Am 05.09.2012 04:56, schrieb Rod Luzic:
this is the kind of @## () response one can see online from these ignorant
retards (+ online bravery!) who wrote some sucking code for this almost dead so
called protocol. doesn't get it.
Then why do you wast more of
- your time looking into an almost
Am 31.08.2012 19:22, schrieb Zach Simpson:
What I'm having issues with is creating user file rules for each group of
devices. I have a few rules in the users file that look like this:
DEFAULT Ldap-Group == Switch Admins
Reply-Message = Welcome Switch Admin!
DEFAULT Ldap-Group == Router
Am 31.08.2012 20:35, schrieb Klaus Klein:
... long text ...
-
Ups, to late.
Next time I try to type faster. ;-)
Klaus
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Am 23.08.2012 00:54, schrieb Arran Cudbard-Bell:
On 22 Aug 2012, at 17:42, Arran Cudbard-Bella.cudba...@freeradius.org wrote:
On 22 Aug 2012, at 17:26, Klaus Kleink.kl...@gmx.de wrote:
@ Alan
I just verified that on a 2.1.10 server and it seems that files, included with
the $INCLUDE
Am 22.08.2012 13:48, schrieb Alan DeKok:
Krzysztof Grobelak wrote:
What I expect to happen is that the INCLUDE command will include the
users.group1 file in to the main users file and that the user will be
found.
The behavior of the users file is documented. There's no need to
say I
Am 21.08.2012 11:07, schrieb Theparanoidone Theparanoidone:
DEFAULT Group-Name == testgroup
Tunnel-Type = 13,
Tunnel-Medium-Type = 6,
Tunnel-Private-Group-Id = 101,
Fall-Through = no
You do realize that format is incorrect, right? The extra blank line
Hi Diego,
Am 14.08.2012 16:06, schrieb Diego Matute:
I could use NAS, but that would require the client to declare their IP
address.
From a FreeRADIUS server point of view the NAS is the _client_!
Could it be that you meant the supplicant (the user or machine which wants to be
authenticated)
Am 06.08.2012 09:39, schrieb Alan DeKok:
Klaus Klein wrote:
Am 04.08.2012 18:51, schrieb Alan DeKok:
I'm stating my opinion outright. If you think I'm implying
something, you're misreading it.
Now that's a nice twist.
I guess this is the sentence which offended you:
The final (first
Am 07.08.2012 12:05, schrieb George Innocent:
I have authenticated successfully locally ...
Locally to what and how did you do that?
Tue Aug 7 15:54:08 2012 : Info: [pap] login attempt with password admin
Tue Aug 7 15:54:08 2012 : Info: [pap] Using clear text password testing
Tue Aug 7
Am 05.08.2012 10:28, schrieb Arran Cudbard-Bell:
Don't use this configuration with wired 802.1X. As the user's identity is not
protected within the tunnel, someone sitting between your machine and the
switch could easily switch out identities at the start of 802.1X auth, and use
it of a way
Am 04.08.2012 03:15, schrieb Alan DeKok:
Klaus Klein wrote:
Which uses certificates for authentication.
Correct.
Thanks for the vote of confidence.
You're welcome. :)
The point of my comment was that it DOESNT use names passwords for
authentication.
I did understand this part
Am 04.08.2012 12:57, schrieb Matthew Newton:
On Sat, Aug 04, 2012 at 11:10:38AM +0200, Klaus Klein wrote:
Therefore I'm a bit puzzled that if no matching entry in users
is found that the authentication still takes place.
Try one of:
a) move files above eap in sites-enabled/default
Sorry, I just reread your email.
Am 04.08.2012 12:57, schrieb Matthew Newton:
a) move files above eap in sites-enabled/default. This will mean
that the eap short-circuit won't skip files.
I don't think that files is skipped after EAP-TLS authorization.
If the User-Name, which is provided
Am 04.08.2012 16:01, schrieb Arran Cudbard-Bell:
On Sat, Aug 04, 2012 at 11:10:38AM +0200, Klaus Klein wrote:
Therefore I'm a bit puzzled that if no matching entry in users
is found that the authentication still takes place.
authorize {
files
if (notfound || noop
Am 04.08.2012 18:51, schrieb Alan DeKok:
Klaus Klein wrote:
But maybe I should have been a bit more precise in my first email.
The final (first) productive installation should protect the access to
my private WLAN with 3+ APs and 10+ clients.
Implying that FreeRADIUS doesn't protect access
Hi Folks,
I'm working on securing the access to a WLAN network with WPA2-Enterprise,
EAP-TLS and a FreeRADIUS server.
Everything seemed to work as expected until realized that a client will be authenticated
(by eap) even if the user(name), provided with the mandatory identifier entry
in
Am 03.08.2012 22:06, schrieb Alan DeKok:
Klaus Klein wrote:
I'm working on securing the access to a WLAN network with
WPA2-Enterprise, EAP-TLS and a FreeRADIUS server.
Which uses certificates for authentication.
Correct.
Everything seemed to work as expected until realized
Am 29.07.2012 09:45, schrieb George Innocent:
I'm using nano for the editors
Take a copy of the backup of your original client.conf and start over with that.
(You did save the original before you modified it, did you?)
As already said, all you wanted to put in there is already there.
The
Am 26.07.2012 17:20, schrieb Klaus Klein:
Am 26.07.2012 16:16, schrieb Matthew Newton:
On Thu, Jul 26, 2012 at 04:08:04PM +0200, Klaus Klein wrote:
While everything works so far, I just can't get the Session-Timeout
to work.
If FreeRADIUS is sending the AVP back to the NAS (which you state
Am 27.07.2012 21:05, schrieb George Innocent:
Find attached.
I have double checked the braces.
I had a quick glance at the attached file.
Using it in my 2.1.10 installation I'll get some errors too but not at line 174
Looking at some hexdump of the end of your attached file (clients.txt)
Hi Folks,
I'm in the process to setup a WPA(2)-Enterprise (IEEE 802.1X) protected WLAN.
I choose FreeRADIUS (2.1.10) with a EAP-TLS to authenticate and control the
access to the network.
While everything works so far, I just can't get the Session-Timeout to work.
If I start 'freeradius -X'
Am 26.07.2012 16:29, schrieb Marinko Tarlać:
Then AP probably doesn't understand Session-Timeout attribute... (not
implemented for example)
It would be helpful to tell us what are you using as AP
AP No.1
Netgear WG602v3 with dd-wrt v24_micro_generic.bin
AP No.2
Siemens Gigaset SE515dsl
Am 26.07.2012 16:16, schrieb Matthew Newton:
On Thu, Jul 26, 2012 at 04:08:04PM +0200, Klaus Klein wrote:
While everything works so far, I just can't get the Session-Timeout to work.
If FreeRADIUS is sending the AVP back to the NAS (which you state
it is), it's the job of the NAS (the AP
23 matches
Mail list logo
