Dear all,
at the moment we are facing a small issue since our OCSP responders are behind
a traffic manager.
As explained in the eap.conf file, the freeradius' HTTP requests sent to the
responder does not contain the Host: information and therefore the traffic
manager can't handle it properly
On Wed, Jul 31, 2013 at 09:46:20AM +, Beltramini Francesco wrote:
As explained in the eap.conf file, the freeradius' HTTP requests
sent to the responder does not contain the Host: information
and therefore the traffic manager can't handle it properly
(unless we use for it a separate vIP,
Ok,
thank you
but this file its needed? whats the objetive to keep logging this file?
its only writes on text file the sql ?
but the sql will continue writing on sql server, correct?
2013/7/30 Alan DeKok al...@deployingradius.com
Alisson wrote:
I have a high disk utilization because the
3. Re: only 2 dynamic IPs are allocated even the ip pool has
many IPs (Alan DeKok)
Hi Alan,
Can you help me what changes do I need to do to get the new dynamic IP
addresses for new sessions instead of duplicate IP addresses.
I am not able to understand your answer fully.
# key:
Alisson wrote:
but this file its needed? whats the objetive to keep logging this file?
Someone on YOUR SYSTEM enabled it. Therefore, ask that person to see
if it's needed. I don't know. I don't have access to your system.
its only writes on text file the sql ?
but the sql will continue
Koka Krishna wrote:
Can you help me what changes do I need to do to get the new dynamic IP
addresses for new sessions instead of duplicate IP addresses.
I am not able to understand your answer fully.
You quoted the text which describes what you need to do. What part of
that is unclear?
James Leavitt wrote:
After some compiling and configuring, I've managed to get version 3.0.0
up and running, and I seem to be having a similar issue:
I don't see that on my systems. radsniff, radclient, and pcap all
show that the WiMAX attributes are correct.
Data: 1a 17 00 00
Alan,
Thanks for your reply. I see your point. But this does create an issue
when you deprecate a nas when users are connected (which isn't ideal but
does happen) because now the session will never close and radius doesn't
assume that a missing nas also means missing session, nor does it pass
HI Alan,
Still no dice. I've disabled the database and used the file as suggested
(which is something that I had yet to try, but as you recommended I've
done so). I have tried with and without the Session-Timeout and
Acct-Interim-Interval without any effect.
Here's the hex output (from the
List,
This is odd, I can't seem to figure out what the deal is with this.
This works:
As root user; /usr/sbin/radius -X
As root user; /usr/sbin/radius (when user= and group= is commented out
and running as root)
As radius user; /usr/sbin/radius -X
As radius user; /usr/sbin/radius (when
List,
This is odd, I can't seem to figure out what the deal is with this.
This works:
As root user; /usr/sbin/radius -X
As root user; /usr/sbin/radius (when user= and group= is commented out
and running as root)
As radius user; /usr/sbin/radius -X
As radius user; /usr/sbin/radius (when
You've done something to the dictionaries. What is it?
Alan DeKok.
On 2013-07-31, at 10:57 AM, James Leavitt james.leav...@corp.xplornet.com
wrote:
HI Alan,
Still no dice. I've disabled the database and used the file as suggested
(which is something that I had yet to try, but as you
See the hex output. The 00 00 60 b5 is the WiMAX forum vendor ID. Your
debug output has 00 01 04 45 in the same place. So either the dictionaries
are broken, or the binaries are broken.
Either way, this problem doesnt appear in a stock install with the stock
dictionaries.
So what
Sorry Alan,
I left that part out since it is coming through ok, here's the whole
thing (you can see the 00 00 60 b5 after the 1a 17):
1a 17 00 00 60 b5 1c 11 00 01 04 45 b7 02 04 cf b7 03 06 cf b7 01 00
1a 17 00 00 60 b5 1c 11 00 01 04 45 b7 02 04 d2 b7 03 06 d0 b7 00 00
Interesting theory
If you're asking for help, it's a good idea to be honest about it. Editing
the hex output and *not* saying so is rude
The reason I asked for the hex output is because I wanted the hex output. I
didn't want a butchered version of he hex output.
On 2013-07-31, at 1:19 PM, James Leavitt
Understood Alan,
As I admitted I should have followed your example and copied the whole
VSA, not just the TLV section, again mea culpa.
I did however include the PCAP as you had requested, which has the works.
James
On 07/31/2013 02:34 PM, Alan DeKok wrote:
Re: WiMAX TLV value correct in
I havent looked at the pcap file, but I'm sure it says the same thing. The
WiMAX VSA is wrong. I don't know why. It works for me, using the default
configuration.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Alan,
the sql_log var, just write a text file with the sql statements, correctly?
2013/7/31 Alan DeKok al...@deployingradius.com
need to understand the syste
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Strange indeed.
I just rebuilt a new server on a newer os (and 64 bit vs 32), and I am
still seeing the same issue.
I must have something messed up somewhere. Only thing is order of the
whole structure is different from my prod, but that shouldn't matter.
Here's my eap.conf just in case there
I've just tried other TLVs and the same problem, meanwhile everything
that is not a TLV works.
Thanks,
James
On 07/31/2013 05:10 PM, James Leavitt wrote:
Re: WiMAX TLV value correct in debug but not correct in packet capture
Strange indeed.
I just rebuilt a new server on a newer os (and
On 07/31/2013 07:06 AM, Matthew Schumacher wrote:
List,
This is odd, I can't seem to figure out what the deal is with this.
This works:
As root user; /usr/sbin/radius -X
As root user; /usr/sbin/radius (when user= and group= is commented out
and running as root)
As radius user;
James Leavitt wrote:
I just rebuilt a new server on a newer os (and 64 bit vs 32), and I am
still seeing the same issue.
Weird...
I must have something messed up somewhere. Only thing is order of the
whole structure is different from my prod, but that shouldn't matter.
It's hard to mess
22 matches
Mail list logo
