I assume that's the freeradius2 package rather than freeradius as 1.x doesn't
have unlang
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thank You for reply Alan.
I have working eap-tls for my staff and
Dnia 5 sierpnia 2013 21:52 a.l.m.bu...@lboro.ac.uk napisaĆ(a):
Hi,
gt; In that situation i need to have active, both sql and ldap, authorization
gt; modules in inner-tunnel. So users, who should identify by login/pass in
gt; guest
Hi, yes thank you, that is the guide I have been following..
And as that guide highlights the switch needs a 'bit string', not a
decimal number;
The value of Egress-VLANID is a bit string, the first 8 bits specify
whether the VLAN is tagged or untagged and must be either 0x31 (tagged)
or 0x32
Ahh,
No. The HP switch does not care that FreeRADIUS displayed (but later
encoded correctly) your hex string as an integer.
It does care that you don't seem to understand how to convert decimal
numbers to hex and are actually specifying VLAN 18 tagged, which
probably doesn't exist if you're
It still doesn't work :(
Sorry but I have been working on RFC 4675 for a long time before I
emailed this list, which is why I was a bit short in my first reply
(sorry) and jumped the gun before reading all of your email. I /really/
have trawled every page I can find..
I have changed
On 6 Aug 2013, at 10:50, Andy a...@brandwatch.com wrote:
Hi, yes thank you, that is the guide I have been following..
And as that guide highlights the switch needs a 'bit string', not a decimal
number;
The value of Egress-VLANID is a bit string, the first 8 bits specify whether
the VLAN
Hi, I would like to store freeradius session information like
Acct-Session-Id, Acct-Start-Time, Acct-Stop-Time, Acct-Input-Octets,
Acct-Output-Octets, Framed-IP-Address, NAS-IP-Address in external database.
We have our devices connected to databases which are readonly so we cannot
store those
Hi,
I have no luck with testing the Reponse-Packet-Type in the post-proxy
section, after rad_recv: Access-Challenge packet...
Something like :
post-proxy {
...
if (Response-Packet-Type == Access-Challenge) {
...
}
...
}
What am I doing wrong?
Dominique
-
List
On 6 Aug 2013, at 12:35, Dominique Frise dominique.fr...@unil.ch wrote:
Hi,
I have no luck with testing the Reponse-Packet-Type in the post-proxy
section, after rad_recv: Access-Challenge packet...
Something like :
post-proxy {
...
if (Response-Packet-Type == Access-Challenge) {
Hi,
Hi, I would like to store freeradius session information like
Acct-Session-Id, Acct-Start-Time, Acct-Stop-Time, Acct-Input-Octets,
Acct-Output-Octets, Framed-IP-Address, NAS-IP-Address in external
database.
the defauly config does this - you just need to edit the SQL module
On 08/06/2013 01:55 PM, Arran Cudbard-Bell wrote:
On 6 Aug 2013, at 12:35, Dominique Frise dominique.fr...@unil.ch wrote:
Hi,
I have no luck with testing the Reponse-Packet-Type in the post-proxy section, after
rad_recv: Access-Challenge packet...
Something like :
post-proxy {
...
if
On 08/06/2013 02:31 AM, Alan Buxey wrote:
I assume that's the freeradius2 package rather than freeradius as 1.x
doesn't have unlang
The OP said Fedora. Fedora has never had a freeradius2 package (only
ever existed in RHEL 5.x). Fedora has had 2.x for many years. So either
the OP is using an
HPO switch debug;
0049:03:34:00.18 MAC mWebAuth:Port: 29 MAC: 080027-e4b2cd new client
detected on vid: 11.
0049:03:34:00.18 MAC mWebAuth:Port: 29 MAC: 080027-e4b2cd RADIUS CHAP
authentication started, session: 2985.
0049:03:34:00.20 MAC mWebAuth:Port: 29 MAC: 080027-e4b2cd vid
On 6 Aug 2013, at 13:20, Dominique Frise dominique.fr...@unil.ch wrote:
On 08/06/2013 01:55 PM, Arran Cudbard-Bell wrote:
On 6 Aug 2013, at 12:35, Dominique Frise dominique.fr...@unil.ch wrote:
Hi,
I have no luck with testing the Reponse-Packet-Type in the post-proxy
section, after
The problem is we have databases in slave mode, only reading is allowed. We
want pass these informations to another database...
2013/8/6 a.l.m.bu...@lboro.ac.uk
Hi,
Hi, I would like to store freeradius session information like
Acct-Session-Id, Acct-Start-Time, Acct-Stop-Time,
Hi,
I forgot to mention that I am using freeradius-2.2.0-2.el6.x86_64.
Should this version support it or not?
no, it wont support it. you need the latest code from the GIT to use that
feature.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
If I disable the var 'sql_log' it will stop do write on relay log file,
right?
but will still writing on radpostauth table correctly?
2013/7/31 Alisson alissongoncal...@bsd.com.br
Hi Alan,
the sql_log var, just write a text file with the sql statements, correctly?
2013/7/31 Alan DeKok
Maciej Lew wrote:
The problem is we have databases in slave mode, only reading is allowed.
We want pass these informations to another database...
Then configure another SQL module to talk to another database.
There's no magic here. If you want to write to a database, configure
the server
On 08/06/2013 03:36 PM, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
I forgot to mention that I am using freeradius-2.2.0-2.el6.x86_64.
Should this version support it or not?
no, it wont support it. you need the latest code from the GIT to use that
feature.
alan
-
List info/subscribe/unsubscribe?
i have pptpd on a centos 6 box configured to use radius for auth.
radius in turn checks credentials in ldap.
the user in ldap has a samba extension and a configured password (i used
ldap account manager to set it up) it also has a sambaNTPassword field
and it's populated.
rpm -q freeradius
Dominique Frise wrote:
Is there any other flag/function that would indicate that an
Access-Challenge packet was received from the NAS?
A NAS will NEVER send an Access-Challenge to the server.
A proxy will receive an Access-Challenge from a home server. As was
said, you need the latest
On 6 Aug 2013, at 14:29, Maciej Lew mac...@lanserver.pl wrote:
The problem is we have databases in slave mode, only reading is allowed. We
want pass these informations to another database...
Modules can have multiple instances.
sql.conf
sql sql_write {
sql config
}
Alisson wrote:
If I disable the var 'sql_log' it will stop do write on relay log file,
right?
Yes.
but will still writing on radpostauth table correctly?
Yes.
It helps to understand the servers configuration. You should read ALL
of the configuration files you have enabled. It's what
On 06/08/13 16:04, Horatiu Nimigean wrote:
i have pptpd on a centos 6 box configured to use radius for auth.
radius in turn checks credentials in ldap.
the user in ldap has a samba extension and a configured password (i used
ldap account manager to set it up) it also has a sambaNTPassword field
Horatiu Nimigean wrote:
the auth fails however when i try conencting from my windows8 client.
i need to mention that i am sure i'm inputting correct passwords.
No, you're not.
[mschap] Found NT-Password
[mschap] Creating challenge hash with username: testuser1
[mschap] Told to
Hi,
Is there any other flag/function that would indicate that an
Access-Challenge packet was received from the NAS?
dont know..I have the following on a 2.2.0 box in the authenticate section:
if (handled (Response-Packet-Type == Access-Challenge)) {
ok so i edited /etc/raddb/sites-enabled/default
and
commented pap from authorize { ... }
and commented
Auth-Type PAP {
pap
}
from authenticate { ... }
but i still have the same error .
i have also created a new user betatesting1
i have also tested in the local shell (although it
oook the damn password is letmein for testing purposes.
i can't seriously mistype it that many times.
and i did not. it turns out lam successfully reports changing both unix
and samba passwords but upon closer inspection and verifying with
smbencrypt cli tool the samba hases are NOT
Dear, when I execute freeradius -X the daemon starts in debug mode.
After that when a any user authenticate againts freradisu service, I can
see in the screen something like this:
[sql] expand: %{User-Name} - roberto
[sql] sql_set_user escaped user -- 'roberto'
[sql] expand: %{User-Password} -
On 6 Aug 2013, at 19:49, Roberto Carna robertocarn...@gmail.com wrote:
Dear, when I execute freeradius -X the daemon starts in debug mode.
After that when a any user authenticate againts freradisu service, I can see
in the screen something like this:
[sql] expand: %{User-Name} -
On 6 Aug 2013, at 16:38, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
Is there any other flag/function that would indicate that an
Access-Challenge packet was received from the NAS?
dont know..I have the following on a 2.2.0 box in the authenticate section:
if (handled
Hi,
My password is encrypted with MD5 but it can be seen in the debug screen.
Is there any way to disallow or masquerade the use's password in debug
mode ???
its debug mode. the entire purpose is to ensure that things are
what they appear to be and silly things like, 'its doesnt
On 08/06/2013 05:29 PM, Alan DeKok wrote:
Dominique Frise wrote:
Is there any other flag/function that would indicate that an
Access-Challenge packet was received from the NAS?
A NAS will NEVER send an Access-Challenge to the server.
A proxy will receive an Access-Challenge from a home
33 matches
Mail list logo
