thank you, Alan.
Another question is - can i check through several DEFAULT items?
I mean, if the first DEFAULT matched:
DEFAULT NAS-IP-Address == a.b.c.d,Calling-Station-Id =~ ^123456,
Group-Name := mygroup
Fall-Through = Yes
i want to check next
Hi,
I am trying to use ldap + eap/peap (mschapv2).
using the 'nt_domain_hack = yes' results in successful ldap authentication, however it
causes eap/peap to fail.
using 'nt_domain_hack = no' causes ldap to fail, but eap/peap to work.
others have seen this problem a little while back
Hi,
I've set up a Slipstream, what's the problem?
josh.
On Thu, 2004-06-10 at 16:38, Cris Boisvert wrote:
I just setup a Global pops account and I'm not sure how to get the
Slipstream attribute into freeradius.
This is the directions I got from globalpops
This is a vendor specific
hi,
the problem is with the syntax,
the quotes are missing for the %{Acct-Delay-Time}
just add the quotes like in AcctStopDelay = '%{Acct-Delay-Time}'
WHERE.
this shld solve the problem
regards,
manjunath
Thankyou.
--
technik :-)
ICQ: 270532579
AIM: gyuriszabo
-
List
Hi everyone.
I've tried searching google countless times but can't get the solution, so
I'm hoping you guys can help me...
Case: I currently have 11 Cisco 350 series APs in a school, and I'd like to
move away from using MAC filters (for about 250 users so far) and use a
radius solution. The
Hi Tim.
If you want to use encryption for your ppp users you need to drop md5 hashing of your
sql passwords.
Just sync your old SQL database with a new one for radius only and put unencrypted
passwords there.
You can use md5 hashed passwords but then you will not be able to use crypto for your
I have some problems with authentication using a PIX 501 as VPN server
and ldap (I'm not a cisco guru nor a radius demigod). radtest works
fine but when comparing the packets from radtest and the pix there are
some differences. The most important one, I guess, is that the pix does
not send
Hi yazzy.
Wow, thanks for your quick reply! I can bet I saw many of your posts on
google too... :)
Anyway, just wondering, will it be insecure if the user/passwords are just
left in clear text on a server?
Actually, I don't really like the idea of having a different user/pass for
the radius
On Fri, 11 Jun 2004 [EMAIL PROTECTED] wrote:
Hi everyone.
I've tried searching google countless times but can't get the solution, so
I'm hoping you guys can help me...
Case: I currently have 11 Cisco 350 series APs in a school, and I'd like to
move away from using MAC filters (for about
Patrick Rebert [EMAIL PROTECTED] wrote:
It is planned to run on the same servers as tacacs,
and I'd like to authenticate against the passwd/shadow
files. Is this doable? If so, I need some hints for
the config files, especially radiusd.conf.
FreeRADIUS doesn't do TACACS. Past that, you
[EMAIL PROTECTED] wrote:
...
after this i downloaded freeradius-0.8.1.tar.gz
Huh? Why would you do that? That version is years old.
and configured it and i modified Makefile in directory,
src/modules/rlm_eap/types/rlm_eap_tls as given in doucument.
sigh You're following instructions
Alexander Serkin [EMAIL PROTECTED] wrote:
Another question is - can i check through several DEFAULT items?
Yes. That's what Fall-Through is for.
DEFAULT NAS-IP-Address == a.b.c.d,Calling-Station-Id =~ ^123456,
Group-Name := mygroup
This won't work. The
michaeltone1975 [EMAIL PROTECTED] wrote:
using the 'nt_domain_hack = yes' results in successful ldap
authentication, however it causes eap/peap to fail.
Microsoft's PEAP client can put the NT domain into the User-Name,
but *not* include it in the MS-CHAP calculation. Normal MS-CHAP
includes
Kjetil Hustveit [EMAIL PROTECTED] wrote:
The most important one, I guess, is that the pix does
not send the password and the access is of course rejected. My VPN
client works with local users on the pix. Should freeradius be
configured in a way that asks the pix for the password or is it
[EMAIL PROTECTED] wrote:
Questions: Are there any authentication protocols (that can use MD5 hashed
passwords) that I could use to authenticate the wireless users?
No.
I read the section about using PAP, but should I use it, does it
mean that the user/pass will be transmitted over the air
Does freeRadius support prefix and suffix delimeters other than '/' and '@'
sign. If yes then where to specify them. I tried to use '%','.' and '\' them
after specifying in radiusd.conf file but it doesn't work.
Can someone solve my issue?
--
Nishant Shah
U4 Computer Engineering
979-268-0866
Tuc [EMAIL PROTECTED] wrote:
Still, is there something if I do run the debug mode again that
we need to look for about these threads that seem to get used up, or
unresponsive children?
Look for pauses. If a thread is dead, that means it's blocking for
more than 5 seconds. If
All,
I struggle here to configure eap-tls. But only best thing is just
blindly follow how-to guide. It will solve all problems.
Thank you,
Sathish Challa.
GRIC Software India Pvt. Ltd., www.GoRemote.com
Mobile: +91-98451-90676
Office [Direct]: +91-80 513 80 882
Server Group's Mission:
Hi All ,
I am doing Radius Accouting functionality testing for GGSN.
It includes some 3GPP Vendor Specific Radius Attributes such as IMSI,Charging ID etc.
If possible can You Please tell meabout the Radius Testing tool which supports these Attributes or any other possibilities to test this ,
Allister Maguire [EMAIL PROTECTED] wrote:
I get the error below when a radius accounting request is processed:
...
Assertion failed in request_list.c, line 213
Hmm... that's not good. I've tested it with that packet, and I
don't see the problem. So there's something else going wrong, too.
20 matches
Mail list logo
