There seems to have changed a bit more.rlm_sql.c did not fit. Even
substituting the whole rlm_sql directory with the one from pre 2 did not
work:
rlm_sql.c: In function 'sql_xlat':
rlm_sql.c:200: warning: comparison between signed and unsigned
rlm_sql.c: In function 'generate_sql_clients':
Hi,
I use freeRADIUS1.1.6 and samba3 to talk with Active-directory. It can
work well. Followed by wiki:
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
Now we want to set up 2 active-directory, One is primary, The other is
backup. If primary AD
I seems it need LDAP lib support.
Alan DeKok [EMAIL PROTECTED] 写道:
Hangjun He wrote:
I use freeradius 1.1.6 and Openldap 2.3.32. And now It can authenticate
success( freeRADIUS + Openldap with TLS TLS encrypt.)
My question is how to set private-key password in radiusd.conf? Is there
a
The problem seems to be fixed.
Thanks.
Norbert Wegener
Alan DeKok schrieb:
Norbert Wegener wrote:
my last popsting was about a sleeping radius.
The same version on another machine makes just the opposite:
It uses all the cpu power of a 2.4Ghz machine.
A gdb output with bt is at:
You probably want to set up primary and backup domain controllers.
Redundancy is built into AD - when primary DC goes down backup DC will
take over authentication. Nothing to do with freeradius/samba.
Ivan Kalik
Kalik Informatika ISP
Dana 6/11/2007, Hangjun He [EMAIL PROTECTED] piše:
Hi,
Hi,
I currently have the server in debug and am waiting to see if it fails with an
actual error. In the mean time this is what i am seeing.
rhel5-64bit freeradius 1.1.7 after about a day and a half one of the threads
decides to use 100% of the CPU it's on, and nothing is logged in the normal
hi,
Tue Nov 6 10:39:41 2007 : Error: rlm_eap: Failed to remember handler!
Tue Nov 6 10:39:41 2007 : Error: rlm_eap: Failed to remember handler!
Tue Nov 6 10:39:41 2007 : Error: rlm_eap: Failed to remember handler!
then radiusd dead
radiusd: FreeRADIUS Version 2.0.0-pre2, for host
Sorry, i am running 1.1.6 not 7.
Joe
From: [EMAIL PROTECTED] [EMAIL PROTECTED] On Behalf Of Joe Vieira [EMAIL
PROTECTED]
Sent: Tuesday, November 06, 2007 6:22 AM
To: FreeRadius users mailing list
Subject: radius 1.1.7 hangs 100% cpu
Hi,
I currently
We are trying to explore the 802.1x in university resnet. One thing we want
to do is put the cisco switch port in a walled garden VLAN if the username
or calling-station-id match a blocklist. If username/calling-station-id is
not in the blocklist, they will just get to the static access VLAN
Greetings,
I'm attempting to have my Linksys WRT54GL (running DD-WRT v23 SP2) use
WPA RADIUS against a FreeRADIUS server (FreeRADIUS Version 1.1.7, for
host i686-pc-linux-gnu) and subsequently have the FreeRADIUS server use
our existing LDAP directory (OpenLDAP v2.2.13-4). It appears when a
Hello all,
Do you know whether freeradius has some support for subattributes?
Thank you!
BR, Cristian NOVAC.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Set reject_delay = 0 was my problem !
Thanks for your answer Alan
Date: Sat, 3 Nov 2007 00:35:14 +0100start vs Radiusd startWhen I :
radiusd -X start the process work fineWhen I : radiusd start the
process times out ??? Set reject_delay = 0. It's fixed in 2.0-pre,
but it should
Ryan Pugatch wrote:
Greetings,
I'm attempting to have my Linksys WRT54GL (running DD-WRT v23 SP2) use
WPA RADIUS against a FreeRADIUS server (FreeRADIUS Version 1.1.7, for
host i686-pc-linux-gnu) and subsequently have the FreeRADIUS server use
our existing LDAP directory (OpenLDAP
Hi.
I have been worked with radius. I authenticated users on windows. Now,
I have to authenticate users linux with the switch DELL.
I have installed wpa_supplicant-0.4.7-1.fc4.i386.rpm in my user
linux, for that the User requests to authenticate with the server
radius.
I configured the
Hi,
We are trying to explore the 802.1x in university resnet. One thing we want
to do is put the cisco switch port in a walled garden VLAN if the username
or calling-station-id match a blocklist. If username/calling-station-id is
not in the blocklist, they will just get to the static access
I had to do a little digging, but I got md5 auth set up and working. Thanks
for the help. I was more comfortable doing that than changing permissions on
the /etc/shadow and dealing with modifying SELinux attributes.
Thanks for the help.
Ben Wiechman
-Original Message-
From: [EMAIL
On 11/6/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Hi,
We are trying to explore the 802.1x in university resnet. One thing we
want
to do is put the cisco switch port in a walled garden VLAN if the
username
or calling-station-id match a blocklist. If username/calling-station-id
is
Ok,
On Tue, 2007-11-06 at 00:30 +0100, Alan DeKok wrote:
Massimo Meregalli wrote:
...
Can you attach to the process with gdb, and print the output of bt?
That would help figure out where the problem lies.
The following is the backtrace produced when I attach the debugger to
the radiusd
Suppose we use Users file, where else in the freeradius configuration, we
can check and how to rewrite the VLAN?
Thanks.
Shiling
alan
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
Nowhere. Put these as reply attributes:
Tunnel-Type = VLAN,
On 11/6/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Suppose we use Users file, where else in the freeradius configuration, we
can check and how to rewrite the VLAN?
Thanks.
Shiling
alan
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
May be I'm running into a similar problem but with the password
attribute. In my case the problem was that the distinguished name used
by radiusd to bind to the directory to perform user authorization didn't
have permission to read that attribute.
I hope this will help.
Massimo Meregalli
On
Hello,
While I resolved my previous issue with radiusd segfaulting, I'm now
running in to a new issue.
I'm attempting to have my Linksys WRT54GL (running DD-WRT v23 SP2) use
WPA RADIUS against a FreeRADIUS server (FreeRADIUS Version 1.1.7, for
host i686-pc-linux-gnu) and subsequently have
Massimo Meregalli wrote:
The following is the backtrace produced when I attach the debugger to
the radiusd process:
(gdb) backtrace
#0 0x0012d402 in __kernel_vsyscall ()
#1 0x00166a0e in __lll_mutex_lock_wait ()
from /lib/libpthread.so.0
#2 0x00162883
[EMAIL PROTECTED] wrote:
Hi.
I have been worked with radius. I authenticated users on windows. Now,
I have to authenticate users linux with the switch DELL.
I have installed wpa_supplicant-0.4.7-1.fc4.i386.rpm in my user linux
for that the User requests to authenticate with the server
Hi,
Suppose we use Users file, where else in the freeradius configuration, we
can check and how to rewrite the VLAN?
if you use the users file, simply add the required VLAN attributes
as part of the return reply - check the users file for similar
examples.
alan
-
List
Hi,
Thanks for this info. One more step, is there any place in the freeradius
configuration file that we can run a script to check the incoming radius
request user-name/calling-station-id agaist a file for example
youAreBlocked.txt, and then set the above attributes in the reply to the
NAS?
Ryan Melendez wrote:
Am I right to assume the only time data should be read on port 1814 is
when there is a reply to a proxied request?
Yes.
Specifically freeradius
proxied a auth/acct packet on port 1814 and the home server replied on
port 1814. The only data that should show up on
[EMAIL PROTECTED] wrote:
Tue Nov 6 10:39:41 2007 : Error: rlm_eap: Failed to remember handler!
Tue Nov 6 10:39:41 2007 : Error: rlm_eap: Failed to remember handler!
Tue Nov 6 10:39:41 2007 : Error: rlm_eap: Failed to remember handler!
That's a fairly catastrophic error. It likely means
Joe Vieira wrote:
before this started happening i changed max request time up to 60 cleanup
delay to 6 max requests to 64 as well as increased the min number of
servers to 8. i thought those changes would be pretty harmless, should i
have been more careful with them?
Leave
Ryan Pugatch wrote:
When a user tries to connect to the access point and the access point
contacts the radius server, the following happens:
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.42.23:2050, id=0,
length=129
User-Name = rpugatch
...
rlm_ldap:
You have done a grand job of destroyng server configuration. Best thing
you can do is to go back to default configuration. Put a username with
Cleartext-Password at the top of the users file. Use radcheck to check
that it works. Then set up ldap and remove the users file entry. Check
with
You should seriously think about using (sql or ldap) groups. You than
have one setting for blocked group, one for the others. If you are keen
on scripts = exec module.
Ivan Kalik
Kalik Informatika ISP
Dana 6/11/2007, schilling [EMAIL PROTECTED] piše:
On 11/6/07, [EMAIL PROTECTED] [EMAIL
Joe Vieira wrote:
before this started happening i changed max request time up to 60 cleanup
delay to 6 max requests to 64 as well as increased the min number of
servers to 8. i thought those changes would be pretty harmless, should i
have been more careful with them?
Leave
I haven't figured out what port 1814 is actually used for. Is there
anything I could do to disable the proxy port on one or both of the
servers? What would I loose?
The ability to send packets to other servers. 1814 is used when
FreeRADIUS is acting as a RADIUS client (i.e. proxy).
Cristian Novac wrote:
Hello all,
Do you know whether freeradius has some support for subattributes?
No. It's likely not hard to add, though. If there's a need.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Norbert Wegener wrote:
There seems to have changed a bit more.rlm_sql.c did not fit. Even
substituting the whole rlm_sql directory with the one from pre 2 did not
work:
Arg. OK.
Any other suggestions?
Not right now. If you're willing to do a binary search in CVS to see
*when* it
On Nov 6, 2007 5:29 PM, [EMAIL PROTECTED] wrote:
Hi,
Thanks for this info. One more step, is there any place in the freeradius
configuration file that we can run a script to check the incoming radius
request user-name/calling-station-id agaist a file for example
youAreBlocked.txt, and
37 matches
Mail list logo
