in radius fails to communicate
with the configured ldap server, is there any way for radius to pretend
as though its dead or actually die (rather than returning an
access-reject packet) so the Cisco's fail over to our other radius
servers? Thanks in advance!
Chris Carver
Pennswoods.net
Network
in advance,
Chris Carver
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok wrote:
Chris Carver [EMAIL PROTECTED] wrote:
redirectPort80 is an
attribute tied to an ldap attribute through the ldap_attrs file.
Did you define it in the dictionaries?
Alan DeKok.
I believe so. Here is what is a custom dictionary file thats included
in /etc/raddb
thing I changed. Thanks for your time.
Chris Carver
Alan DeKok wrote:
Chris Carver [EMAIL PROTECTED] wrote:
I believe so. Here is what is a custom dictionary file thats included
in /etc/raddb/dictionary:
Ok...
I still see the same behavior as before. The users file completely
ignores
Mathieu Bénard wrote:
Hello
I'd like to manage my LDAP users with DialupAdmin Radius interface,
and here come a few questions.
1: It seems that DialupAdmin uses LDAPv2 protocol. Can it possibly use
LDAPv3 ?
Absolutely. I'm using it right now.
2: From what I read in the
in advance.
Chris Carver
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Perhaps your rlm_sql module did not compile properly. When are
configuring for the install watch the messages very closely and ensure
that the required libraries and header files are found, and that it will
be built. Do the same for any other modules you're going to use.
Software
Kostas Kalevras wrote:
On Mon, 23 May 2005, Chris Carver wrote:
Hello,
I'm still struggling with a problem I wrote in about in the past. I
will explain what I am trying to do as well as possible.
We have customers authenticating through our radius server which uses
an openldap backend
On Thu, 2005-11-17 at 23:03 +0800, TK Lew wrote:
hi ::
Is it possible to query freeradius local session database (radutmp) to
check for simultaneous use.?
If exists delete it using radzap command and then only accept the
Accouting Start packet which then eventually written to radutmp.
I
Giuseppe Parlato wrote:
I upgraded freeradius from 1.0.1 to 1.1.1 and I get the following error:
rlm_sql_getvpdata: database query error
can anyone help me please?
Giuseppe
Give us the surrounding radiusd -X output please.
-
List info/subscribe/unsubscribe? See
No access-requests are making it to your radius server then. You need
to make sure your client is pointed at it properly or that you don't
have your radius server firewalled.
Chris Carver
Network Engineer
Giuseppe Parlato wrote:
Now I do not have that error, I started radiusd -x end
The software is too complicated for me (and probably anyone else) to
look at all the configs you sent line by line and just know what is
wrong. You need to put freeradius in debugging mode (radiusd -X) and
see what the output is when your client sends an access-request packet.
Chris Carver
in radiusd -X. You need to figure out why
Chris Carver
Network Engineer
Giuseppe Parlato wrote:
tail -f /usr/local/var/log/radius/radius.log
Fri May 19 20:52:29 2006 : Info: Using deprecated naslist file.
Support for this will go away soon.
Fri May 19 20:52:29 2006 : Info: rlm_exec: Wait=yes
Use tcpdump on the radius server to see if packets are being received.
If they are not, you need to find the reason why. A networking issue,
not a freeradius issue.
tcpdump port 1812
Chris Carver
Network Engineer
Giuseppe Parlato wrote:
It is an upgrade, so firewall can't be the problem
Do --with-mysql
Make sure the rlm_sql libs appear in the lib dir of the dir you
installed it in.
Chris Carver
Network Engineer
Abul Monsur Mannan wrote:
Tahnk you for your responce.
I've Mysql Devel,server and client installed.
I did like this--
./configur --with -mysql
as said
Freeradius keeps a configurable number of open connections, called
sockets in the config, which it uses to query the DB at all times. I
believe it keeps these open persistently. In sql.conf...
# number of sql connections to make to server
num_sql_socks = 5
Chris Carver
Network
According to your output it is definitely connecting. 5 open
connections to the mysql db is the default configuration. If you look
in etc/raddb/sql.conf you'll see the variable 'num_sql_socks = 5' This
is what controls the number of open connections.
Chris Carver
Network Engineer
Cliff
? As far as I know, radiusd is designed to
just be run straight from the command-line.
Chris Carver
Network Engineer
Cliff Hayes wrote:
Here's even more light:
When I start freeradius by just typing radiusd on the command line, it
connects to MySQL ok. But if I start it like I'm supposed
Radwatch, being basically a wrapper, will fail to start radiusd. The
radius server that is running will be unaffected.
Chris Carver
Network Engineer
xuxu wrote:
freeradius-users,
The radwatch script will restart a radius every 10 seconds ,does it
affect the radius running
.
radiusd -xxx radius.log
Chris Carver
Network Engineer
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
you want. If you
wanted to do it with huntgroups you'd have to add two entries in the
huntgroups file:
restrictedAPNAS-IP-Address == ip
otherAP NAS-IP-Address == ip
Then in users instead of matching on NAS IP you match on Huntgroup-Name ==
Chris Carver
Network
of active users that
freeradius keeps.
Chris Carver
Network Engineer
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
mysql client to connect to the mysql database you specify to ensure it
should work properly.
mysql -uusername -ppassword -hremoteserver radius
Chris Carver
Network Engineer
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
, by modifying sql.conf to fit your
needs and putting 'sql' in the accounting stanza of the radiusd.conf file.
Chris Carver
Network Engineer
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
== 192.168.0.1
huntgroup1 NAS-IP-Address == 192.168.0.2
huntgroup1 NAS-IP-Address == 192.168.0.3
### users file ###
DEFAULT Huntgroup-Name == huntgroup1
Idle-Timeout = 900,
Framed-Protocol = PPP,
Service-Type = Framed-User,
Fall-Through = no
Chris Carver
Network
25 matches
Mail list logo