Hi, i have downloaded and installed freeradius from git master FreeRADIUS
Version 3.0.0 (git #7a9281c), i m developing a module to do some charging based
on 3gpp2 standards for a cdma network, i have modified the dictionary to
reflect a subtype in one of the attributes:
ATTRIBUTE
Hi, thank you very much, that worked.regarding the float as parameter, i should
not have sent that as an example because it was wrong anyways as you very well
mentionedthe function is not expecting a float .. lol ... thanks for the advise
too!
From: jpablolorenze...@hotmail.com
To:
Hi Alan, i m sorry i m sorry if i m not being clear enough, but please consider
the example from my last reply: this is the code in the
module:pairadd(request-reply-vps,pairmake(3GPP2-Prepaid-Acct-Quota-QuotaIDentifier,1,
T_OP_EQ));
and this is what travels on the wire:
subtype = 01
Alan, can you please extend a little bot more ... what do you mean that you see
the correct value i see value f3 08 48 12 when i m actually expecting
0001 . i really dont see where it is actually correct. ... thanks!!!
From: jpablolorenze...@hotmail.com
To:
i realise now that i may have not been very clear in my explanation of the
problem, that problem is that all values for the fields are the wrong values,
for example, this is my code:
pairadd(request-reply-vps,pairmake(3GPP2-Prepaid-Acct-Quota-QuotaIDentifier,1,
T_OP_EQ));
and this is what
Thank you very much Alan and Peter!! it is nice to know that freeradius is
capable of doing so with minors changes in the dictionary. i m using stable
version 2.2 so i understand the master branch in the git supports this, i will
downloaded. thanks a lot !!!
From: jpablolorenze...@hotmail.com
Hi, i m implementing a module in which i m using some TLV for which i modified
the dictionary.3gpp2 as very well suggested in a different thread, but i see
that the data for those TLV fields are not encoded properly or at least that is
what wireshark is showing even thou debugging freeradius it
i m sorry i accidentally press the wrong combination of keys and the mail left
resuming my message below .
this is the data that tcpdump show as being transmitted for this attribute:
type = 1a length = 1a vendor = 00 00 15 9f vendor-type = 5a vendor-length = 14
subtype = 01
thank you very much for your reply, please find attached the pcap file. the
access-accept are my packages .. those are the ones with the problem. thanks!
From: jpablolorenze...@hotmail.com
To: freeradius-users@lists.freeradius.org
Subject: RE: wireshart shows wrong information
Date: Thu, 25 Apr
Hi, i m in the early stages of implementing a prepaid service for a CDMA
network, i have to exchange radius package using the 3gpp2 standard which is an
extension to the basic radius protocol. i m facing an issue and that is that
the attributes in the 3gpp2 standard included attributes that
Hi, i m writing a module2 for freeradius 2.1.10 on linux 2.6.18-194.el5PAE.
this is the code:
vp = pairfind(request-packet-vps,PW_USER_NAME);
DEBUG(Found username = %s,vp-data.strvalue);
// create and add the cleartext-password
vp_clear_password =
glad to hear from you as to why such an scenario make/doesn't make
sense.
Regards
Juan -
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Juan Perez wrote:
I want to implement a RADIUS load-balancing and failover scenario using
FreeRadius and Cisco ACS. The idea I have in mind is to have these two
servers answering to RADIUS requests in a round-robin fashion and should
one of them for some reason go down, the other one
Hi everybody!!
I've got a strange problem with expand the result of the execution of a
program. This is my config data:
-- dictionary ---
ATTRIBUTE mi-resultado-script 3003integer
- exec --
exec {
1
only to be sure, but this space appear again.
Could you help me with this?
Thanks again.
Date: Thu, 23 Sep 2010 13:19:54 +0200
From: al...@deployingradius.com
To: freeradius-users@lists.freeradius.org
Subject: Re: Problem with expand result of exec-program
Juan Rodríguez wrote:
Hi
Hi everybody!
I'm a new subcriber of this list. I'm trying to setup a radius server with LDAP
authentication; I've managed to authenticate a user (from a Cisco Device),
but my fellows from Security Department think that we should have a two-step
authentication:
1. User/password authentication,
module?
Regards..
devrim
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
Juan Pablo Botero
Administrador de Sistemas informáticos
http://jpill.wordpress.com
eSSuX: http://slcolombia.org/eSSuX
Linux Registered user #435293
-
List info/subscribe/unsubscribe
is denied access.
Thanks
--
Juan Pablo Botero
Administrador de Sistemas informáticos
http://jpill.wordpress.com
eSSuX: http://slcolombia.org/eSSuX
Linux Registered user #435293
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
for request 0
Sending Access-Reject of id 32 to 127.0.0.1 port 32770
Session-Timeout := 2400
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
Juan Pablo Botero
Administrador de Sistemas informáticos
http
. And use := not == as operator.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
Juan Pablo Botero
Administrador de Sistemas informáticos
http://jpill.wordpress.com
eSSuX: http://slcolombia.org/eSSuX
Linux Registered
. And use := not == as operator.
No. I ment what I wrote. User-Password shouldn't be used. Use
Cleartext-Password.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
Juan Pablo Botero
Administrador de Sistemas informáticos
= System, the users need to be Systems users.
Whit aut-type = ACCEPT, anyone can loggin.
I don't know what try now, i had been google, read in many forums.
Thanks a lot.
--
Juan Pablo Botero
Administrador de Sistemas informáticos
http://jpill.wordpress.com
eSSuX: http://slcolombia.org/eSSuX
Linux
Hi, it's working now. I used dictionary.bay, but I'm still confused
why my dictionary file didn't work. Thanks for the help.
Juan Pablo
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
, thanks.
Regards,
Juan Pablo
Logs: radiusd -X
rad_recv: Access-Request packet from host 10.0.2.26:21741, id=19, length=57
Service-Type = Framed-User
NAS-IP-Address = 10.0.2.26
User-Name = test1
User-Password = test1
Processing the authorize
are not correct when they are
sent.
What do you mean by that?
I mean I see (using ethereal) something like 00/00/00/04 as the
value of the Bay-User-Level attribute in the radius packet. So I guess
that value is wrong. Thanks for helping.
Regards,
Juan Pablo
-
List info/subscribe
this, finally today it's ready.
Thanks.
--
LCC Juan Manuel Lopez Villalobos
Departamento de Sistemas de Informacion
Coordinacion de Informacion Academica
Universidad Autonoma de Baja California
Tel: (686) 551 8274
Fax: (686) 551 8269
Conmutador: (686) 551 8222 y 8270 ext. 3360
-
List info
someone helpme??
--
LCC Juan Manuel Lopez Villalobos
Departamento de Sistemas de Informacion
Coordinacion de Informacion Academica
Universidad Autonoma de Baja California
Tel: (686) 551 8274
Fax: (686) 551 8269
Conmutador: (686) 551 8222 y 8270 ext. 3360
-
List info/subscribe/unsubscribe
}, what values return?
Thanks
--
LCC Juan Manuel Lopez Villalobos
Departamento de Sistemas de Informacion
Coordinacion de Informacion Academica
Universidad Autonoma de Baja California
Tel: (686) 551 8274
Fax: (686) 551 8269
Conmutador: (686) 551 8222 y 8270 ext. 3360
-
List info
Hi everyone!!
I have a question really important for my personal researches. Do you
know how many or which entreprises work today with freeRadius? Are
there any banks or security entreprises?
Thank you for your answers.
Juan Daniel MORENO
-
List info/subscribe/unsubscribe? See http
generated but not well encrypted. Can any of you tell me please how
can I fix this problem? Knowing that the RSA public key is 64 bytes long, is
it normal that the encrypted message is 64 bytes long too? Do you know
another openSSL function that public_encrypts a message?
Thank you, Juan Daniel MORENO
Hi,
I would like to know if EAP FAST is accepted by freeRadius or if it's
under development. If it is under development, when will it be
available? Thank you, Juan Daniel MORENO
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
)
tls: pem_file_type = yes
tls: private_key_file = /etc/raddb/certs/juan/key.key
tls: certificate_file = /etc/raddb/certs/juan/cert.cert
tls: CA_file = /etc/raddb/certs/demoCA/cacert.pem
tls: private_key_password = whatever
tls: dh_file = /etc/raddb/certs/dh
tls: random_file = /etc/raddb/certs
: SSL_read failed in a system call (-1), TLS session fails.
In SSL Handshake Phase
In SSL Accept mode
rlm_eap_tls: BIO_read failed in a system call (-1), TLS session fails.
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
rlm_eap: Freeing handler
Juan Daniel MORENO
-
List info/subscribe
Juan Daniel Moreno [EMAIL PROTECTED] wrote:
Thank you Alan, but now I have a new problem. I have been reading the
src/modules/rlm_eap/ to understand my problem but I don't find the
issue. In TLS establishment, the public key in the server.cert is 128
bytes length. I generate a random string
);
free (EncryptedPreMasterSecret);
free (temp);
free (tmpCert);
}
Thank you for your help. Juan Daniel MORENO
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
in a system call (-1), TLS
session fails.
I am using OpenSSL libraries and everything seems to work (the key is
found by the X509_get_pubkey). And I send all this data with
RSA_public_encrypt(). I don't know what I'm doing wrong.
Please help me! THANKS, JUAN
-
List info/subscribe/unsubscribe? See
length. Does it means that the
length in the first packet (when I send a two packets certificate) is
greater or less than in second packet? Or is just the header length
in this very packet?
Thank you four your help.
Juan Daniel MORENO
-
List info/subscribe/unsubscribe? See http
RSA_NO_PADDING
is accepted by freeRadius 1.0.4? Thank you very much.
Juan Daniel MORENO
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
a PreMasterSecret that is a vector of 46 random
bytes and the tls version (1.0).
My question is how can I do that. Am I obliged to get the ssl
libraries to public-key-encrypt this packet? Thank you for any
complemetary information.
Juan Daniel MORENO
-
List info/subscribe/unsubscribe? See http
Hi everyone, is me again!!
I have a question about freeradius 1.0.4. With LEAP protocol, the last
packet sent by the server has a leap-session-key. Does anybody knows
how this key is generated? Thank you very much!!!
Juan Daniel MORENO
-
List info/subscribe/unsubscribe? See http
very much!!
Juan Daniel MORENO
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello everyone,
I am interested in EAP protocols with OTP (one time password). I would
like to configure my freeradius 1.0.4 to be able to authenticate
passwords which has been created with Shawan's method and an
external key. Can anybody help me?
Thank you, Juan Daniel MORENO
-
List info
Hello,
I am trying to configure PEAP protocol with my freeRadius 1.0.4. I have
already configured PAP, CHAP, MS-CHAP v1, MS-CHAP v2,
EAP-md5, LEAP but I really don't understand the documentations about
it. Can anybody help me? Thanks a lot.
JUAN DANIEL MORENO
-
List info/subscribe/unsubscribe
Sorry for my last message without subject. I've already repared my problem. I had put in my users file:
test User-Password := password
# Auth-Type = Local
Reply-Message = Hello, %u
and this Reply-Message (which is included in users file as an example)
was the reason for my server to don't
Hi everybody again,
I would like to know if any of you has somme information about LEAP and
PEAP protocols. Does any RFC about them exist? I find nothing in the
net. Thanks you!!!
Juan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Waking up in 31 seconds...
Thread 1 got semaphore
Thread 1 handling request 5, (2 handled so far)
User-Name = juan
EAP-Message = 0x025700180410b8c3ecb73fe2a82ab50152301561f65f0008
State = 0x36f19352ad8e53da9ad68e321a2a1a81
Message-Authenticator = 0x676a955991b9dcdee684a339aa8420c2
Processing
Thank you Alan,
It works with -sf option.
regards
Juan
On 7/21/05, Alan DeKok [EMAIL PROTECTED] wrote:
Juan Priotti [EMAIL PROTECTED] wrote:
I'm using freeradius + jradius and I get a core dump when freeradius
is started normally. if I start freeradius with the option -X
everything
Hi all,
I'm using freeradius + jradius and I get a core dump when freeradius
is started normally. if I start freeradius with the option -X
everything works fine. I'm using FreeBSD 5.4, FreeRadius 1.0.4 +
jradius.
Anyone had this issue before? can somebody help me?
Thank you in advance
Juan
=192.168.1.197' |
/home/radius/bin/radclient -d /home/radius/etc/raddb/ -x
aaa.aaa.aaa.aaa:1645 disconnect secret
I get no response from NAS..
Thanks again!
Juan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
AS5300 I've added:
aaa pod server auth-type any server-key secret
What can be the problem??
Thanks in advance,
Juan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
!!
--
Juan Carlos Arevalo
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
=Framed-User\n;
print Session-Timeout=$timeout\n;
exit 0; # Grant Access
Thanks in advance,
Juan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
related to LDAP and what Dustin tells you
But I also add, that besides the external commands bug, I also saw some
of those errors too, while NOT using external commands, which
disappeared after upgrading to latest 1.0.x version form CVS.
Regards,
Juan
-
List info/subscribe/unsubscribe? See http
on linux.
What is the correct way to count number of open sessions for freeradius
server ?
-SK
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
___
Ing. Juan Manuel García Carral
IntermediaSP
Intermedia Comunicaciones S.A.
Suipacha 128
mentioned on my first e-mail disappeared,
and Exec-Program-Wait started working fine, without having any of the
other similar errors.
Regards,
Juan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
locally with the DEFAULT entry on my users file
and replicating the accounting logs on the remote radius server
radius.domain.tld
Is this approach fine?
Thanks in advance,
Juan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
/rlm_exec.c file from 1.0.2
with the one from the snapshot and compile??
Thanks in advance,
Juan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-characters in sql.conf??
If this is the case, why did this beheaviour change between 1.0.1 and
current CVS?
Thanks again,
Juan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
versions
would it be to crazy to downgrade?
or should I use latest from CVS?
is it stable for production?
thanks again,
Juan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
the radius in debug mode?
is this suitable in production?
any ideas??
thanks again,
Juan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
For running external programs, -f is good enough.
ok
Maybe we should back-port some fixes, and release 1.0.3. 1.1.0 is
still a ways off, due to various craziness.
that would be great!
is this just an idea, or you've decided it?
if so, any idea on aprox. realesa date for 1.0.3? :)
thanks again!
Juan
Dustin Doris wrote:
If its suitable to change the authentication method to test a php script,
then its definately suitable to run in debug mode. I run in debug mode in
production whenever there is an issue. If you're fast in killing the pid
and starting in debug mode, then you won't lose any
be causing this error??
Thanks in advance,
Juan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
:
Joel Eddy wrote:
Would it work it I created and seperate group for them and used
encrypted passwords
in MySql to authenticate them?
PAP can work with unencrypted passwords in the backend.
CHAP cannot.
--
___
Ing. Juan Manuel García Carral
IntermediaSP
Intermedia
_EX_D2I:nested asn1
error:tasn_dec.c:304:Type=X5092608:error:140AD00D:SSL
routines:SSL_CTX_use_certificate_file:ASN1
lib:ssl_rsa.c:536:rlm_eap_tls: Error reading certificate
filerlm_eap: Failed to initialize type tlsradiusd.conf[9]: eap: Module
instantiation failed.
I've
searched in Google, readed all the messages in the freeradius users list,
searched a lot of forums, tried lot of possibities, and nothingI'm stucj on
that problem and I need a solution fast or my boss will cut my head with a
dulled knife...:)
Please, someone
send me some tip!!!
Thanx in advance.
Juan Campanini
Chipsur Sistemas
Informáticos S.L. www.chipsur.es
Thanx for the response...
Yep, I've tried to regenerate the certificates, and nothing...
Maybe the problem is related with the distribution? I'm using Suse Linux Pro
9.1, but seems that all of you are using RedHatI'm cosidering buiding from
scratch in RH.
Juan Campanini
Chipsur Sistemas
yep...I know...and it's clear that the error is related with the certificates,
but I can't get rid of it. I'v tried different versions of opeenssl, different
versions of freeradius, different procedures, but nothing...
No one had the same error?
Juan Campanini
Chipsur Sistemas Informáticos S.L
radwho show NAS shortnames as used to do in later
versions.
Thanks in advance.
J.M.
--
___
Ing. Juan Manuel García Carral
IntermediaSP
Intermedia Comunicaciones S.A.
Suipacha 128 - Bloque 2 Piso 2
C1008AAD Buenos Aires - Argentina
Tel.: (+54 11) 5032
It works fine. Thanks to all.
J.M.
Dmitry Lebkov wrote:
Juan Manuel Garcia Carral :
[skip]
I read the mail archive and found similar problems in threads:
about duplicated attribute in freeradius
Multiple cisco-avpair entries
where is referenced the use of += operator, which works fine if you
Hi,
I am currently running freeradius 0.8.1 with LDAP as backend. It works fine.
I need to upgrade to a later version because I need some features regarding
Autz.
Certain users have some Cisco ACLs associated in the LDAP tree that are send
to the NAS via Cisco-AVPair attribute. The ACLs have
Greg,
I
have been searching for the same information and have not found muchIf I
could get pointed in the right direction or get it
working, I dont have a problem with documenting
Good Luck,
JC
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
I was reading on Mailing List about a new (at least for me) attribute
'login-time' is this an standard? It is not shown in RFC2865 as a
standard radius attribute, Is it supported by a new RFC?
Moreover, I am implementing a web-based admin tool for freeradius, an
specific solution for an
to radius client will carry these
attributes with 10 and 0 values?
Thanks
Juan Antonio Ibáñez Santórum
E-mail: [EMAIL PROTECTED]
MSN: [EMAIL PROTECTED]
Hello Kostas,
ia have installed freeradius 1.0, ia have tried to
configure failover with ippool, to asign IPs from
two
Pools. I have configure the users:
userUser-Password == password, Pool-
Name := PoolA
Service-Type = Framed-User,
Framed-Protocol = PPP,
-To: [EMAIL PROTECTED]
On Mon, 31 May 2004, Alan DeKok wrote:
Juan [EMAIL PROTECTED] wrote:
i have read configurable_failover for three
times
but i can not do
that freeradius failover with ippool. I have
two
pools that i want
to use then for all my users. I need that
freradius
Hello,
i have read configurable_failover for three times
but i
can not do that freeradius failover with ippool. I
have
two pools that i want to use then for all my
users. I
need that freradius start to asign IPs from the
second
Pool whe the first is full. I do not known what i
must
read to
Hello can someboy help me, i have tried with
failover
but i must be doing something but.
Hello,
i need configure freeradius to manage two ranges
of
IPs, Poll A y B, i need that freeradius assign
IPs
from
pool A and when this is full, start assign from
Poll B.
I have read the documentaction
Hello,
i have freeradius with various pools, but now i
need
that one Pool have two diffrents ranges. Can i do
it
with freeradius?
ippool main_pool {
range-start = X.X.X.128
range-stop = X.X.X.151
netmask = 255.255.255.255
(Alan DeKok)
5. About Radius Attributes (Lara Adianto)
6. Freeradius with MySQL and
Exec-Program-Wait
(Joe Borg)
7. Re: Freeradius with MySQL and
Exec-Program-Wait
(Paul Hampson)
8. Re: About Radius Attributes (Alan DeKok)
9. pool with two ranges (Juan)
10. Re: pool with two
DeKok)
5. About Radius Attributes (Lara Adianto)
6. Freeradius with MySQL and
Exec-Program-Wait
(Joe Borg)
7. Re: Freeradius with MySQL and
Exec-Program-Wait
(Paul Hampson)
8. Re: About Radius Attributes (Alan DeKok)
9. pool with two ranges (Juan)
10. Re: pool with two
Hello,
i need configure freeradius to manage two ranges
of
IPs, Poll A y B, i need that freeradius assign IPs
from
pool A and when this is full, start assign from
Poll B.
I have read the documentaction but i do not known
how i
must configure it. lredady I have running
freeradius
version 0.93
Hello,
i have running without any problem Freeradius
0.93, i
have running one poll (Pool1) of IPs, but actualy
this
is small for my company and i have to work with
another
poll (Poll2).The pools are not consecutive. Now i
have
two poolls and i want that freeradius assign IPS
of
Pool1 or
/pub/linux/distributions/mandrake/9.1/contrib/i586/freeradius-mysql-0.8.1-1mdk.i586.rpm
Juan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I have a working instalation all with binary rpm, i didnt compile
anything. all from freshrpms.
freeradius, mysql, freeradius-mysql (i think this is the name i cant check
now) and freerdius-sqlcounter (not for red hat, but i moved the files to
the right place and it works)
juan.
Keith Yoder
and
montlycounter.
sqlmod-inst = sqlcca3 sqlmod-inst = sql
- Original Message -
From: Juan Pablo Fava [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, March 20, 2004 10:18 PM
Subject: Re: sqlcounter: count=0 ?
Here it is.
Thanks!
apellido dijo:
can we take a look
Fisrt at all replace in sqlcounter.conf this line:
sqlmod-inst = sqlcca3}
whith this one:
sqlmod-inst = sql
The usage statics are updated by rlm_sql. todo this you must have sql in
the accounting section of your radiusd.conf
Juan Pablo
[EMAIL PROTECTED] dijo:
Hi All,
I want to use
Here it is.
Thanks!
apellido dijo:
can we take a look at your sqlcounter.conf?
- Original Message -
From: Juan Pablo Fava [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, March 20, 2004 10:12 AM
Subject: sqlcounter: count=0 ?
Hi, the problem is that my instalation
the Warning above...
Thanks in advance, and excuse my english.
--
Juan Pablo Fava
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
88 matches
Mail list logo