Ok I have tested
company.com
Reply-Message =~ (ValA|ValB)
it doens't work
(freeradius crash ans say :
Parse error (reply) for entry company.com: Expected end of
line or comma
Errors reading /etc/freeradius/attrs
radiusd.conf[1253]: attr_filter: Module instantiation failed.)
then i have tested
Update:
I just downloaded Alfa Ariss. I successfully logged into the wireless
network using PAP. I could not get any type of EAP to work and have need of
better security than that provided by PAP.
Any help is GREATLY appreciated.
~Brandon
-Original Message-
From: DeYoung, Brandon
Hi,
I wrote a script with which it is possible to import user files into the
radius server.
Is it possible to configure the radius Server in that way, that exact
after 48 hours after the first login of a specified user, this user
would loose his validity (after 48 hours of the first login,
I am using freeradius 1.0.1.
eap/tls authentication works fine with the following users file:
#
[EMAIL PROTECTED]
Fall-Through = Yes
DEFAULT
Service-Type = Framed-User,
Framed-Protocol = PPP,
Idle-Timeout = 3456,
DEFAULT Suffix == .de, Strip-User-Name = No
Hint = DE,
Service-Type = Framed-User,
Framed-Protocol = PPP
Your hints entry would only match if the user's realm is _exactly_ .de, i.e.:
[EMAIL PROTECTED]
This is not the case, so the Hint attribute is not set.
DEFAULT
What date/time formats allowed for Expiration attribute? Is it possible to
use UNIX timestamp format (number of seconds since UNIX epoch) or any
date/time format supported by MySQL?
For exampe 'January 28 2005 12:00:00' in radcheck table works fine but
'2005-01-28 12:00:00' doesn't.
mysql select
Hi,
Is the FreeRadius Server.
Ron Wahler wrote:
Is the FreeRadius Server a client of IAS ?
Ron.
http://www.positive-logic.net
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Israel
Alves
Sent: Sunday, January 30, 2005 11:44 AM
To:
Hello !
We are using FreeRADIUS 1.0.0, Oracle server 9.2.0.4 and
all of this working on FreeBSD 5.2.1.
I can't make FreeRADIUS work with Oracle server.
After I enable auth or acct via SQL (oracle) module, FreeRADIUS died
after starting up. Last lines in the debug output :
...
Mon Jan 31 15:53:18
[EMAIL PROTECTED] wrote:
Sebastian Wild wrote:
Hello list,
I've just joined in here. My name is Sebastian and I am from Germany.
I work as adminstrator at an ISP and I also am a maintainer of a
private wlan project called wlan-r.
Now wlan-r uses chillispot to authenticate wireless users on
Hi list,
what is the badusers table in the radius db good for?
Didn't find any usefull info bout it on the freeradius page or via google :(
cheers
Sebastian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi!
I have a question regarding to radius accounting.
Is it possible to account radius on a central radius server.
For example, I have 4 freeradius Server. Three radius Server
make the authentication/authorization and one radius Server
holds the accountig information:
|radius1| |radius2|
not answering all your questions, but some:
peap, mschapv2 and Cisco aironet works all fine with each other.
we used linux and solaris LDAP with this setup and (except for
a 64-bit bug for Solaris, according to Paul Hampson) the rest
works, build straight from scratch.
Windows XP should be SP2,
ahm, we used CVS one week ago, and it seems
a path for make is broken (see earlier post).
What we could accomplish: swap configure from
1.0.1 over to pre 1.0.2 and make worked. We also
tried to replace relative path to libtld with absolute
path and it seemd to compile.
Does configure and
With option debug -X I don´t see radius show anuthing about TLS.
I only put this config:
-- section LDAP {} ---
start_tls = yes
tls_mode = yes
tls_cacertfile = /certs/rootCA.crt
tls_cacertdir = /certs/
port=636
tls_certfile = /certs/server.crt
tls_keyfile =
Ahmad Cheikh Moussa wrote:
I have a question regarding to radius accounting.
Is it possible to account radius on a central radius server.
For example, I have 4 freeradius Server. Three radius Server
make the authentication/authorization and one radius Server
holds the accountig information:
Brandon,
You will never be able to do LDAP auth against AD when using EAP.
In the archives there are many discussions on the topic. The only way to
do EAP against AD is to use ntlm_auth.
Mark Capelle
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
From what you posted there is no dash in the User-Name or password.
On Sun, 2005-01-30 at 13:40, Robert Ku wrote:
Hello
I have posted a topic with my problem with mac authentication before
using a Cisco C3550 switch as its authenticator. I now tested the mac
authentication with Cisco
On Mon, 31 Jan 2005, Sebastian Wild wrote:
Hi list,
what is the badusers table in the radius db good for?
Didn't find any usefull info bout it on the freeradius page or via google :(
It's used by dialupadmin, see dialup_admin/README
cheers
Sebastian
- List info/subscribe/unsubscribe? See
On Mon, 31 Jan 2005, rashad wrote:
What date/time formats allowed for Expiration attribute? Is it possible to
use UNIX timestamp format (number of seconds since UNIX epoch) or any
date/time format supported by MySQL?
For exampe 'January 28 2005 12:00:00' in radcheck table works fine but
Kostas Kalevras wrote:
On Mon, 31 Jan 2005, Sebastian Wild wrote:
Hi list,
what is the badusers table in the radius db good for?
Didn't find any usefull info bout it on the freeradius page or via
google :(
It's used by dialupadmin, see dialup_admin/README
cheers
Sebastian
- List
Thanks for the help. We tried the pre 1.0.2 CVS Solaris fixes but we are still hitting the same problem.The symptom has to do with password processing in module rlm_mschap. Has anyone successfully authenticated with XP SP2 using PEAP MSCHAPv2 using the Windows userid and passowrd,on Solaris 8? We
On Sun, 30 Jan 2005, [iso-8859-1] Arthur M?ssmer wrote:
Hello to everybody!!!
I wrote a script with which it is possible to import user files into the
radius server.
On this web interface I can set up a user, which should be able to
connect for 48 hours after the first login to the internet.
The
freeradius 1.0.1/OSX 10.3.7
Works fine as long as user name and common name match. When they don't
the server consistently crashes with a bus error.
.
.
text deleted
.
.
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 16
I am encountering some strange behaviour of freeradius
1.01. May be a bug.
A) If i launch the freeradius daemon with the radiusd
command i notice that Access-Reject packets are not
sent back. Access-Accept are sent.
B) If now I launch freeradius using the interactive
radiusd -X command,
Hello.
I have problems with CalledStationId and CallingStationId, The GW send 1234#51195252522 but Mysql receive 1234=2351195252522.
Someone can help me.
thanks a lot
Las mejores tiendas, los precios mas bajos, entregas en todo el mundo, YupiMSN Compras: Haz clic aquí...
-
List
Hello,
I have a machine with PPTP and:
- if I set require-pap in options.pptp and I'm using LDAP (in another
server) authentication.
I works very well.
- if I set require-mschap-v2 and require-mppe-128 in options.pptp, with
LDAP the authenctication fails.
the freeradius 1.0.1 :
Sebastian Wild wrote:
[EMAIL PROTECTED] wrote:
Sebastian Wild wrote:
Hello list,
I've just joined in here. My name is Sebastian and I am from Germany.
I work as adminstrator at an ISP and I also am a maintainer of a
private wlan project called wlan-r.
Now wlan-r uses chillispot to authenticate
Thanks Mark,
I had run across those discussions, and had also run across others that
seemed to contradict them. I appreciate the response.
~Brandon
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, January 31, 2005 6:16 AM
To:
Im my debug I see this message:
Does someone know wuat is the problem?
-- debug -X
Cleaning up request 0 ID 41 with timestamp 41fc77b9
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 146.x.y.x:10958, id=41,
Please send PLAIN TEXT mails!
Look at the allowed_characters configuration in sql.conf
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
- Original Message -
From: vicente barrientos
To:
Probrem authenticate? You try help file? Mine work fine. No trouble. You
reed herp?
_
Express yourself instantly with MSN Messenger! Download today - it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
-
delrieu.nans [EMAIL PROTECTED] wrote:
Ok I have tested
company.com
Reply-Message =~ (ValA|ValB)
it doens't work
The Reply-Message attribute is a string. It requires double-quoted
strings, not miscelleneous text.
All of the examples in the files shipped with the server have it
quoted.
Mike Lampson [EMAIL PROTECTED] wrote:
Either change you RADIUS client to have a 31+ second timeout or dramatically
reduce the setting for max_request_time. I use 6 seconds.
Or, set reject_delay = 0
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Mitchell, Michael J [EMAIL PROTECTED] wrote:
The other thing I'd *really* like, is to be able to incorporate reading
huntgroups out of ldap also. My configuration is heavily dependent on
the inclusion of each client into a huntgroup, so for me, having clients
read out of ldap only solves half
Hey all,
I have been running freeradius for some time now, and just now
noticed an issue with radwho. The man page states:
-r Outputs all data in raw format - no headers, no
formatting,
fields are comma-seperated.
but everytime I try to run 'radwho -r', I
jose luis faria [EMAIL PROTECTED] wrote:
- if I set require-mschap-v2 and require-mppe-128 in options.pptp, with
LDAP the authenctication fails.
LDAP doesn't do MSCHAP.
the freeradius 1.0.1 :
rlm_mschap: No User-Password configured. Cannot create LM-Password
rlm_mschap: No
Hello,
It's possible to make any protection to the password among the client
and the VPN's server and using LDAP ?
I know it's possible with a clear password's file, but we want to use
our server of ldap.
thanks!
Alan DeKok wrote:
jose luis faria [EMAIL PROTECTED] wrote:
- if I set
I'm sorry, I did have the username without dashes when I tried it. I
still get the same output though. I tried Auth-Type:= EAP also but
that did not work either.
000e354bcf5d Auth-Type:=Local, User-Password == 000e354bcf5d
From what you posted there is no dash in the User-Name or password.
On
Is there a way to setup freeradius to query multiple mysql
databases for a username?
Junior
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.806 / Virus Database: 548 - Release Date: 12/5/2004
Is their a way for me to add other
attributes through the Dialup admin that are not currently in the screens?
I need to be able to set multiple ascend
data filters for different users .
Is their a way to have an Other1 , Other2,
other3..etccetcc so I can add attributes and values that
my work around has been to replace all
relative paths to libltdl with absolute paths.
Another attempt was to replace the configure
with the configure from 1.0.1
Not sure whether this is correct way.
I hope current CVS compiles fine, trying soon.
Matthias Rumitz
TC Unix / Netzwerke
ADIVA
Please send PLAIN TEXT mail!
Look in /doc/configurable_failover
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
- Original Message -
From: Junior Gillespie
To:
IN the huntgroups File it has this example.
##
business NAS-IP-Address == 192.168.2.5, NAS-Port-Id == 0-7
User-Name = rogerl,
User-Name = henks,
Group = business,
Group = staff
Cris Boisvert [EMAIL PROTECTED] wrote:
Does the place where is says Group refer to the same radgroupreply table
In the database?
No. It refers to Unix groups.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Is their a way to do that to keep users from authenticating from other nas's
Other than adding all the users to the appropriate huntgroup?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok
Sent: Monday, January 31, 2005 3:45 PM
To:
Cris Boisvert [EMAIL PROTECTED] wrote:
Is their a way to do that to keep users from authenticating from other nas's
Other than adding all the users to the appropriate huntgroup?
userClient-IP-Address != 1.2.3.4, Auth-Type := Reject
...
For multiple NASes, the huntgroups are the simplest
I am concerned about failover on our freeradius servers. Presently we run two
servers and our nas boxes have backups to each radius server. They both auth
from two different ldap servers that are replicated.
This is working fine but I would prefer if one of the ldap directories failed
the
alan walters wrote:
This is working fine but I would prefer if one of the ldap
directories failed the radius fell over onto another ldap. Is
this possible
Sure is. Take a look at configurable_failover in the docs directory. You
need to define two ldap instances in radiusd.conf (one for each of
I think this is for Dialup Admin...not actually used by Freeradius?
[EMAIL PROTECTED] 31/01/2005 10:16:04
Hi list,
what is the badusers table in the radius db good for?
Didn't find any usefull info bout it on the freeradius page or via
google :(
cheers
Sebastian
-
List
Hi,
I need some help here. I m trying to install FreeRadius version 1.0.1 on
fedora core 3. But everytime its give me this error when i try to use make
command.
Making static dynamic in rlm_krb5...
gmake[6]: Entering directory `/root/freeradius-1.0.1/src/modules/rlm_krb5'
gcc -g -O2
Hello All ,
I have this doubt regarding IAPP ( Inter Access Point Protocol) support
in
FreeRadius 1.0.1
As first step, I had searched through entire directory for Service Type :
IAPP-Register but it was found only in file /share/dictionary
VALUE Service-Type
51 matches
Mail list logo
