I'm playing around with CUI generation with FreeRADIUS 2.2.0 and discovered
something odd.
In policy.conf I've set cui_require_operator_name = 1 and cui_hash_key =
4c2982f2f3b1dc4804994cf386db8c0a34d4ab2a. As you can see it's a 32-character
string and it looks like a hash.
In radiusd -X
Hi,
rad_recv: Access-Request packet from host 192.168.126.155 port 1814,
id=17, length=113
User-Name = st...@diamond.ac.uk
User-Password = testing
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Hi Alan,
No, the operator name was 'correct' for our purposes. This is not a live
system, we were using 'camford.ac.uk' as the 'visited site' on our test
network. In the real world, it would be the correct operator name. :-)
So, if I were to download v2.2.1, would a 32-character hex-string in
Hi,
On Fri, May 10, 2013 at 09:49:14AM +, stefan.pae...@diamond.ac.uk wrote:
As you can see, the expand: bit shows an empty value. Then I
changed my cui_hash_key to 01234567890abcdef01234567890abcdef
and it did the same. However, when I set cui_hash_key to a hex
string that was not 32
On 10/05/13 12:12, Matthew Newton wrote:
Hi,
On Fri, May 10, 2013 at 09:49:14AM +, stefan.pae...@diamond.ac.uk wrote:
As you can see, the expand: bit shows an empty value. Then I
changed my cui_hash_key to 01234567890abcdef01234567890abcdef
and it did the same. However, when I set
Thank you :-)
Regards
Stefan
-Original Message-
From: freeradius-users-bounces+stefan.paetow=diamond.ac...@lists.freeradius.org
[mailto:freeradius-users-bounces+stefan.paetow=diamond.ac...@lists.freeradius.org]
On Behalf Of Matthew Newton
Sent: 10 May 2013 12:13
To: FreeRadius users
Hi,
This may have come up before but I can't find any solutions :
I'm using a NAS which always performs EAP/MSCHAP2 authentication, so
I've stripped the sites-enabled/default right down to pretty much just
include the eap stuff for authorisation/authentication, and am doing all
the rest inside
Andy,
What version of FreeRadius are you using?
I *think* that unless you are using the git source for 2.2.1, post-auth reject
is broken. There was some stuff I was doing a few months ago that got fixed in
2.2.1 … but I'm getting old and can't remember all the details :-(
On 10 May 2013, at
On 10/05/13 13:53, Franks Andy (RLZ) IT Systems Engineer wrote:
Hi,
This may have come up before but I can’t find any solutions :
I’m using a NAS which alwaysperformsEAP/MSCHAP2authentication, so I’ve
stripped the sites-enabled/default right down to pretty much just
include the eap stuff
It appears that the created RPM doesn't include the TLV update that were
made to the 2.x.x branch last week. Why wouldn't this be inlcuded in the
RPM even though I am building the RPM with the current 2.x.x. source?
Thanks.
On Wed, May 8, 2013 at 5:42 PM, Divyesh Raithatha
On 05/10/2013 12:05 PM, Divyesh Raithatha wrote:
It appears that the created RPM doesn't include the TLV update that were
made to the 2.x.x branch last week. Why wouldn't this be inlcuded in
the RPM even though I am building the RPM with the current 2.x.x. source?
Use the source Luke :-)
I
My FR version is 2.1.10+dfsg-3build2_amd64. Unless there's a nice
package for Ubuntu 12.04 server then I'll be compiling from source then
I think.
This is the peap bit of eap.conf :
peap {
default_eap_type = mschapv2
copy_request_to_tunnel = yes
12 matches
Mail list logo
