Hi All,
After a bit of investigation and playing, I've made some changes to the
rlm_mschap module that seems to have fixed my problem. It now no longer
"trims" the machine authentication domain name, and so based on the
ntlm_auth line from Alan DeKok's How-To on deployingradius.org will handle
bot
Hi All,
I'm *attempting* to recompile the rlm_mschap module with a quick mod to
hopefully fix my host authentication domain extraction problems.
Is this as simple as running make, and copying the resulting files to
"/usr/lib" (on my system atleast)?? And if so, is it just the two files I
need to
Hi Adam,
I've been experimenting with something very similar recently.
ntlm_auth can handle authentication in one of the follow:
1. --username = "NetBIOS Domain Name"\"Username", no --domain parameter
specified
2. --username = "Username", --domain = "NetBOIS Domain Name"
3. --username = "Us
Hi,
Following up from this, I think I've discovered what the real problem here
is. I think there's a problem with the MS-CHAP module
The module looks in the username to find "host/" at the beginning, and if it
does then handles it differently. Whilst it sets the "username" section
correctly,
Hi,
2009/6/2
>
> ah! multiple remote domains - not in a forest of trust?
>
All in the same Forest & Tree, yes - but it still appears to be unhappy as
it can't work out which the domain the $PCNAME$ machine lives in.
>
> > I can't really see anyway to resolve this, other than moddifing the
>
Hi,
2009/6/2
> why? with recent versions of FreeRADIUS this just works(tm) with no
> rewriting needed
> - just ensure that the ntlm_auth line has the correct arguments and
> you have the ntdomain stuff turned on .
>
> I've tried, and can't make the default work. I've got three domains with
use
Hi All,
Wander if someone can help me resolve a problem I'm experiencing
I'm using FreeRADIUS to provide AAA for 802.1X for wireless in a number of
sites. It doesn't need to be 100% up all the time, and so I've got one
server back in our central site that handles all the requests over our
sit
Hi,
2009/3/10 Alan DeKok al...@deployingradius.com
>
> The best new feature is one that has been needed for a long time. The
> (easy) ability to see debugging output from a "live" server. You can
> now do this via the "raddebug" command.
>
Brilliant feature - however I needed to mod the shel
handle the
# authentication, the LDAP module sets itself to do
# LDAP bind for authentication.
#
# THIS WILL ONLY WORK FOR PAP AUTHENTICATION.
bit.. This might provide the answer you're looking for.
Rupes
2008/12/3 Rupert Finnigan &l
o ACS works though because that 'proxies' radius or tacacs+
> authen and author requests to active directory quite nicely.
>
> --
>
> *From:* freeradius-users-bounces+blittle=skylight.com@
> lists.freeradius.org
> [mailto:freeradius-users-bounces
Hi,
I'm not sure if what you're doing is going to work.. You're trying to use
MS-CHAP to handle terminal session logins, I think.. Most of the MS-CHAP
advise given so far is to get EAP working from a client, say a XP laptop
doing 802.1X to gain access to a switchport.
Someone will definitely corr
Hi,
This isn't a question about a problem, rather a "best practise" sort of
thing...
I've currently got a FreeRadius installation servicing a number of Cisco
units providing WPAv2 Auth against MS AD. This works great.
I need to expand my setup a bit, and am looking for guidance/advise as to
how
On 12/02/2008, azizbaba <[EMAIL PROTECTED]> wrote:
>
> if your iptable service is running it is not see any info.You try iptables
> service stop for linux
Not the best idea... Turn off the firewall and leave your box open for
everyone/anyone to abuse??
If the iptables service is running (and it s
On 27/01/2008, Laurent RAYSSIGUIER <[EMAIL PROTECTED]> wrote:
>
>
> Hello,
>
> I have a problem to create a rpm of freeradius-server-2.0.1.
> If i download tar.gz file and i try to create rpm, i've got this message :
>
> [EMAIL PROTECTED] ~]# rpmbuild -ta freeradius-server-2.0.1.tar.gz
> error: Fil
On 17/01/2008, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
> I have hp procurve 3500yl switches for which i use mac based authentication
> against radius server.
> The radius server should assign the vlan's.
> The pc that hangs behind the phone get the correct vlan, but the phone
> doesn't.
>
A
On 16/01/2008, Ian Begg <[EMAIL PROTECTED]> wrote:
> Hi
> Dont know if this is the correct place to ask but I have a problem. I have
> got freeradius working with eap/tls and can load the certs to XP laptops and
> connect. The problem I have is that if I log onto the laptop using a
> different user
On 12/01/2008, adnan deura <[EMAIL PROTECTED]> wrote:
> hello
> i am given a project of installing freeRADIUS 1.1.7 on fedora core 7.
> i am unable to go next to the step "radiusd -x"
> kindly tell me some method to install it
> please help
http://wiki.freeradius.org/Build#Building_RedHat_packages
Hi,
Might be talking rubbish, but think I can rememer my Cisco AP's
defaulting to ports 1645 and 1646 for auth and accounting, whereas
free-radius and radtest use 1812 and 1813. If I'm wrong please correct
me, but might be worth checking?
Rupes
On 19/12/2007, Julian Stöver <[EMAIL PROTECTED]> wr
Hi,
Windows doesn't natively, but with the help of SecureW2
(http://www.securew2.com) it does quite well. Install it and select it
as a EAP Type on the Authenication Tab when you setup your wireless
connection.
Cheers,
Rupes
On 13/11/2007, Artur Hecker <[EMAIL PROTECTED]> wrote:
> Allan,
>
>
>
19 matches
Mail list logo