Hello, Alan!
You wrote on Mon, 19 Mar 2007 17:54:52 +0100:
AD Hmm... it looks like similar patches were added in revision 1.72
AD of
AD that file. I've double-checked the code, and found one more
AD location.
AD Please try the attached patch.
I applied the patch and it does not work. It
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Martin Gadbois ha scritto:
peppeska wrote:
freeradius.pid not found ??? what???
Start it like this, as root:
# radiusd -X
k
I don't have radiud but work with #freeradius -X
Thank!
- --
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please freeradius User... HELP ME!
So, I use a pppoe-freeradius-ldap system for access and autenticate
user.. but some go wrong.. and when I try to connect me appare this
error... what's wrong in my configuration?
look this! this is the freeradius
Deramus, Chris wrote:
This no longer seems to work, as FreeRADIUS seems to be attempting to
compare the clear-text password with the MD5 password returned from the
database. I'm guessing it's an oversight on my end, and wanted to see if
anyone on this list noticed anything. I have included
Marwan Sultan wrote:
This system is up and running since september 2006, last week, we start to
see a strange problem
some account are disappearing from the system!!
FreeRADIUS doesn't do SQL writes to delete accounts. The problem lies
elsewhere.
Alan DeKok.
--
Nitin Naveen wrote:
Hi,
I want to add new VSA parameters to freeradius. This means that I need
to add a new dictionary file. But
I am not able to understand is how do I add attributes whose value is
another attribute. For eg.
I have no idea what you mean by that.
The dictionary
-Message d'origine-
De :
[EMAIL PROTECTED]
radius.org
[mailto:[EMAIL PROTECTED]
sts.freeradius.org] De la part de peppeska
Envoyé : mardi 20 mars 2007 10:34
À : FreeRadius users mailing list
Objet : freeradius, ldap error - HELP ME!
-BEGIN PGP SIGNED MESSAGE-
deepak kumar wrote:
...
but even after client authentication from certificate. the
router(chillispot) prompts for a username and password and then does
authentication
using UAM.
Please tell me why this is asking for login name password after client
certificate validation.
Because
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to localhost:389, authentication 0
rlm_ldap: bind as cn=admin,dc=example/root to localhost:389
rlm_ldap: waiting for bind result ...
rlm_ldap:
Hi,
I have two backend RADIUS servers with a front end proxy server.
All servers are running 1.1.5.
Authentication type is EAP-PEAP.
On the front end i've got a stripped down radiusd.conf just doing Realm
detection and proxying.
And a proxy.conf
realm sussex.ac.uk {
type = RADIUS
Hi Alan
thanks for your prompt reply.
can you tell me how to modify chillispot to work with EAP-TLS.
my radius server, Router and Xsupplicant all are supporting EAP-TLS.
deepak
On 3/20/07, Alan DeKok [EMAIL PROTECTED] wrote:
deepak kumar wrote:
...
but even after client authentication from
Arran Cudbard-Bell wrote:
Whats happening if the first round of authentication will go to
radius1.uscs.susx.ac.uk
Second will go to radius2.uscs.susx.ac.uk, but the second doesn't know
about the previous request and bails out with.
Round robin EAP don't work together very well.
So
Alan,
Thanks so much for the response, I wasn't aware that the (md5) header
needed to be in the database. The requested information is below:
UserNameAttribute Value
op
test.user Password
c1dd8z473d9gf5c13b0d89b32d15333 :=
-Original Message-
Hi Folks,
I am newbie to Freeradius and considering using it.
However, I have a specific requirement, which I cannot find any info on
either on Web Search or Wiki or FAQ.
I wish to use Freeradius as an Accounting Proxy, essentially to copy a
Accounting Request to a server. The Freeradius box
deepak kumar wrote:
Hi Alan
thanks for your prompt reply.
can you tell me how to modify chillispot to work with EAP-TLS.
This isn't the chillispot list. Go ask them.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
Alexander V. Klepikov wrote:
I applied the patch and it does not work. It seemes to me, it's becuase
SQL socket may be unconnected and sqlsocket-conn != NULL,
That sounds like a bug to me.
so I think
it's better to check sqlsocket-state . Corrected patch is attached.
OK.
Alan DeKok.
Deramus, Chris wrote:
Thanks so much for the response, I wasn't aware that the (md5) header
needed to be in the database.
See the README the comments above the pap section in
radiusd.conf. They say to read man rlm_pap, which explains this.
If you don't want to update the value field to
WRIGHT Alan wrote:
However, there are some requirements.
1. Freeradius needs to proxy accounting to another server
2. Freeradius needs to provide an accounting response to the first
radius box, without waiting for a response from the proxied Server
Is this possible with Freeradius today?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
peppeska wrote:
Martin Gadbois ha scritto:
peppeska wrote:
freeradius.pid not found ??? what???
Start it like this, as root:
# radiusd -X
k
I don't have radiud but work with #freeradius -X
Thank!
The -X only tells you to start it
Hi everybody,
I have a problem with freeradius 1.0.2 and mysql 4.0.24, on a debian
stable, used for about 1700 clients. I often have (about 10 times an
hour) errors like these:
Tue Mar 20 12:21:29 2007 : Auth: Login incorrect: [/Y] (from
client port 0)
Tue Mar 20 12:21:40 2007
Dear all,
I just did a fresh install of freeradius-1.1.5 on a FreeBSD 6.1-RELEASE.
Installation was sucessful. Then I tried to start the radiusd with
radiusd -X and got following error:
radiusd in free(): error: chunk is already free
Mathieu Lemaitre wrote:
I have a problem with freeradius 1.0.2 and mysql 4.0.24, on a debian
stable, used for about 1700 clients. I often have (about 10 times an
hour) errors like these:
Tue Mar 20 12:21:29 2007 : Auth: Login incorrect: [/Y] (from
client port 0)
Tue Mar 20
Sam Schultz wrote:
I have set a DEFAULT entry that sets the User-Name attribute via
':=', but I still end up with two User-Name attributes (anonymous
identity real identity). This is especially strange, since
use_tunneled_reply copy_request_to_tunnel are both enabled as
well.
Then it
rickan wrote:
Dear all,
I just did a fresh install of freeradius-1.1.5 on a FreeBSD 6.1-RELEASE.
Installation was sucessful. Then I tried to start the radiusd with
radiusd -X and got following error:
radiusd in free(): error: chunk is already free
It's been noted already. Grab -r
Greetings. First I'd like to thank everyone who works
on this project. Freeradius is amazing.
For our issue, I have browsed the online
documentation, faq, and mailing lists.
We have a need to alter the accounting records that we
proxy to another company. The attribute that we need
to rewrite
Hi Alan,
thanks a lot for your hint. Yes, the branch_1_1 is working fine!
Best regards
Rickan
On 3/20/07, Alan DeKok [EMAIL PROTECTED] wrote:
rickan wrote:
Dear all,
I just did a fresh install of freeradius-1.1.5 on a FreeBSD 6.1-RELEASE.
Installation was sucessful. Then I tried to
Looking for some help on configuring pam_radius_auth with linux for pop3 and
imap services.
Anyone have any clues?
I currently have my /etc/pam.d/pop3 and imap files showing:
auth sufficient /lib/security/pam_radius_auth.so try_first_pass
accountsufficient
Message: 2
Date: Tue, 20 Mar 2007 12:30:47 +0100
From: Alan DeKok [EMAIL PROTECTED]
Subject: Re: Proxying Eap Requests in round robbin.
To: FreeRadius users mailing list
freeradius-users@lists.freeradius.org
Message-ID: [EMAIL PROTECTED]
Content-Type: text/plain; charset=ISO-8859-1
Arran Cudbard-Bell wrote:
Damn, so theres no way to do load balancing with radius packets
containing EAP attributes ?
As always, patches are welcome. :)
Completely different topic, but is it normal for freeRADIUS to authorize
the user in each round of authentication ? Can it not cache
Hi,
I'm using a system (openvpn) with 'radiusplugin' to let FR authenticate
users and manage IP Pools.
Openvpn sometimes needs to renegotiate the connections and thus sends
authentication requests while the connection is still active (with an
already assigned IP address): this causes FR to
Thibault Le Meur wrote:
Openvpn sometimes needs to renegotiate the connections and thus sends
authentication requests while the connection is still active (with an
already assigned IP address): this causes FR to assign a new IP address from
the pool (which seems normal since FR has no way to
Thanks for your reply,
Thibault Le Meur wrote:
Openvpn sometimes needs to renegotiate the connections and
thus sends
authentication requests while the connection is still
active (with an
already assigned IP address): this causes FR to assign a new IP
address from the pool (which
As always, patches are welcome. :)
Yes I'm already putting one together the sql module, honestly
who hardcodes sql queries :P
No i don't want to select * from nas.. gah
Am I right in thinking that for radius to be able to proxy eap
successfully, the request_list module would have to be
Does anyone know how to change the service type that pam_radius_auth passes
to the server?
Currently, it is sending an interactive login, but I need to change it to a
network login.
This is using pam.d on a FC6 system.
Thank you
Dan Delaney
-
List info/subscribe/unsubscribe?
On Tue, 20 Mar 2007 09:38:25 -0500 Alan DeKok
[EMAIL PROTECTED] wrote:
Sam Schultz wrote:
I have set a DEFAULT entry that sets the User-Name attribute via
':=', but I still end up with two User-Name attributes
(anonymous
identity real identity). This is especially strange, since
Yes you're right,
I saw this wrong information in a non official radius forum,
Is there a way or another to check on a network basis like
192.168.2.100/30 ?
In our productive architecture, the number of ip addresses should be a
/21 subnet (2046 hosts)...
I can write one line per ip but maybe
You can use = and =.
johnClient-IP-Address = 192.168.2.100, Client-IP-Address =
192.168.2.103, Proxy-To-Realm := proxy
Ivan Kalik
Kalik Informatika ISP
Dana 20/3/2007, freeradius [EMAIL PROTECTED] piše:
Yes you're right,
I saw this wrong information in a non official radius forum,
Is
mysql 4.1.20
freeRADIUS 1.1.5
dialup_admin ? (CVS snapshot 20070320)
firefox 1.5.0.10
I have freeRADIUS installed and working with users stuffed into a flat
file, verified with 'radtest'. I can get the main page of
dialup_admin to come up, but I get blank screens and lots of PHP
errors
Hi everyone,
I'm having a hell of a time upgrading from 1.1.3 to 1.1.4 due to PAP.
First of all, leaving my settings as they are doesn't work at all. I'm
beginning to wonder if my 1.1.3 configuration shouldn't work at all yet
somehow magically does what I want it to. I currently (1.1.3) don't
Hi,
It worked for me right out of the box at one time, too. I have a
feeling it was using either freeradius 1.1.3 or 1.0.3 (or whatever
FC2 came pre-packaged with). I'll probably test my configuration
against
an earlier version later see if I can establish it as a bug. The
version I've
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thibault Le Meur ha scritto:
Comment this line in your ldap section of radiusd.conf:
# access_attr = dialupAccess
And comment this one too, like this :
# access_attr_used_for_allow = yes
I do it! and now there is the following error:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hey,
freeRADIUS works quite good and it's possible to authenticate via PAM,
for example local logins, ssh-logins, su, chsh, gdm, ... are working
quite fine.
The only thing is the htaccess from apache2 which will not work. The
Radius gets the
Hello,
I have a MikroTik router that is passing accounting data to the freeradius
database. I look in radacct and every entry is has duplicates with the exact
same information. Does anyone know if this is the MikroTik causing this or
freeradius? How do I fix this?
Thanks,
Matt Neumark
-
43 matches
Mail list logo