It seems to be not a particular question, but...
client - winxp wireless, ap - AIR-AP1131AG-E-K9, server
1.1.6. fresh install.
certificates generated according to CA.all (with
xp-extension and conversion to pkcs12)
eap {
default_eap_type = peap
timer_expire = 60
I think there is no problem.
I have in my nas table (or clients.conf): 80.45.78.12/32 and 80.45.78.0/24 with diferent secret and I do not have any conflict.
From:Mark J Elkins [EMAIL PROTECTED]Reply-To:FreeRadius users mailing list freeradius-users@lists.freeradius.orgTo:FreeRadius users
Dear All,
I am using winxp as supplicant and configured every possible configuration
files of freeRADIUS to support PEAP.
But still the log file in server shows like following: and the client
doesnot authenticated.
whatshould i do in Winxp supplicantat the time of connection it shows to
Hugh Messenger wrote:
Unfortunately, when I run it as a service, it dies after a few hours. No
clues, no errors, no nothing . it just silently dies off. Load is not a
factor - we're migrating our wireless networks to PPPOE, and right now just
have a handful of test users. So freeradius
Mark J Elkins wrote:
Can one have multiple shared secrets for the same client(NAS) ?
No.
I'm merging two Radius Servers - and authenticating packets from my
Incumberant Telcom Provider - who is using proxies (a handful) from
(hundreds of) multiple NAS's... from different services (Dialup
Apangshu Saha wrote:
Dear All,
I am using winxp as supplicant and configured every possible configuration
files of freeRADIUS to support PEAP.
You are very clearly NOT following the documentation, and NOT
following the suggestions on this list.
plz see the following log file and help me
Hi,
rlm_eap: EAP Identity
rlm_eap: No such EAP type mschapv2
rlm_eap: Failed in EAP select
modcall[authenticate]: module eap returns invalid for request 5
modcall: leaving group authenticate (returns invalid) for request 5
auth: Failed to validate the user.
PEAP: Tunneled
-- Forwarded message --
From: lisa laam [EMAIL PROTECTED]
Date: 11 juin 2007 12:53
Subject: Help for Jradius and Frreradius
To: freeradius-users@lists.freeradius.org
Hi all,
t rried to install jradius patch for freeradius. I can't use the root
account so i installed radius in
On 6/12/07, lisa laam [EMAIL PROTECTED] wrote:
*** Warning: Linking the shared library rlm_perl.la against the
*** static library
/usr/lib/perl/5.8/auto/DynaLoader/DynaLoader.a is not
portable!
gcc -shared .libs/rlm_perl.o -Wl,--rpath
-Wl,/home/ouahiba/download/freeradius-
Hi,
the problem is not the vresion of FreeRADIUS and likely not that patch (what
is that patch about anyway?). The problem during compilation is in
/usr/bin/ld: cannot find -lperl
collect2: ld returned 1 exit status
make[6]: *** [rlm_perl.la] Error 1
You need to have the perl development
Stefan Winter wrote:=
/usr/bin/ld: cannot find -lperl
collect2: ld returned 1 exit status
make[6]: *** [rlm_perl.la] Error 1
You need to have the perl development packages installed (usually called
perl-dev or perl-devel). Try again when these are installed.
Taking another look at it,
Thanks for your response,
Now when i execute radiusd i got this
radiusd
The program 'radiusd' can be found in the following packages:
* radiusd-livingston
* yardradius
* xtradius
Try: sudo apt-get install selected package
Make sure you have the 'universe' component enabled
bash: radiusd:
pre-proxy for request 0
modcall: entering group request_processing for request 0
radius_xlat: '/var/log/freeradius/radacct//RADIUS-Trace-20070612'
rlm_detail:
/var/log/freeradius/radacct/%{Client-IP-Address}/RADIUS-Trace-%Y%m%d expands
to /var/log/freeradius/radacct//RADIUS-Trace-20070612
modcall
Hi Alan,
Just wondering whether you had put these in and i'd missed it :)
If not, no hastle, they just make the config file look slightly neater..
--
Arran Cudbard-Bell ([EMAIL PROTECTED])
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08
University Of
Nicolas Castel wrote:
I wonder about the freeradius server behaviour after receiving a response
from a proxy. Is it normal that the request passes through the post-auth
section once the request has been received ?
Yes. It is documented as working that way. The idea is that the
proxy can
Arran Cudbard-Bell wrote:
Hi Alan,
Just wondering whether you had put these in and i'd missed it :)
If not, no hastle, they just make the config file look slightly neater..
Nope.
This is in, though: ... =~ /foo/i
Alan DeKok.
--
http://deployingradius.com - The web site of
On Tue, 12 Jun 2007 07:56:28 +0100
Ruslan N. Marchenko [EMAIL PROTECTED] wrote:
It seems to be not a particular question, but...
client - winxp wireless, ap - AIR-AP1131AG-E-K9, server
1.1.6. fresh install.
certificates generated according to CA.all (with
xp-extension and conversion
Alan Dekok wrote:
Arran Cudbard-Bell wrote:
Hi Alan,
Just wondering whether you had put these in and i'd missed it :)
If not, no hastle, they just make the config file look slightly neater..
Nope.
This is in, though: ... =~ /foo/i
Alan DeKok.
--
http://deployingradius.com
Alan Dekok wrote:
Nicolas Castel wrote:
I wonder about the freeradius server behaviour after receiving a response
from a proxy. Is it normal that the request passes through the post-auth
section once the request has been received ?
Yes. It is documented as working that way. The idea is
Arran Cudbard-Bell wrote:
I'm guessing you've offloaded this onto the regexp libraries so all the
modifiers should work ?
All modifiers? Perl only uses 'i', 'm', 's', and 'x'. For us, 'm'
and 's' don't make any sense. 'x' is hard, so we can ignore it.
What other modifiers do you mean?
Ouahiba MACHANI wrote:
...
The program 'radiusd' can be found in the following packages:
* radiusd-livingston
* yardradius
* xtradius
Try: sudo apt-get install selected package
Make sure you have the 'universe' component enabled
bash: radiusd: command not found
Why do people insist on
I am getting slow response time from the server for authentication requests
(chap/mschap) that eventually fail (users submitting wrong password). The
problem is that the NAS is sending about 3 requests before getting a response.
By the time the deny arrives, it is out of order and the NAS logs
Hi,
i downloaded freeradius-1.0.2 and installed it when i give the cmd
radiusd -X, i get the foll,
can anyone tell me where things are going wrong..
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
On 6/12/07, Andrew Long [EMAIL PROTECTED] wrote:
I am getting slow response time from the server for authentication requests
(chap/mschap) that eventually fail (users submitting wrong password). The
problem is that the NAS is sending about 3 requests before getting a
response. By the time
Alan Dekok wrote:
Arran Cudbard-Bell wrote:
I'm guessing you've offloaded this onto the regexp libraries so all the
modifiers should work ?
All modifiers? Perl only uses 'i', 'm', 's', and 'x'. For us, 'm'
and 's' don't make any sense. 'x' is hard, so we can ignore it.
m does make
Mahalakshmi Vijayakumar wrote:
Hi,
i downloaded freeradius-1.0.2 and installed it
Why? It's *years* out of date. Use the latest version.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List
Andrew Long wrote:
I am getting slow response time from the server for authentication requests
(chap/mschap) that eventually fail (users submitting wrong password). The
problem is that the NAS is sending about 3 requests before getting a
response. By the time the deny arrives, it is out of
On 6/12/07, Mahalakshmi Vijayakumar [EMAIL PROTECTED] wrote:
Hi,
i downloaded freeradius-1.0.2 and installed it when i give the cmd
radiusd -X, i get the foll,
this version is incredibly old, you should download and compile version 1.1.6
-
List info/subscribe/unsubscribe? See
/usr/sbin is in $PATH before the prefix you exported.
Please pick up a Unix sysadmin 101 book. All of this
is explained
there.
May you please examine my question instead of teaching
basics of unix shell?
I also want to be taught of some basics %)
--
Olimp, System Administrator IT
Hi,
I'm about to setup FreeRADIUS and use it in conjunction with MikroTik's
RouterOS, I was wondering if anyone makes an off the shelf package that
looks after accounting and administration for FreeRADIUS? Particularly one
that allows me to limit user traffic (upload download)?
Cheers
Liam
-
now radiusd work.
first it dosn't found the jradius.conf file in etc/raddb as expected so I
copied the jradius.conf in etc/raddb, and but I got this errors :
Module: Loaded preprocess
preprocess: huntgroups = /opt/freeradius/etc/raddb/huntgroups
preprocess: hints =
Arran Cudbard-Bell wrote:
nice work :)
Thanks. The switch and case functionality is there now too. But
there's no default for a switch statement.
Hmm though there may be a bug with using (?:) to stop the capturing of a
sub group, seems to break capturing all together.
See man regex,
Ouahiba MACHANI wrote:
...
/opt/freeradius/etc/raddb/hints[37]: Parse error (check) for entry DEFAULT:
Unknown value Yes for attribute Strip-User-Name
rlm_preprocess: Error reading /opt/freeradius/etc/raddb/hints
You have previously installed another RADIUS server on that machine,
which uses
Hello,
2 identical servers (CentOS release 5 (Final) running
FreeRADIUS Version 1.1.3 with MySQL (Ver 14.12 Distrib 5.0.22)
MySQL on both - master and slave to each other
2 NASes authenticate and do accounting to either FreeRadius server.
checkrad is used to handle Simultaneous Logins
How can
Irina wrote:
How can I set up to check Simultaneous Logins against of both NASes?
Take a closer look at the default sql.conf and the session section
towards the bottom of radiusd.conf. You will also need an entry in
users or radcheck to actually check it. See the docs dir in the tarball.
--
Hello!
My machine is running FreeRADIUS Version 1.1.3, for host
i686-redhat-linux-gnu under Fedora Core 6 and my question is...
Can my machine run 2 FreeRadius at the same time? Each FreeRadius in a
diferent IP but simultanously in the same CPU and O.S.? Somebody tell
me thats possible if each
[EMAIL PROTECTED]
I want to be able to post to the freeradius users list-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Jaume,
Can my machine run 2 FreeRadius at the same time? Each
FreeRadius in a diferent IP but simultanously in the same CPU
and O.S.? Somebody tell me thats possible if each radius is
reading from a diferent PATH...
Thanks for any documentacion, link or kind of help.
$ man radiusd
Hi,
I am running version 1.1.6 and have had a successful 802.1x/PEAP-GTC
deployment for 3+ years. With Vista it looks like I have to move to
802.1x/PEAP-MSCHAPv2 - can not find peap-gtc supplicant. I was able to
get 802.1x/PEAP-MSCHAPv2 working.
My question is can I somehow support both
I am wondering if there is a tool or way to check the statistics in real time.
I need something that can tell me how many users got accepted and rejected so
far since Radius started.
-
Looking for a deal? Find great prices on flights and hotels with
Hi,
i've got freeradius 1.1.6 running on rhel5. when i goto do an ldap auth. i
get this
Listening on authentication 10.5.5.11:1812
Ready to process requests.
rad_recv: Access-Request packet from host 10.5.5.11:32769, id=76, length=59
User-Name = jvieira
User-Password = test
Hello Dennis,
Thank you for your reply.
Checked in radiusd.conf, in session section I do use sql for Simultaneous.
Checked in sql.conf, there are 2 queries for Simultaneous:
simul_count_query and simul_verify_query. Are they both needed to get
Simultaneous working? A question would be more
Checked in sql.conf, there are 2 queries for Simultaneous: simul_count_query
and simul_verify_query. Are they both needed to get Simultaneous working?
No. If you set your nastype to other in clents.conf verify query
won't be used.
A question would be more about simul_verify_query. Is it used
Thanks so much. It makes a perfect sense. I now understand that the NAS
(that the user has been connected on) will be pulled out of MySQL with
simul_verify_query and checked against of that NAS, not the one that a user
is trying to connect through.
There might be trouble with Cisco clients as
Hello all,
I have another question...
In radiusd.conf it says:
-
then it probably means that you haven't indexed the database
-
I don't think I did any indexing. I only used mysql.sql to create tables.
Then inserted data.
Did I have to do anything special?
Thank you
Irina wrote:
Did I have to do anything special?
You will want to consult the MySQL docs on their site for how to handle
indexing. IIRC the default .sql file had some indexes in it.
I would, however, recommend switching the table type to InnoDB for the
radacct db at least. MyISAM will lock the
Kevin J wrote:
I am wondering if there is a tool or way to check the statistics in real
time.
I need something that can tell me how many users got accepted and
rejected so far since Radius started.
Rotate the log whenever you restart radius then:
grep -c OK radius.log
grep -c Failed
Hi Arran,
Thank you for your reply.
I tried Crypt-Password := 9D8wtP7DGqgCg, but then the debug says:
(...)
modcall[authorize]: module sql returns ok for request 2
modcall: group authorize returns ok for request 2
rad_check_password: Found Auth-Type Local
auth: type Local
auth: user supplied
Hi,
Sorry for bothering you guys.
I would like to humbly ask if there's any ideas on this?
Thanks.
On 6/11/07, Guilherme Franco wrote:
Hello Mr. Alan,
Thank you for answering.
Below, you will find a working local authentication, user
[EMAIL PROTECTED] (without proxy), where the VSA
Hi,
i even downloaded the freeradius-1.1.6 and installed it again when
i give the cmd radiusd -X, i get the same error
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file:
50 matches
Mail list logo