Victor Tangendjaja wrote:
How do you generate this unique session id?
However you want.
In 2.1.6, you can do:
update reply {
WiMAX-AAA-Session-Id - %{md5:%{User-Name}...}
}
i.e. calculate the MD5 hash over information specific to the user
session.
Hi All,
I'm
using mysql server 5.1.30 for storing radius accounting details. The
system works fine and accounting is done to log file and to mysql
server installed in a separate machine.
But the problem arises
when the mysql server is not working. When the radius accounting
But the problem arises
when the mysql server is not working. When the radius accounting server
lost the connectivity to the mysql server it does not report any kind
of error. The radius daemon is working fine in the radius accounting
server. But it does not respond to any requests.
So it
Dear Freeradius User list,
I am surprised by the fact that freeRadius (Version 2.0.4) is 3 time quicker
when running in full debug mode ( -X option).
When running freeradius I full debug mode
/usr/sbin/freeradius –X
I have good response time from remote client were between 200 and 210 ms.
But
Vincent Laborie wrote:
I am surprised by the fact that freeRadius (Version 2.0.4) is 3 time quicker
when running in full debug mode ( -X option).
You are logging to syslog.
Use a syslog server that doesn't kill performance, like rsyslog.
Alan DeKok.
-
List info/subscribe/unsubscribe?
Jaulin Bernard wrote:
After many weeks with no results, It’s time to find help !
If it doesn't work after a day or so, ask for help...
Freeradius : 3.0.4 (with openssl)
What is version 3.0.4?
We use MSCHAP V2 with PEAP for Windows and Linux Client, the problem
is so strange. On HP
Hi Bernard,
Based upon the provided information I would believe that this would be a
driver problem, but without knowing what you have tried, your actual Intel
Hardware and a proper wireless capture this is the best I can offer. To me
if the Intel and Thinkpad wireless apps work with your
Hi all,
On a Radius version 2.x, we would like to tie an user to a MAC address.
The auth key would then be the username, password and MAC address
(Calling Station ID).
Where is the right place to do that?
- On the freeRadius? (any hint, please?)
- In the PGSQL behind? (using some FUNCTION, I
On a Radius version 2.x, we would like to tie an user to a MAC address.
The auth key would then be the username, password and MAC address
(Calling Station ID).
Where is the right place to do that?
- On the freeRadius? (any hint, please?)
- In the PGSQL behind? (using some FUNCTION, I have
Alan,
Many thanks for your answer,
I had a look to syslog and it seems that my server is already using rsyslog:
ps -elf | grep syslog
5 S root 1963 1 0 80 0 - 7041 - Mar20 ?
00:01:56 /usr/sbin/rsyslogd -c3
I also try to print directly on stdout :
destination = stdout
Or in
I have been asked it it possible to run two SSIDs on our wireless,
lets call them A and B that authorise against a FreeRADIUS server
running as two virtual servers radiusA and radiusB.
What we want is to have radiusA use a different server certificate
from radiusB.
However, as I see it,
Hello list,
I need some help on some unlang portion (if this is the right solution).
Here is context: I need to do 802.1x on Ethernet switch for dynamic VLAN
assignment for PCs .
The problem is I have some phones connected between the PC and the switch.
I don't want the users to login 802.1X
Hi,
We're using FreeRADIUS 2.1.6, and have rlm_acct_unique configured as per
the below:
acct_unique {
key = User-Name, Framed-IP-Address, Acct-Session-Id
}
Over the past couple of days we've noticed that the unique session ID
calculated by the module during interim updates is changing
Does anyone know what might be causing this?
The acct_unique configuration is being overridden by the defaults in
/etc/freeradius/modules/acct_unique...
acct_unique {
key = User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address,
NAS-Port
}
And the Client-IP-Address is changing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
As per title.
- -Arran
- --
Arran Cudbard-Bell a.cudbard-b...@sussex.ac.uk,
Systems Administrator (AAA),
Infrastructure Services (IT Services),
E1-1-08, Engineering 1, University Of Sussex, Brighton, BN1 9QT
DDI+FAX: +44 1273 873900 | INT: 3900
GPG:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/09/2009 17:51, Arran Cudbard-Bell wrote:
As per title.
-Arran
Whatever it was seems to have resolved itself.
- --
Arran Cudbard-Bell a.cudbard-b...@sussex.ac.uk,
Systems Administrator (AAA),
Infrastructure Services (IT Services),
E1-1-08,
I have been asked it it possible to run two SSIDs on our wireless,
lets call them A and B that authorise against a FreeRADIUS server
running as two virtual servers radiusA and radiusB.
I have two EAP instances for the purpose of serving 2 different certificates;
so, what you want to do is
I tried to put this in the users file:
Unlang goes into virtual server configuration, not users file.
if ( %{User-Name} =~ 00030BCA[0-9A-F]+ ) {
update control {
Cleartext-Password == %{User-Name}
}
}
Ivan Kalik
Kalik Informatika ISP
-
List
Tim O'Donovan wrote:
Does anyone know what might be causing this?
The acct_unique configuration is being overridden by the defaults in
/etc/freeradius/modules/acct_unique...
What does that mean? If you edit that file, you are editing the
configuration.
Or, have you added *two*
Vincent Laborie wrote:
Many thanks for your answer,
I had a look to syslog and it seems that my server is already using rsyslog:
shrug There isn't anything in the server that says run faster in
debug mode. Usually it's the other way around, because of all the
extrea output that debug mode
Hi Norman,
My Windows clients run XP SP3 ! And no problems with WEP/WPA + TKIP on
this laptops.
But, thanks for your help.
Bernard.
--
Message: 3
Date: Mon, 7 Sep 2009 22:59:49 +1000
From: Norman Goh norman...@exemail.com.au
Subject: RE: intel Proset/wireless - OK
tech.subscripti...@shepherdhill.biz wrote:
I am trying to move to the production server after due tests. I
installed version 2.1.6 on CentOS 5.2. Funnily I am getting Segmentation
fault error when my hints file is to be loaded. The debug message is:
...
Segmentation fault
My Hints file
Marinko
Do you use MySQL for NAS authentication? I have noticed that Freeradius can
re-connect to the database for user authentication later in the process.
However as NAS is only read during startup then if MySQL is not ready its
understandable why Freeradius would bomb out.
JD
Well right now No but in this moment I don't have test server so I can't
help you in this case...
Also, NAS table usually is not so big and I don't see any reason for
slow start.
Is there anything in mysql logs ?
James Duffy wrote:
Marinko
Do you use MySQL for NAS authentication? I have
Marinko
This sounds like a race will take place between the two processes if there is
no co-ordination. If (as you say) you are able to start mysqld after radiusd
then I think if you look at tail of /var/log/radius/radius.log you will see
something like:
Starting connect to MySQL server for
25 matches
Mail list logo