--- 14,19
BEGIN-VENDOR FreeRADIUS
ATTRIBUTE FreeRADIUS-Proxied-To 1 ipaddr
+ ATTRIBUTE FreeRADIUS-Cert-Serial 2 integer
END-VENDOR FreeRADIUS
On Mon, May 5, 2008 at 2:54 PM, Alan DeKok [EMAIL PROTECTED] wrote:
Andrew Olson
Is it safe to assume that the config below is correct? If so, is FR
just not behaving in the manner that I expect.
Thanks,
Andrew
On Fri, May 2, 2008 at 3:31 PM, Andrew Olson [EMAIL PROTECTED] wrote:
On Fri, May 2, 2008 at 2:47 PM, Alan DeKok [EMAIL PROTECTED] wrote:
Andrew Olson wrote
On Mon, May 5, 2008 at 9:48 AM, Alan DeKok [EMAIL PROTECTED] wrote:
Andrew Olson wrote:
Is it safe to assume that the config below is correct? If so, is FR
just not behaving in the manner that I expect.
I suggest tracing execution to see what it's doing, and why.
Here
On Mon, May 5, 2008 at 10:40 AM, Alan DeKok [EMAIL PROTECTED] wrote:
Andrew Olson wrote:
Here is the pertinent part of the trace output. As you can see I am
able to parse the Cert SN and put it back on the request. However, my
perl module never gets called in authenticate
on other requests. Am I
missing something? If I ever get this working, I'll post the patch.
Thanks,
Andrew Olson
On Tue, Apr 29, 2008 at 3:50 AM, Alan DeKok [EMAIL PROTECTED] wrote:
Andrew Olson wrote:
Are there attributes available to get at properties of a certificate.
I want to look
On Fri, May 2, 2008 at 2:47 PM, Alan DeKok [EMAIL PROTECTED] wrote:
Andrew Olson wrote:
I would like to have my Perl authenticate method called after
eaptls_process is done. I gather that since eap returns handled
that no more processing is done. I'm pretty sure that I have Perl
Are there attributes available to get at properties of a certificate.
I want to look at properties like Subject DN, Serial number, etc.
So, somewhere in the FR config, I could do something like
'%{cert-serial-number} == blah'.
Thanks,
Andrew Olson
-
List info/subscribe/unsubscribe? See http
I was trying to do something just like this. I have an existing user
database that is already in production.
My user table looks something like:
user_name, status, etc(no Attribute, Value, op columns)
My SQL query ended up looking something like:
authorize_check_query = SELECT 1 as id,
looking for something like
proxy-inner-tunnel configuration that is available for PEAP.
Is something like this possible?
I tried to add the following block to post-auth:
update control {
FreeRadius-Proxied-To := blah
}
It returns noop, though.
Thanks,
Andrew Olson
-
List info/subscribe
On Mon, Apr 14, 2008 at 11:32 AM, Alan DeKok [EMAIL PROTECTED] wrote:
Andrew Olson wrote:
I'd like to proxy a request to another server after the EAP-TLS
handshake is finished.
Which EAP type? PEAP, TTLS?
Sorry, my previous email was a little unclear. I want to do this with
TLS
The virtual_server = inner-tunnel seems to have done the trick. Thanks
for your help.
-andrew
Dmitry Sergienko wrote:
Hi!
If you still have no luck with 1.1.7 proxying mschapv2, try to move to
2.0.1 with patches in event.c discussed yesterday in freeradius-users.
I'm trying to do the same
I got 2.0.1 patched, compiled and configured. I'm still seeing the same
behaving listed below. Could it be something with my config.
I'm simply doing:
DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-Realm := realm
Thanks,
Andrew Olson
Dmitry Sergienko wrote:
Hi!
If you still have
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Received EAP-TLV response.
I'm running a pretty standard config, I think. I can send copies of it, if
that would help.
Thanks,
Andrew Olson
The complete proxied debug starting
13 matches
Mail list logo