Dear All,
i set up FR to use LDAP authentication.
when using clear password, everything is working ok.. but actually i
want to store crypt passwords.
as soon as using crypt passwords, authentication failed.
i was using radiusauthtype = LDAP, i tried to switch to PAP, and setting
passwordheader
Hi,
I have only been able to initialize FreeRADIUS for EAP-TTLS with Phase 2
type md5 and mschapv2.
Setting the Phase 2 type to any other type such pap, chap etc gives out
an error message to the effect Unknown EAP type.
How can I enable the other Phase 2 types?
Thanks,
Bilal
-
List
On Tue, 2 Nov 2004, Ossama Suleiman wrote:
Dear All,
i set up FR to use LDAP authentication.
when using clear password, everything is working ok.. but actually i want to
store crypt passwords.
as soon as using crypt passwords, authentication failed.
i was using radiusauthtype = LDAP, i tried to
Exact the same problem on sunOS-5.8.
Alan said the fix for some kind of radrelay segfault will be in v1.0.2.
The snapshot is of 1.1.0pre0, but no fixes for radrelay.
Such alternative to Proxy-to-Realm removed in 1.0.0 is not good, yeah?
We'll try to be patient and wait for some time...
Daniel W.
Bilal Ahmed [EMAIL PROTECTED] wrote:
I have only been able to initialize FreeRADIUS for EAP-TTLS with Phase 2
type md5 and mschapv2.
No. Those phase 2 types are sub-types of EAP.
Setting the Phase 2 type to any other type such pap, chap etc gives out
an error message to the effect Unknown
Daniel Davidson [EMAIL PROTECTED] wrote:
I am sure this has been answered many times, but I cannot find it. I
keep getting Login incorrect: [danield/no User-Password attribute]
errors and I cannot figure out where the problem is I realize there is
some stuff I can take out, but I Here is the
So is there a way to have users authorize themselves with an LDAP
server, and what is the process for doing that? Use PAM and set the
system up to have PAM auth against LDAP?
Dan
On Tue, 2004-11-02 at 09:40, Alan DeKok wrote:
Daniel Davidson [EMAIL PROTECTED] wrote:
I am sure this has been
I have a situation where we are using radius to authenticate both dial-in
users and wireless users authenticating via EAP-TLS.
For the dial-in users the users are being authenticated using Auth-Type :=
System. The EAP-TLS authentication is being done Auth-Type := EAP.
The issue arises for those
Title: sql trace
hello list
i am having trouble enabling the sql trace feature in sql.conf.
setting sql trace = yes seems to have no affect.
isn't it supposed to be in the output if start radiusd -X?
THX
Mark Temple [EMAIL PROTECTED] wrote:
After setting up a freeradius server and searching all the docs I
can find, I can't see how to configure the ARAP-Security-Data
response so it will send the Login-LAT-Node challenge response back
to the client.
Wow. After 8 years of working with RADIUS,
Daniel Davidson [EMAIL PROTECTED] wrote:
So is there a way to have users authorize themselves with an LDAP
server, and what is the process for doing that? Use PAM and set the
system up to have PAM auth against LDAP?
No. You already have authorization being done via LDAP.
What I said was
Title: FR help
ok, i give up.
i have been trying to configure FR for months now.
can someone on the list please recommend a consultant etc who can help me for a nominal fee.
i have FR 1.0.0, RH AS 3, mySQL 4.0.21. i have basics working just not the particulars.
i have several NAS
Title: Message
consultants and nominal fees are
oxymoron's.
Where
are you located?
-arc
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Roy G
DavisSent: Tuesday, November 02, 2004 3:27 PMTo:
[EMAIL PROTECTED]Subject: FR
help
ok,
i am afraid i just dont understand enough about how all the pieces work
together.
and i cant get anything that spells it out. i have looked at RFCs, gnu
radius docs,
bought oreilley book, scoured the web... even tried looking at
modules/source code.
modules, authorize vs authenticate,
Roy G Davis [EMAIL PROTECTED] wrote:
i am afraid i just dont understand enough about how all the pieces work
together.
I'm not sure I understand why you care about how the pieces work
together. You can edit the users file to look for attributes in the
request, and to send back attributes in
Probably a stupid question, but I assume you mean that in the users file
I do not set it to:
DEFAULT Auth-type := LDAP
and in the authenticate {} area of radiusd.conf the ldap areas should be
commented out.
Is this correct and what should the proper settings be to get this done?
thanks,
Dan
From time to time someone posts looking for a consultant to help. Well,
I'm here. Certainly nominal fees for nominal work. Real work, however,
well we can discuss the price and terms in private. I have extensive
RADIUS experience and a background in security as well as an extensive
networking
section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module preprocess returns ok for request 0
radius_xlat:
'/usr/local/freeradius/var/log/radius/radacct/10.0.16.15/auth-detail-20041102'
rlm_detail:
/usr/local/freeradius/var/log/radius/radacct/%{Client-IP
I've been testing freeradius on a redhat machine for the past two
months or so, and am starting to bring up the production servers.
We're switching to debian stable, which means things aren't quite the
same as the testing box.
I'm using freeradius-1.0.1 downloaded from freeradius.org, without
On Mon, Nov 01, 2004 at 12:22:04PM +0400, rashad wrote:
Build process breaks down at following point:
/usr/bin/ld: cannot find -lz
Where is the problem?
As I recall, libmysqlclient-dev was missing libz-dev as a
dependancy in Debian/Woody. You'll need to install it yourself.
--
Paul TBBle
Matthew Kocher [EMAIL PROTECTED] wrote:
I'm using freeradius-1.0.1 downloaded from freeradius.org, without the
rlm_x99_token module, as it wouldn't compile. Mysql has been
configured using the db_mysql.sql script.
That script configures a schema in MySQL. It doesn't configure the
Daniel Davidson [EMAIL PROTECTED] wrote:
Probably a stupid question, but I assume you mean that in the users file
I do not set it to:
DEFAULT Auth-type := LDAP
and in the authenticate {} area of radiusd.conf the ldap areas should be
commented out.
Yes.
Is this correct and what should
Currently I am usin radiusAuthType=LDAP
And password_header={CRYPT}
But I still get the same error as before, and I am unable to authenticate,
Is there any thing else I am missing?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kostas
Kalevras
Sent:
Dear All,
According to the last message,
[EMAIL PROTECTED] wrote:
freeradius has assign the IP,but I don't know how to make the XP
supplicant to obtain this IP? Any suggestion?
You can't assign IP's that way.
Use a DHCP server.
Alan DeKok.
ippool cannot assign IP to xp supplicant. and
On Wed, 3 Nov 2004, Chan Min Wai wrote:
freeradius has assign the IP,but I don't know how to make the XP
supplicant to obtain this IP? Any suggestion?
You can't assign IP's that way.
Use a DHCP server.
Alan DeKok.
ippool cannot assign IP to xp supplicant. and Alan Suggest to use
Dana Hudes wrote:
On Wed, 3 Nov 2004, Chan Min Wai wrote:
Go back to the defintion of RADIUS: Remote Authentication Dial-In User
System. Now think. How do dialup users connect? They use SLIP/PPP.
PPP has provision for sending the IP address info for the connection. It
is part of the
Hello All,
Is it possible to use different server side ip pools for different
groups? I only have one NAS so obviously it won't be possible to use the
huntgroups, for now I just have one default ip pool working.
Thanks for any help.
Lito
-
List info/subscribe/unsubscribe? See
On Wed, Nov 03, 2004 at 02:19:21PM +0800, Chan Min Wai wrote:
Dana Hudes wrote:
On Wed, 3 Nov 2004, Chan Min Wai wrote:
Go back to the defintion of RADIUS: Remote Authentication Dial-In User
System. Now think. How do dialup users connect? They use SLIP/PPP.
PPP has provision for sending
28 matches
Mail list logo