Sam Schultz wrote:
I was just wondering if the bug from this post has been fixed since 1.1.6:
Re: EAP-TTLS outer identity accounting
No. It should be fixed before 1.1.7 is released, though.
I'm not sure what changed, or why it's broken.
Alan DeKok.
--
http://deployingradius.com
Arran Cudbard-Bell wrote:
It's fine so long as you don't do a make install :)
Alan D is on it, i'm sure it'll be fixed in a couple of days ..
It's fixed.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List
Felipe Ceglia - PY1NB wrote:
Running 1.1.6 now. Crypt-Local works ok now.
In 1.1.6, you don't have to do that.
I would like to know if it is possible to have both User-Password and
Crypt-Local Auth-Types for sql users.
No. Stop trying to set Auth-Type. It's not necessary.
In
rlm_eap: Unable to load EAP-Type/peap, as EAP-Type/TLS is
required first.
You need to uncomment the tls section in eap.conf, even if yoo're not
intending to use EAP-TLS.
josh.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Cody Jarrett wrote:
I'm trying to setup freeradius with ldap for use with a wireless
network. I don't want to have to deal with tls and certificates if
possible,
Then you won't be doing PEAP. It requires TLS and certificates.
...
rlm_eap: Unable to load EAP-Type/peap, as EAP-Type/TLS is
Hi!
By commenting the CA_file parameter in the eap-tls section:
# CA_file = ${raddbdir}/certs/trusted-ca-cert-list.pem
*and*
by setting CA_path parameter in the eap-tls section to an *empty* directory
CA_path = ${raddbdir}/certs/trustedCAs
should do the trick.
No trusted CAs mean no trusted
Milan Holub wrote:
If you check the timeline we've received conclicting packet after
0.000696 sec. Which I think was a duplicate packet due to some network
problem. Packet 11920 was in the middle of processing(finished writing
into detail file, but not yet written to database). Segmentation
update request {
Supplicant-Flags = %{sql_clients:SELECT
EXPORT_SET(master.supplicant_flags,'1','0','',10) FROM `master` WHERE
master.hw_address = '%{Calling-Station-Id:-null}' LIMIT 0,1}
}
is parsed as
SELECT EXPORT_SET(master.supplicant_flags,'1','0','',10) FROM `master`
WHERE
Arran Cudbard-Bell wrote:
...
Tailing } breaks sql queries.
Thing that breaks it is the alternate value declaration for
Calling-Station-Id.
It's a bug in the CVS head. I've committed a fix.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi all,
I have a problem with pam_radius_auth-module, maybe someone can help me.
The situation:
I am running freeradius 1.1.6 and installed the pam_radius_auth-Module
In the file /etc/pam.d/sshd I inserted the line
Auth required pam_radius_auth.so
like it is described in the docu of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Reimer Karlsen-Masur, DFN-CERT wrote:
Hi!
By commenting the CA_file parameter in the eap-tls section:
# CA_file = ${raddbdir}/certs/trusted-ca-cert-list.pem
*and*
by setting CA_path parameter in the eap-tls section to an *empty* directory
Alan Dekok wrote:
Cody Jarrett wrote:
I'm trying to setup freeradius with ldap for use with a wireless
network. I don't want to have to deal with tls and certificates if
possible,
Then you won't be doing PEAP. It requires TLS and certificates.
Is what I want possible then? And
Read provided instructions in eap.conf.
Ivan Kalik
Kalik Informatika ISP
Dana 18/6/2007, Cody Jarrett [EMAIL PROTECTED] piše:
Alan Dekok wrote:
Cody Jarrett wrote:
I'm trying to setup freeradius with ldap for use with a wireless
network. I don't want to have to deal with tls and
I have Freeradius installed on two opensuse 10.2 servers
Running Freeradius 1.16
I am running radrelay on the two too keep the detail files in sync
(New Setup)
The combined detail work file is created on the two servers and each appear to
write to it ok.
But they aren't transferring with one
Jeff wrote:
...
The combined detail work file is created on the two servers and each appear
to write to it ok.
But they aren't transferring with one another
What *are* they doing? You can run the radrelay *and* server in
debugging mode, to see what is going on.
If you're not doing
I tried running both in debug, and basically only thing happening is the info
is going into the
combined file on the server that took the request but radrelay running in the
debug mode on that same server
about ever 50 seconds runs through its hoop, but never processes anything like
it had
Hi,
Is the read_groups configuration paramter reading strings
intentionally removed from rlm_sql.c? Why?
Let me suggest a patch:
*** rlm_sql.c.orig 2007-05-15 14:10:35.0 +0400
--- rlm_sql.c 2007-06-18 19:46:59.0 +0400
***
*** 57,62
--- 57,64
Alan Dekok [EMAIL PROTECTED] said
Yes. For simplicity:
$ script valgrind.log
$ valgrind radiusd -xxx
...
$ ctrl-c
$ exit
Okie Dokie. I was going to use --log-file witrh valgrind, but 'script'
works. Done.
So far the only errors I'm seeing are these:
==29820== Thread 2:
==29820==
My telcom incumberant allows me to authenticate my clients on his
network - providing me with both ADSL and Dialup facilities - which I
then sell on to my clients. I need to be able to distinguish between
these two different service types. My telco sends
%{Telkom-Access-Type} and when I
Mark J Elkins wrote:
This gives (in radiusd -X) the debug warning message of
WARNING: Attempt to use unknown xlat function, or non-existent attribute
in string %{Telkom-Access-Type}
So how do I correctly access and use this value
See doc/variables.txt, which explains how to
I found a few topics on this issue but nothing quite informative enough.
I'm trying to get freeradius auth working with pam and peap. When I test
my config with radtest, I get Access-accept. When I use a windows XP
supplicant with a 3com access point, I get:
rlm_pam: Attribute User-Password is
On Monday 18 June 2007 16:31:37 Cody Jarrett wrote:
I found a few topics on this issue but nothing quite informative enough.
I'm trying to get freeradius auth working with pam and peap. When I test
my config with radtest, I get Access-accept. When I use a windows XP
supplicant with a 3com
You are forcing Auth-Type PAM and doing EAP. Where is Auth-Type coming
from? One of the DEFAULT entries? Don't set Auth-Type! Let the server
swich to one that's needed.
Ivan Kalik
Kalik Informatika ISP
Dana 18/6/2007, Cody Jarrett [EMAIL PROTECTED] piše:
Sorry, 10.1.22.10 is the ip of my 3com.
Oh, I had Default auth-type := pam in users. I removed that line and
get a much longer debug output when I try to connect with the xp machine
to the wireless. radtest fails with this message auth: No authenticate
method (Auth-Type) configuration found for the request: Rejecting the
user. I
And where is your user/pass stored? It's not in users file and I don't
see any database configured.
Ivan Kalik
Kalik Informatika ISP
Dana 18/6/2007, Cody Jarrett [EMAIL PROTECTED] piše:
Oh, I had Default auth-type := pam in users. I removed that line and
get a much longer debug output when I
[EMAIL PROTECTED] wrote:
And where is your user/pass stored? It's not in users file and I don't
see any database configured.
Ivan Kalik
Kalik Informatika ISP
Dana 18/6/2007, Cody Jarrett [EMAIL PROTECTED] piše:
Oh, I had Default auth-type := pam in users. I removed that line and
Cody Jarrett wrote:
I originally had Default Auth-type := pam but I removed that. Users
are stored in an ldap database and I am basically trying to get radius
to use pam for auth info, is this wrong? I don't understand how radius
will use pam if I don't specify it somewhere.
You cannot use
Newbie Warning!!!
I'm new to this community, however I am a quick study. I found some
resources online about this very issue but wasn't able to get a resolution.
Please clarify for me:
The step below: Does this go in radiusd.conf as well?
attr_rewrite blank_password {
28 matches
Mail list logo
