Dear all ..
I m working on bandwidth limit with freeradius.
I have already read the document of Marcus Maciel
http://www.underlinux.com.br/modules.php?name=Sectionsop=viewarticleartid=223
I have inserted the attributes in both /etc/radiusclient/dictionary
and /usr/local/etc/raddb/dictionary.
/local/var/log/radius/radacct/192.168.0.1/auth-detail-20040727'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /usr/local/var/log/radius/radacct/192.168.0.1/auth-detail-20040727
modcall[authorize]: module auth_log returns ok for request 0
users
Hi!
i wan to put in a specific PostgreSQL table the NAS-IP-Address when some
user are trying to connect to it. How to do it? Should i change
authorize_reply_query or should i write a new one in postgresql.conf file?
Thanx in advance!
Regards,
Edgars
-
List info/subscribe/unsubscribe? See
On Tue, 2004-07-27 at 04:36, Jeffrey C. Ollie wrote:
On Mon, 2004-07-26 at 10:12, Zdenek Pizl wrote:
We are using Orinoco AP600 accesspoint. This AP can do Radius MAC
Access control and EAP/802.1x Auth control.
The question is how have I configure the FreeRadius server to
Hi,
I assigned a number of users a static ip address
using the dial_admin interface, but for some reason the radreply table doesn't
seem to be used. When I look at /var/log/radacc/nas.ip/reply-date it doesnt show
anything about the framed-ip.
mysql select * from radcheck where
Hello Sergei.
Dne torek 27 julij 2004 10:25 je Sergei Koveshnikov napisal(a):
Can I modify User-Name in users file?
Some thing like this:
DEFAULT User-Name =~ (testlogin)#(12345)
User-Name = `%{1}`
Have alook at rlm_attr_rewrite:
./man/man5/rlm_attr_rewrite.5
--
lep pozdrav,
Rok
after putting on my PC freeradius-snapshot-20040723/ all the time i'm
receving this kind of errors:
Auth: Login incorrect: [edg/.]
This appears as with rlm_sql using as simply with freeradiusd config files.
In the debugging mode just said (both with/without specifying Auth-Type):
auth:
Hello Edgars [EMAIL PROTECTED],
furlfo i wan to put in a specific PostgreSQL table the NAS-IP-Address when some
furlfo user are trying to connect to it. How to do it? Should i change
furlfo authorize_reply_query or should i write a new one in postgresql.conf file?
furlfo Thanx in advance!
In
Hi,
Im completely new to
freeradius
Im running several
LANCOM Wirelesse L-54g Accesspoints.
Is for this AP a own
dictionary files needed/available?
Thanks,
Georg
you should know what attributes are supported by this LANCOM Wireless
L-54g, maybe it has some specific attributes, then you'll have to (if
want to use) add them manually to the dictionary file.
Regards,
Edgars
Georg Kaefer wrote:
Hi,
Im completely new to freeradius
Im running several LANCOM
Barry Murphy [EMAIL PROTECTED] wrote:
I'm running poptop + freeradius + mysql and trying to work out which
dictionary file i'd use. I'm wanting to get some additional info like
Disconnect-Cause , tunnel end point etc and don't know if I can use the
Ascend dictionary file for this.
Check the
Barry Murphy [EMAIL PROTECTED] wrote:
I assigned a number of users a static ip address using the dial_admin
interface, but for some reason the radreply table doesn't seem to be
used.
Run the server in debugging mode to see what's going on.
When I look at /var/log/radacc/nas.ip/reply-date
For me, in radcheck, I had to use == as my
op
And in radreply I had to use :=
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Barry Murphy
Sent: Tuesday, July 27, 2004 6:04
AM
To:
[EMAIL PROTECTED]
Subject: radreply mysql
Hi,
Edgars [EMAIL PROTECTED] wrote:
In the debugging mode just said (both with/without specifying Auth-Type):
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
Are there any known issue like this?
No. If
but this Ayth-Type has also default value hasn't it? i think it was
local...so it should work anyway,also without specifying this attribute.
Edgars
Alan DeKok wrote:
Edgars [EMAIL PROTECTED] wrote:
In the debugging mode just said (both with/without specifying Auth-Type):
auth: No authenticate
Hello list,
is anyone using FreeRadius on a Trustix (2.1) system? Has anyone
provided a SWUP compatible package for FreeRadius?
Best regards,
Christian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi!
I was looking at monitoring the users.txt file with the script listed
in the FAQ, but that didn't seem to work too well with however i was
doing it. But that's OK. I installed sgi's FAM, and I have this small
perl script running in the background:
#!/usr/bin/perl -w
use SGI::FAM;
use
Hello,
I am currently running several radius servers (version 0.9.3) on Red Hat 9.
The radius servers are used primarily to proxy to other radius servers.
Shortly I will be receving accounting data from another ISP who will
be using rad relay to send the accounting data.
The ISP that will be
Hello Allan, im confused for what i read( doc/Simultaneous-Use) here's
my config
accounting {
sql
}
session {
# See Simultaneous Use Checking Querie in sql.conf
sql
}
postgresql.conf
simul_count_query = SELECT COUNT(*) FROM ${acct_table1} WHERE
Hi,
I was wondering if you were planning to support MS-CHAP v1
and MS-CHAP v2 for users who are set to "Auth-Type := Local".
I'm using the latest version of Freeradius (1.0.0-pre3) and I get the
following debug output when I try to use MS-CHAP v2 between the RADIUS client
and Freeradius
I am trying to use sql for the Simultaneous-Use check. I am seeing that
the NAS-IP-Address is being resolved in some places, and used as IP in
others. (I am thinking it should stay IP regardless).
Here's how it goes:
-SQL query for UserName with AccountSessionTime of 0.
|--Rows returned
-Run
Does dialup admin use salt by defualt when encytpting passwords?
If so where is it getting the salt from?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David,
Sorry for no reply. Your previous message must've got lost in the ether...
On Monday 26 July 2004 22:31, David Birnbaum wrote:
1. Yes, Virginia, you can do static IP address via RADIUS, Cisco 7206,
and PPPoE for DSL-type
Does anyone know of an open source client for Windows 2000 or XP? I
don't want to spend $50 per client, the cost of Funk's Odyssey client
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--- Larry Wade [EMAIL PROTECTED] wrote:
Does anyone know of an open source client for Windows 2000 or XP? I
don't want to spend $50 per client, the cost of Funk's Odyssey client
For what? 802.1x? See SecureW2
=
Julius Igugu
SouthWork Co. Ltd.
http://wire.cs.nthu.edu.tw/wire1x/
On Tuesday 27 July 2004 22:19, Larry Wade wrote:
Does anyone know of an open source client for Windows 2000 or XP? I
don't want to spend $50 per client, the cost of Funk's Odyssey client
-
List info/subscribe/unsubscribe? See
http://wire.cs.nthu.edu.tw/wire1x/
I tried it some time ago with eap-md5 and W98 and it worked as
advertised. Crude then, but it has seen quite a bit of development
since then. I can't offer and recent experience.
Alternatively, ZyXEL offers free Odyssey and Meetinghouse supplicants,
keyed
Those of you that use mysql with freeradius, can anyone recommend some
software for linux to process mysql radacct table logs?
Do you just roll your own scripts to query the logs and make reports?
Seems simple enough, but what are others doing? is always a good
question :-)
Thanks,
Ken A
-
In my config above do i need to configure checkrad?
the stop request packet has not been received or session has not been closed
on specified port,,
try using a different port or try to clean up stale open session from your
radacct table.
If yes, then i tried to configure freeradius with snmp
I assigned a number of users a static ip address
using the dial_admin interface, but for some reason the radreply table doesn't
seem to be used. When I look at /var/lg/radacc/nas.ip/reply-date it doesnt show
anything about the framed-ip.
Any ideas?
check the radgroupcheck,
after putting on my PC freeradius-snapshot-20040723/ all the time i'm
receving this kind of errors:
Auth: Login incorrect: [edg/.]
This appears as with rlm_sql using as simply with freeradiusd config
files.
In the debugging mode just said (both with/without specifying Auth-Type):
auth:
Edgars [EMAIL PROTECTED] wrote:
but this Ayth-Type has also default value hasn't it?
No.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
apellido jr., wilfredo p. [EMAIL PROTECTED] wrote:
Hello Allan, im confused for what i read( doc/Simultaneous-Use) here's
my config
...
But still i got this error;
Tue Jul 27 23:21:22 2004 : Error: Discarding duplicate request from client
cyclades:1026 - ID: 166 due to unfinished
Phillip Soltan [EMAIL PROTECTED] wrote:
I was wondering if you were planning to support MS-CHAP v1 and MS-CHAP v2
for users who are set to Auth-Type := Local.
No. Set Auth-Type := MSCHAP, which is what the server does
automatically when it sees a request containing MS-CHAP. This is the
Those of you that use mysql with freeradius, can anyone recommend some
software for linux to process mysql radacct table logs?
Do you just roll your own scripts to query the logs and make reports?
Seems simple enough, but what are others doing? is always a good
question :-)
if dialup_admin is
So i think this is the problem related ATTRIBUTE ??
any ideas how to solve this problem.
any help is greatly appreciated.
you are back from where you started, attribute related.
//milver
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
duh! I didn't know it was there. Thanks.
Ken A
Milver S. Nisay wrote:
Those of you that use mysql with freeradius, can anyone recommend some
software for linux to process mysql radacct table logs?
Do you just roll your own scripts to query the logs and make reports?
Seems simple enough, but what
David [EMAIL PROTECTED] wrote:
so that [EMAIL PROTECTED] will get into our detail files (and database)?
attr_rewrite.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Mike Sturdee [EMAIL PROTECTED] wrote:
I am trying to use sql for the Simultaneous-Use check. I am seeing that
the NAS-IP-Address is being resolved in some places, and used as IP in
others. (I am thinking it should stay IP regardless).
Hmm... all of the printing of IP addresses should go
subscribe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Tue, 27 Jul 2004, Nick Marino wrote:
Does dialup admin use salt by defualt when encytpting passwords?
If so where is it getting the salt from?
I assume you mean using a salt when creating a new user or changing a user's
password, not when just verifying a user's password.
In any case,
- Original Message -
From: Kostas Kalevras [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, July 27, 2004 5:26 PM
Subject: Re: Salt
On Tue, 27 Jul 2004, Nick Marino wrote:
Does dialup admin use salt by defualt when encytpting passwords?
If so where is it getting the salt
Hello,
We've been working with FreeRadius 0.9.3 and have a configuration
question that doesn't seem to be covered by the Hassell's RADIUS book,
the docs that come with the distribution or in a google search of the
archives. Maybe I just didn't look in the right places, in which case a
Hi everyone
Right i have a Satellite link which has a 550ms delay from the world, and i am running
an internal radius server but due to the fact that i want to have more than one pop I
want to localize the radius server and maybe have a local one on each site, that will
save lookup over the
Hi List,
I know this is probbly more a pppd question, but I figure you
folks using radius probbly have the same problem I do, so here goes:
I've got pppoe servers out in the field that run linux/pppd v2.4.2
with radius authentication to a server running freeradius. What I'd
Hi,
After checking out some the accounting data we've collected for our ADSL
users we obviously aren't getting usage data until we receieve a stop record
for the customer (ie sometimes upto a week later) when the customers
disconnects.
This isn't really that useful for data reporting to
Add this to your Cisco config
aaa accounting update periodic 5
And that should send updates every 5 minutes. Also make sure you enable
gigawords or else any usage over 4GB will reset to 0 and wont count
properly. We had to make a small modification to FreeRADIUS sql.conf (as we
use MySQL for all
Well your radius server uses a centralised source for authentication... make
use of session-timeout and simply deactivate / disable the account at the
central source...
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, July 28, 2004 3:52 AM
Subject:
Wednesday, July 28, 2004, 9:57:07 AM
Hi everyone,
I use freeradius 0.9.3, Right now the radius was running well with no
problem, but there is something happen and I can't resolve this
problem below. I found this in radius.log. Can anyone can help me
solve this?
Wed Jul 28 10:03:56 2004 :
Hi List,
I have a trouble in EAP-LEAP authentification in FreeRADIUS, while an
ordinary User-Password attribute works fine. Namely, when I enabled
and configured NT-Password attribute in the 'users' file as in the
below, I got 'Authentication fail'.
I appreciate any advice/hint to resolve
Thanks, this solved the problem. Now Im
wondering if there is anyway to assign ip pools to groups.
i.e.
Group named 128k will get ips in the range
of x.x.x.64/29
This way I can restrict bandwidth on the
head end for those users, currently each NAS has an IP pool but makes life a
Since most people probably only use self-signed certificates for their
LDAP servers and may not have access to the raw certificates directly,
I thought I'd post this useful bit of info.
You can retrieve the certificate directly from the LDAP server
openssl s_client -connect ldap.example.com:636
Hello Colleagues,
I Wanna to use Realms to set up the callback feature.
On first Ftage i must determine the Realm, (for example @cb) with
wich radius do not proxying request and authorize user localy.
My proxy.conf contain
realm cb {
type= radius
authhost
I am using solaris 7 with gcc. When I try to compile
it dies at line 381 in misc.c. I have the 1.0.0 pre3
source code and here is my error message
gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS
-DOPENSSL_NO_KRB5 -Wall -D_GNU_SOURCE -DNDEBUG
-D_LIBRADIUS -I../include
I am using solaris 7 with gcc. When I try to compile
it dies at line 381 in misc.c. I have the 1.0.0 pre3
source code and here is my error message
gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS
-DOPENSSL_NO_KRB5 -Wall -D_GNU_SOURCE -DNDEBUG
-D_LIBRADIUS -I../include
Ok to use the standard dictionary file, what do I need to insert into mysql
to get the NAS to send the info back to the radius
I tried adding:
Acct-Terminate-Cause = ''
And a few others, to no joy.
Thanks
Barry
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
- Original Message -
From: apellido jr., wilfredo p. [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, July 27, 2004 6:13 PM
Subject: Re: Simultaneous Login Problem
Tue Jul 27 23:21:22 2004 : Error: Discarding duplicate request from client
cyclades:1026 - ID: 166 due to
57 matches
Mail list logo