Alan, can you please throw some light on this issue I am stuck.
Thanks,Chidanand
--- On Thu, 9/16/10, Chidanand wings...@yahoo.com wrote:
From: Chidanand wings...@yahoo.com
Subject: How to access proxy-reply:Packet-Type in if condition
To: freeradius-users@lists.freeradius.org
Date: Thursday,
Hello
I'm trying to do WDS WPA2-EAP TLS authentication of 2 RB600
Simple WDS AP+station without EAP is working.
I've already searched forum for related topics. but they didn't help me.
So what do i have:
2x RB600
CentOS 5.5 = freeradius2-2.1.7-7.el5 + mysql Ver 14.12 Distrib
5.0.77, + daloRADIUS
To clarify :
I'm using free radius 2.1.9 as a client to connect to a
distant server (not freeradius).
I'm using API for client access not the freeradius as a server
We are facing a problem for Tunnel-Server-Endpoint
attribute :
RFC http://www.ietf.org/rfc/rfc2868.txt
indicates for
Chidanand wrote:
Alan, can you please throw some light on this issue I am stuck.
It works in the head of the v2.1.x branch. i.e. what will become 2.1.10.
post-proxy {
update reply {
Filter-Id := %{proxy-reply:Packet-Type}
}
...
}
And the client
Difan Zhao wrote:
I configured my switch to send accounting information to the proxy
server. The proxy server is using MySQL to store the acct info. This
part works fine too.
However I’m requested to also send a copy of the acct info to the remote
server…
Configure the proxy to proxy
Denis Iskandarov wrote:
Hello
I'm trying to do WDS WPA2-EAP TLS authentication of 2 RB600
Simple WDS AP+station without EAP is working.
I've already searched forum for related topics. but they didn't help me.
...
What supplicant are you using? i.e. Windows? Linux?
AP bridge security
Naoufel wrote:
To clarify :
I'm using free radius 2.1.9 as a client to connect to a
distant server (not freeradius).
I'm using API for client access not the freeradius as a server
I have no idea what that means.
So, there is no explicit prohibition of use of 0x00 as a Tag value.
setup is. Mikrotik WDS AP + Mikrotik WDS Stationso suplicant is
Mikrotik Station
Mikrotik has only EAP-TLS .1x method for authentication
and as i got EAP-TLS is using only certificates for auth.
i'm sure that i have problem configuring eap TLS module.
radius can't retrieve
forgot to mention that my try to make:
heck_cert_cn = %{User-Name} =
entered in users db username same as CN is in certificate with
password supplied during client-cert generation with OpenSSL (A
challenge password []:whatever)
didn't work.
As well as placing my real cert data in this
Denis Iskandarov wrote:
forgot to mention that my try to make:
...
Why are you trying to change the configuration on the server?
You were already told where the problem was. It's not the server.
If you're not going to read the answers on this list, there's no
reason to post questions.
Why are you trying to change the configuration on the server?
You were already told where the problem was. It's not the server.
If you're not going to read the answers on this list, there's no
reason to post questions.
Sorry , i didn't understood you.
Where i said the answer? Why it's not
Denis Iskandarov wrote:
Sorry , i didn't understood you.
Where i said the answer? Why it's not server problem. If it can't read
normal user info means that something wrong in its config and i didn't
find any problem (coz i'm not guru at all).
I've already responded to your messages with the
I really appreciate your help but i can't understand some things.
okey, let me ask some questions based on your very first answer.
So suplicant sending some wrong packet. or something wrong withs it certificate?
AP configured to use EAP-TLS and passthrough all eap requests to my
freeradius.
Client
Denis Iskandarov wrote:
I really appreciate your help but i can't understand some things.
okey, let me ask some questions based on your very first answer.
So suplicant sending some wrong packet. or something wrong withs it
certificate?
Possibly.
AP configured to use EAP-TLS and
Using freeradius 2.1.7 to authenticate wireless users via eap, checking
against an ldap server. Its working fine, but I'm seeing an ldap lookup
for each part of the eap conversation. This leads to something like 13
LDAP lookups for each valid eap authentication sequence.
I did check the
Hi everyone,
I'm using mySQL to log accounting data, and also want to save the queries (not
the packets) to a text file to use with a different program. Since that is both
in sites-enabled/default, they seem to be mutually exclusive. Or maybe I'm just
a bit blind - it's Friday after all.
thanks a lot for your answer.
Either move the files module before eap, or use unlang to set it:
authorize {
...
update control {
EAP-TLS-Require-Client-Cert = yes
}
eap
...
}
I did the changes in the authorize section, and freeradius seems to require the
client
Jeffrey Collyer wrote:
So I moved my ldap lookup configuration from the authorize section of
the sites-enabled/default file into the inner-tunnel file. But I still
see the same number of ldap queries per eap session.
Then it's still doing LDAP lookups in the default virtual server.
Or, you
Marius Pesé wrote:
I’m using mySQL to log accounting data, and also want to save the
queries (not the packets) to a text file to use with a different
program. Since that is both in sites-enabled/default, they seem to be
mutually exclusive.
No. Why would you conclude that?
Alan DeKok.
-
On 09/17/2010 11:00 AM, Klaus Laus wrote:
thanks a lot for your answer.
Either move the files module before eap, or use unlang to set it:
authorize {
...
update control {
EAP-TLS-Require-Client-Cert = yes
}
eap
...
}
I did the changes in the authorize section, and
Hi all,
Happy Friday!
Radius version: 1.1.7-r0.0.2
Here is my problem:
I have configured the FreeRadius server to write to a file c:\test.log, and
one of our programs reads contents from c:\ test.log as well.
When our program is reading c:\ test.log, we open it with “deny write”
kabilius smith wrote:
I have configured the FreeRadius server to write to a file c:\test.log,
and one of our programs reads contents from c:\ test.log as well.
When our program is reading c:\ test.log, we open it with “deny write”
permission, so the I saw the error message “Error:
22 matches
Mail list logo
