Felix Chang <[EMAIL PROTECTED]> wrote:
> Sorry.. just something very confuse. I am using a
> FreeBsd computer as my NAS, may I know what is the
> nastype for this NAS? Is it "other"?
Yes.
> I know when the nastype is "other", the radius server won't call
> for the checkrad. Therefore, if I wan
Sorry.. just something very confuse. I am using a
FreeBsd computer as my NAS, may I know what is the
nastype for this NAS? Is it "other"? I know when the
nastype is "other", the radius server won't call for
the checkrad. Therefore, if I want to use the checkrad
to check for the simultaneous-use, wh
Hi,
I have to configure an async callback solution using Cisco IOS and
Freeradius.
Up to now, the user can dial in and will be authenticated against my
freeradius server. Anything works fine.
After setting up the callback things on the router and on the radius server,
the user will still be grant
I manged to fix this. Something was whackinated in my certificate
generation process. Followed howto here:
http://www.alphacore.net/contrib/nantes-wireless/eap-tls-HOWTO.html
And all works well, even with XP SP2.
~Brandon
-Original Message-
From: DeYoung, Brandon
Sent: Wednesday, Augus
So just set Auth-Type for the user to
Reject. We do this for suspended (non paying users) until they pay up. No
changing password this way.
Brent
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Behzad Barzideh
Sent: Wednesday, August 17, 2005
4:47 PM
To:
fre
Hi everyone,
Finally, have it working.. I did not comment out the radutmp in
radius.conf for the session database. I had uncommented sql, although lots
of good that did.
Thanks again,
Robin
At 03:26 PM 8/16/2005, you wrote:
Robin <[EMAIL PROTECTED]> wrote:
> The detail files appear to
Hello, I am new to Radius and Free Radius, so forgave me if this question
has been asked or it is crazy.We are in process of change all our
authentication and authorization.At the moment every "service" has it's own
user-id/password database. Thus authentication/authorization per service is
Tim P <[EMAIL PROTECTED]> wrote:
> Thought it was configured, I beleive I have tested it positive in the
> past, I want to use ntlm_auth, I had this in there and had tested it
> as far as i know:
>
> Radius.conf
> ldap {
That doesn't configure ntlm.
> Will this not work, if not how to
Thought it was configured, I beleive I have tested it positive in the
past, I want to use ntlm_auth, I had this in there and had tested it
as far as i know:
Radius.conf
ldap {
server = "domcon.company.org"
basedn = "dc=company,dc=org"
filter
Thanks for the response Alan,
My clients are WinXP SP2 boxes. I have several hundred of these which
had been working fine for the last 6 months...until my server blew up.
In fact I had more problems getting this setup to work with SP1 and made
it a policy for everyone to put SP2 on before I would c
"Jamie Crawford" <[EMAIL PROTECTED]> wrote:
> In the statement "Odds are they're XP SP2 boxes, where MS broke EAP"
> what exactly is broken. Will XP SP2 not work with PEAP?
It won't.
This was discussed on the list last week.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.f
> "Koos Beens" <[EMAIL PROTECTED]> wrote:
>> rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = MS-CHAP'
> ...
>> modcall: leaving group authorize (returns ok) for request 5
>> rad_check_password: Found Auth-Type MS-CHAP
>> auth: type "MS-CHAP"
>> ERROR: Unknown value specified for
In the statement "Odds are they're XP SP2 boxes, where MS broke EAP" what
exactly is broken. Will XP SP2 not work with PEAP?
thanks,
jamie
Jamie Crawford, MCSE RHCT Network Analyst I
Information Services
Central Missouri State University
Warrensburg, MO 64093
Phone:6605434357
Email:[EMAIL PR
Tim P <[EMAIL PROTECTED]> wrote:
> I am handing off a qurest from pppd to radius and am failing with a
> valid user in the domain.
No.
The server is failing because it doesn't have a clear-text password.
> rlm_ldap: looking for check items in directory...
> rlm_ldap: looking for reply items
Wesley Spadola <[EMAIL PROTECTED]> wrote:
> Is there any news of a approximate release date for the 1.1.0 line of
> FreeRADIUS?
When it's ready. Hopefully in the next month or so.
> Which bugs are currently showstoppers for this line to be released as
> "stable"?
The EAP linking issues.
"DeYoung, Brandon" <[EMAIL PROTECTED]> wrote:
> I *believe* this snippet from my debug output shows the problem:
>
> snip-
> eaptls_process returned 3
> TLS_accept:error in SSLv3 read client certificate A
> rlm_eap_peap: EAPTLS_SUCCESS
> -snip--
>
> This would *seem* to
"King, Michael" <[EMAIL PROTECTED]> wrote:
> We want to proxy our machine authentications off to something else that
> can authenticate them.
>
> Does anyone have any examples of how to do this?
>
> I know all the machine accounts show up on my NAS as
>
> host/machinename
In the "users" file
I currently have our wireless users authenticating to our Active
Directory 2003 domain using PEAP and TTLS.
We want to proxy our machine authentications off to something else that
can authenticate them.
Does anyone have any examples of how to do this?
I know all the machine accounts show up on m
I am handing off a qurest from pppd to radius and am failing with a
valid user in the domain.
Here is the output of radiusd -X -A
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1:32769, id=39, length=72
Service-Type = Framed-User
Framed-Protocol = PPP
Is there any news of a approximate release date for the 1.1.0 line of
FreeRADIUS?
Which bugs are currently showstoppers for this line to be released as
"stable"?
Thanks,
Wes
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello all,
I have been successfully providing 802.1x authentication to my
wireless users for approx six months. This was implemented using
ntlm_auth, PEAP, and MSCHAPV2 (windows XP client) against an Active
Directory backend.
We had a power spike, which produced multiple s
Hi, at the moment i´m planing to build a Network based out of 20 VLAN over 8
Nortel switches. Depending on the given Layout of the Network I need to add
some PC´s to more than one Port based VLAN. Is it posible to give the VLAN
ID over the Radius Server, and is it possible to send more than one VL
FreeRadius users mailing list on
August 16, 2005 at 18:18 -0800 wrote:
>
>Thanks Kris!
>
>Everything appeared to compile, install and run without any errors.
>
>If you have any tips or good links for up to date information on how
>to set freeradius up to talk to a Cisco WAP I could use the help.
Hi, at the moment i´m planing to build a Network based out of 20 VLAN over 8
Nortel switches. Depending on the given Layout of the Network I need to add
some PC´s to more than one Port based VLAN. Is it posible to give the VLAN
ID over the Radius Server, and is it possible to send more than one VLA
Ben Thompson <[EMAIL PROTECTED]> wrote:
> This cuts the potential size of my users file down to about 2
> entries and the huntgroups file to about 50 entries. Does this sound
> reasonable?
Yes. But also:
> user2 NT-Password := "35C8397B2320E568467904961A2AF40F"
> Fall-Through = Yes
Joe H <[EMAIL PROTECTED]> wrote:
> Where else do I need to add the new attribute No-Pool in order for
> freeradius to use it?
raddb/dictionary See also "man dictionary"
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, 2005-08-17 at 10:51 -0400, Alan DeKok wrote:
> Ben Thompson <[EMAIL PROTECTED]> wrote:
> > Thanks for that advice. I can see that I could end up with a very large
> > users file using this method. Is there any limit on the size of the
> > users file?
>
> Memory. Also, the CPU time requi
Here is my goal:
I would like to assign an attribute to certain users in ldap and have
freeradius look for that attribute to determine whether or not to reply
back to the NAS device with an IP address pool name. The users with the
attribute set would not have the Pool sent and the users witho
<[EMAIL PROTECTED]> wrote:
> I have added a trigger on RADACCT table which subtracts amount of time
> used by user from RADREPLY each time when he logs in.
>
> It does work but when time is below 0 or negative I need to stop user
> from getting into my system and I am failing to do so.
rlm_sqlc
"Iandc Davies" <[EMAIL PROTECTED]> wrote:
> Can anybody tell me what the rlm_x99 modules is and does ?
X9.9 challenge-response token cards.
> It's stopping my compile at the moment and ammjust wondering whether I need
> it or not.
You probably don't need it. Just delete the whole directory,
Ben Thompson <[EMAIL PROTECTED]> wrote:
> Thanks for that advice. I can see that I could end up with a very large
> users file using this method. Is there any limit on the size of the
> users file?
Memory. Also, the CPU time required to walk it's internal
representation (linked list).
> In the
Hi,
I have small newbie questions..
I want to configure freeRadius for authentication &
authorization. I am able to do proper authentication.
1) I want to configure my users in multiple groups
(depending on their roles). How to do that?
2) And what is the common practice for this? How this
is
Cian Phillips wrote:
If you have any tips or good links for up to date information on how
to set freeradius up to talk to a Cisco WAP I could use the help.
I have a howto on LDAP and FreeRADIUS at
http://vuksan.com/linux/dot1x/802-1x-LDAP.html
I have successfully used it for WPA with Links
Greetings,
Am Mittwoch, 17. August 2005 12:21 schrieb Sebastian Mauer:
> Hello there,
>
> I have a little problem with setting up FreeRADIUS with MySQL Support
> properly. My Linux Distro is Debian Sarge 3.1. I installed all necessary
> libraries and compiled FreeRadius with MySQL enabled. Then I
Sebastian Mauer wrote:
> I have a little problem with setting up FreeRADIUS with MySQL Support
> properly. My Linux Distro is Debian Sarge 3.1. I installed all necessary
> libraries and compiled FreeRadius with MySQL enabled. Then I installed all
> necessary MySQL tables and configured FreeRadius
Greetings,
Am Mittwoch, 17. August 2005 08:16 schrieb Ceyhun K�:
> Hi,
>
> I've setup eap/tls with freeradius in my network.
> I'm using certificates signed by a private CA.
>
> Here is my problem:
>
> When i check validate server certificate in client's connection
> properties, radius an access c
Hello there,
I have a little problem with setting up FreeRADIUS with MySQL Support
properly. My Linux Distro is Debian Sarge 3.1. I installed all necessary
libraries and compiled FreeRadius with MySQL enabled. Then I installed all
necessary MySQL tables and configured FreeRadius to do EAP-TLS with
On Wed, Aug 17, 2005 at 12:35:58AM +0200, Koos Beens wrote:
>> "Koos Beens" <[EMAIL PROTECTED]> wrote:
>>> I am trying to compile a cvs snapshot, in debian with command
>>> dpkg-buildpackage -us -uc -rfakeroot -b
>>> It dies with this message:
>> Ok... try tomorrow's snapshot.
>> Alan DeKok.
Hi All,
I am using FreeRadius with PostgreSQL and everything is running
like a charm besides a small issue.
I am using ‘session-timeout’ attribute in radreply
table to control user session time.
I have added a trigger on RADACCT table which subtracts amount
of time used by user from
Hi all,
Can anybody tell me what the rlm_x99 modules is and does ?
It's stopping my compile at the moment and ammjust wondering whether I need
it or not.
Cheers
Ian Davies
Software Development Engineer
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> Ben Thompson wrote:
>
> > The trouble is I need to assign different VLAN's to users depending
> > which access point they connect from. What I would like to know is if it
> > is possible to use Huntgroups to look up the VLAN id based on something
> > like the IP address of the access point?
>
>
41 matches
Mail list logo
