On 05/23/2013 07:43 PM, Franks Andy (RLZ) IT Systems Engineer wrote:
Seems a bit excessive to do it each request. I know it’s not something
likely to changegidoften but would like to not have to update itat all
should it change. We have an “over zealous” AD administrator..
But primary group
On 05/24/2013 05:18 AM, Stefan Winter wrote:
simply isn't an IPv6 address
Very true.
fe80::215:17ff:fed0:d278%eth0
is the valid address. I don't know if the FreeRADIUS address parser is
prepared to handle such interface-scoped addresses. There's not much use
case for this.
Not sure I
Hello all,
I'm new to the list, relatively new to authentication, and I'm trying to figure
out some details regarding the RFCs. I was hoping some of you might be able
and willing to help me out here.
As I understand it, using TLS you can authenticate the server and optionally
the client,
On 05/24/2013 09:12 AM, Pieter Hulshoff wrote:
Hello all,
I'm new to the list, relatively new to authentication, and I'm trying to figure
out some details regarding the RFCs. I was hoping some of you might be able
and willing to help me out here.
As I understand it, using TLS you can
Ah, I forgot about rlm_cache. The primary group will always be the same
strangely enough, so I only need to look it up once.
I'll look into the cache
Thanks
Andy
-Original Message-
From:
freeradius-users-bounces+andy.franks=sath.nhs...@lists.freeradius.org
Hello all,
Does FreeRADIUS support AES-GCM in EAP-TLS? I couldn't find the term in the
documentation, the wiki or the mailinglist archives, but perhaps I'm looking
in the wrong place?
Kind regards,
Pieter Hulshoff
-
List info/subscribe/unsubscribe? See
On 24/05/13 11:44, Pieter Hulshoff wrote:
Hello all,
Does FreeRADIUS support AES-GCM in EAP-TLS? I couldn't find the term in the
documentation, the wiki or the mailinglist archives, but perhaps I'm looking
in the wrong place?
Typically this is down the TLS libraries; it's not usually the case
On Friday, May 24, 2013 12:21:47 PM Phil Mayers wrote:
On 24/05/13 11:44, Pieter Hulshoff wrote:
Hello all,
Does FreeRADIUS support AES-GCM in EAP-TLS? I couldn't find the term in
the
documentation, the wiki or the mailinglist archives, but perhaps I'm
looking in the wrong place?
On 24/05/13 12:47, Pieter Hulshoff wrote:
I guess that if we want to use AEAD cyphers we'll need to find another TLS
library or adapt/contribute to OpenSSL?
I think they're supported as of OpenSSL 1.0.1, so merely compiling
against that should be sufficient, but both ends then need to use TLS
On Friday, May 24, 2013 01:47:36 PM Pieter Hulshoff wrote:
I guess that if we want to use AEAD cyphers we'll need to find another TLS
library or adapt/contribute to OpenSSL?
It seems some people are way ahead of me:
Arvind Bahuguni wrote:
Hi,
Need help in resolving radius issues. My radius server is not
processing accounting packets, radius server is sending access-accept
but not proceeding further with accounting, it will send access-accept
and start waiting for another request.
This is in the FAQ.
Dan Lietz wrote:
I’m pretty much a noob when it comes to freeradius as I still don’t
completely understand what files are used for authorization and
authentication and where to put different certain pieces of configuration.
Rule 1: don't touch anything. The configuration is complicated, but
Using global IPV6 addresses worked. Thanks for the help.
Mike
-Original Message-
From: freeradius-users-
bounces+michael.sherman=exfo@lists.freeradius.org
[mailto:freeradius-users-
bounces+michael.sherman=exfo@lists.freeradius.org] On Behalf Of
Alan DeKok
Sent: Friday, May
Hi,
I have an interesting scenario where a broadband user has
Auth-Type=Reject configured as an attribute in the back-end database
of FreeRADIUS, and this sppears to be working, as radtest and
radclient confirm (the Access-Reject packet is received):
[root@radius-one radius]# echo
Show us the radius server debug
alan
--
This smartphone uses eduroam for free WiFi access around the world. Now that's
what I call smart.
Original message
From: Matthew Melbourne m...@melbourne.org.uk
Date: 24/05/2013 17:10 (GMT+00:00)
To:
On 24/05/13 17:19, Alan Buxey wrote:
The only difference I can see is that the first example uses a
plain-text password, and the RADIUS on the LNS is using CHAP?
The backend database has = in the 'op' field (and not :=), so the
returned attribute is Auth-Type = Reject and not Auth-Type :=
16 matches
Mail list logo