Hi,
I'm authing about 60 3com 4400 switch with mysql. Everithing goes ok until
the switch sends a
particular request to the server. This is the request:
rad_recv: Access-Request packet from host 10.10.0.219:2049, id=57, length=87
User-Name = a3Com
User-Password = a3Com
hi,
thanks, now that you supplied the full debug we can clearly see that freeradius
is unable to connect to your SQL database. so, questions arise such as - is
your database server running? is it configured for that 'root' account
and password (check using command line tools etc), is it
Hi Guys
Is anyone actually using rlm_python in production?
We do. But with a home-made module, based on corrected
module stored in bugzilla.
We made adjustments in it to meet our customer needs,
and it is therefore not reusable.
Nevertheless, we did correct memory leaks, threading
issues and
Hello,
I'm newbie,I wanna know that can i use FreeRadius+Dialup_admin as a
LAN accounting?
It means that i use them without dialing?
the name dialup_admin is a bit misleading. You can as well manage LAN users
with them.
It's a generic user management system.
Stefan
--
Stefan WINTER
Hi
I'm working on 802.1x implementation(cisco 2950, freeradius, ldap), i face a
problem. First of all, defining users and passwords in users file in raddb
works well with md5 authentication. Then i tried to use ldap, then with
radtest i get accept-accept packet. But while authenticating from xp
I have configured a working EAP-TLS system and am now migrating to
use EAP-TTLS (with both client side certificates and a password
authentication mechanism).
I'm stuck trying to work out how to avoid sending the password
unhashed to the server and think that some form of CHAP/MSCHAPv2
Thanks a lot!
I dont know why Freeradius and MySQL suddenly works after I did the
following step.
1 insert into radgroupreply (groupname,attribute,op,values) values
('user','Auth-Type',':=','Local');
insert into radgroupreply (groupname,attribute,op,values) values
I'm working on using Freeradius with Chillispot to authenticate from an
Oracle database. Freeradius is running on W2K3 server and Oracle is
installed on the local machine.
At this point, I'm trying to compile the rlr_sql_oracle module, but keep
getting:
$ ./configure
Ramazan Ulker wrote:
. But while
authenticating from xp client with md5-challenge, I got
Auth:rlm_ldap:Attribute User-Password is required for authentication
You set Auth-Type := LDAP. Don't do that.
error. In one of the e-mail you said don't authenticate from ldap, but
with radtest
[EMAIL PROTECTED] wrote:
This is OK, but switch says The RADIUS Authentication service is not
responding.
See the FAQ about the NAS never seeing the response from the server.
The strange thing is the userame a3Com that i've never seen in any switch
configuration.
Is something related to
James Lever wrote:
I'm stuck trying to work out how to avoid sending the password unhashed
to the server
Why?
and think that some form of CHAP/MSCHAPv2 might be the
right way to go. My current thoughts are that I should use PAP with
SHA1 or SSHA1 but I seem to get the right config (if it
Brian wrote:
At this point, I'm trying to compile the rlr_sql_oracle module, but keep
getting:
$ ./configure --with-oracle-home-dir=/cygdrive/d/oracle/ora92
...
configure: WARNING: oracle headers not found. Use \
--with-oracle-home-dir=path
configure: WARNING: sql submodule 'oracle' disabled
Hi,
I'm stuck trying to work out how to avoid sending the password
unhashed to the server and think that some form of CHAP/MSCHAPv2
might be the right way to go. My current thoughts are that I should
use PAP with SHA1 or SSHA1 but I seem to get the right config (if it
is even
On 2007-01-29 13:04, Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
This is OK, but switch says The RADIUS Authentication service is not
responding.
See the FAQ about the NAS never seeing the response from the server.
The strange thing is the userame a3Com that i've never seen in any switch
Hi,
But i couldn't use mysql -u root -p rootpass to enter the command line
enviroment any longer. The output is :ERROR 1045 (28000): Access denied for
user 'root'@'localhost' (using password: YES). Seems strange,isnt? Anyway, I
might better re-install Mysql.
not strange at all - does that
Yes,I compiled FR myself. Originally I installed mysql with *.rpm
packages(MySQL-*-5.0.20-0.i386.rpm, include
MySQL-devel-5.0.20-0.i386.rpm),but it doent works. So I uninstall rpm
packages and use
mysql-standard-5.0.20-linux-i686.tar.gz to install Mysql.
Thanks.
2007/1/29, YvesDM [EMAIL
Hi!
I am using radius to authenticate request from the radiusclient-ng2 with the
digest method.
I have a strange situation because client log the following problem:
received invalid reply digest from RADIUS server
This is strange because as I read on web this error is due to wrong secrets
tzieleniewski wrote:
Hi!!
I am runnig Debian etch release OS on the 64 bit CPU
below is the detailed CPU information:
So... the libradiusclient code isn't 64-bit clean. It needs to be fixed.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
Does FreeRADIUS support PEAP Fast Reconnect?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
that chris fixed in freeradius-client 2
days ago.
Try using a current snapshot of freeradius-client instead of radiusclient-ng
and see if the problem is solved. Here is a link:
ftp://ftp.suntel.com.tr/pub/freeradius/snapshots/freeradius-client-snapshot-20070129.tar.bz2
A patch I wrote to make OpenSER
King, Michael wrote:
Does FreeRADIUS support PEAP Fast Reconnect?
No.
As always, patches are welcome. :)
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubscribe? See
Stefan Winter wrote:
Hello,
I'm newbie,I wanna know that can i use FreeRadius+Dialup_admin as a
LAN accounting?
It means that i use them without dialing?
the name dialup_admin is a bit misleading. You can as well manage LAN users
with them.
It's a generic user management system.
agree if
No, not currently. Doing so will require a level of caching and
connection of the TLS session information with the RADIUS attributes
that currently is not in place. This kind of checking is to insure
that a user is not able to authenticate with is credentials, then,
say, simply change
-Original Message-
Does FreeRADIUS support PEAP Fast Reconnect?
No.
As always, patches are welcome. :)
Thanks. It was a does this check box actually do anything for me
question.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
yao guoxian wrote:
rlm_sql_mysql: Mysql error 'Host '202.117.7.243 http://202.117.7.243'
is not allowed to connect to this MySQL server'
I assume this is a test server and is tightly controlled
Login to MySQL as root on the command line.
Type this:
GRANT ALL ON *.* TO [EMAIL PROTECTED]
I'm newbie,I wanna know that can i use FreeRadius+Dialup_admin as a
LAN accounting?
It means that i use them without dialing?
the name dialup_admin is a bit misleading. You can as
well manage LAN users
with them.
It's a generic user management system.
agree if RADIUS is used to
e problem is solved. Here is a link:
ftp://ftp.suntel.com.tr/pub/freeradius/snapshots/freeradius-client-snapshot-20070129.tar.bz2
A patch I wrote to make OpenSER use freeradius-client instead of
radiusclient-ng is at:
https://sourceforge.net/tracker/?func=detailatid=743022aid=1631052group_id=139143
I
On 29/01/2007, at 10:07 PM, Alan DeKok wrote:
James Lever wrote:
I'm stuck trying to work out how to avoid sending the password
unhashed
to the server
Why?
Two reasons - first I am trying to limit risk of client
misconfiguration - if a client has misconfigured their supplicant, to
On 29/01/2007, at 11:03 PM, [EMAIL PROTECTED] wrote:
MSCHAPv2 is the main way to go. offering challenge/response means
the password is never sent clear. alternatively you could use
MD5 instead of plain. but client support is an issue...
After reading through Alan DeKok's compatibility page
I'm trying to create a Redhat RPM from the nightly CVS snapshots.
(Following the Wiki instructions)
I've tried a few different snapshot dates, and they all die with the
attached error.
I'm not too familiar with RedHat packaging. Any idea what I've done
wrong?
Checking for unpackaged file(s):
Does anyone have pointers on setting up a solution where freeradius
authenticates against an RSA Secure ID or a smart card?
Is there a good package that supports some sort of standard
password-less authentication?
Any experiences using smart cards or RSA Secure IDs with Linux would be
welcomed.
Josh Howlett wrote:
I'm newbie,I wanna know that can i use FreeRadius+Dialup_admin as a
LAN accounting?
It means that i use them without dialing?
the name dialup_admin is a bit misleading. You can as
well manage LAN users
with them.
It's a generic user management system.
agree if RADIUS is used
We had a system using Ciscosecure ACS that wrote the accounting records
to textfiles in a directory. A perl script using Dirwatch monitored the
directory and triggered a stored procedure in oracle which inserted the
data. If oracle wasn't available, the data just accumulated. Once oracle
was up
I finally got PEAP working, nowe I have two questions, should I create a
dummy account for the mschap element of authentication. Secondly, how do
I create additional certs for additional hosts in FreeRadius? As it is
now, I can only authenticate one node.
-
List info/subscribe/unsubscribe? See
Joseph wrote:
Does anyone have pointers on setting up a solution where freeradius
authenticates against an RSA Secure ID or a smart card?
FreeRADIUS proxies the request to the RSA RADIUS server.
There's not much else that can be done.
Is there a good package that supports some sort of
King, Michael wrote:
I'm trying to create a Redhat RPM from the nightly CVS snapshots.
(Following the Wiki instructions)
...
I'm not too familiar with RedHat packaging. Any idea what I've done
wrong?
The RPM file in FreeRADIUS needs to be updated with that list of files.
Alan DeKok.
--
36 matches
Mail list logo