Hi there.
I'm a newbie and found that to connect to MSSQL we cannot use freetds.
Instead, I read that we need to use this driver: rlm_sql_unixodbc.
I configured this driver and freeradius tried to connect to the MSSQL
server, but ...
rlm_sql (sql): Driver rlm_sql_unixodbc (module
rlm_sql (sql): Driver rlm_sql_unixodbc (module
rlm_sql_unixodbc) loaded and linked
rlm_sql (sql): Attempting to connect to
[EMAIL PROTECTED]:1433/radius
You have that use the name of de pc no the ip
rlm_sql (sql): Attempting to connect to [EMAIL PROTECTED]:1433/radius
Thanx for
Hi all,
I have the following situation. The user XXX exists in the radcheck
table. He has its password and everytingh works ok. Upon an
access-request, if user/password provided are ok, I get an access-accept
response with a reply containing the attribute assigned to the XXX user
in the radreply
I have the following situation. The user XXX exists in the
radcheck table. He has its password and everytingh works ok.
Upon an access-request, if user/password provided are ok, I
get an access-accept response with a reply containing the
attribute assigned to the XXX user in the radreply
I have the following situation. The user XXX exists in the
radcheck table. He has its password and everytingh works ok.
Upon an access-request, if user/password provided are ok, I
get an access-accept response with a reply containing the
attribute assigned to the XXX user in the
I have the following situation. The user XXX exists in
the radcheck table. He has its password and
everytingh works ok. Upon an access-request,
if user/password provided are ok, I get an
access-accept response with a reply containing the attribute
assigned to the XXX user in
Hey, come on people ... just wanna know if this is normal
or not
I want to get paid to answer questions here. Sadly, that
isn't happening.
I have a theory: meanwhile rougher and sarcastic I put myself, more
attention I receive
The thing is that the user exists but there was
Hmm... That's a good point. I've updated the rlm_sql
module in CVS to
handle this situation so that it more closely matches the
users file
methodology (if there are no check pairs, then the section is
automatically matched).
Thats great! It gives much more flexibility now
Hi everybody,
We are deploying a GPRS Edge architecture with one
router in a DMZ area with 4 permanent IPSEC tunnels through
our operator.
When the user is connecting, he should authenticate on the
Freeradius server.
But the Radius have to provide an IP in a different subnet
Hi Lucas,
Stored procedure is a nice tweak. Indeed, i have my users in
a mysql database.
for example in my mssql.conf I have
authorize_check_query = rad_authorize_check_query
'%{Stripped-User-Name:-%{User-Name}}'
rad_authorize_check_query is an stored procedure. I
Hi everybody,
I'm willing to remove from a sip URI (ie:sip:[EMAIL PROTECTED]) the sip: and
@domain parts, but, when they arrive in the Calling-Station-Id or
Called-Station-Id Attributes. How to solve this ??? I've been able to
remove @domain from the Uri, but at the User-Name only.
Any help
I'm willing to remove from a sip URI (ie:sip:[EMAIL PROTECTED])
the sip:
and @domain parts, but, when they arrive in the
Calling-Station-Id
or Called-Station-Id Attributes. How to solve this ??? I've
been able
to remove @domain from the Uri, but at the User-Name only.
2) Reject Cause (feature request)
Free radius is not informing when it rejects any user if found a
condition false in radgroupcheck or in radcheck only send reject
(reply:Packet-Type), is it possible to give reject with
attributes so
we will know which attribute is the cause of
Hi all,
I'm having trouble at authentication using radius and digest. Look at
radius output. The rare thing is that some phones get registered nicely,
but others no. The ones who get registered are X-Lite softphones and
grandstream. The ones that not, are the ATAs from voip solutions,
MTA-V102.
I'm having trouble at authentication using radius and
digest. Look at
radius output. The rare thing is that some phones get registered
nicely, but others no. The ones who get registered are X-Lite
softphones and grandstream. The ones that not, are the ATAs
from voip
solutions,
Why is that ? I mean ... I have some SIP Phones that have no
password configured, and the digest module is working fine, as they
can get registered nicely.
The server needs a clear-text password to do the digest
authentication. If it doesn't have a clear-text password, it
Hi all,
I'm willing to send a reply-message when access-reject occurs. The thing
is that, if authorize_check_query fails ( ie: user is not found) , then
authorize_reply_query is not called. So, I do not know how to send back
a Reply-Message Attribute if authorize_reply_query is not executed.
I'm willing to send a reply-message when access-reject occurs. The
thing is that, if authorize_check_query fails ( ie: user is
not found) then authorize_reply_query is not called. So, I do not
know how to send back a Reply-Message Attribute if
authorize_reply_query is not executed.
So you say that if I have a client returning, at
authorize_check_query, a table with User-Password = ,
it will not
work for digest ??
I'm saying it's a bad idea, and a case I didn't test.
Well ... there are cases where I have no-password users. For this cases,
where no-password
I use Auth-Type :=3D, but still my problem not solved.
I am using the SIP-HIT software from MERA softswitch
The Mera sending Password in MD5 format. and also
tried to use Auth-Type := MD5 but no luck.
Please let me know if there is any other solutions?
Abdul ,
I had trouble with digest,
Hi there,
I have FreeRADIUS Version 1.0.2. I believe it is working fine now.
However, i often get the following errors in radius.log
Error: rlm_sql: Stop packet with zero session length. (user 'USER-XXX',
nas 'NAS-YYY')
Error: rlm_attr_filter: Authorize method will be deprecated.
Any ideas
you mean radiusd -X?
Can this full debug information somehow be saved in a file instead of
dirrectly on the console?
Edgars,
you can try 'radiusd -X radius.log 21 '
with this youre a redirecting everything to radius.log.
please, let us know how did you do, because yesterday I had same
The other thing i want to ask is: I had radius working. Suddenly (
sometime later, do not know how much later ) it stopped
working. The
rare thing was that when 'netstat -putan' was executed, I could see
radiusd listening at the defined ports. But, when tested using
nt-radping, I
Hi all,
This is not related to freeradius directly, but to Cisco. I thought
somebody could have had the same problem.
I'm willing to send a reply-message to Cisco ( which I'm allready
sending using radius ) and, according to what string I'm sending along
with reply-message, I'm willing to
Hi all,
This is not related to freeradius directly, but to Cisco. I thought
somebody could have had the same problem. I'm willing to send a
reply-message to Cisco ( which I'm allready sending using radius )
and, according to what string I'm sending along with reply-message,
I'm
The function infotag get aaa_avpair x returns the value
of the x atribute from the radius' reply attributes, you
can use it for any attribute of the radius' reply string,
they're defined by the tcl/ivr standard api from cisco, i
mean, it's included in the IOS of the NAS, this
Hi all,
Have some questios about accounting.
When Acct-Start arrives, in which cases will freeradius reject or drop
that packet?
When Acct-Stop arrives, in which cases will freeradius reject or drop
that packet?
Any docs ?
The thing is this. I've read rlm_sql.c and found this ...
/*
* If
what accounting are you thinking about? there're some
possibilities.. I assume now mysql with the default setup..
yes, mysql ...
When Acct-Start arrives, in which cases will freeradius
reject or drop that packet?
reject ? probably only if i.e. the client secret is wrong,
the packet is
Hi all,
Is there any way of logging the MSSQL queries ( with values ) to the
radius.log file ?
I can see the following in the radius.log file ...
Tue Jun 14 00:53:53 2005 : Error: rlm_sql (sql): Couldn't update SQL
accounting STOP record - HY019 [unixODBC][FreeTDS][SQL Se
rver]Arithmetic
Hi all,
I've seen many of these messages in the radius.log ...
Wed Jun 15 15:10:23 2005 : Info: rlm_sql (sql): There are no DB handles
to use! skipped 0, tried to connect 0
What does it mean ? How to solve this ?
Best regards,
Lucas
--
No virus found in this outgoing message.
Checked by
I've seen many of these messages in the radius.log ...
Wed Jun 15 15:10:23 2005 : Info: rlm_sql (sql): There are no
DB handles to use! skipped 0, tried to connect 0
What does it mean ? How to solve this ?
Hi,
increase the number of connections to the mysql db in your sql.conf !
I've seen many of these messages in the radius.log ...
Wed Jun 15 15:10:23 2005 : Info: rlm_sql (sql): There are no
DB handles to use! skipped 0, tried to connect 0
What does it mean ? How to solve this ?
Hi,
increase the number of connections to the mysql db in your
I only 9 seconds, 21 messages of this kind. And .. .do the
unresponsive child have something to do ... ???
Yes. Your database is slow, and is not responding to
FreeRADIUS in time.
Ok, but ... my sql server is a Pentium IV with 512MB of RAM. How can it
be possible ?!
Besides, in
Hi all,
Is it possible to have freeradius as a proxy, but also, doing some
load-balancing within N other freeradius-servers ?
Has anybody done something like this before ?
I've seen at freeradius.org that some used LinuxVirtualServer for doing
this. But, I believe that, having a freeradius as
Hi all,
Is it possible to have freeradius as a proxy, but also, doing some
load-balancing within N other freeradius-servers ?
Has anybody done something like this before ?
I've seen at freeradius.org that some used LinuxVirtualServer for doing
this. But, I believe that, having a freeradius as
Ok, but ... my sql server is a Pentium IV with 512MB of
RAM. How can it be possible ?!
shrug Go figure it out. I don't run your SQL server, so
I don't know.
I know you are not running my SQL server. I was just asking because some
may have some idea of what to touch to improve the
Ok, but ... my sql server is a Pentium IV with 512MB of
RAM. How can it be possible ?!
Are the attributes you are doing searches with indexed?
Mmmm, interesting. I looked and there was no index created for those
attributes. I created the index and reindexed the database and it seems
to
I would like to build a freeradius plateform and I am looking
for return of
experiences about :
- the best choice of Linux distribution to support the last
version of freeradius.
I'm using it with red hat 7.3 and works just perfect. Also using MSSQL
2000 as database with unixodbc.
Best
Hi all,
I'm willing to install Freeradius. I'm using red hat 7.3 in a lab
enviroment. I now it is outdated so, which linux distribution do you
recomend for installing it ?
I've heard that gcc is something critical ...
Any opinion ?
Thanks
Regards,
Lucas
--
No virus found in this outgoing
I've been put in a situation in which I am forced to replace
our old icradius server.
Hi. I also migrated from IC-Radius to Freeradius.
I'm now stuck with the task of migrating our old
(mySQL) databases, as we have far too many users to re-enter
manually.
Just make sure you are using
40 matches
Mail list logo