Hi,
I am having trouble to implement monthly data transfer limit in Freeradius.
Does any body have implemented such solution please let me know how to
configure Freeradius to fullfill this requirement.
Thanks,
Fazal Ahmed Malik
-
List info/subscribe/unsubscribe? See http://www.freeradius
Did you perform step #3 in the How-To?
radiusd.conf:
update request {
Huntgroup-Name := "%{sql:select groupname from radhuntgroup where
nasipaddress=\"%{NAS-IP-Address}\"}"
}
On Wed, Mar 10, 2010 at 12:53 PM, Siryx XL wrote:
> I tried the huntgroups but it didn't work.
>
> I use this guide
Hi Alan,
>
> I fail to understand why people do this. Firewall two critical
> components, and then *increase* failure by having the FW break TCP
> connections.
>
Unfortunately I don't get to decide what the network looks like, I
just have to find a way to work with what I'm given.
>> How can I
Hi,
> Or just query your freeradius server using radclient if status server is
> enabled, or use radmin (which is not always very stable, i would not
> recommend using it... at least with version 2.1.6)
no problems , of note!, with radmin on 2.1.8 (yes, there were problems with
earlier versio
Hi,
My eapol_test retransmits 10 times even though i set the
RADIUS_CLIENT_MAX_RETRIES to 0. How can i avoid it retransmitting 10 times? It
retransmits 10 times every 150 seconds.
/* Defaults for RADIUS retransmit values (exponential backoff) */
#define RADIUS_
thanks all, for your response. i will try them out.
rc.
From: Alexandre Chapellon
To: FreeRadius users mailing list
Sent: Wed, March 10, 2010 12:51:51 PM
Subject: Re: Determine number of client requests sent to the free radius server
You can graph this usin
Hi,
I'm trying to setup a radius server in order to authenticate users from
OpenVPN and I am therefore using the libpam-radius-auth plugin (on Ubuntu
9.10).
Since the RADIUS requests that this lib sends are using PAP (as far as I can
tell from the freeradius debug output), i was wondering whether i
UPDATE:
It is definitely the "#" that is killing me, if i move the "#" sign anywhere in
the string it keeps only the piece prior to the "#" sign of the string, is
there a way to escape this character?
Any questions, please let me know.
Thank You,
Joel Prine
Systems Engineer
MCSE, CCNA, CSE
Con
Hello,
I need to pass an odd reply attribute back to my Cisco router to limit DSL
users speeds on the interface. I am moving from radiator to freeradius, we are
going this fine on radiator from a mysql database.
The ldap entry in the directory is
radiusReplyItem: Cisco-Avpair = lcp:interface-co
I tried the huntgroups but it didn't work.
I use this guide http://wiki.freeradius.org/SQL_Huntgroup_HOWTO because i'm
using MySQL to store all my users, huntgroups, etc.
I create the huntgroup table, associate the nasipaddres to a group, create the
radgroupchek, and associate my user with the
You can graph this using cacti:
http://forums.cacti.net/viewtopic.php?t=29880
Or just query your freeradius server using radclient if status server is
enabled, or use radmin (which is not always very stable, i would not
recommend using it... at least with version 2.1.6)
Le mercredi 10 mars 2010 à
Hi,
> Hi,
>
> Is there a way to determine how many client requests are being received by
> the free radius server?
stats. use eg radmin. or just check your detail or SQL logs etc etc.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Probably a better way, but you can always run tcpdump and filter for
whatever port(s) you're listening on. You can also enable logging and I
think the log will have timestamps, so you can just count the requests
in the log file over whatever time period you're interested it.
__
Hi,
Is there a way to determine how many client requests are being received by the
free radius server?
thanks,
rc
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I still have to better figure out how to correctly search for "VPN
Users", but it will still allow access if it does not find a user in
that group. I have the following in: postauth_users
Shouldn't the "DEFAULT Auth-Type := Reject" reject that user since it
did not find him in the group?
DEFAULT
Oops! Thank you for pointing that out. I've changed that and now radiusd -X
loads without errors.
On to the next stage of testing.
The end goal is to get our Cisco switches to back-off login requests to Active
Directory via Freeradius.
We've got the switches talking to freeradius and can do local
Hi,
> The /etc./raddb/modules/ntlm_auth file:
> ntlm_auth {
> wait = yes
> program = "/usr/bin/ntlm_auth --request-nt-key --domain=XXX
> --username=%{mschap:User-Name} --password=%{User-Password}"
> }
that is wrong - I think Phil may have already said t
On 10/03/10 15:52, Whitmarsh Mark (Leeds Teaching Hospitals NHS Trust)
wrote:
Hi,
I've included the ntlm_auth command line - is that what you meant by
can you cut and past your ntlm_auth line
ntlm_auth --request-nt-key --domain=XXX.local --username=XXX
password:
NT_STATUS_OK: Success (0x0)
==
Hi,
I've included the ntlm_auth command line - is that what you meant by
> can you cut and past your ntlm_auth line
ntlm_auth --request-nt-key --domain=XXX.local --username=XXX
password:
NT_STATUS_OK: Success (0x0)
===
The /etc./raddb/modules/ntlm_auth file:
#
On 03/10/2010 06:21 AM, Eric Eric wrote:
How freeradius does chap auth using ldap server ?
In pap, it binds with user's clear password to ldap server, and ldap
server sends success bind if pawword is true. When using chap, how it
can bind to ldap server? Does it send chap password to the ldap ser
Hi,
> Everything works up to and including the command line test using ntlm_auth
> but after I create the file raddb/modules/ntlm_auth
> and make the changes to raddb/sites-enabled/default ,
> raddb/sites-enabled/inner-tunnel and the users file I get an error when
> running radiusd -X
can you
Hi,
Not built from source, installed using freeradius-server-2.1.6-6.1.i586.rpm
Mark.
From: freeradius-users-bounces+mark.whitmarsh=nhs@lists.freeradius.org
[freeradius-users-bounces+mark.whitmarsh=nhs@lists.freeradius.org] On
Behalf Of Alan Buxe
On Thu, 2010-03-04 at 17:28 +1300, Peter Lambrechtsen wrote:
> Jethro
>
> The eaist way is as per what I e-mailed to you.
>
> http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg1.html
>
> This means you only need to create groups in your LDAP directory. It
> also me
How freeradius does chap auth using ldap server ?
In pap, it binds with user's clear password to ldap server, and ldap server
sends success bind if pawword is true. When using chap, how it can bind to ldap
server? Does it send chap password to the ldap server?
Is it needed another software with f
El mié, 10-03-2010 a las 10:29 +, Whitmarsh Mark (Leeds Teaching
Hospitals NHS Trust) escribió:
> Hi,
> I am following the tutorial at:
> http://deployingradius.com/documents/configuration/active_directory.html
> but have hit a problem.
> Everything works up to and including the command line t
Hi,
> Everything works up to and including the command line test using ntlm_auth
> but after I create the file raddb/modules/ntlm_auth
> and make the changes to raddb/sites-enabled/default ,
> raddb/sites-enabled/inner-tunnel and the users file I get an error when
> running radiusd -X
>
> Erro
Hi,
I am following the tutorial at:
http://deployingradius.com/documents/configuration/active_directory.html
but have hit a problem.
Everything works up to and including the command line test using ntlm_auth but
after I create the file raddb/modules/ntlm_auth
and make the changes to raddb/sites-en
Harshil Anil Kumar Shah wrote:
> I have not modified the code.
> and I checked the swap area, is 2 GB.
> What can be the problem?
You need to read the messages on this list.
You need to read the documentation we tell you to read.
You need to follow the instructions in the documentation.
I have not modified the code.
and I checked the swap area, is 2 GB.
What can be the problem?
Regards,
Harshil,
EmpID: 128522.
From: freeradius-users-bounces+harshil_shah=infosys@lists.freeradius.org
[freeradius-users-bounces+harshil_shah=infosys@l
Hi,
> There is nothing in the bugs file
doc/bugs is a document that explains what to do if come across an
issue - eg segmentation fault. read that document, follow the instructions
and, if something is wrong with the code rather than your OS, the
server code can be fixed (which, I guess, is 'the
Arey,
There is nothing in the bugs file
Give me solution if possible.
Regards,
Harshil,
EmpID: 128522.
From: freeradius-users-bounces+harshil_shah=infosys@lists.freeradius.org
[freeradius-users-bounces+harshil_shah=infosys@lists.freeradius.org]
Hi All,
Has anybody worked on automating radius authentication using TCL. Could you
please let me know how to go about with this from the start?
or any document or link pointing to the same woule be appreciated.
Thanks in advance
Regards,
Abhilash
-
List info/subscribe/unsubscribe? See http://w
Harshil Anil Kumar Shah wrote:
> Getting the Segmentation fault when doing radiusd -X
Read doc/bugs
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Getting the Segmentation fault when doing radiusd -X
home_server_pool my_auth_failover {
type = fail-over
home_server = localhost
}
realm example.com {
auth_pool = my_auth_failover
}
realm LOCAL {
}
radiusd: Loading Clients
client localhost {
ipaddr
James2010 wrote:
> What I want to do is have either PAP or CHAP running, but not both at the
> same time.
Why? Does it really matter?
> I have had ago at turning one off, for instance commenting the
> PAP sections in the default file(authenticate and authorize). But it will
> still authenticat
35 matches
Mail list logo