Hello Alan,
Tuesday, June 21, 2005, 7:49:22 PM, you wrote:
I see in logs WARNING: Cancelling proxy to Realm
LOCAL, as the realm is local. But freeradius DONT send Accounting-Response
to NAS and NAS continue re-sending accounting packets.
AD Ok... it looks like the code in src/main/acct.c
On Tue, Jun 21, 2005 at 03:21:17PM +0200, Michael Langer wrote:
HI,
you have done it at weekend? Today i try apt-upgrade and nothing has
changed.
The current Version is 1.0.2 in sarge, isn't it?
Sorry, I didn't do the update until Monday, and my sponsor picked a
problem with it, so I've just
Hm,
I am really stuck :-(
Let me try to explain what I inted to do:
1.) PAP is just the clear-text password???
- I thought pap is hashing the password with a challenge (MD-5). This
means the client is then transmitting this Hash to the radius, which
might hold the password in cleartext or as
You can also log to SQL and then sort on the info stored in radacct.
Should be relatively easy for a newbie PHP coder to write a script doing that.
Marcin.
On Tue, 21 Jun 2005 22:02:08 +0100
Shepherd, Dave [EMAIL PROTECTED] wrote:
You could try radiusreport
Hi,
I am really stuck :-(
Let me try to explain what I inted to do:
1.) PAP is just the clear-text password???
- I thought pap is hashing the password with a challenge (MD-5). This
means the client is then transmitting this Hash to the radius, which
might hold the password
Hello,
Currently i am using i have 1.0.2 version running on
my linux box.
I made plan to upgrade it with the letest Version
1.0.4.
I have a small question about the 1.0.2 configuration
files. How i should upgrade it. Is configuration files
will be also upgraded or it will be not effected?
Victor wrote:
Ok, so how can i stop processing accounting with NULL or any other
realm in my situation?
There're two workarounds:
1. Give up accounting proxying and use radrelay.
2. Remove instances of the 'realm' module in 'preacct' section and
write something like this in 'acct_users'
We have the following szenario, in which i got a problem:
We use huntgroups to allocate different types of dialins (isdn,
dsl, and so on). So we have a huntgroups File which looks similar
to this:
xDSLNAS-IP-Address == 1.1.1.1
xDSLNAS-IP-Address == 1.1.1.2
xDSL
[EMAIL PROTECTED] wrote:
Hi,
I am really stuck :-(
Let me try to explain what I inted to do:
1.) PAP is just the clear-text password???
- I thought pap is hashing the password with a challenge (MD-5). This
means the client is then transmitting this Hash to the radius, which
As you have observed, the first huntgroup that is matched will always be
used. Its not a bug, or a feature, its just the way it is ;-)
You can however specify more than one attribute to match per line, for
example:
xDSLNAS-IP-Address == 1.1.1.1, NAS-Port-Type == Async
AdminA
hi - i'd like to use the radius server's IP within the configuration files.
specifically, to include it in the reply-message - i know that some
variables are defined %u, %p, %n, etc ... see doc... but none of these
contain the radius server's IP address. this needs to be not from the radius
I just upgrade in Red Hat Enterprise 3.0 from 1.0.2 to 1.0.4 without
problems, my conf files didn´t change. I suggest you to make a copy from
/etc/raddb to avoid problems.
Reggards,
Carlos Martínez-Troncoso Cera
Coordinador de Servicios Internet/Intranet
Universidad del Norte
Barranquilla,
I am trying to setup freeradius to forward peap requests to another
radius server.
I have the proxy.conf setup with the address to the other server.
I really do not want this server to do anything but proxy to the other
server. Can someone help with the configuration.
I am using Fedora Core 4
Hello Nicolas,
Wednesday, June 22, 2005, 12:01:58 PM, you wrote:
NB 2. Remove instances of the 'realm' module in 'preacct' section and
NB write something like this in 'acct_users' file:
NB # Proxy this one
NB DEFAULT User-Name =~ foo\.net$, Acct-Type := acct.foo, Proxy-To-Realm
:= foo.net
NB
Tariq Rashid [EMAIL PROTECTED] wrote:
hi - i'd like to use the radius server's IP within the configuration files.
The CVS head has Packet-Dst-IP-Address, and a bunch of other useful
things.
It's not in 1.0.x, though.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
=?ISO-8859-1?Q?Carlos_Mart=EDnez-Troncoso_Cera?= [EMAIL PROTECTED] wrote:
I just upgrade in Red Hat Enterprise 3.0 from 1.0.2 to 1.0.4 without
problems, my conf files didn´t change.
That is *very* intentional, and as you've seen, a Good Thing.
I *hate* packages that mess with
B. Tolka [EMAIL PROTECTED] wrote:
I really do not want this server to do anything but proxy to the other
server. Can someone help with the configuration.
Set up a realm in proxy.conf, and put the following at the top of
the users file:
DEFAULT Proxy-To-Realm := realm
Alan DeKok.
-
Oleg Kravtsov [EMAIL PROTECTED] wrote:
I would like to tune RADIUS Server so that it sends particular set of
RADIUS attributes depending on the outgoing packet type (Challenge or
Accept).
The server doesn't really support that.
For that task I've been using Response-Packet-Type
Alan, thank you for the reply,
I would like to tune RADIUS Server so that it sends particular set of
RADIUS attributes depending on the outgoing packet type (Challenge or
Accept).
The server doesn't really support that.
In this case I wonder if I can do something already available to solve
Ok, so how can i stop processing accounting with NULL or any other
realm in my situation? I just want run start/alive/stop script with
freeradius.
Edit the accounting section to contain only the modules you want?
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Oleg Kravtsov [EMAIL PROTECTED] wrote:
In this case I wonder if I can do something already available to solve
the real problem (with Acct-Interim-Interval attribute).
I want it to be included ONLY into Access-Accept message, as this
attribute can't present in Access-Challenge RADIUS message.
Hello
I was wondering if there was a way to allow wildcards for logins. For
example, [EMAIL PROTECTED] Rather than adding thousands of users in the users
file. This is only for a test environment.
I have looked through the users file and older archives but not come accross
a way to do
Doug Hardie [EMAIL PROTECTED] wrote:
Are there any performance differences to having 2 rlm's vs one?
No.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Who cares? If it's in Access-Challenge, the NAS will ignore it.
Some devices (at least one we work with) does strict checkings against
presence of attributes in
a particular messages (according to RFC 2865, 2866, 2869).
Ok, I see that currently we can't do what we want.
We are ready to
Hello Everybody,
We are dealing with secuirty problems of Radius in proxy chaining setup
whre end-to-end security is missing. According to RFC 2607 (Proxy Chaining
and Policy Implementation in Roaming) follwing are the security threats :
Message editing
Attribute editing
Theft of passwords
On Wednesday 22 June 2005 14:06, Hassan Wahid wrote:
Hello
I was wondering if there was a way to allow wildcards for logins. For
example, [EMAIL PROTECTED] Rather than adding thousands of users in the users
file. This is only for a test environment.
I have looked through the users file
As you have observed, the first huntgroup that is matched will always be
used. Its not a bug, or a feature, its just the way it is ;-)
You can however specify more than one attribute to match per line, for
example:
xDSL NAS-IP-Address == 1.1.1.1, NAS-Port-Type == Async
Title: Issue with increasing the number of ACL's in users file
Hi
I am having a problem with an apparent limit on ACL's on my freeradius servers. I have been running this servers for a number of years, and have always had the number of ACL's on the users file below 52, and have never had
Hello,
Thanx guys for good advise, Now i will start to
upgrade from 1.0.2 to 1.0.4.
Thank You
Abdul Lateef
Tel : 974-5405022
YM! abdul_zu
Yahoo! Sports
Rekindle the Rivalries. Sign up for Fantasy Football
29 matches
Mail list logo
