On 16/02/2012 9:00 AM, Alan DeKok wrote:
Write down what you want to do. Use English. Refer to packets,
attributes, and values of those attributes. Refer to contents of
databases. Use the contents of the attributes to look up information in
a database.
That should be 4-5 paragraphs of
Richard J Palmer wrote:
> There are two reasons for my approach:
>
> 1) The radius server is also serving other requests that DO have a
> username password it is only certain logins I need to process
> differently - those where the caller ID matches a pattern.
So... write code to match that pat
Hi,
> There are two reasons for my approach:
>
> 1) The radius server is also serving other requests that DO have a
> username password it is only certain logins I need to process
> differently - those where the caller ID matches a pattern.
> 2) On those that do match I do want per session sett
There are two reasons for my approach:
1) The radius server is also serving other requests that DO have a
username password it is only certain logins I need to process
differently - those where the caller ID matches a pattern.
2) On those that do match I do want per session settings - ie to ret
Joe Holden wrote:
> How will that work if for example all my attributes are in a database
> and are per user?
I thought you said there was no user name... how can the attributes be
per user if there is no user name?
> There is essentially *no* username for these sessions, so how does FR
> looku
On 16/02/2012 04:46, Fajar A. Nugraha wrote:
On Thu, Feb 16, 2012 at 11:42 AM, Joe Holden wrote:
On 16/02/2012 04:39, Fajar A. Nugraha wrote:
On Thu, Feb 16, 2012 at 11:37 AM, Joe Holdenwrote:
Using the Auth-Type method does work, but as the username is the lookup
key,
it doesn't provid
On Thu, Feb 16, 2012 at 11:42 AM, Joe Holden wrote:
> On 16/02/2012 04:39, Fajar A. Nugraha wrote:
>>
>> On Thu, Feb 16, 2012 at 11:37 AM, Joe Holden wrote:
>>>
>>> Using the Auth-Type method does work, but as the username is the lookup
>>> key,
>>> it doesn't provide the ability to deliver attr
On 16/02/2012 04:39, Fajar A. Nugraha wrote:
On Thu, Feb 16, 2012 at 11:37 AM, Joe Holden wrote:
Using the Auth-Type method does work, but as the username is the lookup key,
it doesn't provide the ability to deliver attributes to the NAS (from what
I can see),
Sure it does.
update reply {
On Thu, Feb 16, 2012 at 11:37 AM, Joe Holden wrote:
> Using the Auth-Type method does work, but as the username is the lookup key,
> it doesn't provide the ability to deliver attributes to the NAS (from what
> I can see),
Sure it does.
update reply {
your-attribute-name := your-attribute-val
On 16/02/2012 03:36, Fajar A. Nugraha wrote:
On Thu, Feb 16, 2012 at 8:56 AM, Richard J Palmer wrote:
update request {
User-Name := "%{Calling-Station-Id}"
User-Password :="SIMUSER"
}
Are you SURE your clients use
On Thu, Feb 16, 2012 at 8:56 AM, Richard J Palmer wrote:
> update request {
> User-Name := "%{Calling-Station-Id}"
> User-Password :="SIMUSER"
> }
Are you SURE your clients use CHAP?
> They may be a better way... but th
On 16/02/2012 01:56, Richard J Palmer wrote:
I have if you are interested solved this
I used http://wiki.freeradius.org/Mac-Auth as a guide
In policy.conf I have added
rewrite_data_sim_users {
if (Calling-Station-Id =~ /(89442[0-9]{10})/i) {
updat
On 16/02/2012 00:15, Richard J Palmer wrote:
On 15/02/2012 11:52 PM, Alan Buxey wrote:
This can be done for plain auth...one way would be to put a check in
the auth section, if the normal auth has failed then fail through to
eg perl and have some perl script that checks what you want to check
I have if you are interested solved this
I used http://wiki.freeradius.org/Mac-Auth as a guide
In policy.conf I have added
rewrite_data_sim_users {
if (Calling-Station-Id =~ /(89442[0-9]{10})/i) {
update request {
User-Name
On 15/02/2012 11:52 PM, Alan Buxey wrote:
This can be done for plain auth...one way would be to put a check in
the auth section, if the normal auth has failed then fail through to
eg perl and have some perl script that checks what you want to check
and send back the accept
Not 100% sure what
On 15/02/2012 11:20 PM, Joe Holden wrote:
Hi Richard,
Is this for 3? I have been trying to workout how to do the same as
you want - not sure how to go about it though.
Not much help I know :)
It is indirectly for 3 yep :-)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/li
This can be done for plain auth...one way would be to put a check in the auth
section, if the normal auth has failed then fail through to eg perl and have
some perl script that checks what you want to check and send back the accept
alan
-
List info/subscribe/unsubscribe? See http://www.freeradi
On 15/02/2012 20:53, Richard J Palmer wrote:
Hi we have several FreeRadius servers talking in our case to SM SQL
and these work fine for all our users logging in using Username &
passwords.
We are just getting a new L2TP link in and with sessions on this link
I want to auhenticate *just* on t
Hi we have several FreeRadius servers talking in our case to SM SQL and
these work fine for all our users logging in using Username & passwords.
We are just getting a new L2TP link in and with sessions on this link I
want to auhenticate *just* on the calling station ID - there will be a
userna
19 matches
Mail list logo
