I did a little looking into this this evening. This assessment looks
to be correct as it looks to be related to compiler optimizations.
With the optimizations disabled in Make.inc, FreeRADIUS will start up
on the correct port. For the fr_socket function, gcc appears to be
optimizing the
On May 16, 2008, at 9:49 AM, Phil Mayers wrote:
...with any luck, the toolchain will get fixed - it's clearly not a
FreeRadius bug, and I wonder what else it's broken...
After discovering what the problem was, I immediately wondered the
same thing myself.
--Mike
-
List
You'll have to set up two instances of the EAP module. The first
instance will have the TLS submodule set up with the information for
Cert1.pem (and the appropriate key and CA cert). The second instance
will have its TLS submodule set with the info for Cert2.pem. It will
look something
With EAP-TLS, the machine will attempt to use a certificate that resides
in the Local Computer's Personal Certificates store. With PEAP, the
machine will attempt to use the machine credentials as negotiated with
the domain controller.
--Mike
On Thu, 2004-06-17 at 18:26, Brian Craft wrote:
Can
but only found an old patch (didn't try it) from Michael
Griego on Nov2003 and an unanswered message from Anthony Lopez on May
2004. Any clue?
thanks
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http
--
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
No. Currently, only PEAPv0 is implemented.
--Mike
On Mon, 2004-06-21 at 05:53, Manuel Sánchez Cuenca wrote:
Hello all,
can anybody tell me which version of PEAP is implemented in FreeRadius?
is the PEAP version 2 implemented?
Thanks in advance.
-
List info/subscribe/unsubscribe? See
Try something like this for your check line:
DEFAULT Freeradius-Proxied-To == 127.0.0.1, EAP-Message !* ,
Auth-Type := PAP
--Mike
On Mon, 2004-06-21 at 06:59, Christophe Saillard wrote:
Hi,
Now I've a working TTLS/PAP with LDAP storage configuration ;-)
Here's what I've to put
for any help
Jeremy Scribner
--
--Mike
--
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- Original Message -
From: Michael Griego [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, June 24, 2004 4:24 PM
Subject: Re: EAP/TLS Computer Certificates
Couple of things:
1. Make sure the CA certificate also exists in the Local Computer
Trusted Roots Store.
2. For Windows
On Sat, 2004-06-26 at 22:25, Alan DeKok wrote:
If your AP's can't do per-user WEP keys, then they can't do EAP-TLS,
EAP-TTLS, or PEAP. It means that the *only* way you can secure the
wireless connection is by making the clients use VPN's.
Technically speaking, there are APs that will do
Check your shared secret between FR and the Concentrator.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
On Mon, 28 Jun 2004, Seth Law wrote:
I'm trying to get a Cisco 3030 to authenticate against FreeRADIUS. How
have to post debugging output in order to see
what's happening.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
On Mon, 28 Jun 2004, Seth Law wrote:
Mike:
I've done this, but am still getting strange results. What else I
On Fri, 2004-07-02 at 07:10, Anj wrote:
In some cases, Domain Name is stripped from User-Name and sent to Radius
Server. In that case, User-Name would not match with Type-Data field of
EAP-Identity/Response.
It's a security piece. Since authorizations are based on the User-Name,
the server
/list/users.html
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
was:
the AP-8110 does not support PEAP.
I thought that this was odd, because it does support some EAP-types.
I am in contact with the manufacturer to see if there is an upgrade
available.
-Mark
On Wed, 2004-07-07 at 15:18, Michael Griego wrote:
Be sure you have added the CA certificate
Normal operation for that type of environment is to have a machine cert
so that the machine can authenticate to the network before a users logs
on to the machine itself, then to have a user cert for each user on the
machine so that once the user logs in, the authentication switches to
that user.
.
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Set up 3 ldap module instances, then see the doc/configurable-failover
file for information on how to set this up.
--Mike
On Fri, 2004-08-13 at 17:48, kevin J wrote:
I want to use ldap for authentication.
What I want tot do is
first
do ldapsearch with (basedn:
tls_session-fragment will always be 0 or greater
than 0: 1)
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The patch checked out OK and has been committed.
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Yeah, I was actually going to put in a somewhat different patch later
this evening.
--Mike
On Tue, 2004-08-31 at 18:41, David Hart wrote:
relevant portion of radiusd.conf:
log_destination = syslog
log {
# Yes, I read the comment about changing this.
syslog_facility = local1
}
Using
Get tomorrow's CVS snapshot. It will be fixed there.
--Mike
On Tue, 2004-08-31 at 18:41, David Hart wrote:
relevant portion of radiusd.conf:
log_destination = syslog
log {
# Yes, I read the comment about changing this.
syslog_facility = local1
}
Using the latest code from CVS on
initialization
TLS_accept: before/accept initialization
Thanks
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info
On Fri, 2004-09-03 at 16:41, Baig wrote:
Mike,
I am using RedHat 9.0
This is my gdb output
Read docs/bugs for more info on how to get proper debugging output from
gdb, then post your results again.
Thanks.
--
--Mike
---
Michael Griego
Wireless LAN
/users.html
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Try sending the *entire* debug output. You're only sending the part
that occurs *after* the *real* error. The true error is happening
earlier in the authentication sequence.
--Mike
On Thu, 2004-09-09 at 08:21, Hugo Sousa wrote:
Hello,
I'm trying to authenticate a XP SP2. I'm using, for
: MS-CHAP2-Response is incorrect
Your problem lies in the error messages above. You need to specify
either a plain-text User-Password or an NT-Password for the user in the
users file.
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University
was rejected.
rlm_eap_peap: FAILURE
Regards,
Hugo Sousa
SysAdmin / NetworkAdmin
http://www.netsystems.pt
Portugal
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See
for repeater-type environments. Anyway, the fact that it does this
should not affect anything in the account as autz/auth and accounting
are totally seperate functions. It's just a large annoyance.
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe
to talk to anyone about the specifics if they want to email me
directly.
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
and such), so I use the reauth sequence to catch them and take
them off the network.
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Michael Griego
Sent: Wednesday, September 08, 2004 11:16 AM
To: [EMAIL PROTECTED]
Subject: RE: Q: Allowing 1 EAP type per SSID with 1 AP and 1 Radius
Server.
RFC3580 section 3.20:
3.20. Called
See doc/configurable_failover in the source tree.
--Mike
On Thu, 2004-09-16 at 08:23, Matthew Hunter wrote:
I have Freeradius configured with Ldap which works but I would like to
specify a secondary Ldap server incase the primary ldap goes down. How
would I go about doing that? Thanks
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
not have to provide the huntgroups content,
but there's little anyone can do without debug output.
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
Are you using with_ntdomain_hack in the preprocess module?
--Mike
On Wed, 2004-10-13 at 06:16, Christoph Litauer wrote:
Alan DeKok schrieb:
Christoph Litauer [EMAIL PROTECTED] wrote:
Please read proxy.conf.
Well, reading proxy.conf I found the following section:
...
sigh
:
Michael Griego schrieb:
Are you using with_ntdomain_hack in the preprocess module?
I tried this, too. The effect was the one I described: I can see my
username without the domain is added to the users list. But while
authenticating I get the error message:
rlm_eap: Identity does
table for?
Is it used somehow by code?
I mean if my user appears in two groups and one group has Auth-Type:=Accept and
another has Auth-Type:=Reject will the PRIORITY help radius to make decision
what to do?
--
--Mike
---
Michael Griego
Wireless LAN Project
This sounds like an issue of chasing LDAP referrals. AD is pretty
referral-happy. On a cursory look, it doesn't look like the rlm_ldap
module supports chasing referrals. A config option should probably be
added to support this.
--Mike
On Tue, 2004-09-28 at 07:50, Kellogg, Chris wrote:
Hi,
I have noted this behavior in my installations as well. The conclusion
I have come to is that Windows XP is attmepting a PEAP fast reconnect
even though it has been told not to (by unchecking the Enable Fast
Reconnect box). As such, when the TLS session has been successfully
established, and
in the list here said they use it to do stored
procedures and the like, but I'm not showing freeradius shipping with
Microsoft SQL support.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
--Mike
---
Michael Griego
Wireless LAN
For using PEAP with FreeRADIUS and Active Directory, you'll need to use
the ntlm_auth functionality in the mschap module.
--Mike
On Thu, 2004-10-21 at 06:36, Cool Man wrote:
Hi,
Active Directory works with freeradius through, but if
you want to use it within a 802.1x/EAP environment it
/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info
not be a problem to begin with.
Could there be a difference between Win2000 AD and Win2003 AD that
FreeRadius does not support?
Magnus
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
--Mike
---
Michael Griego
Wireless LAN
I was looking around yesterday, and I noticed that Linksys' new wireless
router (WTV56G I believe) perports to support 802.1x. It retails for
about $180 depending on where you look. It's more than just an AP
though, it has full blown router functions.
--Mike
On Tue, 2004-11-16 at 08:00, Joe
For some reason, you have the LDAP module set up to pull an MD5-hashed
password from your LDAP tree and add it as the NT-Password attribute.
This won't work. In order to use PEAP, you have to have either a
clear-text password or an NT-hashed password.
--Mike
On Wed, 2004-11-17 at 03:44, Pål
, as FreeRADIUS
is out of the game at that point, and will need to be taken up with the
manufacturer of your AP.
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
obtained from Michael
Griego, who published the patch. Curently I'm using FreeRadius version
1.0.1, and I was expecting to find the code from the patch there, but it
wasn't. So I added the patch file again. Without that patch file,
Digest-MD5 authentication doesn't work.
That's odd
Peter,
All I have to say is that your attitude normally determines the response
you get. You came in here telling many people who have worked with
RADIUS for a long time how the specs are wrong and how you are much
better than they. This is a fatally flawed approach when trying to
learn
On Sat, 2004-12-04 at 21:16, Peter T. Breuer wrote:
No I haven't. I'm sure radius is fine. OTOH I'm quite sure the rfc is
probably a load of badly written rubbish, because they normally are.
So? Is there something new? Have you read a rfc lately? I certainly
haven't! ;)
Yes, I have. As such,
The AP must support 802.11i. For Enterprise 802.11i, you must use
802.1x, which FreeRADIUS supports.
--Mike
On Mon, 2004-12-13 at 22:46, Bilal Shahid wrote:
Hi,
Does FreeRADIUS support 802.11i?
On a more general level; in the wireless environment, does the RADIUS Server
(any RADIUS
/unsubscribe? See http://www.freeradius.org/list/users.html
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
You haven't generated the certificate files for EAP-TLS. If you're
using EAP-TLS, either run the scripts/certs.sh script as it says in the
config file or manually generate your own certificates. If you are not
going to be using EAP-TLS or any of its sub-types, then you can comment
out the
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
You're running a pretty old version. Give the latest stable release a try.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
Hennie Vaatstra wrote:
I'm running a freeradius server (FreeRADIUS Version
0.9.3, for host s390x-ibm
we're actively deploying wireless APs, we can bring up several new NASes
each day.
I'll probably be working on this pretty soon, but that's on hold at the
moment while I attempt to track down a memory leak/heap corruption problem.
--Mike
---
Michael Griego
Wireless
Actually, what you should be sending in the --username option is:
--username=%{mschap:User-Name}
This will automatically stip the domain portion (if it exists) from the
username before sending it to the DC.
--Mike
---
Michael Griego
Wireless LAN Project Manager
Is your Extreme Networks equipment truly performing EAP authentication?
Do you have an example of radiusd -X output with an auth attempt from
this piece of equipment? If it's true that this piece of equipment is
truly rewriting the User-Name attribute so that it isn't the same as the
EAP
Create two instances of the LDAP module, ie ldap1 and ldap2. In
instance ldap1, have one attrmap (perhaps called ldap1.attrmap) with the
LDAP attribute mapped one way and with intance ldap2, have a different
attrmap (perhaps called ldap2.attrmap) with the LDAP attribute mapped a
different
Wow. The EAP messages does indeed decode to an EAP Response/Identity
with a value of AMS\mcapelle. I've never seen a EAP-aware NAS rewrite
the User-Name. That violates RFC2869, which states that the NAS must
*copy* the contents of the identity into the User-Name. The only thing
I can
When you're using EAP, it's not always that simple. HUPping a server or
taking it offline is something you'd rather avoid if possible as it
becomes noticible to the end users when you do it. We do indeed have
redundant servers. If one fails, then yes, the other picks up the load,
but it's
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
Jacques VUVANT wrote:
Hi all
I've installed and use freeradius 1.0.1 for EAP/TLS auntentication. It
work well without CRL. But each time I want to active check_crl = yes
on eap.conf
I'm guessing you're using the Windows XP supplicant? This looks like a
classic case of your CA certificate not being present on the client machine.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
ealatalo wrote:
Quoting
Try running with LD_ASSUME_KERNEL=2.4.19. This will force runtime
linking against the standard libc libs instead of the thread-local
storage (tls) libs. So, on the command line, run
LD_ASSUME_KERNEL=2.4.19 radiusd -X and see if that segfaults.
--Mike
Alan DeKok wrote:
Daniel J McDonald
Use the SQL-Group attribute, so your check line would look like this:
DEFAULT Service-Type == Framed-User, SQL-Group == MySQLGroupName
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
[EMAIL PROTECTED] wrote:
Hi
Just
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
Manuel Schmitz wrote:
Hello,
as far as I have understood, the check_cert_cn switch in raddb/eap.conf
forces the certificate's Common Name to be in the raddb/users file.
Otherwise
That's what CRLs are for. There is support for CRLs in FreeRADIUS now,
so you can revoke the certs you no longer want used.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
Manuel Schmitz wrote:
Thank you very much. :-)
I
Stripped-User-Name is created either by using realms or in the hints
file used by the preprocess module.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
Kevin Jeoung wrote:
You didn't get a Stripped-User-Name. You need
Dagoberto Luiz Schonardie wrote:
Is it possible to authenticate the Windows XP computer account in this
environment ?
Not currently.
--Mike
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rlm_mschap: No User-Password configured. Cannot create LM-Password.
rlm_mschap: No User-Password configured. Cannot create NT-Password.
rlm_mschap: Told to do MS-CHAPv2 for jseymour with NT-Password
rlm_mschap: FAILED: No NT/LM-Password. Cannot perform authentication.
rlm_mschap:
in your smbpasswd file.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
Jim Seymour wrote:
Michael Griego [EMAIL PROTECTED] wrote:
rlm_mschap: No User-Password configured. Cannot create LM-Password.
rlm_mschap: No User
I'd like to be included in this as well.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
Alan DeKok wrote:
Willem Eradus [EMAIL PROTECTED] wrote:
I'll do some more tracing and debugging. Do you want me to post it to
list
You just need to make sure that your MySQL headers and libraries are in
the standard include/linker paths. If you installed MySQL from the
RPMs, then this should be true as long as you have the mysql-devel rpm
installed as well.
--Mike
---
Michael Griego
Not yet.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
Bilal Shahid wrote:
Does FreeRADIUS v1.0.1 support session resumption (fast reconnect during
reauthentication) for TLS, TTLS and PEAP?
Thanks,
Bilal
Hey, Michael,
I'm betting your ntlm_auth command, where it uses the username, looks
like this:
--username=%{Stripped-User-Name:-%{User-Name:-None}}
This is the default. Try changing your ntlm_auth line in your
radiusd.conf to something like this:
ntlm_auth --request-nt-key
If your NAS supports sending the MAC address, you will see it show up as
the Calling-Station-Id attribute. Your NAS must be sending this
attribute, though.
--Mike
Marc-Henri Boisis-Delavaud wrote:
How can I have the user mac adress in accounting files ?
Marc
- List info/subscribe/unsubscribe?
. I
don't think the new SQL code has made into the stable releases yet.
Anyway, if you are, grab tomorrow's snapshot or grab the updated
rlm_sql.c file directly from CVS and try that out.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas
of FreeRADIUS.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
King, Michael wrote:
Has anyone figured a way to authenticate the computer account in Active
Directory? Other than pGina. I don't have the option of changing
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Talk to your NAS vendor. That's completely insane for a NAS to rewrite
the User-Name, not to mention a violation of RFC 3579.
--Mike
Israel Fabio Alves wrote:
Hi,
I need help to solve a problem.
My configuration work 100% with Switch Cisco 2950.
Now I need use Switch from Extreme Networks
Stephan Jaeger wrote:
For rejecting every user that has no matching group profile i guess my
best bet is now to use a DEFAULT profile with Auth-Type := Reject in
the db?
Yes, that should work.
--Mike
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
It will break inside the EAP code, since the EAP code does a sanity
check to make sure the EAP Identity matches the User-Name sent by the NAS.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
Luis Daniel Lucio Quiroz wrote
This will all be fixed shortly. I'm getting close to finishing up the
move to libeaptls to fix these inter-module linking problems.
--Mike
Hans-Peter Fuchs wrote:
Hello all,
I try to build freeradius-snapshot-20050424 under rehat 3.2.3-47
(Kernel: 2.4.21-27.0.2.EL).
Install gives the
ntlm_auth is really only useful for people who must do an MSCHAP
authentication against a Windows domain. If you are doing a straight
User-Password authentication (as you show below in your example), then
it might be just as well to set up LDAP authentication against AD as
that will work in
You're making this more complicated than it is (and please don't talk
about me like I'm not here).
To authenticate plain credentials against AD is no different than
authenticating against any other LDAP server except for the fact that
your uid attribute is different. So, read the docs for the
What you're likely seeing is something that has already been fixed in
the CVS snapshots. Previously, if one of the worker threads died, it
could go into a segfault loop that would block the server and send the
CPU to near 100%. That was fixed a while back in CVS. I'm not sure if
it's
There are no crl_dir and crl configuration options recognized by the
server. You must have added those. The correct way to do this is to
add the PEM encoded CRL to the end of your PEM encoded CA certificate,
referenced by the CA_file configuation option, then set check_crl = yes.
--Mike
Luis Daniel Lucio Quiroz wrote:
May do this with just a cat cacert.pem crl.pem ca.pem comand?
Yes. Then set CA_file = ca.pem
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http
Are you sure your key and certificate files are PEM encoded? Based on
the errors, it looks like they might be DER encoded.
--Mike
Tom Tim wrote:
Hi,
i am a newbie at freeradius.
I have a working installtion of freeradius.
After i have created certs using the CA.all script i can start
Whoops. Didn't read the whole message before sending that last one.
--Mike
Tom Tim wrote:
Hi,
i am a newbie at freeradius.
I have a working installtion of freeradius.
After i have created certs using the CA.all script i can start radius.
My Microsoft Wlan client can authenticate on the
Lorel hardy wrote:
Maybe I've found a solution but I don't know how doing it...
It would run without an AD server if freeradius reply an EAP-Accept
when a special string (like domain/*) is sent in EAP-Access without
asking anymore ? so could I make it efficient and how ?
What do you think
You can't do RADIUS-assigned VLANs unless you're doing EAP
authentication. It won't work with MAC authentication.
--Mike
Matthew Sweet wrote:
Hello,
I am looking at setting up a group of Proxim AP-4000 wireless gateways. I
want to be able to authenticate via the MAC address of each user's
.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
rashad wrote:
/var/run/mysqld/mysqld.sock is the usual location of that socket. Every
program that wants to connect to mysqld through socket will per default
use that one. I
Did you install the zlib-devel package too? I think not...
--Mike
[EMAIL PROTECTED] wrote:
PH On Fri, Jun 24, 2005 at 02:58:14PM +0600, [EMAIL PROTECTED] wrote:
make faild with this error...
gcc -shared sql_mysql.lo -L/usr/lib -L/usr/lib/mysql
/usr/lib/libmysqlclient.so -lz
Is it a self-signed certificate? If not, did you create the CA cert?
If so, did *it* expire?
--Mike
Albrecht, Robert-Manfred wrote:
Hello,
I'm using a freeradius to secure my wlan. I`m using PEAP Authentification.
The certificate was created at 28.06.2004 with a validity-time of two
1 - 100 of 201 matches
Mail list logo
