Hi,
I need to configure the Free Radius (as proxy) to forward the authentication
request to safeword and RSA Servers from AT T VPN Users based on user@norealm
and user@realm condition.
Users - VPN - Free Radius - Safeword RSA
Example:
User - VPN - Free Radius (no realm, so nostrip) and
I'm really beginner in freeradius realm, and in advance sorry if the
question is immature...
After rading all wiki - freeradius, still is not clear to me, is it
possible to do failover-through proxy, and how to organize the things
that I want to accomplish. Explanation fallow:
Now I have
Hi Alan,
Did you managed to look into the issue ?
or maybe any hints on how to use DATETIME in Expiration instead of String ?
Regads
Suman
On 3/15/2011 4:04 PM, Suman Dash wrote:
Dear Alan,
I have not removed any debug messages. I will try to put everything
once again . I was not aware
Suman Dash wrote:
Hi Alan,
Did you managed to look into the issue ?
No.
or maybe any hints on how to use DATETIME in Expiration instead of String ?
Honestly, in 2.1.10, you can just write SELECT statements directly in
unlang.
update reply {
Session-Timeout :=
Much thanks Alan,
That was some really good advice on how to make the thing work.
So now i have to write unlang statement in preprocess so that it
directly gives the Session-Timeout . Please correct me if i am wrong.
Thanks Again
On 3/16/2011 4:09 PM, Alan DeKok wrote:
Suman Dash wrote:
Martin Lambev wrote:
After rading all wiki - freeradius, still is not clear to me, is it
possible to do failover-through proxy, and how to organize the things
that I want to accomplish. Explanation fallow:
See raddb/proxy.conf.
Now I have the fallowing setup: node 1 - NAS (pptp, openvpn) -
Greetings all,
Instead of auth'ing a user on the 'User-Name' / 'Cleartext-Password'
method we are using the 'Caller-Station-Id' with a blank password.
...
# /etc/freeradius/sql/mysql/dialup.conf
sql_user_name = %{Calling-Station-Id}
...
We are using a mysql backend
Here are a few challenges
Hi,
WARNING: Please update your configuration, and remove 'Auth-Type = Local'
WARNING: Use the PAP or CHAP modules instead.
i'd follow that advice. FR knows what to do when it sees suitable things.
anyway, the 'void' is being sent by the NAS - and its being sent CHAP'd too
can your kit not do
Greetings,
* We have added the attribute Acct-Interim-Interval = 150 to the
radgroupreply
* However we are not getting accounting packets back on a 150sec frequency
* We are getting the accounting packets on the start and stop of the
connection
* The reporting back (accounting packets), is
On 16/03/11 11:15, Wynand Meijer wrote:
Greetings,
* We have added the attribute Acct-Interim-Interval = 150 to the
radgroupreply
Ok. That's a lot shorter than most people set (300 is common, 1800 in
some cases) but it's legal. It MUST NOT be 60.
* However we are not getting accounting
Phil Mayers wrote:
* The reporting back (accounting packets), is that the responsibility og
the NAS / RADIUS / Client ?
The NAS.
Blame the NAS for *everything*. :)
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks for the feedback,
We have made contact with the NAS 'provider' and requested they resolve
the issue by replacing the string void with nothing. As the passed
string is the 'cause' of the problem we would rather them fix it than we
try and hack around it.
If these errors keep
I am looking forward for a short example on how to store a SQL query to
a variable which can be used in next condition in UNLANG.
I have no knowledge of unlang but i got a fair amount of idea with the
condition checks , just need a little insight on the result stores .
For Ex.
result1 =
Hi,
Need a doc/pointer on FreeRadius+OpenLDAP+Mobile-OTP configuration, I
would be implementing this in a SuSE server.
Can any one help me how to do it?
Regards,
Neo
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 16/03/11 12:44, Suman Dash wrote:
I am looking forward for a short example on how to store a SQL query
to a variable which can be used in next condition in UNLANG.
I have no knowledge of unlang but i got a fair amount of idea with the
condition checks , just need a little insight on the
On Wed, Mar 16, 2011 at 06:19:08PM +0530, pradyumna dash wrote:
Hi,
Need a doc/pointer on FreeRadius+OpenLDAP+Mobile-OTP configuration, I
would be implementing this in a SuSE server.
Can any one help me how to do it?
Regards,
Neo
I thought there was a link to a how-to for this on the
--- Forwarded message follows ---
From: Breuer Nicolas nicolas.bre...@belcenter.biz
To: freeradius-de...@lists.freeradius.org
Subject:Seg Fault - 3.0
Date sent: Wed, 16 Mar 2011 15:23:22 +0100
Hello
I discovered a Seg Fault on the release 3.0 on the GIT server.
Breuer Nicolas wrote:
...
Segmentation fault
See doc/bugs
I see the expand of variable HuntGroup-Name didn't get any values...
Maybe the reason of Seg fault ?
We don't know. You need to supply more information for us to know.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Hi,
I am using Free readius version 1.1.7 on Ubuntu9.1, After installation I tried
to check by editing the users file(etc/freeradius/users) by typing the
following on the top and saved it
testing Cleartext-Password := password
Next i did radtest testing password 127.0.0.1 0
hi,
you havent given the full output of radiusd -X
you also appear to have done more than just add that user to the
users file
something is setting the authentication to 'System' - do
you have some DEFAULT Auth-Type = System at line 153 of the users
file?
alan
-
List
/%{Client-IP-Address}/auth-detail-%Y%m%d -
/var/log/radius/radacct/157.159.7.108/auth-detail-20110316
Wed Mar 16 16:19:55 2011 : Debug: [auth_log]
/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands
to /v
ar/log/radius/radacct/157.159.7.108/auth-detail-20110316
Wed Mar 16 16:19:55
OK set up radsniff and am seeing the following access-accept:
Access-Request Id 34172.16.4.2:1812 - 172.16.4.14:1812 +28.495
User-Name = {sm=1}fa9855191e4832141998a03a7f827...@wimax.com
EAP-Message =
Hello Alan,
Could you precise wich infos you need to go further ?
Thanks
--- End of forwarded message ---
Hello
I discovered a Seg Fault on the release 3.0 on the GIT server.
Seems happening on the first auth.
(30) Login OK: [XXX] (from client XXX)
(30) # Executing section
After some excellent tutelage from Mr. Wiechman, I am getting different
access-accept. However, it's showing Breezecom attributes which seem out of
place.
Access-Accept Id 86 172.16.4.14:1812 - 172.16.4.2:1812 +26.680
Breezecom-Attr1 = vpws
Breezecom-Attr1 = \000\000\000{
In Wed, Mar 16, 2011 at 10:21 AM, Kenneth Marshall k...@rice.edu wrote:
On Wed, Mar 16, 2011 at 06:19:08PM +0530, pradyumna dash wrote:
Hi,
Need a doc/pointer on FreeRadius+OpenLDAP+Mobile-OTP configuration, I
would be implementing this in a SuSE server.
Can any one help me how to do it?
I am just learning about freeradius now, and would like to see if I can use it
to manage access and logging for users at a few hundred locations. Each remote
office has between 1 and 50 users, and at first glance freeradius will do the
job, but I just noticed a problem with overlapping
hi,
you have pretty much got the idea already - you have to pair the username with
the NAS-IP-Address
- in SQL with radcheck, in users file by putting the correct matching
description on the first line
(as per examples).
alan
-
List info/subscribe/unsubscribe? See
Sound like a configuration (a job for : ) realms.
Each location would be a different realm, so the seemingly overlapping
username manger would in fact be a unique manager@realm-X.
Thoughts?
-craig
On Wednesday, March 16, 2011, Richard Thornton rtho...@yahoo.com wrote:
I am just learning about
Breuer Nicolas wrote:
Hello Alan,
Could you precise wich infos you need to go further ?
Yes. I was precise. Read the file doc/bugs. This is documented.
Follow the instructions there.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
David Peterson wrote:
After some excellent tutelage from Mr. Wiechman, I am getting different
access-accept. However, it's showing Breezecom attributes which seem out of
place.
edit the dictionary file, and delete the dictionary.alvarion
reference.
Also, do git pull from the master
That gives me a good place to start. Sounds so much easier to manage. Much
Thanks!
-Richard
From: Craig Campbell craig.campb...@ccraft.ca
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Wed, March 16, 2011 2:44:01 PM
Subject:
/pipermail/freeradius-users/attachments/20110316/6e29e23e/attachment.html
--
Message: 3
Date: Wed, 16 Mar 2011 11:50:00 +0100
From: Alan DeKokal...@deployingradius.com
Subject: Re: freeradius failover-through proxy or other way?
To: FreeRadius users mailing list
32 matches
Mail list logo