Hi,
>
> I have put "perl" as a module in my radiusd.conf file.
>
> I don't file the rlm_perl*.so file in /usr/local/lib/ where all the other
> rlm_*.so files are located.
>
> What am I missing?
have you edited experimental.conf to enable PERL and have
you included this file in the radiusd.conf
Hi,
> The problem seems to be that when a bad password is the reject reason, the
> Reply-Message is just blank.
yep - security reasons. why did I get rejected? ah, because the
password was wrong. I'll just keep brute-forcing unti I get the
password right..
alan
-
List info/subscribe/unsubscr
Hi,
> but, if I want the user´s don´t use certificates and only use "user &
> pass" whit PEAP ¿is posible?
- and how, exactly, does the EAP tunnel get set up if you dont
have a common certificate to enable such a construct? you've got
to have a CA - and, if done properly, you've got to have the
Hi,
> Maybe someone can guide me out of this maze.
>
> I have a new Fedora 10 install running on Dell intel platform. I installed
> freeradius.i386 0:2.1.3-1.fc10 package using yum installer. All I did before
> starting in debug mode was edit clients.conf and users file.
>
> I get this error
Hi,
> Hi,
>
> is there anybody having Foxpro as a backend database. Is this possible?
> Thanks for sharing your experiences.
theres no native driver - ODBC would work - whether you'd need
to have a PERL or Python wrapper etc to do the dirty
work is another question altogether.
alan
-
List info/
Hi,
> I recently posted a howto explaining how to implement huntgroups in SQL
> using unlang in 2.x, look in the mail archives. It also illustrates how
> to use the SQL huntgroups to control logon access based on the NAS.
> Perhaps I should put this on the wiki.
certainly! things posted to t
Hi,
> A different solution is to fix the "bootstrap" script to just run the
> commands directly. I've done that now.
good call - a lot of people dont want/need devloper or build tools on their
production servers.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users
hi,
its down to the supplicant to have the option and ability to do
these checks. Sure, most of them have a 'is cert okay'? option
but if you've chosen to use a public auth then anyone else can
get a cert signed by that auth and start playing around...which
is a weakness.
I'd certainly recommen
Hi,
> When i start manually the script, we have:
>
> ./example.pl: line 26: use: command not found
> ./example.pl: line 29: syntax error near unexpected token `('
> ./example.pl: line 29: `use vars qw(%RAD_REQUEST %RAD_REPLY %RAD_CHECK);'
how are you running this script manually? looks like you'r
Hi,
> Ok, now i think's that this script are started but i don't understand
> hit, he have a lot of sub but
> sub are not launched.
>
> if i understand, i put all of my perl script into the sub test_call no ?
its quite easy. in the experimental.conf file you state
which routines you would like
Hi,
> Background info:
yes, ancient version
> Our /etc/raddb/radiusd.conf clearly states to not log passwords:
> # allowed values: {no, yes}
> #
> log_auth_badpass = no
> log_auth_goodpass = no
correct - in the main log
> However it's logging good password auth's still..
>
no, this is the d
Hi,
> and we're facing a strange and very critical problem.
> Occasionally radius server just dies with no apparent reason. When I look at
I've had similar issues and would recommend upgrading to
latest issue - many many EAP issues were addressed
during the more to 2.1.x
alan
-
List info/subscri
Hi,
> Hi!
>
> I have 2 freeradius servers running, one at 2.0.4 version and other
> at 2.0.5. On 2.0.4 i can use radreply without problem, but in 2.0.5 i
> can`t, the freeradius server don`t read the table. The two server have
> the same configuration.
they talking to same database? are the
Hi,
> I have no need for a details log the data stored in /var/log/radius.log is
> more than sufficient for me.
>
> So by commenting out detail { } in the radiusd.conf file should stop this?
you will also need to remove the calls to that detail config in
various other places in the config.
> I
Hi,
> I have configured everything and gotten free radius to authenticate off
> /etc/samba/smbpasswd via the etc_smbpasswd module. The problem I have
> run into is when I switch the securew2 windows xp eap-ttls client to use
> the current logged on user credentials. Then, SecureW2 sends the
hi,
do you have eg SELINUX running on this system? if so,
then it may be blocking access between the processes.
check your selinux log (or change the mode to permissive
and check logs!) and then edit the selinux config to allow
operation
alan
-
List info/subscribe/unsubscribe? See http://www.free
Hi,
> Hi all, i'm new on this ML.
> I've problem after upgrading from v1 to v2
the log section for freeradius v2 has changed a lot since
version 1- so if you're using the same config file
then it wont work. and using the same config file is VERY BAD
what you need to do is backup your V1 config,
Hi,
> I need to store ESN value to my database, but it comes in format[3GPP2-ESN =
> "\000\000\000\000\000\000\0BBF636"]. Freeradius counts '\0' as the end
> of the line and puts blank instead of actual parameter value. Not only ESN
> comes in that format but [Acct-Session-Id = "000\000"]
Hi,
> Hello people,
>
> I`d like to know how to resolve this problem in configuration:
>
> [r...@serverrh5 raddb]# radtest pc1 123456 localhost 0 mysecret
> Sending Access-Request of id 169 to 127.0.0.1 port 1812
> User-Name = "pc1"
> User-Password = "123456"
> NAS
Hi,
> With XP SP3 the auth failed, I googled that FR 1.1.0 is not capable to
> do this, because SP3 is realizing the same 802.1x engine as Vista does.
> So I upgraded to 2.1.3 and compiled it on OpenSuse 10.1 without errors
> and the software runs without problems. But the auth still doesn't
Hi,
> Can someone help me?
I'm sure someone can - please send output of 'radiusd -X'
to this list as per the FAQ, the docs in the server
and the many many such requests to this list
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
> Hello Luciano,
> In below the result of command:
>
>I have a user in BD:
do you read documents? is so, which document did you read
to set this up?
it should be
> ++--+-+++
> | id | username | attribute | op | value |
> ++
hi,
did you follow the fedora/redhat quid as posted to
this list - or did you just install openssl-devel and try
the daemon again? if so, that wont work. you will need to
rerun the ./configure and make steps again for the
system to learn your got the SSL support installed..and
thus compile in the
Hi,
> I installed the openssl and openssl-devel rpms and the freeradius SRPM with
> all dependency rpms...
..but before you ran your own version up? if so,
you're still running your own version
which radiusd
will probably say /usr/local/sbin/radiusd
you need to run the version the SRPMS would
hi,
linux admin task:
you can also do 'make -n install' and this will show
you what and where make is going to put the files (its
a test/dummy run) - then you can grep through the
output for eg /usr/local and see what files to
get rid of. as well as the tools themselves - radiusd,
radtest etc,
hi,
gosh. its such a wide question (well, the answer
can be very open...). there are many many ways to
optimise the DB - you can chuck more memory
at the server settings - increase the buffers etc.
you can add more index keys to the tables...
you can change the DB engine - eg InnoDB instead
or MyI
hi,
fwiw, we see many session times of 00:00 sent from our cisco kit.
its a pain because a value of 0 isnt valid with the default
SQL code and statements (obviously). we can certainly liaise
with this issue - some of it, i believe, is due to the way
the LWAPP protocol ships clients into mobility
Hi,
> On Mon, 2009-01-19 at 13:26 +0100, t...@kalik.net wrote:
> > Server didn't build with OpenSSL support. Fix that if you want to use
> > peap.
>
> Ivan,
> Thanks for getting back and help, I appreciate that.
>
> I've checked if I have openssl:
> r...@radius:/# dpkg -l | grep ssl
> ii libssl0
Hi,
> I was running script during install here are WARNINGs:
> r...@radius:/home/radius# grep WARNING ../logs/configure
> configure: WARNING: snmpget not found - Simultaneous-Use and checkrad.pl
> may not work
> configure: WARNING: snmpwalk not found - Simultaneous-Use and
> checkrad.pl may not w
Hi,
> Any idea?
you've got something not liking the big fragments
and chucking stuff around/away - got a UDP fragment
throw-away firewall between the freeradius and IAS?
got iptables on the Linux box configured up?
change the eap.conf to have a small fragment size
and see what happens
alan
-
Lis
Hi,
radiusd -X
- how are you auth'ing the actual TLS stuff - ntml_auth?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
> I have been having trouble recently with getting dynamic VLAN
> assignment working on my Cisco AP. Clients are successfully
> authenticating with FreeRADIUS. However, they do not seem to be
> picking up extra attributes from the "users" file (below is the
> relevant portion of it).
>
> wgrae
Hi,
>
> Hi,
>
> I have updated my Freeradius from 2.0.5 to 2.1.3 and am having a problem
> with the regular expressions I am using in the users file.
>
> If I provide a simple example users file I am testing against:
>
> DEFAULT NAS-IP-Address =~ "192.168.1.1|10.0.1.1"
"(192.168.1.1|10.0
Hi,
> What is wrong ???
well, the debug clearly shows these lines:
[chap] login attempt by "ale" with CHAP password
[chap] Cleartext-Password is required for authentication
++[chap] returns invalid
Failed to authenticate the user.
Login incorrect (rlm_chap: Clear text password not available): [a
Hi,
> I had to ask, I have people telling me that this is a limitation of only
> FreeRADIUS and not all RADIUS servers in general. There is a concern
> that the UP is being stored in clear text in Novell and we need to turn
> off that service and only use simple password. Since I am no Novell
hi,
I wonder if anyone can help or has seen such behaviour. We are
running FreeRADIUS on site extensively - for wireless and
wired authentication. the perennial issue of printers + 802.1X
has raised its head again - and this time we're trying
to hit it head on - configure them to use 802.1X !
(ie
Hi,
>
> the problem is always
>
> listen.c:99:1: directives may not be used inside a macro
> argumentlisten.c:98:54: unterminated argument list invoking macro "rad_assert"
>
> in main/src/listen.c
>
> By the way,I have try to install 2.1.3 on serval machine with RHEL4U7 but
> face the sam
Hi,
> So once you enable authentication and the printer fails to
> authenticate, it won't let you Telnet into the jetdirect card or use
> the web interface until you do a cold restart (and clear all the
> 802.1X settings)...
tell me about it! even if you let it onto via a failed auth = okay
it st
Hi,
> The printers are *claiming* that they're doing PEAPv0. However, the
> protocol they're running is actually PEAPv2.
..on this note, any update on when/if FR will do PEAPv1 and PEAPv2?
(i note more and more devices are coming with such options -
eg Nokia S60 smartphones have all the boxes
Hi,
> The setup that works well is running FreeBSD 7.0 Stable on an i386 system.
> The one that keeps crashing is running FreeBSD 7.1 PreRelease on an AMD
> system.
so 2 totally different systems then.
> Anyone have any ideas about what is happening here?
I think theres a nice hint with 's
Hi,
> Yeah that's got to be it. Fedora 8 uses 3.0.34 while fedora 10 uses 3.2.8.
> I'll have to try it with the old version of samba. I'll post back if it
> works.
is this a confirmation that ntlm_auth doesnt work with samba 3.2.8 and
, therefore, with FC10 ?
alan
-
List info/subscribe/unsubscrib
hi,
you've edited your ocnfigs beyond all hope and reasonable
anount - why dont you use the sites-enabled files
and do minor edits to the default config?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
> Well, I didn't expect this kind of reactions. I tried to give as much
> information as I had. First of all I upgraded to the newest packages of
> debian etch before I did a dist-upgrade to lenny. With the latest version of
> etch it still worked. The latest version in debian lenny is the
Hi,
> Please accept my apologies for this complicate question.
>
> I need make a new FR server from sources with mysql support, and I have only
> two OS options: CentOS 5 or Ubuntu 8.
>
> I used only FreeBSD, but now I have only these two options.
>
> Any suggestions?
either will be alien to y
Hi,
> Granted your DB is fast enough to query quickly.
> Upping this value on a slow DB will severely degrade performance.
>
> What's sort of values are you guys using for production servers?
we found that any value over 20 caused issues with mysql... we moved
to postgresql anyway a year back.
Hi,
> If it is not a secret, how many users do you have (active users in the
> same time) and how many connections per minute can your system handle
> without problems.
around 15k concurrent users, hundreds of thousand per minute could be handled
(when we last did a load test)
alan
-
List inf
Hi,
> 1. I have a local realm (suffix), xyz.com. I'm using freeradius 2.1.3+mysql.
>
> 2. My own user's username in mysql radcheck table is store in
> usern...@xyz.com format
>
> 3. A person want me to proxy his prefix ABC/his-customer-usern...@myrealm to
> his radius server, i.e: ABC/his-cust
Hi,
> Ok! Then I have one a question about moving Accounting packets through
> my network:
>
> When I login to cisco on log server(radius server) I racieve a:
>
> tcpdump port 1813
>
> 15:48:00.281073 IP 192.168.255.10.radacct > carlogg.radacct: RADIUS,
> Accounting Request (4), id: 0x67 lengt
Hi,
> Next I tried testing radiusd using radtest from a 2nd host (10.10.10.10),
> which I had added previously added to the clients.conf (Note I can
> successfully ping the radius server 10.10.10.11 from this 2nd host
> 10.10.10.10).?But, I get no response from radius acc-request on either the
Hi,
>
> Hi
>
> I'm putting the following code under /etc/freeradius/site-available/default,
> authorize section just after preproccess
>
> if (User-Name =~ "^ABC\/") {
> update control {
> Realm == "%another_realm"}
> }
>
>
> But i'm getting such error
Hi,
> if ("%{User-Name}" =~ /"^ABC\/"/ ) {
if ("%{User-Name}" =~ /^ABC\// ) {
read a few online regex resources.
> ++? if ("%{User-Name}" =~ /"^ABC\/"/)
> expand: %{User-Name} -> ABC/use...@my_realm
> ? Evaluating ("%{User-Name}" =~ /"^ABC\/"/) -> FALSE
> ++? if ("%{User-Name}" =~ /"^
Hi,
> Mike Diggins wrote:
> >
> > According to the documentation, radiusd -C is supposed to "Check
> > configuration and exit." I was assuming that would catch errors in the
> > configuration that might prevent it from restarting. However, if I
> > intentionally mangle the configuration to the poi
Hi,
>
> Thanks it was the Linux firewall. I opened UDP ports 1812:1816 and
> everything works
any reason for 1815 and 1816 ?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
> It checks:
>
> a) if the configuration files are formatted correctly
>
> b) if some modules can be loaded
>
> If more things "need" to be checked, we will "need" a patch to add
> that functionality.
much as thought. is it also the case that it only checks
stuff that can be 'H
Hi,
> Right now FreeRadius returns reject to NAS
> rlm_sql (sql): Failed to connect DB handle #8
> rlm_sql (sql): reconnect failed, database down?
> rlm_sql_getvpdata: database query error
> [sql] SQL query error; rejecting user
> rlm_sql (sql): Released sql socket id: 8
> ++[sql] returns fail
> S
Hi,
>
> Thanks Alan
>
> With this:
>
> if ("%{User-Name}" =~ /^ABC\//) {
> update request {
> Realm := 'another_realm'
> }
> }
>
> The regex is working by now, but the other problem exist, the rewrite not
> working properly.
dont play wi
Hi,
> Err.. try "echo $?" after that. It doesn't print out log messages to
> stdout unless you also do "-X".
I was about to say the same thing - the man page clearly
states that it fails with a value - this is a shell fail,
not a human readble fail - exit value isnt 0
therefore something is w
hi,
nice - a good compendium of other resources to make a complete task.
one small quirk though, you say its for FR 2.14 - in fact, its for
FR 2.1.3 - (2.1.4 isnt yet released)
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
> one small quirk though, you say its for FR 2.14 - in fact, its for
> FR 2.1.3 - (2.1.4 isnt yet released)
correction - 2.1.4 is out - I've finally caught up with todays
email - but your guide references 2.1.3 and downloads 2.1.3
- hope that helps! :-)
alan
-
List info/subscribe/unsubscri
hi,
thanks for the rad_assert pointers etc. still coming a cropper
on another part of the build process:
gmake[6]: Entering directory
`/usr/src/freeradius-server-2.1.4/src/modules/rlm_smsotp'
gmake[7]: Entering directory
`/usr/src/freeradius-server-2.1.4/src/modules/rlm_smsotp'
gmake[7]: *** No
Hi,
> I'll re-spin 2.1.4, unless there are objections.
for reference, i did the old classic 'rm -rf src/modules/rlm_smsotp'
and 'make install' then worked (it was the install part failing with that
message, not the main make process). it built. it runs fine (after
blowing away the old radiusd
Hi,
> > For thoses, who are interested by setting up PEAP/MSHCAP under Freeradius
> > 2.14, I wrote a simple how-to.
> > I hope it could help someone. :)
>
> Thanks for the how-to.
>
> Sorry if this is such a basic question, but what are the advantages of
> using freeradius for this purpose (PEA
Hi,
> The debug output for one such client is below:
> (chap/mschap/suffix returns noop. I don't know what that means.)
'no operation' - they had nothing to do, didnt see anything to do
or didnt need to do anything (in basic speak). if your system is
configured for one or 2 types of known auth t
Hi,
> Thanks for your reply, Ivan. So I don't need to "update control" to
> place a user in a vlan? If I can safely remove this section, that's my
> problem solved - thanks.
this sort of stuff needs to go into the RADIUS REPLY. you can use
eg PERL to do this, see the examples that come with t
Hi,
> Thank you for help. I try to do as you say and put this to authorize
> section after preprocess:
>
>preprocess
>
> # allow hotspot users only
> if (SQL-Group != 'Spot') {
> reject
> }
if (SQL-Group != /Spot/) ?
alan
-
List info/su
Hi,
> The Zinwell manual didn't say anything about enabling account. My Freeradius
> is configured with default values, only things I changed was to use EAP/PEAP
> and freeradius, at radius database I configured tables NAS, Usergroup,
> radcheck ang groupreply(Auth-Type:=EAP).
if it doesnt men
Hi,
> Is there any way to force a logic whereby if the ldap module fails, it would
> drop the RADIUS request on the floor, to make it look like a service failure
> to the client? Kinda wrecks our resiliency model if not! We're only using a
> single ldap server per box, but even if we were using ot
Hi,
> I do see the "Exec-Program output: Must change password (0xc224)"
> which to me means the computer account password has expired? I tried
> removing and re-adding the computer to the domain but get the same error.
you are right - the password needs changing - this is MS proprietary c
Hi,
>if (rejected) {
are you sure sucha return code is available and
comparable in such a way? looks like 'rejected'
got matched...possibly because the check went okay -
a value of 0 - rejected isnt defined...has a value of
0 too? just a guess!
>
hi,
the one that fails is failing at the mschap phase - ntml_auth
etc - so that server isnt configured the same as the other..
or if the config is the same, its not able to talk to the AD
as the other one can.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.htm
Hi,
> Please link me to a resources on how to make FreeRadius to work with
> postgreSQL on Ubuntu 8.04 LTS?
follow the usual MySQL/SQL stuff - just use postgres instead -
ie
1) install postgres
2) configure postgres
3) install FreeRADIUS with postgres support
4) configure FreeRADIUS
part 4 wi
Hi,
> but it does not show (for example) what happens when freeradius is
> stopped and restarted before all entries in the detail file processed
> : Does it re-process everything, or does it ignore everything and only
> process "new" detail log.
if you run it, you'll see what it does and how it d
Hi,
> >Sorry for bothering but what if detail file is on daily basis ...
> >detail-20090101 for example...
As Ivan says - if you are using buffered-sql and tking in that detail
file, then there will be nothing to rotate or deal with - everything
that is currently in the detail file get slurped in
Hi,
> I have finally been able to upgrade my secondary freeradius server to
> 2.1.3 and I must commend everyone on their hard work, the changes are
> great :)
any reason why not 2.1.4 ? :-)
> Is my understanding in this correct, that server 1 will send the request
> to server 2, and server
Hi,
> I've made no progress in finding a solution to my MSCHAP problem. To
> summarize, Winbind and FreeRadius authenticate via PAP fine on both
> servers (RedHat V5), but MSCHAP fails on one of the two (see below). I
> tried tar'ing up the entire /etc/raddb directory and copied it to the
Hi,
> My other email to the list from last week appears to have disappeared into
> the ether...probably too big with the whole config file.
>
> Hopefull someone can offer advice on this issue. If I start up radiusd (on
> SuSE/OES linux, install from Yast) with the standard script in init.d it
hi,
the magic stuff is here:
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Ready to process requests.
there you go! its ready and listening. but wait! when you test
with radtest you see nothing in that debug output?
what can that mean? well, the 2
Hi,
> So, unless there's another location that the radiusd user needs access to?
yes, /var/run/ whatever - chek the variables at top of radiusd.conf
to see what/where it looks. you can also use 'strace' on the daemon,
output the output to a file and check all the file open stuff.
alan
-
List
Hi,
> On following the messages; this is what I get from running freeradius -X
> but before point it to PostgreSQL it runs fine.
> rlm_sql (sql): Could not link driver rlm_sql_postgresql:
> rlm_sql_postgresql.so: cannot open shared object file: No such file or
> directory
> rlm_sql (sql): Ma
Hi,
> iam a new bie freeradius user, i have a duty from my lecture to build a
> hotspot captive portal using chillispot and freeradius. now i make it,
> chilispot and freeradius working well on ubuntu machine, but the problem is
> my lecture want me to do stress test on the radius server to make
Hi,
> I install the freeradius from the Ubuntu repo.
yep - and as explained in my message, you didnt install
all the required freeradius packages that ubuntu give you,
for example
http://packages.ubuntu.com/hardy/freeradius-postgresql
apt-get install freeradius-postgresql
..and for other fun
Hi,
> still can't get it. can u show me please which script to do benchmarking the
> RADIUS server, and how to running the script,.
freeradius-server-$version/doc/performance-testing
read, follow, run.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
you dont have a LOCAL defined in proxy.conf - set that.
you are allowing EAP to come before perl, it seems, in your
auth or post-auth sections.
also, are you hardcoding Auth-Type ? it appears that you are.
that is bad in general.
if the PERL isnt being called check that you have enabled
P
Hi,
> I need the packets freeradius-mysql... I have this:
> freeradius-mysql-1.1.3-1.2.el5.i386.rpm
>
> but my freeradius is 2.1.3 and this rpm don´t work.
> I have Red Hat 5.1
you've built this yourself? if so, you need to install
the mysql-devel package FIRST, then build freeradius
(do make c
Hi,
> There is nothing related to eap to comment out in these files...
> Should I create a certificate? Is it compulsory?
hang on - do you actually HAVE any EAP cert/CA files that you are referencing
in eap.conf?
read eap.conf - see what files it is trying to read (cert, CA , pkcs12, random,
et
Hi,
> RADIUS:/etc/raddb/certs # ls -l
> total 104
> -rwxrwxrwx 1 root root4210 Mar 17 10:49 01.pem
> -rwxrwxrwx 1 root root4441 Nov 19 14:20 Makefile
> -rwxrwxrwx 1 root root5343 Nov 19 14:20 README
> -rwxrwxrwx 1 root radiusd 462 Nov 19 14:20 bootstrap
> -rwxrwxrwx 1 root radiusd 128
Hi,
> But username isn't. You can't strip the username.
yep. add 'nostrip' to the proxy section for that realm
on the proxy server
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
> I'm running FR 2.0.3 and I just found that if there is more than one
> client with the same IP address in clients.conf, then it will stop
> processing the remainder of the file and continue startup. The only
> indication it has done this are 2 error messages that are easily missed
> when ru
Hi,
> Please I'd like to know if with freeradius-server-2.1.3 , i must
> install freeradius-ldap before synchronize a ldap database to my
> radius server;
> Is-it necessary also to install freeradius-dialupadmin before creating An API?
> These two modules aren't integrated in freeradius-server-2.1
Hi,
> Thanks for taking the time to share your thoughts Alan. I recently
> started investigating SQL for client and huntgroup definitions and I
> appreciate your insight. Does using the SQL approach still require a
> server restart to refresh any changes? Do you know if there are any
> plans to
Hi,
> Here's the relevant portion of my proxy.conf:
although old, proxying works in 1.0.1.
the bit that doesnt work here is when you say
'relevant portion' - no, its not the relevant portion
at all - you've got something else going on in proxy.conf
please supply rhe whole file - I dont care if y
hi,
why not use the raddebug functionality so you can debug the live server
when you want
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
> good advice, don't know that tools but it seems interesting
> however I'am not sure it is available in my version ?
> freeradius-2.0.3-3.el5
> how can I check, where to find a doc ?
no. not available - you need to run 2.1.4 for these new features
alan
-
List info/subscribe/unsubscribe? See
Hi,
> The howto you sent me says "If all goes well, you should see
> authentication succeeding (NT_STATUS_OK). You should also see the
> NT_KEY output, which is needed in order for FreeRADIUS to perform
> MS-CHAP authentication." I (0x0) the output being referred to or is
> something missing here?
Hi,
> Lol just actually read some stuff on WPA and learnt abit more about EAP. I
> realise now that TTLS does not require client certificates like I previously
> thought only the server. Apologies for this miss understanding. Although I
> do realise now that SecureW2 would be required to give my W
Hi,
> Dear All,
>
> I use freeradius 1.1.7 and I am thinking of migrate to new ver. 2.x
> so i want to ask which ver is better ?
2.1.4 by a long long way
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hi,
taking some Steinbeck metaphor too far...
oh, how I wish Lenny were a code name for MacOSX rather than Debian... anyway,
or lovely friend Lenny or having a few issues compared to his friend George.
Lenny wants to have the lovely Wifi...but cant. You see, Lenny has 'issues'
and some of these i
Hi,
thanks for the list
I can confirm all of these issues. Also, if you have WPA/AES turned
on, then the Mac wont touch the lovely WPA2/AES - ie it wont do 802.11n
properly. if you reratify the wifi so you only do WPA/TKIP and WPA2/AES
then the Mac is a _little_ happier
I can also confirm the
Hi,
> Let's not put Lenny out of his misery just yet. I've never had problems
> with EAP-TTLS on Macs, I've actually started recommending people use it, as
> it appears to be slightly more efficient than PEAPv0 (based purely on the
> number of rounds it takes to complete), and far better documente
Hi,
> Have you actually traced the wireless traffic (passively), are you
> sure it's the Macs at fault with this one?
as everything works fine on the same Mac when it runs Vista (yes, I know...)
and works all okay on random PCs and PDAs/smartphones..the big greasy
pointy finger is pointing decide
201 - 300 of 1557 matches
Mail list logo
