Thank you. This is only thing that i want to know.
2013/8/14 Cornelius Kölbel cornelius.koel...@lsexperts.de
Hi Sergii,
this is in fact possible, but not with the OSS components of LinOTP.
Unfortunately, the SQL Resolver is at the moment only part of an
enterprise edition.
To go with the
Hi,
I am using FreeRadius v2.2.0 on CentOS 6.4 x86_64.
I am trying to adapt Plain Mac-Auth as described at:
http://wiki.freeradius.org/guide/Mac-Auth to work work from LDAP.
(Note: The server is also used for eduroam and is going to be used for
802.1x too.)
My setup follows below.
The
Hi all,
I'm using Freeradius version 2.1.12 with MySQL backend and EAP-TLS
authentication to serve dynamic VLAN and a DHCP server to leases this IP
address. This setup work sucefully but IP address of supplicants doesn't
stored in the database.
Is there any setup to store IP address of
Hi again,
Clarify that DHCP server is running in the same or an other machine,
depends of the stage.
Thanks.
El 14/08/13 12:03, Fernando Pizarro escribió:
Hi all,
I'm using Freeradius version 2.1.12 with MySQL backend and EAP-TLS
authentication to serve dynamic VLAN and a DHCP server to
On 14 Aug 2013, at 11:02, Nikolaos Milas nmi...@noa.gr wrote:
Hi,
I am using FreeRadius v2.2.0 on CentOS 6.4 x86_64.
I am trying to adapt Plain Mac-Auth as described at:
http://wiki.freeradius.org/guide/Mac-Auth to work work from LDAP.
(Note: The server is also used for eduroam and
On 14 Aug 2013, at 11:03, Fernando Pizarro fea...@gmail.com wrote:
Hi all,
I'm using Freeradius version 2.1.12 with MySQL backend and EAP-TLS
authentication to serve dynamic VLAN and a DHCP server to leases this IP
address. This setup work sucefully but IP address of supplicants doesn't
Dear, I have installed the Easyhotspot captive portal product which
uses the freeradius 2.1.0 service in order to authenticate users.
I can authenticate with Windows, Linux and Android devices, but I
can't authenticate with Apple devices (iphone and ipad) at all.
Is it an intrinsic problem of
Roberto Carna wrote:
I can authenticate with Windows, Linux and Android devices, but I
can't authenticate with Apple devices (iphone and ipad) at all.
Is it an intrinsic problem of Freeradius ???
No, Apple devices auth off FreeRADIUS just fine.
More likely it is a problem with certs/CAs,
Dear, the debug is this:
[chap] Login attempt by pepe with CHAP password
[chap] Using clear text password 1234 for user pepe authentication
[chap] Password check failed
++[chap] Returns reject
Failed to authenticate the user
THe password is 1234 and I try many times...
Any idea ??? Because from
We're running FreeRadius 2.2.0 on RHEL 6.
The servers are working fine with a single active interface (eth0) on
each one; but we need to activate a second interface (eth1) on each
server - on a different IP subnet - to handle local traffic on that subnet.
The interfaces look like this:
eth0
Since all your auth attempts are coming from easyhotspot, compare
the difference in FreeRADIUS logs between a successful authentication
and an unsuccessful one, for the same user and password. Compare both
the username and password, and all other attributes in the request, very
carefully. Odds
Roberto Carna wrote:
Dear, the debug is this:
[chap] Login attempt by pepe with CHAP password
[chap] Using clear text password 1234 for user pepe authentication
[chap] Password check failed
++[chap] Returns reject
Failed to authenticate the user
THe password is 1234 and I try many
Kurt Hillig wrote:
radiusd.conf includes these listen sections (omitting comments):
listen {
type = auth
ipaddr = *
port = 1812
interface = eth0
}
Why not just bind it to the IP of the interface? And remove the
interface line?
Alan DeKok.
-
List
On 14/08/13 15:07, Kurt Hillig wrote:
But radiusd isn't seeing any of the inbound RADIUS traffic on eth1 -
tcpdump shows it coming in, but radiusd -X shows no indication of
this traffic (but is reporting all of the traffic on eth0).
If radiusd -X isn't reporting *anything*, then it's not
[suffix] No such realm NULL
++[suffix] returns noop
++[files] returns noop
+- entering group accounting {...}
expand: /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d
- /var/log/freeradius/radacct/127.0.0.1/detail-20130814
[detail] /var/log/freeradius/radacct/%{Client-IP-Address
On 14/08/13 15:55, Roberto Carna wrote:
I tried with Android device and it use CHAP authentication as Apple devices.
Ok, there is some confusion here.
You are using a captive portal, so it's actually your captive portal
web-based login that is doing CHAP - the Apple/Android devices are just
Hi,
Any news for this problem?
Br,
Ville
5.8.2013 19:08, vi...@leinonen.org kirjoitti:
Here:
rad_recv: Access-Request packet from host 172.150.0.62 port 25196, id=194,
length=63
User-Name = testu...@.fi
User-Password = testpass
NAS-IP-Address = 172.150.0.62
#
Before running radius in debug mode, try iptables -F with root privileges, it
disables iptables default rules
Phil Mayers p.may...@imperial.ac.uk ha scritto:
On 14/08/13 15:07, Kurt Hillig wrote:
But radiusd isn't seeing any of the inbound RADIUS traffic on eth1 -
tcpdump shows it coming in,
Also don't forget to disable (or modify) SELinux. If memory serves, RHEL 6
comes with that enabled by default as well.
--J
-Original Message-
From: freeradius-users-bounces+mcnuttj=missouri@lists.freeradius.org
One other thing with multiple interfaces: RHEL 6 comes with some anti-spoofing
features in the kernel enabled by default. I'm afraid I forget exactly what
they are, but the idea is this: If the kernel gets a packet from HostA on
eth1, but the routing table says that the return path to HostA
20 matches
Mail list logo
