Yes it does.
We found the solution by creating a rule that maps all the BSSID related
to some SSID and then we do a specific filter to LDAP, so we did it for
every SSID.
Thanks for the help!
Atenciosamente,
Gustavo Vieira Oliveira
GETIC - Gerência de Tecnologia da Informação
SUSERV -
Hi All,
i am new about FreeRadius. I am moving from Cisco ACS Tacacs to FreeRadius.
During LDAP configuration i am getting the follow error :
[ldap] bind as cn=User,ou=people,dc=domain,dc=it/Password to
ldapserver:636
[ldap] waiting for bind result ...
[ldap]
You shouldn't have quotes around your username or domain. You should use
identity = cn=user,ou=people,dc=domain,dc=it
On 19/07/2013 7:05 PM, Marco Aresu marcoar...@gmail.com wrote:
Hi All,
i am new about FreeRadius. I am moving from Cisco ACS Tacacs to
FreeRadius. During LDAP configuration i
Hello!
I need some help with RADIUS regarding Wireless authentication with
RADIUS + LDAP.
I need to check if the user has permission to connect to a specific
SSID, so we check a LDAP attribute for that.
By that, we need to know from which SSID the authentication is being
requested so we
On 12.07.2013 17:03, Gustavo Vieira Oliveira wrote:
I need some help with RADIUS regarding Wireless authentication with
RADIUS + LDAP.
Hello. which version of freeradius are you running ?
I need to check if the user has permission to connect to a specific
SSID, so we check a LDAP attribute
I forgot to say that we use H-REAP so we do not authenticate it in the WLC
Atenciosamente,
Gustavo Vieira Oliveira
GETIC - Gerência de Tecnologia da Informação
SUSERV - Superintendência de Serviços Compartilhados
Sistema FIESC
Rod. Admar Gonzaga, 2765 - Itacorubi - 88034-001 - Florianópolis -
Olivier,
You don't need to set radius-server vsa send in the AP so it sends the
SSID in the authentication request?
Atenciosamente,
Gustavo Vieira Oliveira
GETIC - Gerência de Tecnologia da Informação
SUSERV - Superintendência de Serviços Compartilhados
Sistema FIESC
Rod. Admar Gonzaga,
Look at the requests coming from your AP in debug mode. You should see
information there that can be used eg called station id with SSID appended or a
VSA with the SSID name or number in it. Use that with your policy
alan
-
List info/subscribe/unsubscribe? See
We got it working, the AP is sending the SSID with the calling station
ID but only setting radius-server vsa send in the Access-point.
The problem is that we have to do it manually (the Controller doesn't
support it) in the AP, so when it reboots for some reason it cannot
authenticate cause
On Fri, Jul 12, 2013 at 12:48:48PM -0300, Gustavo Vieira Oliveira wrote:
The problem is that we have to do it manually (the Controller
doesn't support it) in the AP, so when it reboots for some reason it
cannot authenticate cause the RADIUS doesn't receive the SSID. So,
we need an alternative
Still unable to connect.
Do you have any configuration files for connecting with LDAP form AP FR LDAP
? I tried every way but nothing works.
Thank you very much for your time and help.
thanakorn
-
List info/subscribe/unsubscribe? See
On 28.12.2012 09:38, Thanakorn Rattanatikul wrote:
Still unable to connect.
Do you have any configuration files for connecting with LDAP form AP
FR LDAP ? I tried every way but nothing works.
Send a full output of freeradius -X
--
Olivier Beytrison
Network Security Engineer, HES-SO
Thanakorn Rattanatikul wrote:
In LDAP server , for user sun , store password in clear-text in this test.
No, it doesn't.
Or, it's not available.
Or the user isn't found.
Read the debug log. Look for anything related to LDAP. It isn't hard:
[ldap] performing search in
Date: Fri, 28 Dec 2012 10:46:45 +0100
From: oliv...@heliosnet.org
To: freeradius-users@lists.freeradius.org
Subject: Re: AP FR LDAP authentication reject
On 28.12.2012 09:38, Thanakorn Rattanatikul wrote:
Still unable to connect.
Do you have any configuration files for connecting
Sigh. No. There are no packets in that debug. How do you expect people to read
a debug unless it contains an authentication attempt?
... adding new socket proxy address * port 51195
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command
/peap
[eap] Failed in EAP select
++[eap] returns invalid
In the default LDAP configuration file, it's clearly stated that :
# However, LDAP can be used for authentication ONLY when the
# Access-Request packet contains a clear-text User-Password
# attribute. LDAP authentication
In LDAP server , for user sun , store password in clear-text in this test.
Thank you very much for your time and help.
thanakorn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 28.12.2012 08:39, Thanakorn Rattanatikul wrote:
In LDAP server , for user sun , store password in clear-text in this test
So if you have a clear-text password in the ldap, use the ldap
attribute-map to add it in the control list. Looking at the logs I guess
you are running version 2.x, then
David Aldwinckle wrote:
(0) WARNING: Empty pre-proxy section. Using default return values.
Proxying to virtual server captive_portal
(0) # Executing section authorize from file /etc/raddb/sites-enabled/default
That doesn't make sense.
You've broken the configuration somehow. Don't do
On 07/05/2012 12:24 AM, David Aldwinckle wrote:
Hello,
I am having a problem getting LDAP authentication working on FreeRADIUS
Version 3.0.0. The behaviour I am experiencing is that the server will
send an Access-Accept message without doing any checking of credentials.
I would expect to see
to 172.16.32.138 port 33182
Code: 2
Id: 73
Length: 20
Vector: 69147ff0c996e2d6f56993d745fe3fca
Dave A.
On 2012-07-05, at 4:07 AM, Phil Mayers wrote:
On 07/05/2012 12:24 AM, David Aldwinckle wrote:
Hello,
I am having a problem getting LDAP authentication
Hello list,
I know this isn't a direct FR related issue, but I think the people
here have deep know how or some further links I can get my information I
need.
What I'm interested in is how the LDAP user/password authentication
works, especially how FR does it.
In LDAP module configuration I
On Fri, Jun 22, 2012 at 1:30 PM, Tobias Hachmer li...@kokelnet.de wrote:
In LDAP module configuration I set an identity. For my understanding this is
for the ldap bind user. With this identity FR will get access to the ldap
database, to do groupmembership information or attributes and so on.
On 22.06.2012 10:18, Fajar A. Nugraha wrote:
But is this identity also needed for authentication only?
There are several ways you can use LDAP for authentication. For
normal LDAP servers which stores user password in an accessible
attribute with optional supported encrypted schema, you only
Tobias Hachmer wrote:
The Test MS AD Server has domain functional level 2008 R2 and quite
default settings.
Active directory is not really an LDAP server. The reasons are
complicated. It's almost an LDAP server, but it's different in critical
ways.
In radiusd -X output the ldap module
Alexander Kulbiy wrote:
I'm trying to configure RADIUS server that would be used for
authentication of users in Wi-Fi network with WPA-enterprise encryption.
To do this I'm trying to use EAP + LDAP inside of freeradius.
The problem is that I see in log:
You edited the default configuration
Hi,
On Wed, Apr 25, 2012 at 01:47:09PM +0300, Alexander Kulbiy wrote:
Hello all,
I'm trying to configure RADIUS server that would be used for authentication
of users in Wi-Fi network with WPA-enterprise encryption. To do this I'm
trying to use EAP + LDAP inside of freeradius.
You're using
Hello all,
Thanks for your fast answers.
Matthew, as I understood from link you've posted I have to use TTLS/GTC to
be able to use MD5 passwords. Can you help me understand how can I do that?
I've tried to reset all configuration to default as Alan suggested but I
still see that MSCHAPv2 auth
Alexander Kulbiy wrote:
Matthew, as I understood from link you've posted I have to use TTLS/GTC
to be able to use MD5 passwords. Can you help me understand how can I do
that?
Edit the configuration on the client PC, to set TTLS/GTC.
I've tried to reset all configuration to default as Alan
Hello Alan,
Finally I got it. I had to change client settings and now everything is
fine.
Thanks a lot,
Alexander
On Wed, Apr 25, 2012 at 3:45 PM, Alan DeKok al...@deployingradius.comwrote:
Alexander Kulbiy wrote:
Matthew, as I understood from link you've posted I have to use TTLS/GTC
to
to change this configuration now.
My backend is LDAP. Maybe I should change the backend system to AD.
Thank you all for your time and help.
Best,
Julie Chen
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/AP-FR-LDAP-authentication-tp5572785p5577782.html
Sent from
://freeradius.1045715.n5.nabble.com/AP-FR-LDAP-authentication-tp5572785p5578081.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Sat, Mar 17, 2012 at 11:54 AM, Julie Chen ch...@ssc.ucla.edu wrote:
Yes, I understand that. But I'm having little problem figure out right
configuration. Would someone please advice on the configuration file?
I'd start with reading this: http://wiki.freeradius.org/Protocol%20Compatibility
Fajar A. Nugraha wrote:
I'd start with reading this:
http://wiki.freeradius.org/Protocol%20Compatibility
(or the original page in deplyingradius.com).
Please don't copy my content into the Wiki. The deployingradius.com
link has been around for years. It's the authoritative source.
Julie Chen wrote:
Yes, I understand that.
Apparently you don't.
But I'm having little problem figure out right configuration.
What part of impossible is unclear?
Would someone please advice on the configuration file?
There is no configuration to change.
You need to store the
the user.
Using Post-Auth-Type Reject
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group REJECT {...}
Thank you very much for your time and help.
Best,
Julie
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/AP-FR-LDAP-authentication
Julie wrote:
The problem is when I try to authenticate through AP. The debug log shows
Failed to authenticate the user. here is the log file.
...
[mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
...
[ldap] userPassword - Password-With-Header ==
DeKok [al...@deployingradius.com]
Sent: Friday, March 16, 2012 8:02 PM
To: FreeRadius users mailing list
Subject: Re: AP-FR-LDAP authentication
Julie wrote:
The problem is when I try to authenticate through AP. The debug log shows
Failed to authenticate the user. here is the log file.
...
[mschap
Hi, I have an application that requires ldap authentication, but would like it
to proxy the authentication to a radius/otp server given the user is part of a
specific group. Is this a possibility within freeradius?
Thx jason
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
On 12 Sep 2011, at 02:26, DaveA wrote:
I've tried a few more things and still no luck...
Yes you need run the ldap module's authenticate method. There's a configuration
option in LDAP which allows it to set Auth-Type LDAP, that needs to be set to
yes.
Then you need to create an Auth-Type
/LDAP-Authentication-bind-as-user-issue-tp4786621p4794846.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I've tried a few more things and still no luck...
Please help!
Best,
Dave
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/LDAP-Authentication-bind-as-user-issue-tp4786621p4792772.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info
appreciated.
Dave
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/LDAP-Authentication-bind-as-user-issue-tp4786621p4786621.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
This way it binds anonymously, and then fails to do an ldapsearch because of
insufficient privs. Giving * read to all seems silly, and I would rather not
go that route.
If anyone has suggestions or comments they would be greatly appreciated.
How I did it (assuming your using AD as the
: LDAP Authentication bind as user issue
This way it binds anonymously, and then fails to do an ldapsearch
because of insufficient privs. Giving * read to all seems silly, and I
would rather not go that route.
If anyone has suggestions or comments they would be greatly appreciated.
How I
Thank you for the response, but I'd rather not do it that way.
The documentation suggests that what I want is possible, and it would be
ideal for this situation.
Any more ideas?
Many thanks,
Dave
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/LDAP-Authentication
address,ou=VLAN-Xn,ou=Radius,dc=machine,dc=com
1.- first I'm tring to check if the client mac address exists in
ldap subtree.
2.- second ldap authentication, match usermac+passmac, in our
case ¿Is macX == macX? via ldap.
DEFAULT Calling-Station-Id ==
%{VLAN-X1:ldap:///ou=VLAN-X1,ou
Ramon Escriba wrote:
Thank you very much for the sarcastical reply, it was really usefull
instructive indeed.
It got you to follow the instructions in the documentation.
Why didn't you follow them for your first message? Or for this one?
It's normal that the first authentication goes
Alan, please do not get angry ok?,
The line in my answer about the sarcastical reply was for Alexander, not
for you.
Note: WIFIDATA WIFIVOIP do 802.1x EAP+mschapv2 ok.
Here're the logs:
First authentication
--
(...)
Listening on authentication interface eth0 address *
Ramon Escriba wrote:
Alan, please do not get angry ok?,
The line in my answer about the sarcastical reply was for Alexander, not
for you.
His answer is largely what mine would have been.
Here're the logs:
First authentication
...
rad_recv: Access-Request packet from host 10.0.0.1port
Here're the logs:
First authentication
...
rad_recv: Access-Request packet from host 10.0.0.1port 32770, id=29,
length=95
User-Name = 0019B976CC36
User-Password = 0019B976CC36
...
SECOND AUTHENTICATION --
...
rad_recv: Access-Request
Hi,
I've a freeradius-server-2.1.9-1.7.x86_64 running in opensuse 11.3.
My authentication frontend is an openldap2-2.4.21-9.1.x86_64.
I have correct mac address authentication, but *ONLY* the first try,
the later always fail. I'm using 3 devices, the first one that connects
logs in fine, but
Ramon Escriba escr...@cells.es wrote:
Has any one a clue of what I did wrong?
attempts to read Ramon's mind
attempts to use remote viewing to see output of debugging
Actually, forget it...
http://wiki.freeradius.org/index.php/FAQ#It_still_doesn.27t_work.21
Regards
--
Alexander Clouter
Ramon Escriba wrote:
Hi,
I've multiple rules in users file, all of them with Auth-Type = ldap
instace name, one rule/ldap instance per vlan.
With radius -X I see a correct first authentication, but the others fail.
Is the debug log a secret?
Or, will you post it as suggested in the
-Authenticator = 0x
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/LDAP-authentication-failed-tp3217861p3232594.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http
-bounces+jake.sallee=umhb@lists.freeradius.o
rg] On Behalf Of snowman5840
Sent: Friday, October 22, 2010 11:58 AM
To: freeradius-users@lists.freeradius.org
Subject: Re: LDAP authentication failed
ok I found my problem. I have forgotten to add my domain in the
proxy.conf, after I have done
wow. hey now it's working with both OS ;-) . thx for your hint, nt_hack was
missing.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/LDAP-authentication-failed-tp3217861p3232899.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info
://freeradius.1045715.n5.nabble.com/LDAP-authentication-failed-tp3217861p3219086.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi
i have some problems with LDAP authentication. If I login on my windows xp
sp3 client i want to check die login credentials against my LDAP service.
But the xp client uses doubleslashs in the username!! I think this will be
the problem!? If I test with radtest it works. What can i do
hi,
you need to use the ntdomain module and ensure that the \\ method is enabled.
(check the realm module section)
this will then populate stripped-user-name with just the username
and not also have the hostname or domain name lurking around.
alan
-
List info/subscribe/unsubscribe? See
Following on from my previous post on Centralised LDAP Auth post:
http://lists.freeradius.org/pipermail/freeradius-users/2010-September/msg00393.html
I've found that using dynamic-clients gives me a few advantages over using
huntgroups.
1) Dynamic Clients allows you to have per-NAS shared
IN THE CONFIGURATION YOU NEED TO **
With that in mind I will go through the files I have modified to make the
LDAP Authentication work:
FILE:/etc/raddb/modules/ldap
This is the main LDAP Module configuration file that needs to be modified,
I've added comments above each line detailing what it's needed
Peter Lambrechtsen plambrecht...@gmail.com wrote:
Then create two OU's under Radius. Elements and Roles
OU=Elements,OU=Radius,DC=ACME,DC=COM Elements will hold a record of
every NAS in your Network. You will create Group objects based on the
IP Address of the NAS and set the Location or
Hi everybody!
I'm a new subcriber of this list. I'm trying to setup a radius server with LDAP
authentication; I've managed to authenticate a user (from a Cisco Device),
but my fellows from Security Department think that we should have a two-step
authentication:
1. User/password authentication
In article bay154-w6ae2b5874b5015e85e875c0...@phx.gbl you wrote:
I'm a new subcriber of this list. I'm trying to setup a radius server
with LDAP authentication; I've managed to authenticate a user (from a
Cisco Device), but my fellows from Security Department think that we
should have
Hello,
We recently had a event during which our radius server lost connectivity to
our Active Directory server. all the network gear could contact radius so
none fell back to the backup authentication method (local), but because AD
was down we couldn't get into our devices. is there a way to use
Am 10.08.2010 um 16:54 schrieb Aqdas Muneer:
Hello,
We recently had a event during which our radius server lost
connectivity to our Active Directory server. all the network gear
could contact radius so none fell back to the backup authentication
method (local), but because AD was down
so this is what i have in my users file. how can i make it so that the admin
account is only used if AD is inaccessible?
admin Huntgroup-Name == network-admin, Cleartext-Password :=
x
Service-Type := NAS-Prompt-User,
cisco-avpair :=
On 07/29/2010 01:08 PM, Sallee, Stephen (Jake) wrote:
I have correctly configured the LDAP module (I think...) but when I try
to authenticate a user I get an error saying the user cannot be found.
I have attached the debug output. I have tried turning the follow
referrals and rebind vars on
2.1.7*, I was able to configure it but very
basic like I am using users file for user names and passwords etc.
Now I am trying to setup freeradius for ldap authentication so I dont have
to add separate users in users file but can use ldap users instead, for
Free-radius authentication
I am
Hi,
I googled it lot but did not come to any comprehensive solution.
http://wiki.freeradius.org/Rlm_ldap
you need to ensure that the FreeRADIUS LDAP module can talk to your
LDAP server - check the LDAP configuration in FreeRADIUS to ensure that
the configuration, password etc etc is fine
On Tue, Sep 29, 2009 at 12:45 AM, Ryaz Khan rk...@ezesolve.com wrote:
I googled it lot but did not come to any comprehensive solution.
You'll probably learn this the hard way anyway, but don't try to
google for freeradius. Most of those hits will be outdated, even if it
is on the topic you're
Guys
just a quick question. Can I use freeradius to authenticate my LDAP users and
instead of using OpenSSL for certificates I use a Microsoft Certificate
Authority?
Thanks
Nik
Nik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Guys
just a quick question. Can I use freeradius to authenticate my LDAP users
and
instead of using OpenSSL for certificates I use a Microsoft Certificate
Authority?
Yes, you can generate certificates that way too.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See
Hi Guys,
I'm hoping someone can help me, because I have been fighting with this issue for
days now.
Environment:
FC10 + FreeRadius 2.1 + OpenLdap 2.4.
I've successfully setup Certificate Based authentication on my FreeRadius server
and that works well. My problem is I have some users I want to
-0400
From: Nik Alleyne nalle...@brontecollege.ca
Subject: FreeRadius 2.1 + LDAP Authentication
To: freeradius-users@lists.freeradius.org
Message-ID: 20090605144736.cpa0ghg1wk4ok...@mail.brontecollege.ca
Content-Type: text/plain; charset=ISO-8859-1
Hi Guys,
I'm hoping someone can help me
Thanks Ivan,
I researched your suggestion and was able to correct the situation.
To setup the redundancy to work with ntlm_auth I needed to add the other
server to the following line in the smb.conf file:
Line Before:
password server = ldap1.domain.org
Line with Redundancy:
I have two freeradius v2.1.3-1 servers setup to run with redundant load
balancing with two Windows Active Directory LDAP servers for authentication.
When the LDAP servers are running the radius will load-balance between them
and authenticate fine. If I shut the primary LDAP server down radius
Hello,
I have two freeradius v2.1.3-1 servers setup to run with redundant load
balancing with two Windows Active Directory LDAP servers for authentication.
When the LDAP servers are running the radius will load-balance between them and
authenticate fine. If I shut the primary LDAP server
Alan DeKok wrote:
Frank Bonnet wrote:
freeradius is used by chillispot on the machine, does your answer means
chillispot is sending a CHAP request ?
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
For information the problem is located
Alan DeKok wrote:
Frank Bonnet wrote:
is it possible to use freeradius with NIS instead of LDAP ?
thanks
Yes. NIS is just a different way of getting users to seem to be in
/etc/passwd. So there shouldn't be anything to do. Just install the
server, and it should work.
Alan DeKok.
is it possible to use freeradius with NIS instead of LDAP ?
thanks
Yes. NIS is just a different way of getting users to seem to be in
/etc/passwd. So there shouldn't be anything to do. Just install the
server, and it should work.
Alan DeKok.
you mean uncomment the /etc/passwd in
Frank Bonnet wrote:
Alan DeKok wrote:
Frank Bonnet wrote:
is it possible to use freeradius with NIS instead of LDAP ?
thanks
Yes. NIS is just a different way of getting users to seem to be in
/etc/passwd. So there shouldn't be anything to do. Just install the
server, and it should work.
OK now I'm still in trouble ... even after removing LDAP statements
here is the log of the session, how to setup the User-password to
the right value to use /etc/passwd file ?
thanks
rad_recv: Access-Request packet from host 127.0.0.1:32817, id=0, length=214
User-Name = bonj
t...@kalik.net wrote:
OK now I'm still in trouble ... even after removing LDAP statements
here is the log of the session, how to setup the User-password to
the right value to use /etc/passwd file ?
thanks
rad_recv: Access-Request packet from host 127.0.0.1:32817, id=0, length=214
I KNOW we cannot use /etc/passwd for chap authentication
my question is HOW to use /etc/passwd with freeradius ?
Great. So, you are aware it's not going to work with chap. And what do
you do:
rad_recv: Access-Request packet from host 127.0.0.1:32817, id=0, length=214
User-Name = bonj
t...@kalik.net wrote:
I KNOW we cannot use /etc/passwd for chap authentication
my question is HOW to use /etc/passwd with freeradius ?
Great. So, you are aware it's not going to work with chap. And what do
you do:
rad_recv: Access-Request packet from host 127.0.0.1:32817, id=0, length=214
rad_recv: Access-Request packet from host 127.0.0.1:32817, id=0,
length=214
User-Name = bonj
CHAP-Challenge = 0xbba7f4f69dfb6cf2342f1cbba4e7e482
CHAP-Password = 0x00f7fbe0aa077445403b77c55ab120f811
You send a chap request!!!
Believe me ... if I knew how not to send I would do it
My
t...@kalik.net wrote:
rad_recv: Access-Request packet from host 127.0.0.1:32817, id=0, length=214
User-Name = bonj
CHAP-Challenge = 0xbba7f4f69dfb6cf2342f1cbba4e7e482
CHAP-Password = 0x00f7fbe0aa077445403b77c55ab120f811
You send a chap request!!!
Believe me ... if I
Frank Bonnet wrote:
Believe me ... if I knew how not to send I would do it
Fix the NAS. You bought it, you know what make/model it is, so you
can find documentation for it. Maybe try asking the vendor for
documentation?
My question is how to instruct freeradius et use /etc/passwd
in the
Alan DeKok wrote:
Frank Bonnet wrote:
Believe me ... if I knew how not to send I would do it
Fix the NAS. You bought it, you know what make/model it is, so you
can find documentation for it. Maybe try asking the vendor for
documentation?
My question is how to instruct freeradius et use
Frank Bonnet wrote:
freeradius is used by chillispot on the machine, does your answer means
chillispot is sending a CHAP request ?
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok wrote:
Frank Bonnet wrote:
freeradius is used by chillispot on the machine, does your answer means
chillispot is sending a CHAP request ?
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
OK thanks for your (constructive ;-))
hello
I'm in trouble with a debian version of freeradius
I've installed chillispot and freeradius packages
but it won't work for LDAP users it fails with
such error messages :
Mon Mar 23 16:41:05 2009 : Auth: Login incorrect:
[/CHAP-Password] (from client localhost port 31 cli
Am 23.03.2009 um 16:46 schrieb Frank Bonnet:
hello
I'm in trouble with a debian version of freeradius
I've installed chillispot and freeradius packages
but it won't work for LDAP users it fails with
such error messages :
Mon Mar 23 16:41:05 2009 : Auth: Login incorrect: [/CHAP-
Frank Bonnet wrote:
I'm in trouble with a debian version of freeradius
I've installed chillispot and freeradius packages
but it won't work for LDAP users it fails with
such error messages :
Mon Mar 23 16:41:05 2009 : Auth: Login incorrect:
[/CHAP-Password] (from client localhost
I want to know what to configure in order to use ldap as freeradius database
of users
2009/3/23, Alan DeKok al...@deployingradius.com:
Frank Bonnet wrote:
I'm in trouble with a debian version of freeradius
I've installed chillispot and freeradius packages
but it won't work for LDAP users
Alan DeKok wrote:
Frank Bonnet wrote:
I'm in trouble with a debian version of freeradius
I've installed chillispot and freeradius packages
but it won't work for LDAP users it fails with
such error messages :
Mon Mar 23 16:41:05 2009 : Auth: Login incorrect:
[/CHAP-Password] (from
Frank Bonnet wrote:
OK here is the debug of one failed session
...
rlm_ldap: performing search in dc=esiee,dc=fr, with filter (uid=xxx)
rlm_ldap: object not found or got ambiguous search result
Well, that's relatively clear.
There's no such user, OR it got multiple responses.
You
David N'DAKPAZE wrote:
I want to know what to configure in order to use ldap as freeradius
database of users
Read raddb/modules/ldap
The O'Reilly OpenLDAP book also has a good description of how to
configure FreeRADIUS to use LDAP.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
1 - 100 of 226 matches
Mail list logo