Hi,
I download freeradius-client-1.1.6 from your website.Now,I have installed and
configured the freeradius server 2.1.8 and freeradius-client-1.1.6 successfully.
I use the mysql to store the user and I create a user whose username is
test,Auth_Type is Local,Cleartext-Password is test.
Then I
Hi,
If two vmps requests are sent in close succession (within cleanup_delay), with
the same source port, from the same switch (which does in fact seem to be
common, as the cisco switch I'm using for testing sends *all* requests with a
source port picked on startup), they are detected as identical
If a connection that comes in with a GROUP NAME from SQL of USUK-XX
or WUK-XX and I want to strip of the -XX, how would I do this with
ulang so I only validate the following?
Using the regexp feature, you can match part of an attribute then
reference it later, like so:
if (SQL-GROUP =~
The if statement can remain the same, add before it:
if (SQL-GROUP =~ /(.*)-.*/) {
update request {
SQL-GROUP := %{1}
}
}
This assumes that:
a) There is never a '-' in the USUK or whatever part.
b) You don't need to reference the original SQL-GROUP value.
Wrong operator.
Use = or not :=
--Mike
On Thu, 2009-08-13 at 12:56 +0530, ramesh p wrote:
Hi,
Here is the full accounting section of sites-available/default
accounting {
#
# Create a 'detail'ed log of the packets.
# Note that accounting requests which are
Hi,
Using the default eap/peap inner-tunnel configuration, a failure gives rise to
this:
Exec-Program output: Logon failure (0xc06d)
Exec-Program-Wait: plaintext: Logon failure (0xc06d)
Exec-Program: returned: 1
[mschap] External script failed.
[mschap] FAILED: MS-CHAP2-Response is
unlang? set a variable to the value of MS-CHAP-Error and then set the
Reply-Message
to be some text with that variable in it.
Unfortunately, this sends it back in the next packet, which is an
Access-Challenge, not in the final Access-Reject.
Also, for some strange reason, the post-auth
Hi,
Reproducible on 2.1.6, default config with:
These lines in the authorize section:
if (NAS-Port == 0) {
reject
}
And this command:
echo User-Name = test | radclient 10.252.24.114 auth testing123
An Access-Request packet not containing the NAS-Port Attribute
You get the same error in 2.1.0, or the configuration which worked in
2.1.0 doesn't work in 2.1.6?
My customized vmps server section works in 2.1.0.
Trying to use the same customized configuration in 2.1.6 gives the
error.
Using the default configuration - the
VMPS-VLAN-Name =
, in 2.1.6 it
doesn't.
--Mike
On Sun, 2009-08-09 at 15:06 +0200, Alan DeKok wrote:
Michael Bryant wrote:
You get the same error in 2.1.0, or the configuration which worked in
2.1.0 doesn't work in 2.1.6?
My customized vmps server section works in 2.1.0.
Except that debug mode prints
Hi,
Stock Freeradius version 2.1.6, compiled with dpkg-buildpackage.
Using default sites-avaialable/vmps virtual server.
Also using dynamic clients with clients in postgresql.
Getting this error on every VMPS request:
Failed encoding packet: Failed to find VQP-Packet-Type in response packet.
I'm confused, how can I use unlang halfway through the processing of the rlm_sql
module?
--Mike
In message 4a65854f.4050...@deployingradius.com FreeRadius users mailing list
freeradius-users@lists.freeradius.org writes:
Michael Bryant wrote:
Hi,
Using Freeradius 2.1.0 (debian package
authorize {
update request {
Tmp-String=0 = %{sql:select ...}
}
sql
}
Unfortunately that's no use, as I understand it, redundant blocks aren't
supported in xlat?
--Mike
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Using Freeradius 2.1.0 (debian package), with rlm_sql.
I am trying to, in radcheck, set a value, which I can then compare against in
radgroupcheck.
When I try this, with a custom attribute in either raddb/dictionary , a VSA, or
Tmp-String-* it seems to be appearing in the config items list,
To Dead6re,
I fixed it by copying the serial file again from the scripts directory
immediately after the root certificate was created, but before the client
certificate.
The first thing the CA.all does is remove all files from the demoCA
directory including the serial file.
Hope this helps.
http://www.nabble.com/file/p11217074/hosts hosts
Thanks,
Bryant.
Yes. Certificates created with xpextensions will work with Win2K3 clients
as well. But you need to import CA certificate to the trusted
certificate store on Windows clients (XP and 2K3; Win 2K can't be used).
Ivan Kalik
Kalik
in the users file
for 255.255.255.254 that is not the IP address of the server in question.
Again, my question is if I need a USERS files, because I was reading that
this file is not required for AD.
Here is my USERS file.
http://www.nabble.com/file/p11222403/users users
Thanks,
Bryant.
tnt
Yes, the cert-clt.p12 is imported to the personal and the cacert.pem is in
the trusted root certificates.
I was looking at another document that was putting chmod 0444 on the
cert-clt.p12 and chmod 0400 on the cacert.pem.
Then, chown to radius:users on both.
Is that necessary?
Thanks,
Bryant
Hi Ivan,
Here is the output of the RADIUSD -X
[EMAIL PROTECTED] ~]# radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/clients.conf
Config: including file: /etc/raddb/eap.conf
main: prefix = /usr
main:
certificate for Windows 2003?
Thanks,
Bryant
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
View this message in context:
http://www.nabble.com/Need-help-with-802.1X-authentication-to-Active-Directory-tf3925261.html#a11205301
Sent from the FreeRadius - User
I have FreeRadius setup as outlined by the Howto at this link.
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
I am using CENTOS 5 as the host system actiing as the SAMBA/RADIUS server.
All the *.conf files are configured as directed.
I have joined the radius server to
Hi Alan,
My initial config on Centos was to turn firewall off.
I do have authentication going on, but it looks like the certificates are
not working.
I uploaded a doc with the output of the debug on the first message.
Bryant
--
View this message in context:
http://www.nabble.com/Need-help
Here is the doc with the debug output at bottom.
Bryant.
tnt wrote:
Uploaded it where? Debug output in your first message is just server
startup. It hasn't recieved any packets. Check where is your NAS
sending those requests.
Ivan Kalik
Kalik Informatika ISP
Dana 15/6/2007
Bryant
Hi,
I have FreeRadius setup as outlined by the Howto at this link.
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
I am using CENTOS 5 as the host system actiing as the SAMBA/RADIUS server.
All the *.conf files are configured as directed.
I have joined
?
Ivan Kalik
Kalik Informatika ISP
Dana 15/6/2007, Bryant Marsh [EMAIL PROTECTED] piše:
Hi Alan,
My initial config on Centos was to turn firewall off.
I do have authentication going on, but it looks like the certificates are
not working.
I uploaded a doc with the output of the debug
25 matches
Mail list logo
