Hi,
this is for the _users_ list, not developers.
But if other client using same radius server authticate with same username
and pasword, the User-Password field is in clear text and all works.
Could some one look this for me, many thanks. Ryan.
1) double-check the shared secret on NAS and
Ok, thanks for reminder.
[Email] [EMAIL PROTECTED]; [EMAIL PROTECTED]; [MSN] [EMAIL PROTECTED]
[YahooMessage]wsly790104 From: [EMAIL PROTECTED] To:
freeradius-users@lists.freeradius.org Subject: Re: help on radius, how to make
password in clear text Date: Wed, 16 May 2007 07:52:07 +0200
Apostolos Pantsiopoulos wrote:
I am about to migrate from our old radius based system (VoIP) to a new
one (based on freeradius).
Is it possible to use the proxy feature so that I can process the
requests both locally ( acct=LOCAL, auth=LOCAL)
as well as remotely (send them to the old
Jian Wang wrote:
Is there an RFC standardizing the attribute mapping between LDAP and
RADIUS?
No.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubscribe? See
John Horne wrote:
I made the change and started Freeradius (from /etc/init.d). I could
repeatedly HUP the daemon, and it answ would stay running according to 'ps'.
However, the log file only showed one line for the first HUP and nothing
at all after that. The line it showed was:
Tue May
Brian Walters wrote:
Is it still possible to use the OLD radrelay binary until things
stabilize a little more? instead of using radiusd -n radrelay
Yes.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List
Brian Walters wrote:
but the authhost and accthost entries can be listed next to each other
for each realm. I just wanted to make sure there wasn't a short cut of
allowing a home server to be both. Even with adding 2 entries for each
home server (1 auth, 1 acct) it's still a big saving with
Gunther wrote:
Will there be support for MySQL Stored Procedures in 2.0?
FreeRADIUS 2.0.0-pre1 does not yet support SP in MySQL.
The idea is to put the patch in 1.1.7 and 2.0.0.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/
Hi,
I have freeradius-0.9.3 on Linux RedHat 9
Ideas ?
upgrade
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
uot;freeRadius Mailing List - users" freeradius-users@lists.freeradius.org, "freeRadius Mailing List - dev" [EMAIL PROTECTED]Message-ID: [EMAIL PROTECTED]Content-Type: text/plain;
charset="utf-8"Is there an RFC standardizing the attribute mapping between LDAP and RADIUS?Thanks
Config looks OK. Change type of the NAS you are testing to other. If
that stops multiple logins, problem is with radcheck script.
Ivan Kalik
Kalik Informatika ISP
Dana 16/5/2007, Trio [EMAIL PROTECTED] piše:
Im using nas with 'nas' table in my sql here the data
mysql select * from nas;
hI Ben
there is one file asserts.h is missing
search that on net, include that in rlm_sim and recompile.
it worked for me.
-deepak
On 5/15/07, Ben2148 [EMAIL PROTECTED] wrote:
I have exactly the same problem (symbol lookup error).
Can anyone help me fixing it ?
Thanks
Ben
--
View this
Hi Alan,
based on cvs head from May 10 2007:
having following listen entry in radrelay.conf:
listen {
type = detail
detail = /var/log/freeradius/radacct/radrelay/detail
max_outstanding = 100
identity = radrelay
}
radrelay personality of freeradius can't parse
Milan Holub wrote:
having following listen entry in radrelay.conf:
listen {
type = detail
detail = /var/log/freeradius/radacct/radrelay/detail
Change that to filename = ..
max_outstanding = 100
Delete that.
identity = radrelay
}
radrelay
Hi Alan,
with cvs head from May 10:
I had following accounting section:
accounting {
detail
sql
attr_filter.accounting_response
}
where all modules were invoked to process the request.
then I've changed it to:
accounting {
detail
Acct-Type RELAY {
radrelay-detail
Hi Alan,
On Wed, May 16, 2007 at 12:25:13PM +0200, Alan Dekok wrote:
You probably want to use radrelay ONLY in debugging mode. It sort of
works there when I test it. I wouldn't recommend using it in normal
daemon mode, or with multiple threads.
== actually I wanted to use it in
Milan Holub wrote:
== actually I wanted to use it in production:)
I wouldn't recommend that right now.
== what would you suggest to people willing to use freeradius 2.0-preX
and radrelay functionality? The old radrelay program was removed.
My idea is to take a radrelay binary from
Hi all,
with cvs head from May 10 I've observed following behaviour(which is
actually hard to debug):
Configuration:
* FreeRADIUS Version 2.0.0-pre0, for host i386-pc-linux-gnu, built on May
10 2007 at 13:56:28
* mysql Ver 14.7 Distrib 4.1.8, for pc-linux-gnu (i386)
* Linux 2.4.26 ,
Milan Holub wrote:
My problem is that if the Acct-Type is set to RELAY then no other
module from accounting{} gets called except of radrelay-detail. I
thought that correct behaviour is that all modules from accounting{}
should be called and if Acct-Type is set to RELAY then radrelay-detail
Hi all,
On Wed, May 16, 2007 at 02:05:09PM +0200, Milan Holub wrote:
Currently the only thing which helps is to restart freeradius. It
creates the DB handles again and works fine for another several hours up to
days...
I have following nasty workaround which react on rlm_sql module
Milan Holub wrote:
...
Then every occurence of sql module call I've replaced by following
configurable failover section:
See the virtual modules in radiusd.conf. You can put that entry
there as group sql_restart. Then, replace sql in
authorize/accounting with sql_restart.
It's a little
Hi Alan,
On Wed, May 16, 2007 at 12:25:13PM +0200, Alan Dekok wrote:
You probably want to use radrelay ONLY in debugging mode. It sort of
works there when I test it. I wouldn't recommend using it in normal
daemon mode, or with multiple threads.
== I just tested with the changed config and
Milan Holub wrote:
== I just tested with the changed config and it does not work for me
neither(causing segmentation fault) -- reason to use old good radrelay
for the moment:)
...
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1024 (LWP 25154)]
0x08053826 in
Jian Wang wrote:
Is there an RFC standardizing the attribute mapping between LDAP and
RADIUS?
look at this doc;
http://docs.sun.com/source/806-4252-10/mapping.htm
==
Benjamin K. Eshun
- Message d'origine
De : Alan Dekok [EMAIL
Hi Alan,
On Wed, May 16, 2007 at 02:50:27PM +0200, Alan Dekok wrote:
See the virtual modules in radiusd.conf. You can put that entry
there as group sql_restart. Then, replace sql in
authorize/accounting with sql_restart.
It's a little simpler...
== thanks for the tip, it's working and
I have a freeradius box (version 1.1.0) with the following (working) group
lookup.. On updating to 1.1.6 it appears the
%{Stripped-User-Name:-%{User-Name}} part is broken.. I see in cvs there is
an update to head, radiusd/src/main/xlat.c (1.115): make ':-' work again.. I
have not had luck
Yess. It Works!
Thanks a lot, Stefan. I've been looking for that for a long time.
For all the people who are trying to implement that feature I will summarize
it:
* If you want to apply rules in your attributes in order to change the
reply from a home RADIUS that is sending back through
Yess. It Works!
Thanks a lot, Stefan. I've been looking for that for a long time.
For all the people who are trying to implement that feature I will summarize
it:
* If you want to apply rules in your attributes in order to change the
reply from a home RADIUS that is sending back through
Does anyone have any specific tweaks to get MS IAS and freeradius
talking? We're trying to share resources with another isp in the area
- their IAS server needs to be able to auth against our freeradius
server, and visa versa with our freeradius to their IAS. A link to a
tutorial would be
by the way, we are dealing with freeradius 1.1.3.
Ian Savoy wrote:
Does anyone have any specific tweaks to get MS IAS and freeradius
talking? We're trying to share resources with another isp in the area
- their IAS server needs to be able to auth against our freeradius
server, and visa
Realms
Jory Privett
WCCS
- Original Message -
From: Ian Savoy [EMAIL PROTECTED]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Wednesday, May 16, 2007 3:29 PM
Subject: Re: freeradius = MS IAS passthrough
by the way, we are dealing with freeradius 1.1.3.
Ya, we have realms setup, however we're failing to auth against each other.
Jory Privett wrote:
Realms
Jory Privett
WCCS
- Original Message -
From: Ian Savoy [EMAIL PROTECTED]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Wednesday, May 16, 2007
Check the config and make sure that each unit has the other set up as a
client and that the handle the realms correctly. Also make sure that you
have a Remote Access Policy properly configured on the IAS machine.
Jory Privett
WCCS
- Original Message -
From: Ian Savoy [EMAIL PROTECTED]
Is there anything else?
Jory Privett wrote:
Check the config and make sure that each unit has the other set up as a
client and that the handle the realms correctly. Also make sure that you
have a Remote Access Policy properly configured on the IAS machine.
Jory Privett
WCCS
-
I'm trying to find a solution to a wireless authorization issue.
Background
When using EAP-TLS both Windows (XP/Vista) and Mac OS supplicants by
default set the outer identity equal to the user certificate Subject
Alternative Name - Principle Name (OID 1.3.6.1.4.1.311.20.2.3) when
it
Never say:
it just doesn't work.
show us. Run radiusd -X and show us what is happening when you try and
tell us what you think should be happening.
--
Dennis Skinner
Systems Administrator
BlueFrog Internet
http://www.bluefrog.com
-
List info/subscribe/unsubscribe? See
On Wed 16 May 2007, Ian Savoy wrote:
Ya, we have realms setup, however we're failing to auth against each
other.
Then you either have the wrong shared secret between your 2 servers, or you
are testing the wrong user/password. What you are trying to do is trivial
and covered by the
On Wed, 2007-05-16 at 17:12 -0400, Ian Savoy wrote:
Is there anything else?
Hi,
Not sure if it's still relevant but with our IAS servers the sysadmin
made sure it set the reply message to yes. If you test from freeradius
to the IAS server using the 'radtest' command, and run freeradius as
Thanks for both replies :)
On 5/16/07, Eshun Benjamin [EMAIL PROTECTED] wrote:
Jian Wang wrote:
Is there an RFC standardizing the attribute mapping between LDAP and
RADIUS?
look at this doc;
http://docs.sun.com/source/806-4252-10/mapping.htm
I've read through the rlm_ldap wiki (http://wiki.freeradius.org/Rlm_ldap)
and the sample radiusd.conf in FreeRADIUS package but I still don't know how
to make LDAP Group work. Is there any more detailed examples?
Thanks.
-
List info/subscribe/unsubscribe? See
Dear all
My EAPTLS is working with free radisu 1.1.6 as i did every installation
starts from zero
Thanks for all for the help.
I have few quires for free radius as i was using navis radius.
1 Where will i find the log of the authentication like username login
ok...or
Clark J. Wang wrote:
I've read through the rlm_ldap wiki
(http://wiki.freeradius.org/Rlm_ldap) and the sample radiusd.conf in
FreeRADIUS package but I still don't know how to make LDAP Group work.
Is there any more detailed examples?
See the FAQ for It doesn't work.
It works for me, and
[EMAIL PROTECTED] wrote:
1 Where will i find the log of the authentication like username login
ok...or login failed
It's in radius.log
2 One user\'s certificate if I installed in other user\'s laptop it works.I
want one user certificate should work in one laptop only.
There's
43 matches
Mail list logo
