13 sec.
However, our goal is more than
On Wed, Apr 24, 2013 at 9:34 AM, Okis Chuang okischu...@outlook.com wrote:
Thanks for Alan's quick and kindly reply!
Yes, I'm under this slow performance trouble now
Actually I tried let it not going into jradius and completing my easy job
only in FreeRADIUS yesterday. And it did it well.
Thanks Fajar your speedy response and really helpful for me.
Yeah..I'm pretty grateful about all contributions here for sure! And I'm
definitely not insist on desiring the best solution here.
I just want to listen some opinions or advice from all those experienced.
Anyway, I'll keep learning
35 matches
Mail list logo