We've noticed several people have posted their eap.conf for eap-tls
troubleshooting, and that both the check_cert_issuer and check_cert_cn are
commented out. In these configurations is freeradius just checking for the
certificate in the crl list and that the proper CA root is in the CA_file on
On Sun, Oct 26, 2008 at 4:12 AM, Bishal [EMAIL PROTECTED] wrote:
Following is my radcheck table format:
--+--+-+--+
| id | UserName | Attribute| op | Value| CrDate
| creator | Usemac | activated | activeDate | status |
rate |
Hi, I am using freeradiusd 2.0.2
I have edited config files, so radiusd.conf has:
---snip---
detail auth_log {
detailfile =
${radacctdir}/requests/%{Client-IP-Address}/auth-detail-%Y%m%d_%{EAP-Type}
# detailfile = ${radacctdir}/%{Client-IP-Address}/auth-detail-%Y%m%d
#
Hello,
has anyone running freeradius v. 2x running on SLES 10 against edirectory?
Best regards
Boert
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi All, i use:
-WiMAX-MSK = EAP-MSK
and all it works correctly, and I suppose It's validity is only for the
authentication session, it is right?
-WiMAX-AAA-Session-Id: is set as a pseudo-random value.
It's correct?
It's value is related to the duration of the session?
Hi Liran,
I have developed my own php based online viewing gui interface.
Bishal
On 10/27/2008, liran tal [EMAIL PROTECTED] wrote:
On Sun, Oct 26, 2008 at 4:12 AM, Bishal [EMAIL PROTECTED] wrote:
Following is my radcheck table format:
--+--+-+--+
| id
2008/10/27 [EMAIL PROTECTED]:
detail auth_log {
detailfile =
${radacctdir}/requests/%{Client-IP-Address}/auth-detail-%Y%m%d_%{EAP-Type}
# detailfile = ${radacctdir}/%{Client-IP-Address}/auth-detail-%Y%m%d
..
But still, it says nothing if supplicant is using TTLS or PAP which is
Dear All,
I'm facing a problem with Freeradius 2.0.4. I want to make a configuration to
allow our Cisco routers to auth via RADIUS. For this, we're using a password
file now (let's call it ciscopwd) and another file for granting rights.
I want to change the config file, so that the auth is
Good afternoon,
I have inherited an aged ICRadius install and I am in process of
converting to FreeRadius 1.1.7. Currently I have a master DB on our
Management server replicating to two radius servers. Each radius server
has a unique sql instance to send accounting data to the master DB.
Hello,
I would like to authorize windows clients access to 3com Baseline
Switch 2948 SFP against FreeRADIUS server 2.0.5.
Windows are cofigured to use PEAP - EAP-MSCHAPv2.
Server certificate was created with bootstrap script (xpextensions
are included).
I tried windows xp sp3 and linux
I am not an expert on this but I think here is the problem. Under *eap*
you have this:
eap ###
eap {
default_eap_type = md5
timer_expire = 60
ignore_unknown_eap_types = no
I'm facing a problem with Freeradius 2.0.4. I want to make a configuration to
allow our Cisco routers to auth via RADIUS. For this, we're using a password
file now (let's call it ciscopwd) and another file for granting rights.
I want to change the config file, so that the auth is done by LDAP
Hey Bishal,
On Mon, Oct 27, 2008 at 5:08 PM, Bishal [EMAIL PROTECTED] wrote:
Hi Liran,
I have developed my own php based online viewing gui interface.
That's somewhat sad for me to hear as I do believe that daloRADIUS is a
great platform
or at least honestly trying to be with a whole lot
I check for a login using radwho and I
see I have a session, I then attempt both a new auth and start
accounting again and still radwho shows only one login.
The fact that you have user listed in radwho doesn't mean that he is
connected to the NAS as well. checkrad script will delete stale
I would like to authorize windows clients access to 3com Baseline
Switch 2948 SFP against FreeRADIUS server 2.0.5.
Windows are cofigured to use PEAP - EAP-MSCHAPv2.
Server certificate was created with bootstrap script (xpextensions
are included).
I tried windows xp sp3 and linux (wpa_supplicant)
[EMAIL PROTECTED] wrote:
I check for a login using radwho and I
see I have a session, I then attempt both a new auth and start
accounting again and still radwho shows only one login.
The fact that you have user listed in radwho doesn't mean that he is
connected to the NAS as well. checkrad
Are you telling the radius to check for Simultaneous-Use := 1 anywhere?
Even if you have the SQL for simultaneous use uncommented, you still
have to configure Simultaneous-Use := 1 to that specific user or
group, otherwise it will just ignore the SQL...
I also use SQL for my authentication but
It is other both in the localhost client and in the client I created
to test using radiustest.
I have, it shows 5 sessions for this user.
mysql SELECT COUNT(*) FROM radacct WHERE UserName='yellowhousejake'
AND AcctStopTime = 0;
+--+
| COUNT(*) |
+--+
|5 |
+--+
1
[EMAIL PROTECTED] wrote:
It is other both in the localhost client and in the client I created
to test using radiustest.
I have, it shows 5 sessions for this user.
mysql SELECT COUNT(*) FROM radacct WHERE UserName='yellowhousejake'
AND AcctStopTime = 0;
+--+
| COUNT(*) |
+--+
|
Marcelus Trojahn wrote:
Are you telling the radius to check for Simultaneous-Use := 1 anywhere?
Even if you have the SQL for simultaneous use uncommented, you still
have to configure Simultaneous-Use := 1 to that specific user or
group, otherwise it will just ignore the SQL...
I also use SQL
Dear freeradius-users,
I've succeeded in getting LDAP authz/authn working with MSCHAPv2 and
have been using it successfully for a few months now.
I would like to add a very simple user with only a Cleartext-Password to
the users file (this is strictly a FreeRADIUS user and in the interest
of
Do I need to set Simultaneous-Use := 1 for the groups not allowed SU,
and Simultaneous-Use := 2 for the group allowed SU?
OK. This is how Simultaneous-Use works in freeradius: you put that
attribute when you want to set the limit for a number of simultaneous
connections. The number you enter is
I would like to add a very simple user with only a Cleartext-Password to
the users file (this is strictly a FreeRADIUS user and in the interest
of security shouldn't be in LDAP). I would like both the users file and
LDAP to be queried for users, with a query falling through to the next
source if
[EMAIL PROTECTED] wrote:
I would like to add a very simple user with only a Cleartext-Password to
the users file (this is strictly a FreeRADIUS user and in the interest
of security shouldn't be in LDAP). I would like both the users file and
LDAP to be queried for users, with a query falling
I am running FR 2.1.0 OK on SLES10SP1 against edir LDAP backend.
The way I did it, I installed the C/C++ Compiler and Tools in the Yast
patterned setup. This takes care of a number of dependencies. If you
don't want to do this, simply install the required deps later but
there will be quite a few
25 matches
Mail list logo