Hey Alan!
Alan DeKok al...@deployingradius.com hat am 1. September 2010 um 15:46
geschrieben:
Jan Zacharias wrote:
To speed up the debugging, I introduced a sleep of varying duration in
the ntlm_auth_wrapper.
I found that freeradius kills the ntlm stuff if it takes longer than ten
Jan Zacharias wrote:
Alan DeKok al...@deployingradius.com hat am 1. September 2010 um 15:46
geschrieben:
Yes. Any child script which takes that long is broken.
No, it can also be just someone pulling a network cord/routing changes
etc.etc.
Let me be clear: RADIUS clients and servers
Alan DeKok al...@deployingradius.com hat am 31. August 2010 um 13:18
geschrieben:
Jan Zacharias wrote:
Call me dump, but I have no idea what to look for.
Neither do I. It's your system...
One idea: is ntlm_auth referred to as child? Maybe I sould
write a wrapper and see how long
Jan Zacharias wrote:
To speed up the debugging, I introduced a sleep of varying duration in
the ntlm_auth_wrapper.
I found that freeradius kills the ntlm stuff if it takes longer than ten
seconds to complete.
Yes. Any child script which takes that long is broken.
My suggestion is that
Hey Alan, you suggested:
Fix is so that nothing is blocking the server.
Call me dump, but I have no idea what to look for.
One idea: is ntlm_auth referred to as child? Maybe I sould
write a wrapper and see how long execution of this helper program
takes, or can I somehow log what
Jan Zacharias wrote:
Call me dump, but I have no idea what to look for.
Neither do I. It's your system...
One idea: is ntlm_auth referred to as child? Maybe I sould
write a wrapper and see how long execution of this helper program
takes,
Possibly, yes.
Alan DeKok.
-
List
Hi Alan,
I did more tests (now with two winXP clients and one OSX client),
the problem is still unsolved:
Wed Aug 18 18:03:21 2010 : Auth: Login OK: [jan/via Auth-Type = EAP] (from
client swba1-00-test port 0 via TLS tunnel)
Wed Aug 18 18:03:21 2010 : Auth: Login OK: [jan/via Auth-Type
Jan Zacharias wrote:
I did more tests (now with two winXP clients and one OSX client),
the problem is still unsolved:
shrug The solution is still the same.
The strange thing: freeradius is started with the no childs option:
freeradius 60384 0.0 0.4 11560 9240 4 S11:57AM
Jan Zacharias wrote:
Sun Aug 15 10:01:39 2010 : Error: Discarding duplicate request from
client swba1-00-test port 1645 - ID: 157 due to unfinished request 125603
As always, something is blocking the server.
The entry Sun Aug 15 10:01:39 2010 is interesting as no client was
connected to
Something strange is going on: we do re-authentification every ten seconds with
one WinXP SP3 client
hooked up to a Cisco 3560G Switch. The reauth interval is small to stress-test
the setup.
It works w/a problems for 1-2 Days, then we get:
Sun Aug 15 10:00:51 2010 : Auth: Login OK:
10 matches
Mail list logo