Hi,
I'm using Freeradius 1.1.6 inside a Solaris 10 zone and compiled
it from vanilla sources. I configured rlm_ldap since the
usernames and cleartext-passwords are stored in an LDAP
directory and it works just fine for applications like Cisco-VPN
or 802.1X EAP-TTLS. Now I wanted to set up the
Scott Lambert wrote:
lrad_packet_list_socket_add() is called with a pointer to the radius
request packet list structure and the socket file descriptor of the
socket which has been created with the call to socket() and bound to an
IP and port by bind() during the prior call to lrad_socket().
Hi,
I'm trying to close the connection of a pre-paid mobile user, after he
reached a limited amount of traffic (ie. 100 megabytes), the network
device is a Cisco router.
I've found may way to rate-limit the traffic bandwidth but not one to do
this.
Is radius the correct way to achieve this
Here is a short example that should work for you using the hints file:
#hints
DEFAULT User-Name =~ @dsl.realm
Hint = DSL
#/hints
#users
DEFAULT Hint == DSL
Cisco-AVPair += ...
#/users
Thanks Kevin
This looks great, however the caveat is that we're using MySQL and not
the users
On Mon, 2007-09-17 at 20:30 -0700, Bill Shaver wrote:
Please forgive the duplicate post. I posted this a few days back and
didn't see any response; thought I would give it just one more try.
Thanks for any response.
--Bill
I have started to experiment with using mysql as the
Hi
I am using EAP_TLS authentication with free radius 1.1.7 .The authentication
is a certificate based one.
I want to reject one user .I have done config in users file
anoop07Auth-Type := Reject
Reply-Message = \Your account has been disabled.\
1. Secret is different (probability 99%)
2. MD5 libraries on the client or the server are broken
I would delete the secret on the server and the client and type in
another one. If that doesn't work then you will need to fix the MD5
calculations. If it's the server you will get this problem with
Revoke the certificate.
Ivan Kalik
Kalik Informatika ISP
Dana 18/9/2007, [EMAIL PROTECTED] [EMAIL PROTECTED] piše:
Hi
I am using EAP_TLS authentication with free radius 1.1.7 .The
authentication is a certificate based one.
I want to reject one user .I have done config in users file
and make sure to use check_crl = yes in eap.conf
On 9/18/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Revoke the certificate.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
version of FR? modules or backend auth system used?
Using FR 1.1.5 and using mod_auth_ldap for auth
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 9/18/07, Massimiliano Macrì [EMAIL PROTECTED] wrote:
I'm trying to close the connection of a pre-paid mobile user, after he
reached a limited amount of traffic (ie. 100 megabytes), the network
device is a Cisco router.
I've found may way to rate-limit the traffic bandwidth but not one to
FreeRADIUS Version 1.1.3-r0.1.2 (Upgrade to 1.1.7 is Pending)
I am running FreeRADIUS to authenticate wireless users on a bunch of Cisco
AP1231's. My wireless supplicants are running a combination of the
standard Windows XP client which works fine and the Intel Proset Client
which is causing
Actually if you are working with MySQL or some other SQL database
server maybe you can write your own sql module that accomplishes that.
I would suggest taking a look at Max-All-Session as an example.
What you want to do is create a kind of sql module that will act as a
counter
for the traffic
Hello all,
I'm looking for a simple way to protect access to my wireless network. I'm
seeing a lot of old documentation on how to use EAP-TLS to protect the
wireless network. I've found lots of old documentation on how to setup WPA
Enterprise. I would like some updated docuentation on how to do
simplest, don't turn it on.
On 9/18/07, Kent Thomas [EMAIL PROTECTED] wrote:
Hello all,
I'm looking for a simple way to protect access to my wireless
network. I'm
seeing a lot of old documentation on how to use EAP-TLS to protect the
wireless network. I've found lots of old documentation
On Tue 18 Sep 2007, Massimiliano Macrì wrote:
Hi,
I'm trying to close the connection of a pre-paid mobile user, after he
reached a limited amount of traffic (ie. 100 megabytes), the network
device is a Cisco router.
I've found may way to rate-limit the traffic bandwidth but not one to do
Read instructions in eap.conf. You most likely need to set:
use_tunneled_reply = yes
in peap section.
Ivan Kalik
Kalik Informatika ISP
Dana 18/9/2007, Terry Pelley [EMAIL PROTECTED] piše:
FreeRADIUS Version 1.1.3-r0.1.2 (Upgrade to 1.1.7 is Pending)
I am running FreeRADIUS to authenticate
Hi,
I want to configure freeradius (Linux) in order to authenticate and
authorize MS Windows XP clients (people connect to Access Point
Linksys). I am using EAP-PEAP and MSCHAP fron Windows. If I perform
radtest from linux clients (using wired network) I have no problem to
access, but I cannot
Thank you,
That worked perfectly.
FreeRadius users mailing list freeradius-users@lists.freeradius.org
writes:
Read instructions in eap.conf. You most likely need to set:
use_tunneled_reply = yes
in peap section.
Ivan Kalik
Kalik Informatika ISP
Terry Pelley
Network Analyst
Business and
Good morning, freeradius users. I have 2.5 questions.
1. Can radrelay be used with multiple accounting directories? I have
multiple (7) directories with files I need to be watching with
radrelay. I haven't been able to get radrelay to work properly when I
use -a /accounting-dir/ multiple times
On Tue, 2007-09-18 at 08:13 -0600, Kent Thomas wrote:
Hello all,
I'm looking for a simple way to protect access to my wireless network. I'm
seeing a lot of old documentation on how to use EAP-TLS to protect the
wireless network. I've found lots of old documentation on how to setup WPA
Phil,
Thanks a million for the reply. You are the first to actually reply with
some info for me to look at.
The document you gave is good, except for the client certificate part. I
don't want to have to give certificates out to everyone on my wireless
network. Is there a way to get around this?
On Tue, Sep 18, 2007 at 09:54:33AM +0200, Alan DeKok wrote:
Scott Lambert wrote:
lrad_packet_list_socket_add() is called with a pointer to the radius
request packet list structure and the socket file descriptor of the
socket which has been created with the call to socket() and bound to an
If you have XP clients your best option is PEAP. Read instructions in
eap.conf about setting it up. But that will work only if your passwords
are stored in plain text or NT hash (not much to do with EAP but
MSCHAPv2 used as tunnel authentication protocol). If your passwords are
encrypted in some
Ivan,Thanks a million. I've been looking at using peap. I have a mixed
network, mac xp. I wouldn't mind using plain text passwords if that could
be forced. The only configurations that get close to working get as far as
machapv2, then fail because of no nt/lm password. If I could use the
If you are in control of Ldap server then you can enforce whatever
password scheme you see fit. If you map Clertext-Password attribute to
plain text passwords in Ldap everything will work fine. But if you are
using crypt, sha or such on your passwords, mschap will never work.
Your eap.conf is
Guilherme
Thanks I have committed a patch. Sorry about that. This is one of the reasons
why I normally dont keep the different sql dialect files in sync without
significant testing.. There are just too many differences. Unfortunately
this causes them to gradually get out of sync over time. If
You need SNMP to disconnect the link, not Radius.
The only other way I can think of is that, if you can use an external
program/script to check the quota from your accounting records, and
then if that quota is reached, then send the program sends to SNMP to
disconnect the user.
On
HI
Thank you for the response.But as per users file configuration it should deny
the user if i include that user name-reject file.Do i need to do any config for
this to work.
Regards
Anoop
Message: 3
Date: Tue, 18 Sep 2007 11:30:53 +0100
From: [EMAIL PROTECTED]
Subject: Re: Denying user
Sergio Belkin wrote:
I want to configure freeradius (Linux) in order to authenticate and
authorize MS Windows XP clients (people connect to Access Point
Linksys). I am using EAP-PEAP and MSCHAP fron Windows. If I perform
radtest from linux clients (using wired network) I have no problem to
Dear All,
I am trying to configure the following.
User - Access Point - Free Radius Server(acting as proxy server) -
Radius Server
Now the above configuration works when I have PAP as authentication
method. Now I need to have EAP MD5 auth between user and free radius
server and PAP
31 matches
Mail list logo