Hil list!
I'm trying to authenticate Active Directory Users via freeradius
(1.0.2). I can do it in a general case (user and domain) without
problem. Now a have to do it restricting the authentication to the
members of a group.
I can exect the script (as is put in radiusd.conf) correct from the
okey, thanks for the input.
Really don't know where could be the problem and it's appearing not
constantly - it may be a day or they could be some weeks.
If refering to your other post, i have this /usr/local/var/run/radiusd
directory..the only thing i've changed till now is i've set all the
do you want my real IP addresses, passwords and a direct access to my
networks ? ;)
I know that, it's just for security... however, thanks to you to have
took some time to respond to me :)
(sorry if my english is bad, it's not my best quality)...
David
[EMAIL PROTECTED] a écrit :
Hi All,
Im looking to put freeradius into a ISP site and we
run a 4 server LVS cluster, what Im wanting to know is if we do the
following in the config
authorize {
preprocess
chap
sql
}
authenticate {
Auth-Type CHAP {
chap
}
}
preacct {
preprocess
acct_unique
}
Lorel hardy wrote:
I would like to know and to do something like log more information in
the table radpostauth.
Maybe it will be usefull to have mac address of the client and the reply
message send by radius ?
It's straight forward: add more fields in your SQL table and edit the
Hi everyone.
I've installed freeradius+mysql on sun solaris sparc5 platform and
nocat authentication+gateway in the other machine. It's seems that
freradadius and mysql run without any problem also it can authenticate
nocat users in the same time. But my radacct table in mysql is empty,
and it's
Sven Hartge wrote:
Um 04:27 Uhr am 15.05.05 schrieb Chan Min Wai:
I'm working with freeradius that running EAP auth, the account info is
with LDAP server.
Just want to know what kind of Right did the freeradius need to have on
the LDAP server so that the ACL on the LDAP server can be
Hi everyone.
I've installed freeradius+mysql on sun solaris sparc5 platform and
nocat authentication+gateway in the other machine. It's seems that
freradadius and mysql run without any problem also it can authenticate
nocat users in the same time. But my radacct table in mysql is empty,
and it's
dear all,where does the program create
database ? i can't find it.just find where it creates tables.i use
mysql.anyone who knows please tell me
,thanx.
shenwei
You need to create your own database based on the SQL schema provided with
freeradius.
The rest you config in the sql.conf in your raddb dir, usually in /etc/raddb or
/usr/local/etc/raddb
On Mon, 16 May 2005 18:10:39 +0800
shenwei [EMAIL PROTECTED] wrote:
dear all,
where does the
Hello
I know it's more a Cisco issue, but maybe someone here had the same problem.
For Authentication, users use PEAP/MS-Chapv2, that is working fine.
For Authorization, I want to use per-user ACL, from user profiles from
FreeRadius server with an MySQL backend.
As a test, I put some
Hi
I am trying to Install Freeradius1.0.2 on Redhat 7.2. and am using
openssl-0.9.7. I have installed openssl in /usr/local/openssl
and to install freeradius i executed the following commands
./configure --with-openssl-includes=/usr/local/openssl/include
Hi,
1) ldd /usr/local/sbin/radiusd
libcrypt.so.1 = /lib/libcrypt.so.1 (0x40033000)
libnsl.so.1 = /lib/libnsl.so.1 (0x4006)
libresolv.so.2 = /lib/libresolv.so.2 (0x40076000)
libpthread.so.0 = /lib/i686/libpthread.so.0 (0x40088000)
Thanks a lot., i am new and totally clueless as to what i need to be
doing . I did use ./configure
--with-openssl-includes=/usr/local/openssl/include
--with-openssl-libraries=/usr/local/openssl/lib
What else do i need to be doing to make the radiusd read the right libraries
regards,
arun
On
Hi,
Thanks a lot., i am new and totally clueless as to what i need to be
doing . I did use ./configure
--with-openssl-includes=/usr/local/openssl/include
--with-openssl-libraries=/usr/local/openssl/lib
What else do i need to be doing to make the radiusd read the right
Hi.
Should be fine, this is mine for comparision:
http://www.yazzy.org/configs/linux/freeradius/radiusd.conf
I additionally use following for sqlcounter:
dailycounter
weeklycounter
monthlycounter
On Mon, 16 May 2005 20:56:04 +1200
Tristram J. Cheer [EMAIL PROTECTED]
Hello,
My name is Adam Oakley and I am trying to set up
freeradius on a Linux redhat 9 server. I have downloaded the package and tried
installing and I can get a couple of steps into it and then it will not let me
go any farther. So I was wondering if anyone could help me get this
Hi,
I'm trying to get freeradius to configure eap_tls but, I keep running
into a config problem. I have openssl installed like so
config --prefix=/usr/local/openssl097g
--openssldir=/usr/local/openssl097g no-shared
This seems to work. Then I configure freeradius like this.
configure
Hi all
I have two questions relating to the above.
1) I notice that my server is responding to the client with the Cisco-AVPair
attributes even if the user's authentication fails due to an incorrect
password. Is this normal behaviour? For example, the client log shows:
Hi,
configure --disable-shared
--with-openssl-includes=/usr/local/openssl097g/include \
--with-openssl-libraries=/usr/local/openssl097g/lib \
--prefix=/usr/local/radius
For static SSL libraries, this simply doesn't work, see the mailing
list archive for build problems on Solaris
Hello,
Is it possible to restrict usersto login only
to
specific nas client?
So if they use different nas their login should be
rejected.
Thank you in advance.
Bartosz
On May 16, 2005, at 13:34, Bartosz Jozwiak wrote:
Hello,
Is it possible to restrict users to login only to
specific nas client?
So if they use different nas their login should be rejected.
I do that using a EXEC-PROG-WAIT module. a rlm_exec module will
apparently also do that but I haven't had
Hello,
I am running ubuntu and I am trying to compile FreeRadius with
rlm_sqlcounter (following your advice) to be able to keep track of
connection usage by user depending on tickets given to them.
For this, I am doing:
make clean
./configure --with-experimental-modules
and get the following
Software Development Group [EMAIL PROTECTED] wrote:
and get the following error report:
...
Most of which is not errors. And most of which is unhelpful.
(NOTE ) I do have libgdbm3 installed on my system.
shrug Check config.log
/usr/bin/ld: cannot find -lperl
Try installing Perl.
On Mon, 16 May 2005 16:57:10 -0400
Software Development Group [EMAIL PROTECTED] wrote:
Hello,
I am running ubuntu and I am trying to compile FreeRadius with
rlm_sqlcounter
Freeradius 1.0.1-2 is avaliable for ubuntu maintained by Paul Hampson [EMAIL
PROTECTED]. Try to install it. It
Hi.
This can be done with hungroups or realms.
I use RouterOS as my NAS which has a Mikrotik-Realm Attribute.
If user's Mikrotik-Realm stored in radcheck differs from the one configured on
the NAS, the user gets rejected.
This way each user can have separate realm value stored in SQL matching
Hi Adam, did you get help about this?
Ernesto Freyre RamírezJefe de
OperacionesQnetSoluciones TecnológicasAv.
Paseo de la República 4675 - Lima 34 Telf.: (511) 241-4122 Anexo
2245Fax: (511) 446-8135
Visítenos en: www.qnet.com.pe-
Original Message -
From:
Adam Oakley
Marcin Jessa wrote:
Hi.
This can be done with hungroups or realms.
I use RouterOS as my NAS which has a Mikrotik-Realm Attribute.
If user's Mikrotik-Realm stored in radcheck differs from the one configured on the NAS, the user gets rejected.
This way each user can have separate realm value stored
On Mon, 16 May 2005, Bartosz Jozwiak wrote:
Hello,
Is it possible to restrict users to login only to
specific nas client?
So if they use different nas their login should be rejected.
Thank you in advance.
Bartosz
users file could look like this.
someuserNAS-IP-Address ==
Can anyone suggest a migration path to move from ACS to freeradius. My
thoughts are as follows below
NAS --- Freeradius --- ACS
With freeradius proxying the auth request / accounting to the ACS server and
somehow either learning or logging the user / password pair from the nas so
that it can
30 matches
Mail list logo