Have some error in freeradius log:
Fri Jan 30 03:32:55 2009 : Info: rlm_sql (sql): There are no DB handles
to use! skipped 0, tried to connect 0
Fri Jan 30 03:32:55 2009 : Info: rlm_sql (sql): There are no DB handles
to use! skipped 0, tried to connect 0
Fri Jan 30 03:32:55 2009 : Info:
Freeradius Mail List пишет:
Have some error in freeradius log:
Fri Jan 30 03:32:55 2009 : Info: rlm_sql (sql): There are no DB
handles to use! skipped 0, tried to connect 0
Fri Jan 30 03:32:55 2009 : Info: rlm_sql (sql): There are no DB
handles to use! skipped 0, tried to connect 0
Fri Jan 30
Hello list,
I am looking for a solution that will allow a captive portal to
authenticate against eDirectory but also check the accounting database
to ensure a user has not exceeded their bandwidth allocation. I would
prefer not to import the eDirectory users into a SQL database but
rather
I have attached new schema and queries for mysql sqlippool. These should
work with both 4 and 5 MySQL versions (I have done some manual testing
on both; 4 on Linux and 5 on Windows). In version 5 (at least the
Windows one I have tested on) CURRENT_TIMESTAMP defaults to '-00-00
00:00:00'
I am looking for a solution that will allow a captive portal to
authenticate against eDirectory but also check the accounting database
to ensure a user has not exceeded their bandwidth allocation. I would
prefer not to import the eDirectory users into a SQL database but
rather keep the actual
Alan DeKok wrote:
Update the reply. In the inner-tunnel server, post-auth
section, add:
...
update outer.reply {
User-Name = %{User-Name}
}
...
When added in the inner-tunnel server, this block has no effect on the
content of the Access-Accept packets (as shown
Alex M wrote:
i'm trying to display reply message to users whos passwords get rejected.
so I setup the group and added my test user there. then i went to
groupreply table and added reply message there.
Now when I do my testing is password is ok the message is displayed BUT
if password is
Luciano Afranllie wrote:
You can check and may be take some ideas from wimax forum guys.
Unfortunately, no.
Go to www.wimaxforum.org. Register and login. Go to Network Working
Group and check for OTA Provisioning and Network Architecture (stage 2
and 3) specifications.
Access is for
Matt Causey wrote:
However a pretty big limitation of this security architecture is of
course getting the SSL key material onto the devices. In our case -
the devices are SIP phones with no wired ethernet connection. I know
there are other sites with similar issues.
How do you get the
qrt wrote:
I use freeradius (FreeRADIUS Version 1.1.4, with security changes
through 1.1.7, for host apple.com, built on Sep 23 2007 at 22:52:08) on
Mac OS X Server 10.5.6.
My problem is that I get messages that I do not understand in the log file
It looks like this:
...
/Thu Jan 29
I use freeradius (FreeRADIUS Version 1.1.4, with security changes
through 1.1.7, for host apple.com, built on Sep 23 2007 at 22:52:08)
on Mac OS X Server 10.5.6.
My problem is that I get messages that I do not understand in the log
file
It looks like this:
Thu Jan 29 16:10:41 2009 : Auth:
Now, the behaviour of the server changed in the way, that the freeradius
reserves only one ip-address per user. if the same user logs in again on the
same nas (without accounting-stop-packet before), the old ip-address is freed
and the user receives a new one.
That should happen only if IP
Jonathan Gazeley wrote:
When added in the inner-tunnel server, this block has no effect on the
content of the Access-Accept packets (as shown by radiusd -X).
Which version are you running? Is it *using* that entry you added?
Alan DeKok.
-
List info/subscribe/unsubscribe? See
On 30 Jan 2009, at 11:50, t...@kalik.net t...@kalik.net wrote:
Yes. eDirectory will replace radcheck and radreply while accounting
will go to radacct.
I was under the impression that radcheck would have to check
eDirectory and accounting info. I want to allow access based on
eDirectory
Yes. eDirectory will replace radcheck and radreply while accounting
will go to radacct.
I was under the impression that radcheck would have to check
eDirectory and accounting info.
No. eDirectory will be searched by ldap module.
I want to allow access based on
eDirectory credentials AND
uobresnet {
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log] expand:
/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -
/var/log/radius/radacct/172.17.107.241/auth-detail-20090130
[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
well i found that option in my config file but I cant find documentation in
man :(
How do I implement with MySQL?
Thanks for help!
On Fri, Jan 30, 2009 at 5:05 AM, Alan DeKok al...@deployingradius.comwrote:
Alex M wrote:
i'm trying to display reply message to users whos passwords get
Hi i just tried to add following (as adviced) into my radcheck table in
MySQL:
UserName: DEFAULT
Attribute: Calling-Station-Id
op: ==
Value: 00:0b:6a:xx:xx:xx, Auth-Type := Reject
And it did not work
guessI just can not add value with operator in it, but still how can i
reject user based on
On Fri, Jan 30, 2009 at 8:08 AM, Alan DeKok al...@deployingradius.com wrote:
Luciano Afranllie wrote:
You can check and may be take some ideas from wimax forum guys.
Unfortunately, no.
Go to www.wimaxforum.org. Register and login. Go to Network Working
Group and check for OTA Provisioning
Hi i just tried to add following (as adviced) into my radcheck table in
MySQL:
UserName: DEFAULT
Attribute: Calling-Station-Id
op: ==
Value: 00:0b:6a:xx:xx:xx, Auth-Type := Reject
And it did not work
guessI just can not add value with operator in it, but still how can i
reject user based on
Tried that...
now i'm getting all users rejected regardless of mac address in the given
group :(
How do i set priorities? I though priorities only apply to radreply.
Do I have to set fall through?
Or maybe i did something wrong?
On Fri, Jan 30, 2009 at 5:45 PM, t...@kalik.net wrote:
Hi i
Tried that...
now i'm getting all users rejected regardless of mac address in the given
group :(
That shouldn't happen. Post the debug.
How do i set priorities?
You have priority field in radusergroup table.
I though priorities only apply to radreply.
There are no priorities in radreply.
I guess its different in newer version of radius but in my 1.5 the only
table that has PRIO is radgroupreply
and there is table radusergroup instead there is a group called usergroup.
I'm getting fustrated. :(
On Fri, Jan 30, 2009 at 7:32 PM, t...@kalik.net wrote:
Tried that...
now i'm
23 matches
Mail list logo