Hi guys.
I've a more acurated question so nobody has to mind read this time.
Scenario:
The user aaa wants to connect to a Wifi 802.1x (eap+mschapv2) with SSID
CORP.
This SSID has internally divided the wifi devices in two, laptops (QoS 2)
mobiles (QoS 5).
The user wants to connect with the
Hi all,
I've a mac authentication schema working.
Now I want to add 802.1x Eap+Mschapv2 for WiFI/Wire.
We're using Aruba's AP.
Aruba it's very peculiar, it extends an aruba-ap vlan between the controller
the AP's.
The other configured vlans are secure tunnels inside this aruba-ap vlan.
Our
+escriba=cells...@lists.freeradius.org
[mailto:freeradius-users-bounces+escriba=cells...@lists.freeradius.org] On
Behalf Of Alexander Clouter
Sent: miƩrcoles, 30 de marzo de 2011 17:49
To: freeradius-users@lists.freeradius.org
Subject: Re: Ldap Authentication question
Ramon Escriba escr...@cells.es
Alan, please do not get angry ok?,
The line in my answer about the sarcastical reply was for Alexander, not
for you.
Note: WIFIDATA WIFIVOIP do 802.1x EAP+mschapv2 ok.
Here're the logs:
First authentication
--
(...)
Listening on authentication interface eth0 address *
Here're the logs:
First authentication
...
rad_recv: Access-Request packet from host 10.0.0.1port 32770, id=29,
length=95
User-Name = 0019B976CC36
User-Password = 0019B976CC36
...
SECOND AUTHENTICATION --
...
rad_recv: Access-Request
Hi,
I've a freeradius-server-2.1.9-1.7.x86_64 running in opensuse 11.3.
My authentication frontend is an openldap2-2.4.21-9.1.x86_64.
I have correct mac address authentication, but *ONLY* the first try,
the later always fail. I'm using 3 devices, the first one that connects
logs in fine, but
Ok,I 'll try to crarify the question.
Does anybody know why in hungroups this match works:
XXX NAS-IP-Address == X.Y.Z.W
or
XXX NAS-IP-Address == X.Y.Z.W, NAS-Port-Id == 1:33
But not this one:
XXX NAS-IP-Address==X.Y.Z.W, NAS-Port=1033,
Hi,
I have a freeradius-server-2.1.1-1.27. My question it's about hungroups.
The huntgroup file has:
XXX NAS-IP-Address==X.Y.Z.W, NAS-Port=1033, NAS-Port=1038
#XXX NAS-IP-Address == X.Y.Z.W
In users:
DEFAULT Huntgroup-Name == XXX, ZZZ-Ldap-Group == mac, Auth-Type ==
Sorry, no idea about Oracle, but:
Mon Dec 13 20:09:51 2010 : Error: There appears to be another RADIUS server
running on the authentication port 1812
Seems the radius proces is still running, so does not stops properly.
Maybe the former rasiusd process was hanged.
Do an xxradius stop look
...@lists.freeradius.org
[mailto:freeradius-users-bounces+escriba=cells...@lists.freeradius.org] On
Behalf Of Alan DeKok
Sent: miƩrcoles, 06 de octubre de 2010 16:40
To: FreeRadius users mailing list
Subject: Re: Disabling users/hosts
Ramon Escriba wrote:
Hi List,
It's a bit naive question, just
Hi List,
It's a bit naive question, just to keep concepts clear.
I want to use the dialupAccess attribute to enable or disable one
user/host to login.
So if dialupAccess : disabled, the user/host is rejected.
I've one ldap instance with:
#
# Group membership checking.
Hi
I'm trying to organize my net using 802.1x able switches with freeradius
2.1.1+Openldap2-2.4+OpenSuse11.1
The system is running, at least @ test level but not yet deployed, but I
reach a cross road and finally I've to choose.
Or having one ldap subtree per vlan, filled with all host that
=cells...@lists.freeradius.org] On
Behalf Of Alan DeKok
Sent: jueves, 30 de septiembre de 2010 9:34
To: FreeRadius users mailing list
Subject: Re: Radius+Ldap:Allow the same host in multiple vlans
Ramon Escriba wrote:
Is that aproach, try the next vlan if exists @ ldap, possible, how?
You've tried
: Radius+Ldap:Allow the same host in multiple vlans
Ramon Escriba wrote:
By the way, in some of the cases the switch-ip, even switch+port, is
the key, so huntgroups does the job but only partially.
This works (original huntgroups example):
#business NAS-IP-Address == 192.168.2.5, NAS
14 matches
Mail list logo