hi,
is it possible to define a separate eap config with each virtual server?
in detail: i want to do 802.1x on some ports with with ONLY tls certs and on
other ONLY with user/password and ttls.
but with one global eap.conf there always will be a fallback to the other eap
method.
is it possible t
hi list,
i want to authenticate windows 7 computers with tls certificates.
the certs have the special windows OIDs, but i still get the error from below.
on the website http://wiki.freeradius.org/Certificate_Compatibility there is
only winxp mentioned.
is there maybe any difference with windows 7
Alan,
Thanks for the info. Found the operators section. Very useful.
Christian Thomas
On 3 January 2012 12:30, Alan DeKok wrote:
> Christian Thomas wrote:
> > I am trying to send back the same attribute in radreply and /or
> > radgroupreply with different values to the NA
same replies :
h323-ivr-in=Routing:192.168.1.10;expires=30;np_expires=40,
h323-ivr-in=Routing:192.168.1.20;expires=30;np_expires=40,
Fall-Through = Yes
There is something to do in the configuration to fix /allow that?
regards
--
Christian Thomas
Mobile +55 (48) 8446 3575
Landline
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 31.12.2011 16:35, schrieb Jens Weibler:
> my solution
>
> users:
> DEFAULT Huntgroup-Name == "switches", Ldap-Group == "coolguys"
> Tunnel-Type = VLAN,
> Tunnel-Medium-Type = "IEEE-802",
> Tunnel-Private-Group-ID = "1337"
>
> huntgroups:
> # Switch
Hello
I'am stuck while testing with LDAP an Radius. I'am get Radius to work
with user authorisation against LDAP and authentication against
kerberos. Even if i set a "simple" membership checking in ./modules/ldap
it works fine.
My problem is, I have several NAS (Some APs, Switches, VPN-Servers).
Hello,
in the jRadius config there are the options FAIL and REJECT for the onfail
parameter. Can someone explain the difference?
Behaviour seems identical in wireshark traces, sending an Access Reject in both
cases.
Thanks
Christian
-
List info/subscribe/unsubscribe? See http
actual session would be the best way for doing
that. So is there a way to temporarily change the usergroup for the
reply-message in runtime?
Best regards,
Christian Kneissl
O?. Ferngas Netz GmbH, Sitz Linz, FN 293793 z (LG Linz)
Diese Nachricht ist vertraulich und nur f?r den/die Adressaten
. All I really need to know is how to get a script to run
with the radius so that it requests that information, or just pulls that
information from the connection.
Any ideas on how to do this would be extremely helpful.
Thank you,
Christian
RIT Applied Networking and System Admin
Rochester
add it to a script or have to create my own database for the
information and my own script.
Christian Rahl
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Il 22/06/2010 08:08, Alan DeKok ha scritto:
> Christian Zoffoli wrote:
>> now I've fixed my problem in this way
>
> I'm not sure why.
>
> In all of this, you haven't explained what you want to do. You've
> asked about the SQL and checkval modul
Il 21/06/2010 20:26, Alan DeKok ha scritto:
> Christian Zoffoli wrote:
[many]
> Have you read the documentation as I suggested?
>
> No, not really. That's why my answers don't help.
probably I don't know many things to find my mistakes
now I've fixed my
e useless
guides, many threads on the mailing list and I've not understood the
right way
probably your answers doesn't help much
probably there is not so much doc and probably there are not enought
examples and the last book is 8 years old and doesn't cover what I need.
Best regards,
C
TO radacct
(acctsessionid,acctuniqueid, username, realm,
nasipaddress, nasportid, nasporttype,
acctstarttime,acctstoptime, acctsessiontime,
acctauthentic,connectinfo_start, connectinfo_stop,
acctinputoctets, acctoutputoctets, calledstationid,
callingstationid, acctterminatecause, servicetype,
framedprotocol, framedipaddress, acctstartdelay,
acctstopdelay,xascendsessionsvrkey) VALUES
('4c1f3111', 'ddca1f9d2efffb89', 'm7dby5cc',
'', '192.168.182.1', '1', 'Wireless-802.11',
'2010-06-21 14:36:35', NULL, '0', '', '', '',
'0', '0', '00-0D-B9-15-F4-C9', '00-22-15-16-35-B0', '',
'', '', '192.168.182.2', '0', '0', '')
rlm_sql (sql): Reserving sql socket id: 0
rlm_sql (sql): Released sql socket id: 0
++[sql] returns ok
expand: %{User-Name} -> m7dby5cc
attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] returns updated
Sending Accounting-Response of id 11 to 127.0.0.1 port 60147
Finished request 15.
Cleaning up request 15 ID 11 with timestamp +12417
Going to the next request
Waking up in 4.9 seconds.
---
Best regards,
Christian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Il 21/06/2010 08:30, Alan DeKok ha scritto:
> Christian Zoffoli wrote:
>> I've configured freeradius with mysql anche checkval and all works as
>> expected when I try to authenticate users with Calling-Station-ID and :=
>> operators in radgroupcheck but I cannot use it
Il 20/06/2010 20:02, Christian Zoffoli ha scritto:
> Hi to all,
> I've configured freeradius with mysql anche checkval and all works as
> expected when I try to authenticate users with Calling-Station-ID and :=
> operators in radgroupcheck but I cannot use it with != operator.
x27;t want other accounts to login on the above machines.
Can I use checkval also with != operator? ...if not, is there another way?
thank you,
Christian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
error error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
num
ber
SSL: SSL_read failed in a system call (-1), TLS session fails.
TLS receive handshake failed during operation
[peap] eaptls_process returned 4
[peap] EAPTLS_OTHERS
I will look if something is bad configured in the user's w
timeout.
After several seconds without response the radius client sent again the same
radius request to my server and it was discarded generating the errors logs
because it was trying to proxy the request to the remote server.
Thanks for your help, it has been very helpful
2010/3/17 Christian Pinedo
oad of errors. does using 'kinit' work? does using
> ntlm_auth work?
>
> alan
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
--
Christian Pinedo Zamalloa (zako)
PGP keyID: 0x828D0C80
Fingerprint: 7BFF 4105 F46B 7977 BD96 348C 1007 4FF8 828D 0C80
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
0]
libsmb/cliconnect.c:cli_session_setup_spnego(859)
Mar 16 16:33:00 radius01 winbindd[19731]: Kinit failed: KDC reply did not
match expectations
Authentication is working but i don't know if i should be worried about
these logs. Can you tell me? Thanks in advance,
--
Christian Pinedo Zamalloa (zako)
PGP ke
ar
NAS will also happily ignore the Class attribute. ^o^
But nevertheless, a very useful configuration snippet that would do well
in a future sample configuration.
Thanks again for the quick and comprehensive response,
Christian
--
Christian BalzerNetwork/Systems Engineer
owards the radius protocol
level and thus result in the NAS keep on sending that accounting packet?
Regards,
Christian
--
Christian BalzerNetwork/Systems EngineerNOC
ch...@gol.com Global OnLine Japan/Fusion Network Services
http://www.gol.com/
https://secure3.gol.
> Christian Lete wrote:
> > I'm wondering if it is possible to authenticate using 2 modules by
> > ANDing them? (the 2 modules must return true, to be a
> sucessfully authentication).
> > If so, would you please give me some pointers to documents, I will
>
Hi everybody,
I'm wondering if it is possible to authenticate using 2 modules by ANDing
them? (the 2 modules must return true, to be a sucessfully authentication).
If so, would you please give me some pointers to documents, I will take it
from there.
Best Regards,
Christian Lete
-
List
re any counters in FR that I could track? (like packets per
second, etc.)
Thanks,
Christian
--
Christian Hofstädtler
InQnet GmbH
Praterstraße 31
A-1020 Wien
Tel.: +43 1 212 7650 523
Fax.: +43 1 212 7650 610
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
correct? Is that not the job of the rlm_ldap to set the
Auth-Type if the set_auth_type is set?
Or did I do this completely wrong?
Thx,
Christian
--
Christian Goebel
___
Centre de Technologie de l'Education
29 avenue John F. Kennedy
L-1855 Luxem
Hi Jason,
with the answer from Alan we have found the dn-information in the control
item. You must use %{control:Ldap-UserDn} instead of %{Ldap-UserDn}
Regards,
Christan
On Monday 14 April 2008 23:18:42 Jason Alderfer wrote:
> > Jason Alderfer wrote:
> >> I'm testing upgrading to 2.0.3 from 1.
uld i do to get this setup working ?
I'm really out of ideas now.
Cause i tried a similar setup with 1.1.7 and ntlm_auth (instead of ldap) and it
works like expected there.
Thanks for your help in advance,
Best regards,
Christian
[EMAIL PROTECTED] schrieb:
> hi,
>
> you are
ext request
Processing the authorize section of radiusd.conf
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL
rlm_realm: No s
Alan DeKok schrieb:
> Christian Frank wrote:
>> I have a big problem with my radius setup. I want to authenticate
>> my users with peap+mschapv2. The radius backend is an ldap server.
>
> Does the LDAP server contain a clear-text or NT hashed password for
> the user?
or request 7
modcall[authorize]: module "chap" returns noop for request 7
modcall[authorize]: module "mschap" returns noop for request 7
rlm_realm: No '@' in User-Name = "cfra", looking up realm NULL
rlm_realm: No such realm "NULL"
m
That was it.
Removed a few hash marks in the peap and tls config and it ran.
Thank you for the quick responses everyone.
Regards
Christian
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:freeradius-users-
> [EMAIL PROTECTED] On Behalf Of
> [EMAIL PROTECTED]
>
quest found, released from the list
rlm_eap: EAP NAK
rlm_eap: EAP-NAK asked for EAP-Type/peap
rlm_eap: No such EAP type peap
rlm_eap: Failed in EAP select
modcall[authenticate]: module "eap" returns invalid for request 4
modcall: leaving group authenticate (returns invalid) for reques
fig havn't done anything to it but
added some users and one other client.
Thank you in advance
Christian
LOGS BELOW -
All I get in radius.log is
Mon May 14 19:50:20 2007 : Info: rlm_eap_md5: Issuing Challenge
--- CISCO DEBUG RADIUS
paragraph that Phil suggested.
Thanks a lot for your hints, simply great!
Best regards - Christian
___
SMS schreiben mit WEB.DE FreeMail - einfach, schnell und
kostenguenstig. Jetzt gleich testen! http://f.web.de/?mc=021192
-
List info/s
Hi members,
I have a problem with the name of hosts. Here is the situation:
I have an LDAP Directory which is filled by samba-Deamon, for example with
hosts that are added to my domain. Samba signs every host-account with a "$" at
the end. If my laptop would be named christian,
hope that you can help me with a
hint, i added my radiusd.conf below.
Regards - Christian
prefix = /usr
exec_prefix = ${prefix}
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
radacctdir
doesn't participate
the communication between host and samba domain controller in the same way it
does between host and radius.
Could you give me a hint how to exit this desaster?
Thanks and regards - Christian
___
SMS schreiben
Christian Hohmann wrote:
>> Now the Problem: Some workstations are added to a samba managed domain
and can only login on the samba service.
>> It seems to me, that the winxpsp2 supplicant first wants to authenticate at
>> the samba server. But the switch doesn?t allow the conne
switch doesnt allow the connection, because the port is
closed until the eap-authentication is handled.
I really hope that you can give me a hint.
Regards - Christian
___
SMS schreiben mit WEB.DE FreeMail - einfach, schnell und
Thank all for your help.
My freeradius with mysql is working now.
Christian
- Original Message -
From: satish patel
To: FreeRadius users mailing list
Sent: Friday, April 06, 2007 2:55 AM
Subject: Re: Problem with freeradius and mysql
Dear all
Here I
= no
Module: Instantiated realm (suffix)
ERROR: Cannot find a configuration entry for module "sql".
radiusd.conf[1801] Unknown module "sql".
radiusd.conf[1730] Failed to parse authorize section.
I'm running openbsd 4.0 and these programs:
mysql-client-5.0.22
working with radius servers.
Hope someone has some input to this type of setup.
Regards
Christian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Evert,
this works for me with the CVS version 2.0.0pre0.
regards,
Christian
Evert wrote:
> Is no-one else bothered by this error? Or am I the only one experiencing
> it...? ;-)
>
> Regards,
> Evert
>
>
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
you should check if php is installed and add this line to your httpd.conf
AddType application/x-httpd-php .php3
regards,
Christian
anyuru francis wrote:
> Hello,
>
> Am installing freeRadius with Mysql5 and dialup admin with a freebs
x27;m a little bit lost now, maybe I don't see the obvious. Any hints
what can cause this error are appreciated.
regards,
Christian
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla
On Tue, Sep 12, 2006 at 10:21:38AM -0400, Alan DeKok wrote:
> Christian Hahn <[EMAIL PROTECTED]> wrote:
> > Do you mean IPv6 transport or support for IPv6 attributes (RFC3162)?
> > RFC3162 is supported by freeradius 2.0.0-pre0 (CVS), IPv6 transport as
> > far as I know i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
나종현 wrote:
>
>
> whether Free-Radius support IPv6??
Do you mean IPv6 transport or support for IPv6 attributes (RFC3162)?
RFC3162 is supported by freeradius 2.0.0-pre0 (CVS), IPv6 transport as
far as I know is not supported.
help and of course for freeradius,
Christian
Christian Hahn wrote:
>>> /usr/local/etc/raddb/users[227]: Parse error (reply) for entry
>>> hextest: unknown attribute type 8
>>> Errors reading /usr/local/etc/raddb/users
>> thsi works with the 2.0pre CVS code...
and it works.
Christian
> 2)Does it has support for both Solaris and HP-Unix.
> 3)Is it Multi Threaded safe.
>
> Thanks in advance,
>
> Ram.
>
>
> ===
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan DeKok wrote:
> Christian Hahn <[EMAIL PROTECTED]> wrote:
>> I've just compiled the CVS version from 20060830 with
>> prefix=/root/bin/freeradius-cvs. When starting radiusd it complains
>> that the compile
radiusd.conf for wrong lib paths.
Any ideas what happend here?
thanks,
Christian Hahn
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFE9Yje6kMW7HW8620RAnmdAKC71GKjxryrD12RczaZInhDNysI3gCfeFWW
ExBmtSIHLtV4xvd/0
2.0.0-pre0 code is? Is it
just a development branch for new features or will this be eventually
the next release train?
best regards,
Christian
>
> FreeRADIUS Version 2.0.0-pre0
>
> dict.c: { "ipv6prefix", PW_TYPE_IPV6PREFIX },
> print.c:case PW_TYPE_IPV6PRE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Alan DeKok wrote:
> Christian Hahn <[EMAIL PROTECTED]> wrote:
>> hextest Auth-Type := Local, User-Password == "secret"
>> Service-Type = Framed-User,
>> NAS-IP-Address = xx.xx.xx.xx,
>
ute 97 should look
different?
Any hint would greatly appreciated.
best regard,
Christian Hahn
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFE9C2G6kMW7HW8620RAntmAJ9vRzaBDqNV5FIT/esloKn8Q149BQCgk/42
[EMAIL PROTECTED]
wrote:
> "Christian Poessinger" <[EMAIL PROTECTED]> wrote:
>> I'm really getting confused now ... is it actually possible to use
>> md5 hashed passwords in a sql backend and doing EAP-TTLS for
>> authenticating wireless clients?
>
> It generally seems to me to be more an EAP problem. When i to on the
> shell 'radtest user radiusserver 0 secret' it
> works fine.
>
> When changing arround the Atrribute field i get wrong Atrribute
> errors. But with the User-Password attribute i get that strange
>
>
> modcall: lea
[EMAIL PROTECTED]
wrote:
> And here is the example of sucessful logon with radtest:
>
> radtest bbb badblueboy 192.168.1.129 1 testing123
>
>
> rad_recv: Access-Request packet from host 192.168.1.129:35640, id=191,
> length=55
> User-Name = "bbb"
> User-Password = "badblueboy"
>
[EMAIL PROTECTED]
wrote:
> [EMAIL PROTECTED]
> wrote:
>>
>> Please read the EARLIER messages in the debug log. It's obvious
>> that the password was NOT read from SQL, so authentication will not
>> work.
>>
>> Get the server to read the password from SQL. Debug log WILL SAY
>> when the ap
[EMAIL PROTECTED]
wrote:
>
> Please read the EARLIER messages in the debug log. It's obvious
> that the password was NOT read from SQL, so authentication will not
> work.
>
> Get the server to read the password from SQL. Debug log WILL SAY
> when the appropriate user entry is matched.
>
[EMAIL PROTECTED]
wrote:
> "Christian Poessinger" <[EMAIL PROTECTED]> wrote:
>> Well, changing it to MD5-Password results in
>
> In 1.1.x, use "User-Password"
Changed the content of the SQL Attribute field to 'User-Password' but I
still
g
[EMAIL PROTECTED] wrote:
> "Christian Poessinger" <[EMAIL PROTECTED]> wrote:
>> As I have to use the SQL attribute field with 'Crypt-Password' in it
>
> Why? Why not just change that?
>
> Alan DeKok.
Well, changing it to MD5-Password resul
Hello,
I'm trying to setup a System to authenticate WLAN users via EAP-TTLS with
md5 crypted passwords, stored in a sql database.
I'm using MySQL as the Backend and it works great when the passwords are
stored in cleartext or UNIX crypt. When i convert the password from crypt to
md5 and change pa
Hello,
I'm trying to setup a System to authenticate WLAN users via EAP-TTLS with
md5 crypted passwords, stored in a sql database.
I'm using MySQL as the Backend and it works great when the passwords are
stored in cleartext or UNIX crypt. When i convert the password from crypt to
md5 and change pa
you answer :-(
Christian Meutes
systems engineer
--
claranet gmbh internet service provider
tel +49 (0) 69 - 40 80 18 - 300
email: [EMAIL PROTECTED] http://www.claranet.de/
- List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
Hey list,
can anybody give me an exampl
you answer :-(
Christian Meutes
systems engineer
--
claranet gmbh internet service provider
tel +49 (0) 69 - 40 80 18 - 300
email: [EMAIL PROTECTED] http://www.claranet.de/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello Alan,
--On Monday, July 03, 2006 12:11:14 PM -0400 Alan DeKok <[EMAIL PROTECTED]>
wrote:
Add a compare attribute User-Name, with operator =~, and put the
regex into the value field.
What has to be in the Username column then?
Christian Meutes
systems engineer
--
clarane
. The Auth-Type of these
usernames is always "Accept".
How can i accomplish this? The username itself in the MySQL table doesnt
has a check row..
Thanks for any help!
Christian Meutes
systems engineer
--
claranet gmbh internet service provider
tel +49 (0) 69 - 40 80 18 - 300
ema
in cause of a
> user default accept configuration. In proxy.conf i have set for the proxy
> realm a default_fallback=no, but this doesnt help. Anybody with an idea why
> this is happening? I dont want that the auth requests are tried locally if
> the real radius server isnt answering.
>
&g
in advance ...
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
Mit freundlichen Grüßen
Christian Meutes
systems engineer
--
claranet gmbh inter
user default
accept configuration. In proxy.conf i have set for the proxy realm a
default_fallback=no, but this doesnt help.
Anybody with an idea why this is happening? I dont want that the auth
requests are tried locally if the real radius server isnt answering.
best regards,
Christian
Christian Poessinger wrote:
> Zoltan Ori wrote:
>>
>> That's the problem everything is uncommented. Comment out ntlm_auth
>> and with_ntdomain_hack. If you have plain text passwords, you aren't
>> authenticating to a Windows domain controller, you don'
x27;t need want them in your mschap
> configuration.
Sorry, my fault :), there was a typo in my last message. I double and
tripplechecked my configs but I don't find the error. Can you please
have a look? I uploaded em to http://helix.mybll.de/raddb
Thanks, Christian Poessinger
-
King, Michael wrote:
> Christian, That is what he is saying your problem is, everything is
> uncommented
Sorry, with uncommented i ment that all is commented out. Sorry my fault.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Zoltan Ori wrote:
> You have ntlm_auth in your mschap configuration. You don't want that
> for LDAP.
> You don't need anything NT in that module. The default configuration
> had everything commented out but authtype = MS-CHAP. Start with that
> and then add what you need.
Nope, there is everything
Michael Griego wrote:
> Your problem lies here:
>
> modcall: entering group Auth-Type for request 6
> rlm_mschap: No User-Password configured. Cannot create LM-Password.
> rlm_mschap: No User-Password configured. Cannot create NT-Password.
> rlm_mschap: Told to do MS-CHAPv2 for USERNAME wit
Zoltan Ori wrote:
>
> Are there any other errors in the log? The actual reason for
> rejection may come long before that.
>
Here is the complete log:
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config:
Zoltan Ori wrote:
> On Monday 28 November 2005 12:32, Christian Poessinger wrote:
>> rlm_eap_peap: Had sent TLV failure, rejecting.
>
> Use the latest available drivers for your wireless adaptor. I've
> encountered many strange connectivity issues that are fixed with ne
Zoltan A. Ori wrote:
> On Sunday 27 November 2005 06:52, Christian Poessinger wrote:
>>
>> Yes, I'm trying to use PEAP, I have configured MS-CHAPv1 as
>> described in many Howtos.
>>
>
> MS-CHAP V2 is in the Howtos of PEAP that I have read. In any case,
&
Zoltan A. Ori wrote:
>
> Are you trying to use PEAP/MSCHAP-V2? I don't see any mschapv2 in
> your logs.
>
Yes, I'm trying to use PEAP, I have configured MS-CHAPv1 as described
in many Howtos.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Zoltan A. Ori wrote:
> I'm not an expert and am often wrong, but I don't think FreeRADIUS is
> the problem here. Everything is working up to that point. Does it
> break at the same place every time? Double check the NAS and
> supplicant configurations.
>
> -
> List info/subscribe/unsubscribe? See
Zoltan A. Ori wrote:
> On Saturday 26 November 2005 08:50, Christian Poessinger wrote:
>
>> rlm_eap_peap: Session established. Decoding tunneled attributes.
>> rlm_eap_tls: <<< TLS 1.0 Alert [length 0002], fatal access_denied
>> TLS Alert read:fatal:acces
Hello folks, I want to do a setup with a HP Procurve 520wl
Access Point, OpenLDAP and FreeRadius with 802.1x and users
in my LDAP backend. LDAP and Radius works fine, when i do a
radtest user pass radius.domain.tld 0 secret
i get an access accept package back. Now i configured my AP to
use the Ra
Yohoo!
What about "doc/ChangeLog" ?
Greets
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Yohoo!
Ok, I got it running. My freeradius authenticates vs. our ActiveDirectory (MS
Win 2003 Server).
Here is a short summary, written as HowTo. It's version 0.0.1beta ;-)
_*Mini HowTo*_
*Authenticate freeradius vs. ActiveDirectory*
Nov. 2005
*Author:*
Christian Völker, c.voelke
e disadvantage when using PAP?
Greets
Christian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Yohoo!
>> I hope, I could help some people trying to use AD for radius.
>there is another way - use the krb module to authenticate against AD
Are there any advantages/ disadvantages ldap <-> krb5?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
e it (I think so! ;-))
Greets
Christian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
outs
timeout =
40
timelimit =
30
net_timeout = 10
}
The users-file left
on default, no changes.
I hope, I could help
some people trying to use AD for radius.
And, I hope, someone
will help me with my user-problem.
Greets
Christ
Reply-Message = "No access."
snip---
Works fine here. Is there the need of a short howto for the doc/ ?
Greets
Christian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Can you point me to the explanation, i cant find it?
--On Wednesday, November 09, 2005 01:23:22 AM -0500 Alan DeKok
<[EMAIL PROTECTED]> wrote:
Dusty Doris <[EMAIL PROTECTED]> wrote:
Our authentication structure is quite different as we are looking more
for availability. But in the accounti
ail for request 8
---snip---
The line in the log is the same as I enter
it at command line. Why is the answer different?
Thanks for your help and/ or ideas for
problem solution!
Greets from Germany
Christian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
jeah nice, it works!
thanks & regards,
-christian
--On Sunday, October 30, 2005 11:21:49 AM -0500 Alan DeKok <[EMAIL PROTECTED]>
wrote:
Christian Meutes <[EMAIL PROTECTED]> wrote:
i have the demand to forward some auth-requests to some further radius
servers, but only in
iam not forwarding on realm because the realm is always the same!
--On Sunday, October 30, 2005 11:52:04 -0500 Joe Maimon <[EMAIL PROTECTED]>
wrote:
Christian Meutes wrote:
Hello,
i have the demand to forward some auth-requests to some further radius
servers, but only in the case
wont scale inside of proxy.conf and further more i think that
there is no part of the User-Name which could be match in proxy.conf to
proxy some user requests to different radius servers.
I would be happy if anybody could point me to an option to realize this.
regards,
-christian
-
List info/subscr
cket from host 172.20.23.232:33352, id=212,
length=69
Sending Access-Reject of id 212 to 172.20.23.232:33352
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 172.20.23.232:33353, id=213,
length=69
Sending Access-Reject of id 213 to 172.20.23.232:33353
Waking up in 1 seconds...
--- Walking the entire request list ---
Either i have a problem with my authorize section or the username shouldnt
include an "+" i think.
Anybody with an idea?
kind regards,
-christian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
simple question:
is there any possibility to rewrite accounting attributes apart from using
rlm_attr_rewrite?
-christian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
it seems that freeradius has problems with running MySQL with linuxthreads,
when compiling MySQL with native pthreads then its running.
I dont know why this makes problems only with freeradius, other
applications are running just fine with MySQL and linuxthreads...
--On Wednesday, Octobe
es
rlm_attr_rewrite.
Would be very interesting to know how this could be accomplished.
Maybe anyone from the list does have an answer...
regards,
christian
--On Tuesday, October 11, 2005 15:43:46 +0400 "Vicor M. Polukcht"
<[EMAIL PROTECTED]> wrote:
Hi all. I have a hardware t
1 - 100 of 167 matches
Mail list logo