On 5/9/05, Alan DeKok [EMAIL PROTECTED] wrote:
FreeRADIUS does things only when the NAS asks. So if FreeRADIUS is
sending Access-Challenges, it's because the NAS (or winxp client) is
asking it to.
I'm agree...
For some reason, the client doesn't like the response from
FreeRADIUS, and
I am using the latest version of free radius I wanted to know how can I
make free radius to authenticate with /etc/passwd
With accounting feature.if possible with prepaid feature also.the
version I am using is 1.0.2.
Thanking you
Hello,
our Accounting-SQL-Database became slower, so often radius-packets are
dropped and and the NAS falls back to the secondary radius-server.
Though the postgres database is indexed, there are often response-times
between 1 - 3 secs and we cannot change it for the moment.
To speed up things
i know the FAQ mentions the daemontools for ensuring that the freeradiusd
daemon is available in the event of an unlikely crash.
can anyone recommend another set of tools or scripts for managing the
freeradius daemon - i don't like the way the daemontools is not consistent
with the usual unix
Tariq Rashid [EMAIL PROTECTED] wrote:
i know the FAQ mentions the daemontools for ensuring that the freeradiusd
daemon is available in the event of an unlikely crash.
It also mentions /etc/inittab.
can anyone recommend another set of tools or scripts for managing the
freeradius daemon
On Tue, 10 May 2005, oz wrote:
Hello,
our Accounting-SQL-Database became slower, so often radius-packets are
dropped and and the NAS falls back to the secondary radius-server. Though the
postgres database is indexed, there are often response-times between 1 - 3
secs and we cannot change it for
Hi,
I need to configure mobile VLAN for 700+ Campus
Network and for this i am using the FreeRadius server
1.02.I am new to this RADIUS server pls let me know
what are all the basic requirements we need for this
like NAS etc
thanks
Akram
--- [EMAIL PROTECTED]
wrote:
Send Freeradius-Users
I'm having trouble at authentication using radius and
digest. Look at
radius output. The rare thing is that some phones get registered
nicely, but others no. The ones who get registered are X-Lite
softphones and grandstream. The ones that not, are the ATAs
from voip
solutions,
Sorry Alan and your comment is right but that is just that I sent you the
printout from testing with another client. Actually the error does always
show the client that is trying to validate.
Thanks,
Maxo
At 17:39 09/05/2005, you wrote:
Software Development Group [EMAIL PROTECTED] wrote:
Sorry Terry and your comment is right but that is just that I sent you
the printout from testing with another client. Actually the error does
always show the client that is trying to validate.
When the error shows:
rad_recv: Access-Request packet from host
172.18.21.100:10005, id=5, length=137
One more detail Alan,
I just re-prduced it for you and when the error shows:
rad_recv: Access-Request packet from host
172.18.21.100:10005, id=5, length=137
Ignoring request from unknown client 172.18.21.100:10005
--- Walking the entire request list ---
Nothing to do. Sleeping until we see a
section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module preprocess returns ok for request 0
radius_xlat: '/var/log/raddb/radacct/172.16.0.2/auth-detail-20050510'
rlm_detail: /var/log/raddb/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log
rate no buffering will do you any good in
the long run.
Thank you, I will see if we can use it.
Compiling the 20050510-Snapshot of freeradius 1.1.0 under Debian(Sarge)
I had a problem with make install. But I think it is known, and I
solved it by removing the source-code of the module rlm_eap.
make
Galvao Rezende wrote:
problems with 802.1x - EAP-TLS
I'm having trouble at authentication using radius, openssl and
EAP-TLS, using AP CISCO 350 Series. Look at radius output.
It doesn't appear that is the whole output. There is no Reject message
that I can see.
Vladimir
-
List
Lucas Aimaretto [EMAIL PROTECTED] wrote:
Why is that ? I mean ... I have some SIP Phones that have no
password configured, and the digest module is working fine, as they can
get registered nicely.
The server needs a clear-text password to do the digest
authentication. If it doesn't
Software Development Group [EMAIL PROTECTED] wrote:
I just re-prduced it for you and when the error shows:
rad_recv: Access-Request packet from host 172.18.21.100:10005, id=5,
length=137
Ignoring request from unknown client 172.18.21.100:10005
...
the clients.conf file shows:
client
Thanks Alan you were right. I was changing a clients.conf on a different
directory. I made the changes on the right one and it went through and gave
me a user validation error this time so I am now working on the users file.
Thanks for your help.
Maxo
At 12:23 10/05/2005, you wrote:
Software
: '/var/log/raddb/radacct/172.16.0.2/auth-detail-20050510'
rlm_detail: /var/log/raddb/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/raddb/radacct/172.16.0.2/auth-detail-20050510
modcall[authorize]: module auth_log returns ok for request 0
rlm_realm: Looking up realm 172.16.0.1
Michael,
Thanks for the response. Doesn't the NTRadPing utility have the capability for
CHAP? Also, is there any good docs/howto for LDAP Authenication against AD?
Thanks
RObert
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent:
Hi List,
I have a question about Auth-Type = System. I have several accounts that need to
be authenticated through System and it works great as long as the IP is assigned
dynamically. As soon as I switch an account to static IP, it authenticates but
does not assign the desired ip address. I'm
Hello,
I have compiled and installed freeradius and it is working fine. My
question now is:
At this point a user logs in with a password, is authenticated and enters
the system but if I want to set user x to only have 2 hours connection time
only and user y to only have 1 hour of connection,
[EMAIL PROTECTED] wrote:
Hello,
I have compiled and installed freeradius and it is working fine. My
question now is:
At this point a user logs in with a password, is authenticated and
enters
the system but if I want to set user x to only have 2 hours
connection time only and user y to
Hi,
is it possible to use counter module to kick off users after their limit
is reached? Do anyone have an idea how this could be realized?
Regards,
Edvin Seferovic
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Dienstag, 10.
My guess would be that you need to set the Session-Timeout variable. 2 hours
would be 7200 and 1 hour would be 3600.
hope this helps.
Andrey
Quoting Software Development Group [EMAIL PROTECTED]:
Hello,
I have compiled and installed freeradius and it is working fine. My
question now is:
At this
Hi
I am using freeradius 0.9.3 with mysql on linux.
What is the correct way to count number of open sessions for freeradius
server ?
-SK
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Tue, 10 May 2005, [EMAIL PROTECTED] wrote:
If anyone can give me a good how-to on how to get freeradius to load when
Linux (Debian) starts I would be very greatful!
You can look at the debian init.d scripts :
http://www.debian.org/doc/debian-policy/ch-opersys#s-/etc/init.d
--
Nicolas -
I have two radius as primary and secondary so I found easier to count it
in the mysql database that both radius use for accounting. You can
search / select for records that don't have accountstoptime inserted.
Regards.
J.M.
Sonali Karmarkar wrote:
Hi
I am using freeradius 0.9.3 with mysql on
[EMAIL PROTECTED] wrote:
My guess would be that you need to set the Session-Timeout
variable.
hope this helps.
Andrey
Yes, it will help, im using it on production, the counter module sets the
Session-Timeout automatically
i.e.
keciel# cat radiusd.conf
[... blablabla ...]
sqlcounter
the easiest way off the top of my head would be to run:
%radius_dir%/bin/radwho | grep -c
that will pipe all your logged-in users to grep, which will tell you
how many of
them there are.
Andrey
Quoting Sonali Karmarkar [EMAIL PROTECTED]:
Hi
I am using freeradius 0.9.3 with mysql on linux.
Why is that ? I mean ... I have some SIP Phones that have no
password configured, and the digest module is working fine, as they
can get registered nicely.
The server needs a clear-text password to do the digest
authentication. If it doesn't have a clear-text password, it
Quoting Sonali Karmarkar [EMAIL PROTECTED]:
Hi
I am using freeradius 0.9.3 with mysql on linux.
What is the correct way to count number of open sessions for
freeradius server ?
[EMAIL PROTECTED] wrote:
the easiest way off the top of my head would be to run:
Andrey [EMAIL PROTECTED] wrote:
I have other static ip accounts that authenticate from sql, and those work
just
fine. Just the ones that are from System.
Any suggestions most appreciated.
Run the server in debugging mode and read the output. There's
really no other way.
As soon as I
:
'/usr/local/radius/var/log/radius/radacct/x.x.x.186/detail-20050510'
rlm_detail:
/usr/local/radius/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to /usr/local/radius/var/log/radius/radacct/x.x.x.186/detail-20050510
modcall[accounting]: module detail returns ok for request 207
Hi.
I have a setup with multiple NAS's where each NAS belongs to a different owner.
All of them talk to the same radius server where users are stored in MySQL
database.
AFAIK normally realms are used to strip e.g. domain names from the login user
names, e.g [EMAIL PROTECTED] authenticating
What kind of module?
A new, custom one or one of the existing modules?
What do you want it to be able to do?
On Mon, 6 Dec 2004 14:29:19 +0800
xuxu [EMAIL PROTECTED] wrote:
How to add a module to authorize a request ? Does freeradius support it
,or I need to modify the source
the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module preprocess returns ok for request 0
radius_xlat: '/var/log/raddb/radacct/172.16.0.2/auth-detail-20050510'
rlm_detail: /var/log/raddb/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
Hi.
I just resubscribed to the mailinglist and found that topic unanswered.
You can accomplish that in two ways. One is with counter module and one with
SQL which uses sqlcounter module.
The sqlcounter needs the experimental modules to be compiled in.
I use MySQL to store my users's info so for
Andrey Furukin [EMAIL PROTECTED] wrote:
The output doesn't really show anything unusual. As soon as the user
connects, radius assigns a Framed-IP-Address, which unfortunately is
not the one in radreply table.
...
rad_recv: Accounting-Request packet from host x.x.x.186:1646, id=158,
Galvao Rezende wrote:
eaptls_process returned 7
rlm_eap_tls: Received unexpected tunneled data after successful handshake.
You need to investigate following. You may want to re-do certificates.
Vladimir
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
What is the best way to authenticate users against Active Directory via
Freeradius? Is it with ntlm_auth or LDAP? My scenario is to authenicate our
VPN users (using Cisco VPN clients and VPN concentrators) to authenticate
against AD via radius. Somebody mentioned that if MSCHAP is not used
You're making this more complicated than it is (and please don't talk
about me like I'm not here).
To authenticate plain credentials against AD is no different than
authenticating against any other LDAP server except for the fact that
your uid attribute is different. So, read the docs for the
41 matches
Mail list logo
