On 8 Nov 2012, at 09:05, Arran Cudbard-Bell wrote:
>
> On 8 Nov 2012, at 08:23, Mixmasterontour PureDJ
> wrote:
>
>>>
>>> Fixed. Thanks.
>>>
>>> -Arran
>>>
>>> -
>>> List info/subscribe/unsubscribe? See
>>
On 8 Nov 2012, at 08:23, Mixmasterontour PureDJ
wrote:
> >
> > Fixed. Thanks.
> >
> > -Arran
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
>
> Thanks,
> but you fixed the accounting start, actually it contains 23 values now,
> should be
On 8 Nov 2012, at 07:38, Mixmasterontour PureDJ
wrote:
>
>
> > Well, that's a typo. I've pushed another fix.
> >
> > Alan DeKok.
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
>
> Perfect, it's working now!
> Thanks
>
> one other small thing:
On 7 Nov 2012, at 13:52, Stanislav Lorenc
wrote:
> Hi,
> I have problem with Home servers for sending CoA packets. This service works
> fine, but i have clients in sql (rml_sql). When NAS are in sql, home servers
> for configuring coa must be in sql too. But now they are stationary in text
>
On 7 Nov 2012, at 11:25, Mixmasterontour PureDJ
wrote:
> Hello,
>
> I have a problem with originate-coa
>
> I want to send coa to mikrotik to change bandwith
>
> But if I do that I get the folowing error:
> (0)update coa {
> ASSERT FAILED evaluate.c[1154]: output_vps
> Aborted (core dump
On 5 Nov 2012, at 14:27, Arran Cudbard-Bell wrote:
> All signs point to tumblebeasts in the rlm_sql module.
>
> -Arran
Apologies didn't mean to top post.
-Arran
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
All signs point to tumblebeasts in the rlm_sql module.
-Arran
>
>
> BR;
> Miha
>
> Mon Nov 5 08:35:03 2012 : Error: Discarding duplicate request from client
> intraswitch port 46634 - ID: 134 due to unfinished request 11902
> Mon Nov 5 08:35:03 2012 : Error: Discarding duplicate request fro
On 4 Nov 2012, at 21:35, Ryan Summey wrote:
> I see PAP supports them all, So how do i utilize this? Does windows, android,
> and ios not support PAP?
You wrap it in TTLS. Which at least Win 7, IOS and Android support. If you want
to support older versions of Windows you'll need to get them t
On 4 Nov 2012, at 21:20, Ryan Summey wrote:
> So how do we secure the user accounts in the database?
By securing the database.
NT4 password hashes are the only other option if you want to use MSCHAPv2, and
they're trivial to break with rainbow tables.
Welcome to the wonderful world of Micros
On 2 Nov 2012, at 11:00, diwakara googly wrote:
> QpwertuytttuuipiusAsdfghllzc vv
> hdk£§ ₩|°_|001#%2&/+()0)
> ';
Hello Mr Cat, can you refrain from walking over the nice list subscriber's
keyboard plz?
kthxbai
-Arran
-
List info/subscribe/un
>
> or...
>
> update [] {
> ...
> }
>
> update reply {
> config:Auth-Type = Reject
> Reply-Message = "Go away"
> }
That one gets my vote.
update {
}
defaults to request.
-Arran
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 31 Oct 2012, at 09:02, "Fajar A. Nugraha" wrote:
> On Wed, Oct 31, 2012 at 3:57 PM, QASIM RAO wrote:
>> hi,
>>
>> i am having a problem in free radius, when i connect free radius with db by
>> using ip of db server it is not connecting with db database is installed on
>> localhost so when
>
>
>> If rlm_rest and rlm_cache have attribute models that are elegant and well
>> thought out then let's move everything to that model. On the other hand if
>> ulang is conceptually cleaner then lets move rlm_rest and rlm_cache to a
>> ulang solution. Pick one idea and make everything follow th
On 30 Oct 2012, at 13:00, John Dennis wrote:
> On 10/30/2012 06:38 AM, Arran Cudbard-Bell wrote:
>> Quick poll.
>>
>> For 3.0 the ldap module will be moving away from using the
>> ldap.attrmap file and instead use a config based mapping.
>>
>> Ther
On 30 Oct 2012, at 14:13, Deep Shah wrote:
> Sorry for inconvenience.
>
> I have enabled flag of mips in md5.c file of pam_radius_auth and my issue is
> resolved now.
Ahhh.
https://github.com/FreeRADIUS/pam_radius/commit/c61a218efb2a0ec4f493bcc9fa735306f779ea64
-Arran
-
List info/subscrib
Quick poll.
For 3.0 the ldap module will be moving away from using the ldap.attrmap file
and instead use a config based mapping.
There are a few ways we are considering for organising the mapping.
We can use something like the existing unlang:
update control {
Cleartext-Password := use
On 30 Oct 2012, at 07:57, Bjørn Mork wrote:
> Alan DeKok writes:
>> fknet wrote:
>>> Hello people!
>>>
>>> What's the ideal Hardware (processor+memory) to run FreeRadius+MySQL for
>>> authentication of 3000 PPPoE users?
>>
>> Any iPhone 4 could handle that traffic.
>
> Yes, but how do I bui
On 29 Oct 2012, at 17:14, Edinilson - ATINET wrote:
> Hi,
>
> After upgrade perl to version 5.16 checkrad was returning the following error:
>
> Can't modify constant item in scalar assignment at
> /usr/local/sbin/checkrad line 477, near ");"
> Execution of /usr/local/sbin/checkrad aborted due
On 28 Oct 2012, at 09:30, Alan DeKok wrote:
> Arran Cudbard-Bell wrote:
>>> That is working fine, users can connect to the network, BUT accounting
>>> section logges their username in database as original MAC address, not
>>> rewritted username freeinternetfor3
>
> That is working fine, users can connect to the network, BUT accounting
> section logges their username in database as original MAC address, not
> rewritted username freeinternetfor30minutes .
You get that Accounting-Requests and Access-Requests are completely unrelated
right? They're two d
On 26 Oct 2012, at 14:51, Phil Mayers wrote:
> On 26/10/12 14:20, Arran Cudbard-Bell wrote:
>
>> It can, see wiki :)
>>
>> http://wiki.freeradius.org/modules/Rlm_cache
>>
>> In fact it documents your *exact* use case with config examples and
>>
On 26 Oct 2012, at 13:53, Phil Mayers wrote:
> All,
>
> We are having a problem with our Cisco lightweight wireless since a recent
> firmware upgrade. I am delving into it, and will probably open a TAC case,
> but in the meantime I need a solution.
>
> The specific issue is that the NAS is s
On 25 Oct 2012, at 16:54, Arran Cudbard-Bell wrote:
>
>
>>
>> Specifically, I'm trying to use the line log to record when a user is
>> refused access for reasons other than bad credentials.
>>
>> My initial thought was to try and check rcode, but
>
> Specifically, I'm trying to use the line log to record when a user is refused
> access for reasons other than bad credentials.
>
> My initial thought was to try and check rcode, but that didn't seem to work
> (I'm not 100% sure I had the test correct though):
Checking rcode is ok but ma
On 25 Oct 2012, at 10:19, Radius User wrote:
>
> Hi,
>
> Please find below dictionary file for Proxim Wireless
> (http://www.proxim.com/) vendor attributes.
done
-Arran
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 23 Oct 2012, at 05:21, QASIM RAO wrote:
> Hi,
>
> I am facing this problem that radius giving me return code 1. as for as i
> think this is because Acct-Session-Id is missing in request...
>
> how can i solve this problem because session id is set by session counter i
> can not set it m
On 17 Oct 2012, at 17:30, Marinko Tarlac wrote:
> It would be great.
>
> For CableTV + Wireless network companies which users DHCP and PPPoE,
> freeRadius with DHCP seems like a "golden solution" ;)
You'd think so, but they seem to like reinventing the wheel more :)
There's also problems wit
Arpit,
As mentioned by other users radclient is not designed to be used in embedded
applications. If you require an RFC compliant RADIUS client library, one is
available from NetworkRADIUS (http://networkradius.com/clientapi.html).
-Arran
-
List info/subscribe/unsubscribe? See http://www.freera
>
> I want to know if it’s possible to do NAR (network access restriction) in
> freeradius like in ACS;
>
> Example: I am able to permit only certain user based on their active
> directory group to connect to my certain wireless SSID.
Yes. You can use LDAP-Groups and the users file to do the
On 15 Oct 2012, at 16:35, Gianni Costanzi wrote:
> As the subject says, is it possible to call the files module in the
> post-proxy section within the default virtual server (sites-enabled/default)?
> I'm using a piece of code in unlang to match the realm in the post-proxy
> section and when i
On 15 Oct 2012, at 10:16, Shiv. Nath wrote:
> Dear Community of FreeRadius Greetings,
>
> i am not new to open source Linux / Unix system but new to FreeRadius.
> Have anyone got FreeRadius AAA running in fail over mode (replication)?
If you mean replicating packets to multiple realms and fail
On 12 Oct 2012, at 09:16, Jonathan Bastin
wrote:
> Issue with doing it that way is you would get decimal values returned which
> freeradius can't deal with.
>
So use round()...
http://www.w3schools.com/sql/sql_func_round.asp
-Arran
-
List info/subscribe/unsubscribe? See http://www.freeradiu
On 12 Oct 2012, at 13:23, Stefano Zanmarchi wrote:
> Exactly what I needed.
> Just one more thing. Why does the mysql log show that the query
> performed with XLAT
> is now performed 3 times in a row per access request?
> Thank you,
> Stefano
>
> [output from mysql:]
> 121012 14:20:39
On 2 Oct 2012, at 09:31, Alan DeKok wrote:
> Václav Pernica wrote:
>> One more question. I set the number of sql connections to make to server to
>> 5 (default value). I noticed that if all connections are currently in use,
>> the authentication fails:
>>
>> Tue Oct 2 16:07:10 2012 : Error:
On 2 Oct 2012, at 02:02, endo mitsuharu wrote:
> Hello,
> Sorry for the delay in reply.
>
> >> In this regurd, I would like to also refer to the existing bug report of
> >> pam_radius_auth
> >> related to FreeRADIUS(server) projects.
> >
> >Why? Is there a bug you want to add, or a bug you
On 27 Sep 2012, at 21:59, "Franks Andy \(RLZ\) IT Systems Engineer"
wrote:
> Hi All,
>
> I’ve looked around the internet a bit and obviously looked at the wiki page
> and configuration page for rlm_cache and can’t quite understand how it works.
> Does anyone have any practical examples of
> I'm looking through the code and documentation of freeradius now to see
> if it is possible to use freeradius with a backend database for realms.
Not to define new realms no.
> For clients this can be fixed with dynamic clients and overwriting
> attributes.. but for realms this does not seem p
On 20 Sep 2012, at 18:00, Tarık Kabak wrote:
> Hello again,
>
>
> Thanks for your help. So external script support is possible for only PAP? I
> wanted to authenticate windows 7 wireless interfaces via radius server cause
> of an old/non-supported sql db so i had to use my own external/cust
On 20 Sep 2012, at 12:23, Tatiana DIBANDA wrote:
> Arran,
>
> Test for this first segmentation fault :
> reading pairlist file /usr/local/etc/raddb/hints
> Module: Linked to module rlm_realm
> Module: Instantiating module "suffix" from file
> /usr/local/etc/raddb/modules/realm
> realm suff
On 19 Sep 2012, at 14:33, Tatiana DIBANDA wrote:
> Arran
> My first configuration:
> In the default and inner-tunnel file we had eap2 {ok = return} in the
> Authorize section,allowed eap2 in the authentication section and eap2 in the
> post-process.
> When we started my server: segmentatio
On 19 Sep 2012, at 12:12, ramakrishna wrote:
> Hi
>
> I am using freeRADIUS 2.1.12 and i am facing one problem with the load of
> Requests coming from RADIUS client.
>
> I see the error "WARNING: Child is hung for request xxx in component
> module " in radius.log file. Please find the radi
Use your first config to test whether the patch worked (it should generate an
error and exit).
You now appear to be getting a different segfault
Please provide a backtrace for this segfault.
-Arran
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 19 Sep 2012, at 00:20, Kriston wrote:
> On Tue, September 18, 2012 17:34, Arran Cudbard-Bell wrote:
>>
>> On 18 Sep 2012, at 22:22, "Kriston" wrote:
>>
>>> I have users who log in as "usern...@example.com" and just as "username&quo
On 19 Sep 2012, at 08:50, Franks Andy (RLZ) IT Systems Engineer
wrote:
> Thanks Arran,
> I'll give it a try. I did find something to do with %1 / %I (can't
> remember which)
%1expands to the first regexp match, %l should expand to a UNIX timestamp.
You'll be looking for something like:
if (
On 18 Sep 2012, at 23:05, SkyDiablo wrote:
> Am 18.09.2012 23:38, schrieb Franks Andy (RLZ) IT Systems Engineer:
>> I’d like to be able to take a date/time from a sql database, use unlang (not
>> a module) to compare it to the current time and make a decision based on the
>> fact that it’s, fo
As Alan B just said, radtest does not send EAP packets, no matter where you
send the RADIUS packets, to the inner tunnel or the outer tunnel, radtest
doesn't send EAP-Message.
You have hardcoded auth-type eap2 in your users file, so when the request
enters the authenticate section, the eap2 mod
On 18 Sep 2012, at 22:38, "Franks Andy \(RLZ\) IT Systems Engineer"
wrote:
> Hi,
>
> Hopefully a simple question. I’ve looked around for a while but can’t find
> the answer to this.
>
> I’d like to be able to take a date/time from a sql database, use unlang (not
> a module) to compare it
On 18 Sep 2012, at 22:22, "Kriston" wrote:
> I have users who log in as "usern...@example.com" and just as "username".
> How do I append @example.com only to those users who don't have @example.com
> already? I have a fairly generic FreeRADIUS 2.1.10 installation that
> connects to a MySQL serv
On 18 Sep 2012, at 15:07, arnauld ndefo wrote:
> My project is to authenticate a client openpana with my radius server. The
> authentication method used by the client is based on the EAP-PSK, which is
> why I would have a radius server with authtentification method as EAP-PSK.
> After apply th
On 18 Sep 2012, at 13:58, alan buxey wrote:
> Hi,
>
>> Starting program: /usr/local/sbin/radiusd -f
>> [Thread debugging using libthread_db enabled]
>> Program received signal SIGSEGV, Segmentation fault.
>> 0x080529d3 in cf_log_err (ci=0x0,
>> fmt=0x8085210 "\"%s\" modules aren'
On 18 Sep 2012, at 13:42, arnauld ndefo wrote:
> Thank you for your reply Alan.
> I am working on a project which is based on EAP_PSK and implement this is the
> first part.
>
> As you have recommend, i have used the gdb to debug and see the problem. The
> output that i have is below
> # gd
A friendly heads up.
The bug fixes item "Use max_queue_size in threading code" refers to an issue in
the threading code where the value used to initialise the request queue, was
different to the value used to check when the max entries had been added into
the queue, thus if you'd set the config
On 17 Sep 2012, at 10:34, Stefan Winter wrote:
> Hi,
>
--with-openssl-includes=/usr/local/freeradius/openssl-1.0.1c/include/openssl
>
>>> Are you sure? The "openssl SEGV" problem is almost always because you
>>> have two versions of OpenSSL installed.
>>>
>>> What is likely happening
On 15 Sep 2012, at 12:05, The git bot wrote:
> New activity for FreeRADIUS (the high performance and highly configurable
> RADIUS server)
Ug apologies, git bot seems to get confused with unpacked refs.
-Arran
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 14 Sep 2012, at 14:47, Phil Mayers wrote:
> On 14/09/12 14:24, Arran Cudbard-Bell wrote:
>>
>> On 14 Sep 2012, at 13:57, mr. s wrote:
>>
>>> Hello,
>>>
>>> I was reading an article in computer world comparing a few RADIUS servers.
&g
On 14 Sep 2012, at 13:57, mr. s wrote:
> Hello,
>
> I was reading an article in computer world comparing a few RADIUS servers.
>
> It said that FreeRADIUS had "failed login lockout protection", however I
> can't find that particular verbiage in the FreeRADIUS documentation, FAQ or
> HowTos.
The v2.1.x branch was created almost exactly 3 years ago (14/09/2009), and has
diverged from the master branch significantly.
The majority of the potentially disruptive code changes have now been completed
for 3.0 and it is at a stage where community testing would be helpfull.
To provide a sing
On 12 Sep 2012, at 13:12, Francois Gaudreault wrote:
> Hi,
>
>>
>> That's not nice. The module should return some kind of message.
> If you say so :P
>
>>
>> This looks like an issue for digging into the code.
> Ok. Let me know if you need me to test anything, I will be glad to do so :
On 9 Sep 2012, at 05:27, Thomas Glanzmann wrote:
> Hello Arran,
>
>> What is the server missing as of 2.2.0 that requires the use of rlm_perl?
>
> I'm not aware of the FreeRadius internals but you can simply look at the
> FreeRadius Module rlm_smsotp. This is what happens.
>
>- User a
On 12 Sep 2012, at 11:43, BILLOT wrote:
>
>> Like any other module in the server, you instantiate multiple instances and
>> reference them in the different virtual servers.
>>
>> eap {
>>
>> }
> Ok i did it but when trying to use instances, i get
>
> Found Auth-Type = EAP
> WARNING: Unkno
On 12 Sep 2012, at 11:12, Chadwick Sorrell wrote:
> Hello,
>
> I'm using replicate to proxy my authorization and accounting requests
> to a server. I'm curious if it's possible to add some of the auth
> reply attributes to the auth proxy before I send it over. That way
> the proxied auth has
On 12 Sep 2012, at 10:59, BILLOT wrote:
> Hi,
>
> We have a config with 3 virtual servers, running on a different port.
> Each virtual server must have a particular config (different LDAP server,
> different SQL server). However, each one uses EAP auth and so the
> inner-tunnel which is uniqu
On 10 Sep 2012, at 09:01, Fred wrote:
> Hi freeradius-user,
>
> Is it possible to use my gmail account to authenticate on the wiki
> using openid ?
> If yes, howto do it ?
>
By consulting the google docs? Honestly I never got it to work properly either,
but other people have used OpenID with
On 9 Sep 2012, at 20:39, Arran Cudbard-Bell wrote:
>
> On 9 Sep 2012, at 18:33, Mada wrote:
>
>>
>> Have tried several version builds on Centos 5.x - currently using FR 2.1.12
>>
>> rlm_mysql stops after the group check query and does not execute the grou
On 9 Sep 2012, at 18:33, Mada wrote:
>
> Have tried several version builds on Centos 5.x - currently using FR 2.1.12
>
> rlm_mysql stops after the group check query and does not execute the group
> reply query.
>
> 19:00:43 2012 : Info: [sql] expand: SELECT id, username, attribute, value,
>
On 7 Sep 2012, at 21:22, Ken Morley wrote:
> FreeRadius is a great product that works very well, but is difficult for
> novices to maintain.
What functionality are you looking for?
> I don't have any problems using the Linux shell and vi to configure, but I
> need something more user frien
On 7 Sep 2012, at 17:20, Thomas Glanzmann wrote:
> Hello Henk,
>
>> I've looked closely at your video and accomplishment with smsotp,
>> congrats!
>
> thank you. However the video shows something that is outdated. I now
> wrote a perl module for rlm_perl which does it much better without all
>
On 7 Sep 2012, at 10:27, "Fajar A. Nugraha" wrote:
> On Fri, Sep 7, 2012 at 3:43 PM, endo mitsuharu
> wrote:
>
>> Can you give me any tips on how to search for pam_radius_auth information
>> using new tracking system of github?
>> (or github can't search for pam_radius_auth information?)
>
>
On 6 Sep 2012, at 15:10, Kostas Zorbadelos wrote:
>
> Greetings to all,
>
> I would like to achieve the following functionality: in case a user's
> AUTHENTICATION fails, the user should not be rejected but be given an
> accept response with specific attributes.
> The reason behind this is to p
On 6 Sep 2012, at 14:44, Tony Peña wrote:
> hi again all fine with redundant-load-balance {sql1 sql2}
> now .. have a different issue with that... when i set sql with 2 sql server
> for balance.. in the monthlysession i have sql_modinst = sql
> and have noop check because sql is not define
On 6 Sep 2012, at 10:14, Alan DeKok wrote:
> Fajar A. Nugraha wrote:
>> How about the wiki? Is it's current state (no front page) intentional?
>
> No.
Apparently the repo has somehow got corrupted, attempting to restore from the
daily backup now.
-Arran
-
List info/subscribe/unsubscribe? Se
On 6 Sep 2012, at 09:24, Arran Cudbard-Bell wrote:
>
> On 6 Sep 2012, at 07:54, endo mitsuharu wrote:
>
>> Hello,
>>
>> First of all, I would like to express my utmost appreciation for being
>> able to use FreeRADIUS, most especially to everyone involved
On 6 Sep 2012, at 07:54, endo mitsuharu wrote:
> Hello,
>
> First of all, I would like to express my utmost appreciation for being
> able to use FreeRADIUS, most especially to everyone involved in the
> development.
>
> In this regard, I tried accessing the "Report a Bug" link
> (http://bugs.
are they thinking, why haven't they all included
Diameter support yet?!
-Arran
> From: Alan DeKok
> To: FreeRadius users mailing list
> Sent: Tuesday, September 4, 2012 2:37 AM
> Subject: Re: configure challenge..
>
> Arran Cudbard-Bell wrote:
> > On 4 Sep 2
On 4 Sep 2012, at 05:21, Rod Luzic wrote:
> put some links dummy- people have their own features to worry about unlike
> spend whole life doing this almost obsolete Radius stuff like you. how would
> one configure A-C. damn simple question.
and what features would those be?
I'm all for being
On 3 Sep 2012, at 09:18, Fajar A. Nugraha wrote:
> On Mon, Sep 3, 2012 at 3:02 PM, Doug Hardie wrote:
>>
>> On 2 September 2012, at 23:32, Alan DeKok wrote:
>>
>>> Doug Hardie wrote:
I was going to fix the modules pages, but my account no longer works. Id
used to be wa6vvv.
>>>
>
On 3 Sep 2012, at 07:31, Alan DeKok wrote:
> QASIM RAO wrote:
>> hi,
>> i want to create log file for every hour i use radius.
>> now it is
>> log_file = ${logdir}/radius.log
>> i want like this
>> log_file = ${logdir}/radius-%Y%m%d:%H.log
>
> That isn't supported. You'll have to find anothe
On 3 Sep 2012, at 10:36, Alan DeKok wrote:
> Mudasir Mirza wrote:
>> I am unable to reply to thread from email or from list. I get below
>> message when I reply to email.
>>
>> "Delivery Status Notification (Failure)"
>>
>> http://freeradius.1045715.n5.nabble.com/checkrad-not-working-td5715083
Hi All,
The gollum maintainers found a serious security issue, and informed us that we
should upgrade the wikis ASAP.
I've now done the upgrade work, but one of the features added (hierachical
pages) has broken all the links across the site.
I've fixed all the links on the home page, but there
>
> Note: Modifying Repost-Packet-Type that may not be supported in future
> versions.
*Response
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 31 Aug 2012, at 05:37, QASIM RAO wrote:
> sir,
> actual problem is when i run with 'radiusd' log file save on location i
> defined in radiusd.conf
>
> prefix = /usr/local
> exec_prefix = ${prefix}
> sysconfdir = ${prefix}/etc
> localstatedir = ${prefix}/var
> sbindir = ${exec_prefix}/sbin
*sigh*
You cannot do what you want. Even if you send an Access-Accept, the client will
most likely disconnect of its own accord, because you cannot fake a success
message in the inner tunnel. Unless of course you're using some weird funky
cisco client that ignores all the standards.
If you rea
On 30 Aug 2012, at 09:19, QASIM RAO wrote:
> Hi, i new bie in Freeradius i am facing problem that when i run radiusd
> with 'radiusd -X' command it it is genrating log of it in log file but when i
> run radiusd with 'radiusd' command it is not genrating it log in log file..
> anyone please
On 30 Aug 2012, at 09:40, Andras Ionut wrote:
> How can I configure FreeRADIUS to work with a CISCO Router and a
> captive portal in the following case...
>
> 1. User tries to access WiFi network with good user and wrong password
> 2. FreeRADIUS should send Access-Accept with Filter-Id set to p
On 29 Aug 2012, at 15:10, Antonio Modesto wrote:
> Hi,
>
> Today I'm rotating my log files with a script that runs every night, the
> problem is that it must stop the radiusd process, rename the file, create a
> new one then start radiusd again. Is there a way to do that transparently?
> Via
On 29 Aug 2012, at 10:58, BILLOT wrote:
> Le 29/08/2012 11:16, Fajar A. Nugraha a écrit :
>> On Wed, Aug 29, 2012 at 3:22 PM, BILLOT
>> wrote:
>>> Hi,
>>>
>>> Is there any way to use virtual servs depending on client VLAN ?
>>> I mean :
>>>
>>> If packet arrive with VLAN1 then use virtual ser
On 29 Aug 2012, at 09:22, BILLOT wrote:
> Hi,
>
> Is there any way to use virtual servs depending on client VLAN ?
> I mean :
>
> If packet arrive with VLAN1 then use virtual server 1
> If packet arrive with VLAN2 then use virtual server 2
Yes, bind the virtual servers to IP interfaces on tho
On 29 Aug 2012, at 08:09, George Innocent wrote:
> Hi:
>
> I'm able to Log in to the servers but on the Nodes with failure i have i get
> the following logs.
>
> +[logintime] returns noop
> [pap] WARNING! No "known good" password found for the user. Authentication
> may fail because of this
On 28 Aug 2012, at 23:05, Matthias Nagel wrote:
> Hello,
>
> Am Dienstag 28 August 2012, 23:11:57 schrieb Alan DeKok:
>> Matthias Nagel wrote:
>>> if two accounting messages for the same session are sent by the
>>> authenticator very quickly, the messages may be processed by the radius
>>> se
Yes yes RADIUS vendors should go die in a big fiery pit somewhere.
1) Verify your NAS supports the Class attribute correctly
(http://www.ietf.org/rfc/rfc2865.txt 5.25)
2) Implement the policies in raddb/policy.d/accounting (master:HEAD)
3) Submit patch to add unique index constraint on acctunique
On 25 Aug 2012, at 21:36, Ethan Whitt wrote:
> The load balancer sends the health-check on udp/1813 with only
> "Monitor" in the payload (per a sniffer capture). From my
> understanding - this health-check is not a properly formatted radius
> packet? The expected response is the exact same - a
>
>
> Thoughts?
ldap ldap1 {
}
ldap ldap2 {
}
ldap ldap3 {
}
-Arran
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi All,
A new module has been added to V2.1.x and 3.0 HEADs called rlm_cache (written
by Alan DeKok).
This provides an in-memory (volatile) cache, that can store and retrieve
attribute values for control, request and reply lists (at some point the 3.0
version will be able to handle all lists).
On 23 Aug 2012, at 15:28, Chris Knipe wrote:
>>> You shouldn't be using the attribute filter to add attributes, that's what
>>> the
>>> users file is there for?
>>
>> Hmmm I tried that but it didn t work so I went over to try via attrs
>>
>> Dumb question: How can I have the "files" direct
On 23 Aug 2012, at 15:00, Joachim Brauer wrote:
> Hi
>
> > You shouldn't be using the attribute filter to add attributes, that's what
> > the
> > users file is there for?
>
> Hmmm I tried that but it didn t work so I went over to try via attrs
>
> Dumb question: How can I have the "fi
On 23 Aug 2012, at 11:30, Joachim Brauer wrote:
> Hi
>
> I have set up a virtual server with
>
> authenticate {
> Auth-Type MS-CHAP {
> update control {
> Proxy-To-Realm := "emea_radius_servers"
>
On 23 Aug 2012, at 10:47, Alan DeKok wrote:
> Krzysztof Grobelak wrote:
>> I just compiled freeRadius with those debug entries and the radiusd -X
>> now shows:
> ..
>> reading pairlist file /usr/local/etc/raddb/users
>> reading pairlist file /usr/local/etc/raddb/
>> reading pairlist file /usr/lo
ddb/acct_users
> reading pairlist file /usr/local/etc/raddb/preproxy_users
>
> So freeradius definitely not getting a handle on those files that looks to me
> more like a system issue that a radius.
> I am running this freeradius on a virtual server OpenSUSE 12.1 using KVM/Qemu.
On 22 Aug 2012, at 17:42, Arran Cudbard-Bell wrote:
>
> On 22 Aug 2012, at 17:26, Klaus Klein wrote:
>
>> Am 22.08.2012 13:48, schrieb Alan DeKok:
>>> Krzysztof Grobelak wrote:
>>>> What I expect to happen is that the INCLUDE command will "include&q
On 22 Aug 2012, at 18:21, Scott Lambert wrote:
> On Fri, Aug 17, 2012 at 07:56:37PM +, Scott Lambert wrote:
>> Add Mikrotik attributes 16 - 22.
>>
>> http://wiki.mikrotik.com/wiki/Manual:RADIUS_Client#MikroTik_Specific_RADIUS_Attribute_Numeric_Values
>>
>
> Hmm, I looked at the git maste
401 - 500 of 1463 matches
Mail list logo