Hi George,
Have you ever heard of Google? It's amazing the stuff you can find on there,
and people won't get annoyed with you for asking the list to do your job for
you - which comes across as a bit lazy...
HUP is straightforward, read
http://www.freebsddiary.org/hup.php
Everyone has to
I think
http://wiki.freeradius.org/Rlm_ldap
Has what you are after.
Mark
On 18 Apr 2012, at 18:53, Wassim Zaarour
wassim.zaar...@navlink.commailto:wassim.zaar...@navlink.com wrote:
Hi List,
I have installed freeradius 2.1.12, and it's working well.
Now I need to configure it to
Your problem is going to be distributing the server cert to the clients NOT
distributing client
Maybe I've missed something here, but why will he need to distribute a cert to
clients?
If the certificate you use on your RADIUS server is signed by a known CA-in
which case the client should
Hi,
- Brand width is insufficient from pppoe server to radius server;
- Server running radius of capability is insufficient.
You don't say what bandwith etc you are on or what spec the server is, but
unless it's pretty low end I'd be surprised if that was the issue if you
I'm looking at having freeradius log accounting information to an MS-SQL
database on our centralised logging box.
Googling returns a lot of pages on this. I had a look in at them but many
relate to freeradius 1. Before I go making a lot of work for myself needlessly
- could anyone outline
Thanks, Alan - got it fixed now.
On 8 Feb 2011, at 21:15, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote:
Hi,
Entered bob as username, testing123 as password
I get No such realm 'NULL'
So added
-
realm test {
authhost = LOCAL
accthost = LOCAL
}
realm LOCAL {
}
Tested with PAP and radtest, as per
http://deployingradius.com/documents/configuration/pap.html
All works OK
Now I want to test from a Windows 7 wireless client using PEAP (MSCHAPv2). The
page seems to indicate this should pretty much work with default config.
So:-
I added wireless AP to
=nuffield.ox.ac...@lists.freeradius.org
[mailto:freeradius-users-bounces+mark.holmes=nuffield.ox.ac...@lists.freeradius.org]
On Behalf Of Mark Holmes
Sent: 08 February 2011 12:45
To: FreeRadius users mailing list
Subject: PEAP MSCHAPv2 error..
Tested with PAP and radtest, as per
http://deployingradius.com
Works for me also
-Original Message-
From:
freeradius-users-bounces+mark.holmes=nuffield.ox.ac...@lists.freeradius.org
[mailto:freeradius-users-bounces+mark.holmes=nuffield.ox.ac...@lists.freeradius.org]
On Behalf Of Marinko Tarlac
Sent: 29 October 2010 15:40
To: dcjea...@gmail.com;
Thanks Phil.
Final question: At the moment, I can authenticate with username, but not with
usern...@mydomain.ox.ac.uk
How do I tell freeradius to accept usern...@mydomain.ox.ac.uk (I don't mind if
authenticating with just username without the domain fails)
Thanks,
Mark
-
List
OK,
Just to recap, I'm working on setting Freeradius up to authenticate users to
our wireless network. We want to use PEAP-MSCHAPv2 and authenticate against
Active Directory. I'm using samba and ntlm_auth.
Versions:freeradius2-2.1.7-7.el5 and samba3.0.33-3.29
Needless to say it's failing.
Alan,
Thanks for your reply.
how are you testing this - a real client, command line tool etc? when you run
it in full
debug mode - and you arent helping yourself by failing to post that here
I'm testing with a real client and access point.
OK - I wasn't sure posting the whole debug would be
...@lists.freeradius.org]
On Behalf Of Mark Holmes
Sent: 12 October 2010 11:25
To: FreeRadius users mailing list
Subject: RE: Problem with MSCHAP
Alan,
Thanks for your reply.
how are you testing this - a real client, command line tool etc? when you run
it in full
debug mode - and you arent helping
OK, getting somewhere, but still won't let me connect. I can't see in the
debug output why it fails.
I'm trying to authenticate against AD, using PEAP-MSCHAPv2
I have checked ntlm_auth is working by
ntlm_auth --request-nt-key --domain=MYDOMAIN --username=testuser
--password=password
and I
-
From: freeradius-users-bounces+jake.sallee=umhb@lists.freeradius.org
[mailto:freeradius-users-bounces+jake.sallee=umhb@lists.freeradius.o
rg] On Behalf Of Mark Holmes
Sent: Tuesday, October 12, 2010 8:47 AM
To: FreeRadius users mailing list
Subject: MS-CHAP failing?
OK, getting somewhere
Alan,
Well spotted! - yes there was a bit missing from the end of that line in mschap
- response=%(mschap:NT-Response:-00} Twas indeed a cut-and-paste error.
Thanks very much - it now works!
Cheers,
Mark
-Original Message-
From:
Hi all,
Currently when users connect to our WLAN they enter their username thus:-
firstname.lastn...@mydomain.ox.ac.uk
Is there a way I can strip everything after the @ out (ie the domain) - so they
are forced to authenticate against the domain I specify.
At the moment in my test environment,
This is my first post to this list, so first of all, hi!
I'm new to freeradius, I'm working on setting it up to authenticate users to
our wireless network. We want to use PEAP-MSCHAPv2 and authenticate against
Active Directory. I'm using samba and ntlm_auth.
All,
Many thanks for the replies.
Firstly, don't set Auth-Type. It's almost always the wrong thing to do.
Sure - I set that just to test the AD auth was working, and removed it again
prior to configuring mschap.
EAP is a multi-pass protocol; there will be 4-8 requests, and the actual
do you REALLY want to accept what the user puts in as the gospel truth? ie,
I wouldnt be comfirtable
taking the user-supplied domain for the ntlm_auth - I'd set it manually (if it
really was a local user!)
Good point.
Our existing setup uses IAS, and is configured to expect the domain to be
20 matches
Mail list logo
