a users file) everything worked perfectly.
James Taylor
FCIP Networks LLC
Tel: 415.385.4692
Fax: 415.358.9612
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of James Taylor
Sent: Monday, August 18, 2008 10:19 AM
To: FreeRadius users
Ivan Kalik skrev:
Try removing Auth-Type System from user entry:
mobile Pool-Name:=mobile
What version is this?
Removed that from the users file at line 217, and still nothing. It's
version: 1.1.3
--- Walking the entire request list ---
Cleaning up request 0 ID 115 with timestamp
Ivan Kalik skrev:
Try removing Auth-Type System from user entry:
mobile Pool-Name:=mobile
What version is this?
I'm almost ashamed to say it, but I just downloaded and compiled version
2.0.5 and presto;
Listening on authentication address * port 1812
Listening on proxy address * port
completed a series of tests and
the system now works flawless.
Many thanks!
best,
Frank James Wilson
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ivan Kalik skrev:
Pool-Name :=
Ivan Kalik
Kalik Informatika ISP
Dana 17/6/2008, Frank James Wilson [EMAIL PROTECTED] piše:
No, I've tried that as well, if you mean by that;
--
And also
Ivan Kalik skrev:
Then post the whole debug (radiusd -X).
Sure..
here it comes;
radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Ivan Kalik skrev:
users: Matched entry DEFAULT at line 153
users: Matched entry mobile at line 217
Line 153 of users:
L 153: DEFAULT Auth-Type = System
L 154: Fall-Through = 1
Line 217 of users:
L 217: mobile Auth-Type = System, Pool-Name := mobile
L 218:
Service-Type == Login-User,
Framed-Protocol = PPP,
Fall-Through = Yes
What am I doing wrong?
Please advice..
best,
Frank James Wilson
-
List info/subscribe
Has anyone tried using an external radius server with Motorolas Canopy?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
(rlm_ldap: User not
found): [radiustester] (from client localhost port 0)
Wed Apr 9 16:07:22 2008 : Auth: Login incorrect (rlm_ldap: User not
found): [radiustester] (from client moodie port 29 cli 001302038917)
Alan DeKok wrote:
James McOrmond wrote:
What about the other auth types? ms
Alan DeKok wrote:
James McOrmond wrote:
Is it possible/appropriate to have some test accounts in the users
file, along with an Auth-Type set to which auth type this account can be
used for?
Yes. But don't set Auth-Type. Please.
you seem to have a real issue
Alan DeKok wrote:
James McOrmond wrote:
As per previous emails, since i'm using samba/ldap i'm able to pull the
nt/lmpassword fields directly out of the ldap. Should this method
negate the use of the ntlm_auth method?
Yes.
See ldap.attrmap. The LDAP module uses this to map
are actually
connecting as configured.
I was thinking something like:
test-pap Auth-Type = PAP, User-Password := pap-test
test-chap Auth-Type = CHAP, User-Password := chap-test
I guess the question is how to do all the options that are inside EAP..
--
James A. McOrmond
Network Administrator
Xandros
completely different?
Yes, Eduroam is what i'm looking at now. Edunet is a project I worked
on for dialup access at some of the local schools some 8+ years ago
which was the last time I setup Radius (brain slip).
--
James A. McOrmond ([EMAIL PROTECTED])
Network Administrator
Xandros
Alan DeKok wrote:
James McOrmond wrote:
With that, and a few configuration options (like making sure the host
was connected to the domain and ntlm_auth functioned as required), i've
managed to get PEAP and EAP-MSCHAPv2 working fine to the ntdomain.
The guides for *that* are online
.
--
James A. McOrmond
Network Administrator
Xandros Corporation, Ottawa, Canada.
Morpheus: ...after a century of war I remember that which matters most:
*We are still HERE!*
-
List info/subscribe/unsubscribe? See http
Alan DeKok wrote:
James McOrmond wrote:
This is a Samba NT domain, not AD. I do not have access to the plain
text password through Samba or LDAP.
Samba is a lot friendlier about passwords than AD is.
Of course it is.. G I probably should have mentioned samba in the
original
Done.. auth to the /etc/passwd accounts doesn't make much sense.
--
James A. McOrmond ([EMAIL PROTECTED])
Network Administrator
Xandros Corporation, Ottawa, Canada.
Morpheus: ...after a century of war I remember that which matters most:
*We are still HERE!*
-
List info/subscribe/unsubscribe? See
192.168.1.41:1645, id=64, length=20
As you can see, the data from the ascend data filters is not being returned.
I suspect that I have somehow turned on encryption. How do I set plain
text communication?
Sincerely,
Don James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
! Thank you all!
James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok wrote:
James Lockie wrote:
A pointer to a howto would be much appreciated.
There is no how-to because there's nothing to do. If you have DHCP
already running, it will be used after the clients have been
authenticated via RADIUS.
The two processes are *completely
[EMAIL PROTECTED] wrote:
Yes.
Ivan Kalik
Kalik Informatika ISP
Dana 10/1/2008, [EMAIL PROTECTED] [EMAIL PROTECTED] piše:
Is it possible to authenticate with radius and the have ISC DHCP hand out
out an IP (etc)?
-
List info/subscribe/unsubscribe? See
Thanks Phil
1. For PAP, you can authenticate the user by asking the LDAP module to
to an LDAP simple bind with the pap username/password
2. For MS-CHAP, you install samba, join the domain, and use the
ntlm_auth helper binary in the mschap module
Option 1 is the way things are being handled
Hi all,
I have been roped in to look over an issue we have with migrating from
Novell to AD.
What we would like to do while we in the transitional phase is check
both the AD and Novell LDAP services for authorisation and
authentication (usernames are completely different so no need to be
, 15 August 2007 12:16 PM
To: FreeRadius users mailing list
Subject: Re: Multiple (different) LDAP servers and authorisation
Stewart James wrote:
I have been roped in to look over an issue we have with migrating from
Novell to AD.
Repeat after me: AD is not an LDAP server.
It's not. It fakes
being
configured to fall through to another ldap server if the first ldap server does
not yield a successful result.
Thoughts?
Stewart :)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stewart James
Sent: Wednesday, 15 August 2007 1:49 PM
, one of the ethernet interfaces,
a ppp interface, whatever. Whatever other ports you have listening on
the box will probably look similar.
- --
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690
tunnel).
Also, while I'm here, any suggestions for an appropriate backend
password store so that there is never a cleartext password except for
the initial entry (password change) on the server side would be
appreciated.
cheers,
James
-
List info/subscribe/unsubscribe? See http
On 29/01/2007, at 10:07 PM, Alan DeKok wrote:
James Lever wrote:
I'm stuck trying to work out how to avoid sending the password
unhashed
to the server
Why?
Two reasons - first I am trying to limit risk of client
misconfiguration - if a client has misconfigured their supplicant
and a bit
further research from that, it would appear that the risk of
compromise is greater from poor storage on the server than the
transient cleartext credentials inside the EAP-TLS session.
cheers,
James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
this.
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E-mail: [EMAIL PROTECTED]
Website: http
to the authorize { } section further down in radiusd.conf.
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E-mail
is wrong?
- List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
G'day Mike,
Fire up wireshark or tcpdump and have a look what's actually in the packets.
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong
On 17/01/2007, at 4:47 PM, Alan DeKok wrote:
James Lever wrote:
Wed Jan 17 08:00:11 2007 : Error: TLS_accept:error in SSLv3 read
client certificate A
That just means there's no client certificate.
Interesting given I'm only allowing EAP-TLS access to my wireless LAN
(or attempting
that does, I guess you could periodically run a script from
cron to log into the AP's web interface and grab the list of MAC
addresses and compare against what your accounting database thinks are
open sessions...
--
James Wakefield,
Unix Administrator, Information Technology Services Division
.
Can anybody explain what is actually causing these errors (and why)
and what would be required to silence them?
cheers,
James
smime.p7s
Description: S/MIME cryptographic signature
PGP.sig
Description: This is a digitally signed message part
-
List info/subscribe/unsubscribe? See http
base station, and MacBook
Pro client wth FreeRADIUS 1.1.4 under FreeBSD 5-STABLE.
As soon as I migrate back to 2k keys it again works as expected.
Can anybody make any suggestions on how to debug this?
cheers,
James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
/messages?
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E-mail: [EMAIL PROTECTED]
Website: http
Francisco
Hi Francisco,
The users file is used for specifying attribute/value pairs send to the
client, and the dictionary file is used for mapping attribute names to
numbers and types.
Was that the info you were after?
Cheers,
--
James Wakefield,
Unix Administrator, Information
normalboy wrote:
Hello,
is there a free Radius server running somewhere on the internet which i
could use? I need to create just 2 accounts, but it has to be a Radius
server, and i do not have machine 24/7 on the internet.
How about http://radiuz.net ?
--
James Wakefield,
Unix
in
your users file, or whatever you happen to use.
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E-mail
Auth-Type := REJECT, Calling-Station-Id !~
008012323244|002938475473|and many other macs...
Is there any reason you shouldn't have a separate stanza accepting each
valid MAC address, then implicitly reject all other MAC addresses?
--
James Wakefield,
Unix Administrator, Information Technology
Hani
Hi Elie,
I suppose it's possible if your NAS supports it, but don't your modems
automatically negotiate that?
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227
module, one to search
one ou and the other to search the other ou, then invoke them one after
the other wherever you currently invoke the single ldap instance.
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217
and used on the NAS)
Depends on your NAS...what do you have?
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E
you may be able to use another method to
provide accounting. Chillispot (http://www.chillispot.org/) might do
what you want. You might even be able to use the iptables byte counters
on your Linux server and route traffic through it if you have no other
options.
--
James Wakefield,
Unix
- is that it?
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E-mail: [EMAIL PROTECTED]
Website: http://www.deakin.edu.au
Ariel VIVES wrote:
James Wakefield wrote:
Ariel VIVES wrote:
Hello the list,
I'm starting with freeradius.
Authentication works fine !
But the informations I get is only the username (le login name in
/etc/passwd).
How do I get the Fullname ? Or others informations (like mail, home
functions are pretty easy to use, you'd be better
off using those.
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227
G'day Ernie,
What value are you sending for Service-Type? Best way to check is
radiusd -X, and watch for the Access-Accept that freeradius sends, in
case your authorization config isn't quite right.
Cheers,
James.
Ernie Dunbar wrote:
Okay, after doing these tests, we can see
that may apply is max-acct-age. I am
pretty new to this, so any detail is most appreciated.
The NAS should support Session-Timeout, which is the most common method
of time-limiting sessions. If not, hit the vendor with a big cluebat,
as it's in the RFC.
--
James Wakefield,
Unix Administrator
(default) timeout?
Yes, we tried that. The access-accept packets aren't arriving at all!
Does it work if you temporarily disable the Simultaneous-Use check?
No, that doesn't work either.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
James Wakefield
?
Does it work if you temporarily disable the Simultaneous-Use check?
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3
. If this is not important to you, then you're
pretty much all set.
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E-mail
(mailto:[EMAIL PROTECTED]) in the hope that your
posting is brought to the attention of clueful Comindico people.
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3
where they
need to be made, if you're not sure of something, check it to the best
of your ability, ask the list, etc. Other people will contribute their
knowledge, too.
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217
sql.conf so that
freeradius can connect to your MySQL server (username, password,
database name) and so that the accounting queries match the schema on
your billing server.
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217
of that data at a particular instance, or
something similar. If you have usage meters or other such software,
you'd have those querying the accounting table.
Did that help, or am I way off?
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin
to mysql, it failles... ?!
dunno is there some bug, or incomplete code, for the mysql backend ?
G'day Collen,
Can you post any and all SQL queries you see in the output of radiusd -X?
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong
| 3072BY256 | Huntgroup-Name | == | wireless |
| 7 | 3072BY256 | Auth-Type | += | local |
| 9 | netmaster | Auth-Type | += | local |
Any reason you're setting values for Auth-Type?
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin
Ali Jawad wrote:
Hi
How can I limit one connection per username..I.e. I do not want to
allow multiple users to login using the same username password
combination.
Hi Ali,
Your NAS will have to support it, but the Simultaneous-Use attribute may
allow you to do this.
Cheers,
--
James
the IPs and timestamps in the netflow data against the timestamps,
IPs and usernames in your radius accounting.
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax
?
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E-mail: [EMAIL PROTECTED]
Website: http
there, then there's something you've missed in your
freeradius config. Is there any chance the subnet mask is specified on
your NAS and it's overriding what you send it?
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria
?
I don't *think* you need to check or reply with any tunnelling-related
attributes in simple cases of a VPDN setup, but as I say, I'm not an
expert in that area.
Cheers,
James.
Tom Miller wrote:
Here is a more details list of aaa for my Cisco 7204
configuration:
aaa new-model
aaa
isidoros wrote:
Thanks James for your answer,
I'm fairly new to freeradius I know the package only 14 days. (or radius
in general for that matter)
The group configuration is a mystery to me. It is unclear for me how
this separates the users. This is how I think
1) G1 with users A,B,C
2
James Wakefield wrote:
isidoros wrote:
Thanks James for your answer,
I'm fairly new to freeradius I know the package only 14 days. (or
radius in general for that matter)
The group configuration is a mystery to me. It is unclear for me how
this separates the users. This is how I think
1
isidoros wrote:
James:
I'm allmost there (now I'm thinking like this)
1) authorize_group_check_query: to check of the user is in a group
2) authorize_group_check_query: retrieve the check-items for this group
(which is my solution)
3) authorize on the check-items. if the expression is like
attributes or your NAS is misconfigured or both.
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E-mail
://wiki.freeradius.org/Rlm_sql should provide the info you need to
do the above.
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3
.
Howdy Jason,
Might you get any useful info by running radiusd with strace?
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866
== 00166f980e78
Reply-Item = value
Other-Reply-Item = other value
testcase1 User-Password == 12345, Calling-Station-Id == 00166f97d99d
Reply-Item = value
Other-Reply-Item = other value
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services
running on suse 10.1-x86_64 and apache is compiled from source.Any
suggestions? Help?
G'day William,
What do you get when you run ldd
/usr/local/apache/modules/mod_auth_radius-2.0.so ?
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University
characters)? If not,
does the plain text password auth bit of the page have security
considerations?
Regards,
James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
). Don't know about a patch, but the
source comes with instructions for building a debian package.
Regards,
James
--
James J J Hooper
Information Services
University of Bristol
--
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
://www.freeradius.org/list/users.html
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E-mail: [EMAIL PROTECTED
Michael Messner wrote:
Here are my new configs, it looks like they are working, but I'm not sure
if this is really the correct way:
-- snip (see previous post) --
is this the correct way?
It looks pretty right to me. Can't see any better way to do it.
--
James Wakefield,
Unix
Huntgroup-Name == t1, Pool-Name := Pool-t1
Fall-Through = No
should work.
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866
value of seconds, eg: Session-Timeout=600 for a 10
minute timeout.
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227
it? Store the users and passwords in SQL and have the
Users file supply the rest?
If the check and reply items needed for your setup don't result in a
users file that's unmanageable, it's acceptable.
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin
Hello,
We have a Solaris 8 box running freeradius 1.0.4. This machine is being
upgraded to a bigger beast running Solaris 10. The problem I am having
has occurred on all versions of freeradius I have tested on the new
Solaris 10 machine - including 1.0.4, 1.0.5, and 1.1.1.
The error, when
DeKok.
ps -efL | grep radius
... will show your 5 threads, if it only shows one, then one you only
have!
Regards,
James
--
James J J Hooper
Information Services
University of Bristol
--
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
://www.freeradius.org/list/users.html
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E-mail: [EMAIL PROTECTED]
Website
10 Dialin Reply-Message = Access
Hi Elie,
Try putting rows with ids 1, 6, 8, and 9 in radgroupcheck rather than
radgroupreply.
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone
defined for your radacct table? If I recall correctly, MySQL by
default doesn't, are you using MySQL?
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax
/Radiusd.conf
look for the listen { } section.
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E-mail: [EMAIL
Signature
Going here:
ftp://ftp.freeradius.org/pub/radius/
1.1.3 is there 1.1.2 seems to be in
ftp://ftp.freeradius.org/pub/radius/old/
a new release ! ... Just appears the webpage hasn't been tweaked quite yet.
Regards,
James
--
James J J Hooper,
Information Services
University of Bristol
explain the extra lines.
-James
--
James J J Hooper
Information Services
University of Bristol
--
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
the above error.
Regards,
James
--
James J J Hooper
Information Services
University of Bristol
--
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
of configuration of free radius over linux
and really i'll appreciate u.
thanks
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International
Elie Hani wrote:
Rlm_ippool: Failed to open file /etc/raddb/db.ippool/db.ippool:
permission denied
Hi Elie,
What does ls -l /etc/raddb/db.ippool/db.ippool say?
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217
Elie Hani wrote:
Hi James;
The folder db.ippool does not exist in /etc/raddb.
And I can't locate it using the locate db.ippool in the root directory.
Thanks
Can you post your radiusd.conf?
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University
is the default value for that column.
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E-mail: [EMAIL PROTECTED
--On Friday, July 28, 2006 02:36:42 -0700 Thai Duong [EMAIL PROTECTED]
wrote:
--- James J J Hooper [EMAIL PROTECTED] wrote:
Hi,
We had similar problems. An example of what we put
in the switch config
to get it to work is here:
http://www.bristol.ac.uk/is/computing/advice/networks
... as Josh said - pay particular attention to the dot1x radius server
timeout settings - we found the cisco defaults be be generally broken.
Regards,
James
--
James J J Hooper,
Information Services
University of Bristol
--
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
the searchString at LDAP like 250-IT$. How can I strip away that
host/ and add $ for the search at the LDAP Directory?
In your LDAP section of radiusd.conf, replace this:
%{Stripped-User-Name:-%{User-Name}}
with this:
%{Stripped-User-Name:-%{mschap:User-Name}}
Regards,
James
--
James J J Hooper
PROTECTED]
[mailto:[EMAIL PROTECTED]
g] Im Auftrag von James J J Hooper
Gesendet: Samstag, 22. Juli 2006 10:31
An: FreeRadius users mailing list
Betreff: Re: Since 2 Month noone any idea how to do this ? Stripping
Username Question *important*
--On Saturday, 22 July 2006 09:23 +0200 Krämer Armin
Hello,
We have a Solaris 8 box running freeradius 1.0.4. This machine is being
upgraded to a bigger beast running Solaris 10. The problem I am having
has occurred on all versions of freeradius I have tested on the new
Solaris 10 machine - including 1.0.4, 1.0.5, and 1.1.1.
The error, when
documentation on this
topic and where can I see an actual configuration example of this type
of setup?
If this is not possible out of the box, where can I get documentation
on a work around or similar solutions?
Thank you in advance for all your help,
James
-
List info/subscribe/unsubscribe? See http
James [EMAIL PROTECTED] wrote:
My end-users right now are getting authenticated by the login-based
mysql radcheck table from freeradius and they are coming from multiple
locations through a web-based portal redirected by their gateway.
They're being authenticated
201 - 300 of 375 matches
Mail list logo