On 27/09/2011 11:25, Alan DeKok wrote:
Fabien COMBERNOUS wrote:
In the samples schema.sql proposed for SQL backend, no foreign keys are
used. Any reason ?
The schema is designed to be simple. What foreign keys would you
propose it use?
here a patch proposed :
--- schema_orig.sql2011
On 28/09/2011 11:52, Fajar A. Nugraha wrote:
On Wed, Sep 28, 2011 at 3:50 PM, Fabien COMBERNOUS
fcombern...@kezia.com wrote:
# Table structure for table 'radgroupcheck'
@@ -117,8 +117,10 @@
username varchar(64) NOT NULL default '',
groupname varchar(64) NOT NULL default '',
priority
On 28/09/2011 11:45, Alan DeKok wrote:
Fabien COMBERNOUS wrote:
here a patch proposed :
A bit of explanation would help.
Foreign key : add a username in radusergroup table needs to exist in
radcheck table and be equal.
On cascade : if you update ou delete a username in radcheck table
Hi,
In the samples schema.sql proposed for SQL backend, no foreign keys are
used. Any reason ?
With ON DELETE CASCADE or ON UPDATE CASCADE constraint it should be
easier to manage updates or deletetion of records ?
Am i missing something ?
--
*Fabien COMBERNOUS*
/unix system engineer
On 14/01/2011 23:47, Alan DeKok wrote:
Fabien COMBERNOUS wrote:
[...]
David is not bridling but just remember his constraints.
They are *his* constraints. If he can't even install a version of
2.1.10 in order to run radtest which can do MS-CHAP, then those
constraints are ridiculous
Title: mail Kezia : Fabien COMBERNOUS
On 14/01/2011 15:32, Phil Mayers wrote:
[...]
Even though you are bridling at my advice, I'm going to try one
last time to be helpful.
Imagine that David is alone, on an very isolated island without any
or
information are wellcome.
Regards,
--
Fabien COMBERNOUS
unix system engineer
www.kezia.com
Tel: +33 (0) 467 992 986
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
an accept
with a vlan, or look for a "reject vlan" feature on your switch.
I'm using macauth. But how to assign a vlan on devices unidentified
?
--
Fabien COMBERNOUS
unix system engineer
www.kezia.com
Tel: +33 (0) 467 992 986
}
}
But the radius log says :
? Evaluating (notfound) FALSE
...
Failed to authenticate the user
What am i misunderstanding ?
--
Fabien COMBERNOUS
unix system engineer
www.kezia.com
Tel
notfound
++- if (notfound) returns notfound
? Evaluating (notfound) - TRUE
++? if (notfound) - TRUE
++- entering if (notfound) {...}
+++[reply] returns notfound
++- if (notfound) returns notfound
Regards,
--
Fabien COMBERNOUS
Have you tested this? With radclient/radtest? It should work, from
what I can see.
no. I didn't tested.
Thank you for your help.
--
Fabien COMBERNOUS
unix system engineer
www.kezia.com
Tel: +33 (0) 467 992 986
efault" for some additional
documentation.
#
$INCLUDE sites-enabled/
Regards,
--
mail Kezia : Fabien COMBERNOUS
Fabien COMBERNOUS
unix system engineer
www.kezia.com
Tel: +33 (0) 467 992 986
-
List info/subscri
,
--
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com http://www.kezia.com/
*Tel: +33 (0) 467 992 986*
Kezia Group
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
message past it here.
Regards,
--
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com http://www.kezia.com/
*Tel: +33 (0) 467 992 986*
Kezia Group
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
are following. You'll have to consided depends. And i have not enough
time to try your way on a box.
On Wed, Aug 18, 2010 at 7:05 AM, Fabien COMBERNOUS
fcombern...@kezia.com mailto:fcombern...@kezia.com wrote:
In general you can get the list of the files from a deb package
link.
This link does not permit to download any freeradius.
--
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com http://www.kezia.com/
*Tel: +33 (0) 467 992 986*
Kezia Group
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
, it should be easier to use
the .deb source. You'll get a .deb binary package and all the advantages
of .deb.
*
--
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com http://www.kezia.com/
*Tel: +33 (0) 467 992 986*
Kezia Group
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
/etc/freeradius/hints
/etc/freeradius/experimental.conf
/etc/freeradius/users
/etc/freeradius/huntgroups
...
--
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com http://www.kezia.com/
*Tel: +33 (0) 467 992 986*
Kezia Group
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
Fabien COMBERNOUS wrote:
[...]
So i used the other possibility with Egress-VLAN-Name instead of
Egress-VLANID.
It is easier to understand the meaning of the value and it works with
my version of FreeRadius.
About the dynamic vlan assignment i use the two methods explained in [1] :
- some
' ORDER BY id
rlm_sql: Failed to create the pair: Unknown value 0x320007 for attribute
Egress-VLANID
What am i missing or misunderstanding ?
Help is welcome.
Best regards,
[1] http://wiki.freeradius.org/HP
--
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com http://www.kezia.com
Alan DeKok wrote:
Fabien COMBERNOUS wrote:
I'm using FreeRadius 2.1.3. I'm doing a mac based port assignment with
sql backend.
...
But when i plug the equipment radius give this debug :
[sql1] expand: SELECT id, groupname, attribute, value,
op FROM
Alan DeKok wrote:
Fabien COMBERNOUS wrote:
I'm using FreeRadius 2.1.3. I'm doing a mac based port assignment with
sql backend.
...
But when i plug the equipment radius give this debug :
[sql1] expand: SELECT id, groupname, attribute, value,
op FROM
Alan DeKok wrote:
Fabien COMBERNOUS wrote:
I'm using Free radius for Mac Address authentication.
When a use tcpdump on the radius server, the Radius Request packet
contains all the mac Address. But in the radiusd -X output, the
User-Name is truncated. The last digit is erased and so
is appreciated.
--
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com http://www.kezia.com/
*Tel: +33 (0) 467 992 986*
Kezia Group
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
.
[1] http://wiki.freeradius.org/Fail-over
--
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com http://www.kezia.com/
*Tel: +33 (0) 467 992 986*
Kezia Group
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Tunnel-Type :
http://freeradius.org/rfc/rfc2868.html#Tunnel-Type
Where is decided the value of 13 ?
Best regards,
--
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com http://www.kezia.com/
*Tel: +33 (0) 467 992 986*
Kezia Group
-
List info/subscribe/unsubscribe? See http
radreply or radgroupreply to put
the port of my switch in the good vlan ?
Best regards,
--
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com http://www.kezia.com/
*Tel: +33 (0) 467 992 986*
Kezia Group
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok wrote:
Fabien COMBERNOUS wrote:
Hi there,
I'm trying to setup a freeRadius on MacOSX host 10.6. This OS use
FreeRADIUS Version 2.1.3.
I'm looking for informations about how to permit a client device to ask
an IP address when it is plugged on the network
ask to opendirectory (ldap)
if the client is allowed (Mac Address check) and in which vlan. Then if
the client is allowed the port of the switch is configured in the vlan
specified by opendirectory.
All informations are welcome.
--
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com http
29 matches
Mail list logo