You may want to use
phpMyPrepaidhttp://sourceforge.net/project/showfiles.php?group_id=127438
==
Benjamin K. Eshun
- Message d'origine
De : Pratchaya Chatuphian [EMAIL PROTECTED]
À : freeradius-users@lists.freeradius.org
Envoyé le :
use smbpasswd and mschap
==
Benjamin K. Eshun
- Message d'origine
De : Alan DeKok [EMAIL PROTECTED]
À : FreeRadius users mailing list freeradius-users@lists.freeradius.org
Envoyé le : Dimanche, 12 Août 2007, 15h11mn 02s
Objet : Re: Help
Freeradius can dynamically authenticate against PAP or MSCHAP. You would
have to have 2 password db. ( eg. unix passwd and smbpasswd). You can not use
one db for both. It does it like magic :-) if you have to db.
==
Benjamin K. Eshun
-
You can setup pap authentication in freeradius and enable password
authentication ( by setting $userpassword=1;) on your chillispot cgi login
script. If you are using dd-wrt on your WRT54GL then you can also configure
your box for firewall protection etc. You may have to ask this questions in
Download freeradius and follow the instructions. There are a lot of info on the
wiki and faq pages.
ftp://ftp.freeradius.org/pub/radius/freeradius-1.1.7.tar.bz2
http://tldp.org/HOWTO/8021X-HOWTO/freeradius.html
http://www.missl.cs.umd.edu/wireless/eaptls/
http://wiki.freeradius.org/WPA_HOWTO
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
==
Benjamin K. Eshun
- Message d'origine
De : inelec communication [EMAIL PROTECTED]
À : freeradius-users@lists.freeradius.org
Envoyé le : Jeudi, 2 Août 2007,
There is log file. Check your configure log to find out the path you specified
for the log. You can also run in debug mode. radiusd -X
==
Benjamin K. Eshun
- Message d'origine
De : [EMAIL PROTECTED] [EMAIL PROTECTED]
À :
You have misconfigured the Nas-Identifier
govardhana Nas-Identifier == nas, Nas-Port-Type == 15
You haveNAS-Identifier = jrcnas
==
Benjamin K. Eshun
- Message d'origine
De : Govardhana K N [EMAIL PROTECTED]
À : FreeRadius
28s
Objet : How to configure EAP Identity in 1.1.3
I changed it but the same error is still coming.
On 7/16/07, Eshun Benjamin [EMAIL PROTECTED] wrote:
You have misconfigured the Nas-Identifier
govardhana Nas-Identifier == nas, Nas-Port-Type == 15
You haveNAS-Identifier = jrcnas
domain user credentials
read the config comments carefully and the howtos on the wiki and can fix it.
==
Benjamin K. Eshun
- Message d'origine
De : Carlos Jimenez Barranco [EMAIL PROTECTED]
À : FreeRadius users mailing list
freeradius-users@lists.freeradius.org
Envoyé le : Lundi, 9 Juillet 2007, 18h12mn 28s
Objet : Re: PEAP certificates, signing requirements and examples
Eshun Benjamin wrote:
Hi All,
I came across this infomation and tought it would be nice to drop it
here. Eventhough it is ssl issue it has to do
Hi Alan,
You are doing good job and kudos to your team. Just want some clarafication on
this issue.
make_cert_command = ${certdir}/bootstrap;
its excellent tool but it only creates clientAuth and serverAuth and
does not add PEAP which ofcourse one can add by himself. Eventhough
freeradius
PROTECTED]
À : FreeRadius users mailing list freeradius-users@lists.freeradius.org
Envoyé le : Mardi, 10 Juillet 2007, 14h55mn 34s
Objet : Re: Re : PEAP certificates, signing requirements and examples
Eshun Benjamin wrote:
I have read and used the make_cert_command = ${certdir}/bootstrap; its
excellent
It is explained in the config file.
# The reply attributes sent to the NAS are
# usually based on the name of the user
# 'outside' of the tunnel (usually
# 'anonymous'). If you want to send the
# reply attributes based on the user name
i have a wrt54g linksys running dd-wrt
can someone help or give a link on how to deploy using the same linksys box.
Do this,
The settings below will help:
SETUP
Internet connection: IP on WAN
Under Optional Settings
Host Name: MyWireless (Name of your client-AP)
Domain Name:
Hi All,
I came across this infomation and tought it would be nice to drop it here.
Eventhough it is ssl issue it has to do with PEAP. Just to discuss; any
comments.
PEAP certificates, signing requirements and examples
There are only minor differences between standard SSL certificates used by
: Alan DeKok [EMAIL PROTECTED]
À : FreeRadius users mailing list freeradius-users@lists.freeradius.org
Envoyé le : Jeudi, 21 Juin 2007, 10h44mn 24s
Objet : Re: Re : Off-topic: DHCP server with radius support
Eshun Benjamin wrote:
...
A radius server assigning IPs ...that is not radius
Is there any way to configure free radius + eap-tls module to avoid to send CA
certificate during EAP-TLS negotiation?
You may have to read the RFC :-). You need the certificates to do EAP-TLS
==
Benjamin K. Eshun
- Message d'origine
Slightly off-topic. Is anyone aware of a DHCP server with radius
support. Or even just with exec support? I 'd like to setup a DHPC that
will ask a radius server for IP instead of assigning it itself
A radius server assigning IPs ...that is not radius (!) . May be you mean
the radius
ERROR: Failed to open socket:
check the port 1812 if it is being used. Or you can also run radius on the old
school port 1645 for testing.
==
Benjamin K. Eshun
- Message d'origine
De : Debashis Prusty [EMAIL PROTECTED]
À : FreeRadius
Well in my current configuration I have the RADIUS server certificate in
certificate_file and CA certificate in CA_file.
But with that configuration , the radius server is still sending the CA
certificate.
The CA_path folder is empty and the CA_file is commented out. This should work
for you.
sounds interesting can you post your tls section config
==
- Message d'origine
De : Reimer Karlsen-Masur, DFN-CERT [EMAIL PROTECTED]
À : FreeRadius users mailing list freeradius-users@lists.freeradius.org
Envoyé le : Lundi, 18 Juin
Is it normal?
No. You have to turn off debug mode from your dial-up admin config
==
Benjamin K. Eshun
- Message d'origine
De : Carl aniams [EMAIL PROTECTED]
À : freeradius-users@lists.freeradius.org
Envoyé le : Vendredi, 8 Juin 2007,
There was a post on this by Mike;
You'll have to set up two instances of the EAP module. The first
instance will have the TLS submodule set up with the information for
Cert1.pem (and the appropriate key and CA cert). The second instance
will have its TLS submodule set with the info for
Jian Wang wrote:
Is there an RFC standardizing the attribute mapping between LDAP and
RADIUS?
look at this doc;
http://docs.sun.com/source/806-4252-10/mapping.htm
==
Benjamin K. Eshun
- Message d'origine
De : Alan Dekok [EMAIL
I want to send out Authentication Request message with only the
User-Name and Password. Moreover i want the password to be clear
text.
Is it possible to configure the free-radius server for just
these requirements?
YES
I did configure the username and password in the users file
but server
: Re: EAP-TTLS PEAP MCHAPv2
Hey.
Append all intermediate CA certificates onto the end of the file specified
with the certificate_file option in the eap.conf files eap-tls section.
This file usually hold your RADIUS server certificate and can additionally
hold the chain certificates as well.
Eshun
Any one has an idea of how to get rid of
The server certificate is not trusted because there are no explicit trust
settings
on MAC OSX 10.4.9 without selecting always trust these freecertificate
___
Découvrez
Any one has an idea of getting rid of
The server certificate is not trusted because there are no explicit trust
settings
on MAC OSX 10.4.9 without selecting always trust this certificate
==
Benjamin K. Eshun
- Message d'origine
You have to look up for
1. In the eap.conf under tls it is clear;
# This can never exceed the size of a RADIUS
# packet (4096 bytes), and is preferably half
# that, to accomodate other attributes in
Does anybody have import passwords into a mysql table. Is it possible or is
it a bullshit ?
yes it is possible
==
Benjamin K. Eshun
- Message d'origine
De : Jean Frontin [EMAIL PROTECTED]
À : freeradius-users@lists.freeradius.org
Use this:
eap {
default_eap_type = peap
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
# Supported EAP-types
# EAP-TLS
tls {
private_key_password = x
private_key_file = ${raddbdir}/certs/freeradius_key.pem
certificate_file =
Thanks I can connect windows with PEAP/ MSCHAPv2 . Need to fix the certificates.
==
Benjamin K. Eshun
- Message d'origine
De : Arran Cudbard-Bell [EMAIL PROTECTED]
À : FreeRadius users mailing list freeradius-users@lists.freeradius.org
Module: Library search path is /usr/local/lib
*** glibc detected *** radiusd: double free or corruption (fasttop):
0x090fcde8 ***
if you are installing 1.1.5 then install cvs .
$ cvs -d :pserver:[EMAIL PROTECTED]:/source login
CVS password: anoncvs
$ cvs -d :pserver:[EMAIL
Mac connects but ms windows does not. I am doing server side cert. Error from
ms windows.
User-Name = testgeneral
NAS-IP-Address = 10.1.5.26
Called-Station-Id = 0016014d9158
Calling-Station-Id = 0019e3034ceb
NAS-Identifier = 0016014d9158
NAS-Port = 36
The settings below will help:
SETUP
Internet connection: IP on WAN
Under Optional Settings
Host Name: MyWireless (Name of your client-AP)
Domain Name: yourdomain.com (Your own domain)
MTU: Auto
Under Network Setup
Router
Local IP: 192.168.1.1
Subnet: 255.255.255.0
Gateway: 0.0.0.0
DHCP
DHCP
Frame-Filter-ID = std.ppp
it takes a string value and accepted in Access Accept packects not in Access
Request, Access Reject and Access Challenge
==
Benjamin K. Eshun
- Message d'origine
De : Zion Somech [EMAIL PROTECTED]
À :
Module: Library search path is /usr/local/lib
*** glibc detected *** radiusd: double free or corruption (fasttop):
0x090fcde8 ***
update your perl and install cvs
$ cvs -d :pserver:[EMAIL PROTECTED]:/source login
CVS password: anoncvs
$ cvs -d :pserver:[EMAIL
if radiusd -X works then
check whether yourpid was created successfully when you run radiusd;
if some folders leading to it are missing create them.
==
Benjamin K. Eshun
- Message d'origine
De : elmalhi abdelghani
$ cvs -d :pserver:[EMAIL PROTECTED]:/source login
CVS password: anoncvs
$ cvs -d :pserver:[EMAIL PROTECTED]:/source checkout -r
branch_1_1 radiusd
==
Benjamin K. Eshun
- Message d'origine
De : Alexander V. Klepikov [EMAIL PROTECTED]
À
make clean
==
Benjamin K. Eshun
- Message d'origine
De : elmalhi abdelghani [EMAIL PROTECTED]
À : freeradius-users@lists.freeradius.org
Envoyé le : Vendredi, 23 Mars 2007, 14h02mn 10s
Objet : freeradius unistalling
Hi,
how i can
Who has CA.all script for generating test certificates for testng purpose on
radius. Link me up.
==
Benjamin K. Eshun
- Message d'origine
De : Alan DeKok [EMAIL PROTECTED]
À : FreeRadius users mailing list
@lists.freeradius.org
Envoyé le : Lundi, 19 Mars 2007, 16h45mn 26s
Objet : Re: Re : CA.all
http://www.openssl.org/
Dana 19/3/2007, Eshun Benjamin [EMAIL PROTECTED] piše:
Who has CA.all script for generating test certificates for testng purpose on
radius. Link me up
Alan, great, I cant wait for the magic ..:-).
==
Benjamin K. Eshun
- Message d'origine
De : Alan DeKok [EMAIL PROTECTED]
À : FreeRadius users mailing list freeradius-users@lists.freeradius.org
Envoyé le : Samedi, 17 Mars 2007,
I want to make a silly question but i don't know a lot on cvs. I want to
download the freeradius-1.1.5 with branch_1_1 via cvs and i use the
following command after connected to the server:
cvs -d :pserver:[EMAIL PROTECTED]:/source checkout -r
branch_1_1 radiusd
Is the cvs command right? I
freeradius-1.1.5 : *** glibc detected *** double free or corruption
compile new perl and recompile 1.1.5 without the option experimental modules
==
Benjamin K. Eshun
- Message d'origine
De : adreas polyxronopoulos [EMAIL PROTECTED]
À :
check your settings in .../conf/admin.conf
#
# can be one of mysql,pg where:
# mysq: MySQL database (port 3306)
# pg: PostgreSQL database (port 5432)
#
sql_type: mysql
sql_server: localhost
sql_port: 3306
sql_username: dialup_admin
sql_password: XX
sql_database: radius
sql_accounting_table:
Hello,
Sorry to bother you again. Where should I
apply the Crypt-Password? Should I apply it in
radiusd.conf or in the ldap.attrmap file?
Do the changes in ldap.attrmap
CheckItemCrypt-Password userPassword
CheckItemUser-PassworduserPassword
48 matches
Mail list logo