Hi,
i'm configuring a server with a sql counter to check the total byte in a
week for the users.
But the server will reply a wrong count.
Here's the counter:
sqlcounter weeklybytecounter {
counter-name = Weekly-Total-Max-Octets
check-name = Max-Weekly-Octets
reply-name = Mikrotik-Total-Limit
sqlm
Not many people know that FreeRADIUS implements DHCP. I'd like to
change that. I'm therefore offering to pay for some work on the feature.
As background, the current version does DHCP, and DHCP relaying. It
allocates IPs from an SQL pool. The git "master" branch has a script to
import an I
On 14 Jun 2013, at 22:36, Go WiFi wrote:
> can you tell what files you need??
> and the code i am giving is form sql configurations file to simulate this
>
> according to your instruction i changed the file like
>
> sql sql2{
> sql_user_name = "%{sql_inst2:select s.* from (select @user:=BINARY
can you tell what files you need??
and the code i am giving is form sql configurations file to simulate this
according to your instruction i changed the file like
sql sql2{
sql_user_name = "%{sql_inst2:select s.* from (select @user:=BINARY
'%{User-Name}' p) parm , upm s}"
}
and in
sql sql_gowifi
On 14 Jun 2013, at 20:21, Go WiFi wrote:
> ok after a close look at the debug i found the log
> [sql_gowifi] WARNING: Unknown module "sql2" in string expansion "%"
> [sql_gowifi] sql_set_user escaped user --> ''
>
> it's not able to find the module sql2 but in my config the very first line is
your confidential files.
If you ask for help on a public *free* mailing list, then it's
common courtesy to provide the information that people need to
help you. There are experts here that know more than you do about
FreeRADIUS (which is why you're asking here, right?) and therefor
ok after a close look at the debug i found the log
[sql_gowifi] WARNING: Unknown module "sql2" in string expansion "%"
[sql_gowifi] sql_set_user escaped user --> ''
it's not able to find the module sql2 but in my config the very first line
is sql sql2 {
-
List info/subscribe/unsubscribe? See http:
sql sql2 {
}
sql sql_gowifi{
driver = "rlm_sql_mysql"
# Connection info:
server = "localhost"
#port = 3306
login = "dbuser"
password = "pass"
radius_db = "radius"
# Print all SQL statements when in debug mode (-x)
sqltrace = yes
sqltracefile = ${logdir}/custom.sql
# number of sql connections to
On 14 Jun 2013, at 19:07, Go WiFi wrote:
> this is the section i am having issues
> so i don't think it's needed to post the full config
if you want help, post the full sql config sans queries and any sensitive
information.
> also there is nothing special in debug jus
Go WiFi wrote:
> this is the section i am having issues
> so i don't think it's needed to post the full config
If you're smarter than the experts on this list, you can figure it out
for yourself.
Or, if you're not going to follow instructions, you shouldn't be
asking questions on this list.
this is the section i am having issues
so i don't think it's needed to post the full config
also there is nothing special in debug just the sql_user_name field is blank
also i managed to write some sql functions to archive the same
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/l
username remains blank
>
> when i run the sql query above in mysql server it returns the correct
> username please help
Post full config for the sql module (sans queries) and debug output. Please.
-Arran
Arran Cudbard-Bell
FreeRADIUS Development Team
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ogin and
accounting
again when using sql_user_name = "%{User-Name}" it saves the username
entered in login page of hotspot to radpostauth table but with the code
above the username remains blank
when i run the sql query above in mysql server it returns the correct
username please help
-
no response from server for ID 20 socket 3
>
>
>
> Access-REQUEST sent:
>
> User-Name=TESTT003-010300.001-11.71
> Calling-Station-Id=00:22:D2:02:22B:E2|99T0001
> Acct-Session-Id=-0001
> Proxy-State=XXXXXX
>
Giovanni Perna wrote:
> Can someone help me?
Post the full debug log as suggested in the FAQ, README, "man" page,
web pages, and daily on this list.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-010300.001-11.71
Calling-Station-Id=00:22:D2:02:22B:E2|99T0001
Acct-Session-Id=-0001
Proxy-State=XX
Can someone help me?
--
Giovanni
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
=sath.nhs...@lists.freeradius.org]
On Behalf Of Matthias Nagel
Sent: 21 May 2013 23:23
To: freeradius-users@lists.freeradius.org
Subject: AW: RE: Help with chap
Hello,
actually this behaviour is totally correct. The switch tries to authenticate a
client, when the switch learns the clients MAC
reeradius-users-bounces+andy.franks=sath.nhs...@lists.freeradius.org
[mailto:freeradius-users-bounces+andy.franks=sath.nhs.uk@lists.freeradiu
s.org] On Behalf Of Franks Andy (RLZ) IT Systems Engineer
Sent: 21 May 2013 22:27
To: FreeRadius users mailing list
Subject: RE: Help with chap
Thanks Ph
dy
-Original Message-
From:
freeradius-users-bounces+andy.franks=sath.nhs...@lists.freeradius.org
[mailto:freeradius-users-bounces+andy.franks=sath.nhs.uk@lists.freeradiu
s.org] On Behalf Of Franks Andy (RLZ) IT Systems Engineer
Sent: 21 May 2013 22:27
To: FreeRadius users mailing list
Su
radiu
s.org] On Behalf Of Phil Mayers
Sent: 21 May 2013 08:06
To: freeradius-users@lists.freeradius.org
Subject: Re: Help with chap
On 05/21/2013 07:55 AM, Franks Andy (RLZ) IT Systems Engineer wrote:
> Can I just use the authorize section to set the password to be the
> same as the u
On 05/21/2013 07:55 AM, Franks Andy (RLZ) IT Systems Engineer wrote:
Can I just use the authorize section to set the password to be the same
as the username, i.e. the mac address, after checking some basics like
whether the user exists in ldap and perhaps the useraccountcontrol
value, then in th
Alan DeKok
Sent: 21 May 2013 00:21
To: FreeRadius users mailing list
Subject: Re: Help with chap
Franks Andy (RLZ) IT Systems Engineer wrote:
> Thanks for the help.
> Anecdotally, before I get into serious discovery, I've been running
> the freeradius process in extra debugging
Franks Andy (RLZ) IT Systems Engineer wrote:
> Thanks for the help.
> Anecdotally, before I get into serious discovery, I've been running
> the freeradius process in extra debugging mode -xx. I'd read somewhere
> that -X makes it run single threaded, but along those
Thanks for the help.
Anecdotally, before I get into serious discovery, I've been running
the freeradius process in extra debugging mode -xx. I'd read somewhere
that -X makes it run single threaded, but along those lines of thinking
I wondered if -xx and the extra debug was c
Franks Andy (RLZ) IT Systems Engineer wrote:
> Thanks Alan,
> It takes literary a second or so for a single client auth, but
> problems arise with multiple clients. I'll reset a card on the switch
> and capture the logs and see what's happening. Nothing as far as I
> remember pointed towards the
y.franks=sath.nhs.uk@lists.freeradiu
s.org] On Behalf Of Alan DeKok
Sent: 18 May 2013 13:37
To: FreeRadius users mailing list
Subject: Re: Help with chap
Franks Andy (RLZ) IT Systems Engineer wrote:
> ... It worked brilliantly in testing, but come
> production, when i reboot the switch or c
Hello,
> I've recently got into mac based auth on a procurve 5406. [...]
> [...] when i reboot the switch or clear the authentication on the ports it
> can take up to ten minutes for 10-15 clients to authenticate, simply because
> the nas (i guess) gets overwhelmed and consequently I see loads
Franks Andy (RLZ) IT Systems Engineer wrote:
> ... It worked brilliantly in testing, but come
> production, when i reboot the switch or clear the authentication on the
> ports it can take up to ten minutes for 10-15 clients to authenticate,
That's bad. 10-15 clients should be done in a second o
Hi,
I seem to frequent this forum, hopefully one day I'll be answering some
questions, not asking them.
I've recently got into mac based auth on a procurve 5406. It does either chap
or peap-mschap authentication, and i'm using ntlm_auth for the mschap2 when
using peap. It worked brilliantly in
On Fri, May 17, 2013 at 2:09 AM, Wang, Yu wrote:
>
> Hello,
>
>
>
> I upgraded FR from 2.1.10 to 2.2.1. Everything went well except about 25% of
> our wireless users cannot authenticate after the upgrade. The backend
> authentication server is Active Directory and we use ntlm_auth from winbind
On 05/10/2013 12:05 PM, Divyesh Raithatha wrote:
It appears that the created RPM doesn't include the TLV update that were
made to the 2.x.x branch last week. Why wouldn't this be inlcuded in
the RPM even though I am building the RPM with the current 2.x.x. source?
Use the source Luke :-)
I as
It appears that the created RPM doesn't include the TLV update that were
made to the 2.x.x branch last week. Why wouldn't this be inlcuded in the
RPM even though I am building the RPM with the current 2.x.x. source?
Thanks.
On Wed, May 8, 2013 at 5:42 PM, Divyesh Raithatha <
divyesh.raitha...@gm
Thanks everyone. Finally got the RPM build to work by doing the following:
Version: 2.2.0" in the top of the freeradius.spec file to 2.2.1, and
renaming source
bz2 file to freeradius-server-2.2.1.tar.**bz2
Along with commenting out patches 2 and 5
#Patch2: freeradius-radtest.patch
#Patch5: free
On 05/08/2013 03:19 AM, Fajar A. Nugraha wrote:
On Wed, May 8, 2013 at 1:50 PM, Raithatha, Divyesh
wrote:
Thanks, I got past the README but now I am getting the following file not found
errors. They do exist, however, it looks like the build is looking for version
2.2.0 of the library files
On 05/08/2013 08:19 AM, Fajar A. Nugraha wrote:
%{_libdir}/freeradius/rlm_acct_unique-*.so
FWIW this is the approach we usually take when packaging things; it
seems pointless to me to embed version numbers into %files macros. I'm
aware this is probably frowned on by some packaging guidelines
On Wed, May 8, 2013 at 1:50 PM, Raithatha, Divyesh
wrote:
> Thanks, I got past the README but now I am getting the following file not
> found errors. They do exist, however, it looks like the build is looking for
> version 2.2.0 of the library files yet they are listed as 2.2.1.
>
>
> error: Fi
Thanks, I got past the README but now I am getting the following file not found
errors. They do exist, however, it looks like the build is looking for version
2.2.0 of the library files yet they are listed as 2.2.1.
error: File not found:
/home/test/rpmbuild/BUILDROOT/freeradius-2.2.0-1.el6.x
On 05/07/2013 04:46 AM, Fajar A. Nugraha wrote:
On Tue, May 7, 2013 at 4:28 AM, John Dennis mailto:jden...@redhat.com>> wrote:
These project maintained build configurations are best thought of as
"bleeding edge developer stuff". Make some change and you want to
test on Fedora or Debi
John Dennis wrote:
> Why does FreeRADIUS maintain build configurations for Red Hat and
> Debian?
Part historical reasons. RPMs were "difficult" to find, and it was
easier to include RPM scripts in the server.
It also means it's easy for people to build custom RPMs. They can use
an establish
On Tue, May 7, 2013 at 4:28 AM, John Dennis wrote:
>
> These project maintained build configurations are best thought of as
> "bleeding edge developer stuff". Make some change and you want to test on
> Fedora or Debian and need packages, then these build directories are the
> goto place, Or for th
On Tue, May 7, 2013 at 3:35 AM, Divyesh Raithatha
wrote:
>
> to get past the patch error messages but I get another error below:
>
>
>
> + cp README
> /home/divtest/rpmbuild/BUILDROOT/freeradius-2.2.0-1.el6.x86_64//usr/share/doc/freeradius-2.2.0
Look at the spec file, change
"cp README
/home/
On 05/06/2013 04:09 PM, Alan DeKok wrote:
Divyesh Raithatha wrote:
Hello all, has anyone had success in building an RPM from the v2.x.x
branch from http://git.freeradius.org?
That should work
I am following the information from
http://wiki.freeradius.org/guide/Red-Hat-FAQ
On a CentOS
Thanks Alan, I had to comment out both Patch 2 and 5 sections
#%patch2 -p1 -b .radtest
#%patch5 -p1 -b .radeapclient-ipv6
to get past the patch error messages but I get another error below:
+ cp README
/home/divtest/rpmbuild/BUILDROOT/freeradius-2.2.0-1.el6.x86_64//usr/share/doc/freeradius-2.
Divyesh Raithatha wrote:
> Hello all, has anyone had success in building an RPM from the v2.x.x
> branch from http://git.freeradius.org?
>
That should work
> I am following the information from
> http://wiki.freeradius.org/guide/Red-Hat-FAQ
>
> On a CentOS 6.4 x64 system I was able to buil
On 05/06/2013 02:57 PM, Divyesh Raithatha wrote:
Hello all, has anyone had success in building an RPM from the v2.x.x
branch from http://git.freeradius.org?
I am following the information from
http://wiki.freeradius.org/guide/Red-Hat-FAQ
On a CentOS 6.4 x64 system I was able to build an RPM from
Hello all, has anyone had success in building an RPM from the v2.x.x branch
from http://git.freeradius.org?
I am following the information from
http://wiki.freeradius.org/guide/Red-Hat-FAQ
On a CentOS 6.4 x64 system I was able to build an RPM from 2.2.0 source
successfully but I want to get all o
On Sun, Apr 28, 2013 at 1:31 AM, Andres wrote:
> Thank you all for your replays,
>
> I used SLES 11 freeradius standard package and it was too old,
> and it was my mistake and took a few days off my life.
> Hopefully someone else does not make the same mistake
If all you need is mschap test funct
Thank you all for your replays,
I used SLES 11 freeradius standard package and it was too old,
and it was my mistake and took a few days off my life.
Hopefully someone else does not make the same mistake
Andres
2013/4/27 Alan DeKok
> Andres wrote:
> > FreeRADIUS server Version: 2.1.1-7.16.
Andres wrote:
> FreeRADIUS server Version: 2.1.1-7.16.1
> also installed freeradius-server-libs and utils
Why? That version is SEVEN YEARS old.
Upgrade. Really.
And you're using a version of radclient which doesn't support mschap.
So... why are you trying to use mschap?
We presume
Hi,
>FreeRADIUS server Version: 2.1.1-7.16.1
>also installed freeradius-server-libs and utils
>FreeRADIUS server and libs and utils was installed via Yast.
>radius:/etc # radclient -v
>radclient: $Id$ built on Jan 22 2013 at 23:55:37
>#
># Version: $Id$
>#
>
Hi,
I have done clean SLES11 install
FreeRADIUS server Version: 2.1.1-7.16.1
also installed freeradius-server-libs and utils
FreeRADIUS server and libs and utils was installed via Yast.
radius:/etc # radclient -v
radclient: $Id$ built on Jan 22 2013 at 23:55:37
#
# Version: $Id$
#
pre
Hi,
what version of FreeRADIUS? are you sure you arent running old copies of
radclient/radtest
ie you THINK you can do "-t mschap" but the wrapper or binary doesnt
radclient -v ?
which radtest
then cat the resulting file.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.o
x27;m trying to test mschap with radtest but it gives me strange error
>>>> message.
>>>> I've tried to solve it several days, but had no success.
>>>>
>>>> I'm using syntax like that:
>>>>
>>>> $ radtest -t msch
r password 127.0.0.1 0 secret
>>>
>>> radclient : Failed to find IP address for host user: Success
>>>
>>>
>>> radclient: $Id$ built on Jan 22 2013 at 23:55:37
>>> FreeRADIUS Version 2.1.1, for host x86_64-suse-linux-gnu, built on Jan
>>>
Andres wrote:
> this way looks my hosts file:
Well... something is wrong with DNS on your system.
The only advantage to using radtest is that it's simpler than
radclient. But it's just a wrapper around radclient. You can edit
radtest to remove the DNS lookups, or write your own wrapper whic
ax like that:
>>
>> $ radtest -t mschap user password 127.0.0.1 0 secret
>>
>> radclient : Failed to find IP address for host user: Success
>>
>>
>> radclient: $Id$ built on Jan 22 2013 at 23:55:37
>> FreeRADIUS Version 2.1.1, for host x86_64-suse-linux-gnu,
22 2013 at 23:55:37
> FreeRADIUS Version 2.1.1, for host x86_64-suse-linux-gnu, built on Jan 22
> 2013
>
> host file looks fine
>
> I would appreciate it if someone can help me
> ,
>
> Andres
>
>
>
>
>
>
>
> -
> List info/subscribe/unsubscribe? See
t user: Success
radclient: $Id$ built on Jan 22 2013 at 23:55:37
FreeRADIUS Version 2.1.1, for host x86_64-suse-linux-gnu, built on Jan 22
2013
host file looks fine
I would appreciate it if someone can help me
,
Andres
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> }
>
> }
>
> (e.g. no space between ":" and "=")
>
> HTH,
>
> Matthew
>
>
> --
> Matthew Newton, Ph.D.
>
> Systems Specialist, Infrastructure Services,
> I.T. Services, University of Leicester, Leicester LE1 7RH, United
s,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253,
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
>What you mean?
see bottom of email
>Is it exactly like what you said in previous email or else :
>update reply {
>Session-Timeout : = 7200
>}
no, its exactly liek I typed. if you add spaces like you have then the server
wont like it
alan
-
List info/s
Hi,
What you mean? Sorry i think you might mis-understand my previous 2
message. I mean 2 ask what is the correct syntax for update reply
Is it exactly like what you said in previous email or else :
update reply {
Session-Timeout : = 7200
}
I will search the documentation again f
Hi,
>Thanks again Alex, i will try your syntax.
do you deliberately change words?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks again Alex, i will try your syntax.
Thanks
Danny
On Tue, Apr 23, 2013 at 9:25 PM, wrote:
> Hi,
>
> >Thanks Alan, let me try that. So i can apply this only if the
> Wireless AP
> >is sending packet with Session-Timeout too right? I don't see this
> setting
> >in Meraki Wireles
Hi,
>Thanks Alan, let me try that. So i can apply this only if the Wireless AP
>is sending packet with Session-Timeout too right? I don't see this setting
>in Meraki Wireless AP.
as i said, depends on your settings and what the NAS is willing to take from
the
RADIUS server - you'll
Thanks Alan, let me try that. So i can apply this only if the Wireless AP
is sending packet with Session-Timeout too right? I don't see this setting
in Meraki Wireless AP.
I'm using ldap and all the authentication just simple username / password
from ldap. Is the the exact syntax to apply with?
o
Hi,
>In which config files do i need to look / edit / add the session timeout
>in freeradius?
that would depend on how your configuration is done and what options and methods
you are using. 'users' file is basic way, SQL tables are another, unlang is yet
another way...eg
update reply {
Hi Alan,
In which config files do i need to look / edit / add the session timeout in
freeradius?
Thanks
Danny
On Tue, Apr 23, 2013 at 3:11 PM, Alan Buxey wrote:
> Controlled by the NAS and/or the RADIUS server depending on NAS settings.
> ie you should be able to set session-timeout on the NA
Controlled by the NAS and/or the RADIUS server depending on NAS settings. ie
you should be able to set session-timeout on the NAS and then override/update
the value on the RADIUS server depending on your chosen policies...eg for
particular users/clients etc...and if proxying you may have agreeme
Hello All,
We are using EAP-MSCHAPV2 for authentication with LDAP and using version
2.2.0. So actually who control the session validity for how long the client
will be authenticate after connecting to the wireless AP? So for example i
key in my username / password in Windows popup, then how long d
Quite right! Thanks for simplifying this for me Matthew.
Cheers,
Dave
Matthew Newton wrote:
Hi,
Good you got it working. Just as a couple of points:
On Wed, Apr 17, 2013 at 02:16:25PM +1000, David Brodrick wrote:
I got there. I added authtype = PAP to the passwd module
rvices,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253,
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
I got there. I added authtype = PAP to the passwd module configuration
and then DEFAULT Auth-Type = PAP to users.
I had tried this earlier but there was a trailing delimiter in the local
password file which wasn't in the format and this seems to have caused
the password verification to fa
Hi,
We're experimenting with freeradius for authenticating users in a custom
application. It was straightforward to get this authenticating against
the OS:
DEFAULT Auth-Type = System
But what we want to do is maintain a list of usernames and crypt
passwords in an external file, separate to
On 21 Mar 2013, at 15:56, David Mitton wrote:
> Quoting Arran Cudbard-Bell :
>
>>
>> On 21 Mar 2013, at 13:26, Jouni Malinen wrote:
>>
>>> On Mon, Mar 18, 2013 at 8:42 PM, Arran Cudbard-Bell
>>> wrote:
The old HP switches used to convert the Reply-Message into an
EAP-Notificatio
Quoting Arran Cudbard-Bell :
On 21 Mar 2013, at 13:26, Jouni Malinen wrote:
On Mon, Mar 18, 2013 at 8:42 PM, Arran Cudbard-Bell
wrote:
The old HP switches used to convert the Reply-Message into an
EAP-Notification and send it after the EAP-Success or EAP-Failure.
This is not compliant
On 21 Mar 2013, at 13:26, Jouni Malinen wrote:
> On Mon, Mar 18, 2013 at 8:42 PM, Arran Cudbard-Bell
> wrote:
>> The old HP switches used to convert the Reply-Message into an
>> EAP-Notification and send it after the EAP-Success or EAP-Failure.
>
> This is not compliant with the EAP specifica
On Mon, Mar 18, 2013 at 8:42 PM, Arran Cudbard-Bell
wrote:
> The old HP switches used to convert the Reply-Message into an
> EAP-Notification and send it after the EAP-Success or EAP-Failure.
This is not compliant with the EAP specification (EAP-Notification
needs to be sent prior to completion
On 18 Mar 2013, at 12:07, a.l.m.bu...@lboro.ac.uk wrote:
> hi,
>
> we would all love to be able to send a relevant error message to our
> clients if they fail to authenticate (either locally or remotely).
> but we cant. :-(
The old HP switches used to convert the Reply-Message into an EAP-Notif
Thanks a lot :)
Well i guess we just have to live with it :)
-Danny
On Tue, Mar 19, 2013 at 12:07 AM, wrote:
> hi,
>
> we would all love to be able to send a relevant error message to our
> clients if they fail to authenticate (either locally or remotely).
> but we cant. :-(
>
> alan
> -
> Lis
hi,
we would all love to be able to send a relevant error message to our
clients if they fail to authenticate (either locally or remotely).
but we cant. :-(
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 18.03.2013 16:48, Danny Kurniawan wrote:
> Hi All,
>
> So i have been able to authenticate my wireless user using 802.1x + LDAP
> + MAC address (using CallingStationID attriubute). So now for example
> when user A have MAC 11:22:33 but tried to login using another device
> there will be a pop u
Hi All,
So i have been able to authenticate my wireless user using 802.1x + LDAP +
MAC address (using CallingStationID attriubute). So now for example when
user A have MAC 11:22:33 but tried to login using another device there will
be a pop up window when they try to connect - just a plain error p
Hi All,
I already found a way to configure it. Thanks a lot.
http://wiki.freeradius.org/guide/Mac-Auth#Note
Thanks
Danny
On Wed, Mar 13, 2013 at 10:14 AM, Danny Kurniawan <
danny.kurnia...@fairchildsemi.com> wrote:
> Sorry for this beginner question. I have read the man_rlm password but
> dont
Sorry for this beginner question. I have read the man_rlm password but dont
see example how to add the mac address.
can some of you showed to me an example of it? I assume its as simple as
key in the MAC address into some file in Radius conf file or something?
Thanks
Danny
On Wed, Mar 13, 2013 a
Noted. I guess using the AP to do the MAC filtering is the best options for
me
On Tue, Mar 12, 2013 at 9:19 PM, Alan DeKok wrote:
> Danny Kurniawan wrote:
> > Is that means we have to manually added the client MAC into radius one
> > by one?
>
> You need *some* method to separate known devices
Danny Kurniawan wrote:
> Is that means we have to manually added the client MAC into radius one
> by one?
You need *some* method to separate known devices from unknown ones.
How you do it is up to you.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.
On 03/12/2013 01:46 AM, Danny Kurniawan wrote:
Is that means we have to manually added the client MAC into radius one
by one?
RADIUS can only act on RADIUS attributes. There's no RADIUS attribute
that says:
Device-Type = "Bosses iPad"
Most NASes send username and network address of the cli
Hi,
>Is that means we have to manually added the client MAC into radius one by
>one?
well, you want to restrict it to known devicesso ONE way is to add the
allowed MACs to a DB - they could be added to some other lookup table.
alan
-
List info/subscribe/unsubscribe? See http://www.fr
Is that means we have to manually added the client MAC into radius one by
one?
-Danny
On Fri, Mar 8, 2013 at 11:00 PM, Alan DeKok wrote:
> Danny Kurniawan wrote:
> > We have successfully deploy Meraki Wireless with Radius 2.1.1 connect to
> > eDir LDAP. Everything works just fine. Now my company
Danny Kurniawan wrote:
> We have successfully deploy Meraki Wireless with Radius 2.1.1 connect to
> eDir LDAP. Everything works just fine. Now my company want to explore
> whether we are able to restrict a devices, that only company devices can
> connect to our wifi ssid. Is that possible using Rad
Hi All,
We have successfully deploy Meraki Wireless with Radius 2.1.1 connect to
eDir LDAP. Everything works just fine. Now my company want to explore
whether we are able to restrict a devices, that only company devices can
connect to our wifi ssid. Is that possible using Radius? Like using cert
e
On 6 Mar 2013, at 09:44, Arran Cudbard-Bell wrote:
>
> On 6 Mar 2013, at 03:23, Jed Gainer wrote:
>
>> Help
>
> Die potatoe!
*potato
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See htt
On 6 Mar 2013, at 03:23, Jed Gainer wrote:
> Help
Die potatoe!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
"
2. Check fig.9 and fig-10 .. looks like there is an option to cache user
information and to 'not prompt user to ...' that I think (cmiiw) will give
proper solution."
It will stop pop-ups for future connections but not remove pop-ups for initial
connection...which is what the requester wants.
On 03/06/2013 09:23 AM, Jed Gainer wrote:
>
> Help
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://ww
Thanks for all the reply, means i have to settle it from Client end :)
-Danny
On Wed, Mar 6, 2013 at 10:30 AM, wrote:
> > Hi,
> >
> >> Check https://supportforums.cisco.com/docs/DOC-17544
> >
> > how many 'how to configure PEAP' documents does the world need? this one
> > has fewer issues than
> Hi,
>
>> Check https://supportforums.cisco.com/docs/DOC-17544
>
> how many 'how to configure PEAP' documents does the world need? this one
> has fewer issues than others but still has ambiguityand this guide
> also contains exactly the same security prompt that the requester DOESNT
> want ;-)
On 05/03/13 09:56, Danny Kurniawan wrote:
Hi All,
Thanks for all your reply. Yes i do understand the solution is to deploy
the network profile, but just curious at first who knows any of you have
an idea how to eliminate it wthout touching the client.
You can't. It's impossible by design - all
Hi All,
Thanks for all your reply. Yes i do understand the solution is to deploy
the network profile, but just curious at first who knows any of you have an
idea how to eliminate it wthout touching the client.
*for example push the profile automatically from the AP etc...
But now i guess i will
1 - 100 of 2651 matches
Mail list logo
