I am aiming to get daloradius working with freeradius. I want to get
freeradius in a state of usefulness. To be honest I may have forgotten
the 'normal' state it was in when it worked using the users file. I am
having an issue with the sites-enabled file.. a matter of global
permissions. I
ree...@gmail.com wrote:
This behavior not seen when logging to files or syslog, only when set to
stdout/stderr. So, my best guess after looking the source is that logging to
stdout/err does not go to same processing flow as the others.
I have searching for this issue but still no luck, do
Hi Liran
Thanks alot, I got quite exited when I saw the other approach, however I
don't think that it would for because if the users is using his voucher at a
Nomadix and uses lets say 100mb that won't reflect in mikrotik attribute and
vice-versa.
I will have a look at unlang.
Thanks for the
Hi,all
I am a newer about freeradius. I have installed freeradius version 2.1.4.
Now I am doing a test about EAP-md5. I add the attribute 'Class' into the
radreply table of mysql database. I find the 'Class' attribute in
Accesss-Challenge and Access-Accept radius packets, but the RFC2865
Hi all,
Here is the situation.
We have a freeradius server that receives autnetication/authorization
requests from multiple vpn servers.
For just CERTAIN servers we want to return a Framed-IP-Address via
radreply.
We would control the Framed-IP-Address return value (if any) via
Hi,
I want to know how can I decode + sign in radius? Because in radcheck table
the username I enlisted is +911234567789, when I want to register on this
number the output I'm getting is listed down below;
[sql] expand: %{Stripped-User-Name} - +911234567789
[sql] sql_set_user escaped user --
Fred MAISON wrote:
Yes, JUAC is an inner EAP protocol, inside ttls or peap.
Then you should be able to proxy it by just proxying the inner tunnel
data.
Yes, how can I do that ? May I activate proxy-inner-tunnel site along
with inner-tunnel site ?
EAP-JUAC EAP-Type seems to be 254. May
Refer to allowed characters variable within the sql config
Sajeewa Warnakulasuriya
Systems Development Manager
ispONE is a wholesale ISP built to help internet access resellers and
independent ISPs to compete in the Australian marketplace through
ONE Brand, ONE Provider, ONE Solution.
Level 14
Hmm, this release doesn't seem to be tagged in the v2.1.x branch on
git://git.freeradius.org/freeradius-server.git
Am I looking at the wrong repository (again)?
Bjørn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ftp://ftp.freeradius.org/pub/radius/
Le mardi 25 mai 2010 à 10:43 +0200, Bjørn Mork a écrit :
Hmm, this release doesn't seem to be tagged in the v2.1.x branch on
git://git.freeradius.org/freeradius-server.git
Am I looking at the wrong repository (again)?
Bjørn
-
List
Hello, all!
I want some attributes only sent back to users in Access-Accept packet, but
won't appear in Access-Challenge packet?
How could I do? Now I just add the attribute in MySQL database, however, it
is also contained in Access-Challenge packet.
Thanks a lot for your kindly help!
-
List
On Tue, May 25, 2010 at 1:06 PM, Alan DeKok al...@deployingradius.com wrote:
ree...@gmail.com wrote:
This behavior not seen when logging to files or syslog, only when set to
stdout/stderr. So, my best guess after looking the source is that logging to
stdout/err does not go to same processing
Hi There,
Ok i am following the next tutorial in order to use certificates+freeRadius:
http://deployingradius.com/documents/configuration/eap.html
After executing:
$ cd /etc/raddb/certs
$ make
Do i have to copy/paste any of the files created to the supplicant to make
it work?
Cheers
-
List
Yes, the attribute you need to return Back to your NAS, might be vendor
specific (take a look at the dictionnaries). Sending this Attr in
Access-Accept, should do the trick but I suggest you still use accounting cause
It's always helpfull, and because It's one A in AAA!
Sent from my HTC.
Bjørn Mork wrote:
Hmm, this release doesn't seem to be tagged in the v2.1.x branch on
git://git.freeradius.org/freeradius-server.git
Am I looking at the wrong repository (again)?
No. I didn't push the tag when it was released. It should be there now.
Alan DeKok.
-
List
weiwei fang wrote:
Hello, all!
I want some attributes only sent back to users in Access-Accept packet,
but won't appear in Access-Challenge packet?
How could I do? Now I just add the attribute in MySQL database, however,
it is also contained in Access-Challenge packet.
Read
shirkavand wrote:
Hi There,
Ok i am following the next tutorial in order to use certificates+freeRadius:
http://deployingradius.com/documents/configuration/eap.html
After executing:
$ cd /etc/raddb/certs
$ make
Do i have to copy/paste any of the files created to the supplicant to
Hi!
First off: thanks for releasing 2.1.9, great job!
I'm trying to get the freenac check_mac perl script running and get this error:
freeradius: symbol lookup error: /usr/lib/perl/5.10/auto/Fcntl/Fcntl.so:
undefined symbol: Perl_Istack_sp_ptr
Afaik this means that the embedded perl
Hi,
Can any body explain with example the meaning of binding radius
connection to a particular vrf.
in what scenario it will be useful.
Thanks,
Arjun Prasad
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Fred MAISON wrote:
Yes, how can I do that ? May I activate proxy-inner-tunnel site along
with inner-tunnel site ?
No. It's an example.
You can set Proxy-To-Relam to force proxying. See raddb/proxy.conf
So... figure out who's supposed to do EAP-JUAC,
Yes, but based on what ? I
Jan Zacharias wrote:
I'm trying to get the freenac check_mac perl script running and get this
error:
freeradius: symbol lookup error: /usr/lib/perl/5.10/auto/Fcntl/Fcntl.so:
undefined symbol: Perl_Istack_sp_ptr
Afaik this means that the embedded perl interpreter (rlm_perl) is too old
for
Jan Zacharias j...@dfki.de writes:
I'm trying to get the freenac check_mac perl script running and get this
error:
freeradius: symbol lookup error: /usr/lib/perl/5.10/auto/Fcntl/Fcntl.so:
undefined symbol: Perl_Istack_sp_ptr
See e.g.
Hey Alan,
Alan DeKok al...@deployingradius.com hat am 25. Mai 2010 um 14:43 geschrieben:
My suspicion is that you've built 2.1.9 with version X of Perl, and
are then trying to link it with version Y of Perl. Ensure that you only
have one version of Perl installed.
That's not the case
Am 25.05.2010 um 15:12 schrieb Jan Zacharias:
Hey Alan,
Alan DeKok al...@deployingradius.com hat am 25. Mai 2010 um 14:43
geschrieben:
My suspicion is that you've built 2.1.9 with version X of Perl,
and
are then trying to link it with version Y of Perl. Ensure that
you only
Nicolas Goutte nicolas.gou...@extragroup.de writes:
Am 25.05.2010 um 15:12 schrieb Jan Zacharias:
Isn't there a way to find out the perl version? I thought of print
$1 but this does not
work as intended.
Try using
perl -V
Or if you want to check the version of the embedded perl
Hi i've try
exec {
wait = yes
program = /bin/sh /opt/mytest %{User-Name}
input_pairs = request
output_pairs = reply
shell_escape = yes
output = none
}
The program is execute but only for access-request.
Toure Mamadou wrote:
The program is execute but only for access-request.
Regards.
See the 'accounting' section of raddb/sites-available/default
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hey Bjørn,
thank you very much! The output is:
perl version: v5.10.1
So it's clear that libperl and perl version do match.
However if I add a use IO::Socket::INET in the myfile,
I still get freeradius: symbol lookup error: /usr/lib/perl/5.10/auto/IO/IO.so:
undefined symbol:
Hi, I'm trying to restrict access to several users to an specific
service (some users can access only our cisco devices and some others
only the juniper devices) as far as we know we can use huntgroups for that.
The thing is that there's no information about them, only if you are
working with a
Jan Zacharias j...@dfki.de writes:
Hey Bjørn,
thank you very much! The output is:
perl version: v5.10.1
So it's clear that libperl and perl version do match.
However if I add a use IO::Socket::INET in the myfile,
I still get freeradius: symbol lookup error:
Hey!
That did the trick, I just added #defineHAVE_LT_DLADVISE_INIT to
src/main/modules.c
as Bjørn suggested and now it works flaw-less-ly :)
Best, Jan
Bjørn Mork bj...@mork.no hat am 25. Mai 2010 um 22:36 geschrieben:
Jan Zacharias j...@dfki.de writes:
Hey Bjørn,
thank you very
Alfonso Alejandro Reyes Jiménez wrote:
Hi, I'm trying to restrict access to several users to an specific
service (some users can access only our cisco devices and some others
only the juniper devices) as far as we know we can use huntgroups for that.
The thing is that there's no information
It work thank very much
-Message d'origine-
De : freeradius-users-bounces+mamadou.toure=vipnet...@lists.freeradius.org
[mailto:freeradius-users-bounces+mamadou.toure=vipnet...@lists.freeradius.or
g] De la part de Alan DeKok
Envoyé : mardi 25 mai 2010 16:55
À : FreeRadius users mailing
Yes, we have no luck we are trying the following configuration:
huntgroups file
juniper NAS-IP-Address == 192.168.1.1
users file
usertest Auth-Type := Local, User-Password == testing
Huntgroup-Name == juniper
clients.conf
client 192.168.1.1 {
secret = n3t5cr33n
Hi,
What does the guide say?
The guide does not say anything about copying any file to the client. So i
assumed that it is not need it, but still after configuring the supplicant
as the tutorial explains(for permitting the use of an unknown certificate) i
always get certificate not found and no
We changed the huntgroup value to the first line according to the debug
information and everything is working.
Thanks.
Regards.
Alfonso.
El 25/05/2010 04:22 p.m., Alfonso Alejandro Reyes Jiménez escribió:
Yes, we have no luck we are trying the following configuration:
huntgroups file
Try: Cleartext-Password := some_password
- Original Message
From: Alfonso Alejandro Reyes Jiménez con...@gmail.com
To: freeradius-users@lists.freeradius.org
Sent: Tue, May 25, 2010 5:22:45 PM
Subject: Re: ..::Hunt Groups::..
Yes, we have no luck we are trying the following
the Huntgroup-Name needs to be on the same line as the username. It's a
check item not a reply item.
Alfonso Alejandro Reyes Jiménez wrote:
Yes, we have no luck we are trying the following configuration:
huntgroups file
juniper NAS-IP-Address == 192.168.1.1
users file
usertest
Yesterday, I post a question here:
weiwei fang wrote:
Hello, all!
I want some attributes only sent back to users in Access-Accept packet,
but won't appear in Access-Challenge packet?
How could I do? Now I just add the attribute in MySQL database, however,
it is also contained in
Alfonso Alejandro Reyes Jiménez wrote:
We changed the huntgroup value to the first line according to the debug
information and everything is working.
And that's why we always say run in debug mode: Many problems become
easy to solve.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
weiwei fang wrote:
As in RFC2865, this attribute Framed-MTU = 1500 should not returned in
the access-challenge packet.
however, I can still get it in the access-challenge packet. I don't know
why?
So... what does debug mode say?
If I should add something in the
shirkavand wrote:
What does the guide say?
The guide does not say anything about copying any file to the client. So
i assumed that it is not need it, but still after configuring the
supplicant as the tutorial explains(for permitting the use of an unknown
certificate) i always get certificate
42 matches
Mail list logo