-KEY =~
/RORG-MASO.*RCA$/ while it has the correct value in the control list.
How can I match this multi-valued attribute ?
Regards,
Olivier B.
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
calls...
You're right, i'll move this in the policy file, didn't think about it.
Regards,
Olivier B.
-Arran
On 2 Sep 2011, at 15:47, Olivier Beytrison wrote:
Hello,
I'm trying since two week to do some multi-valued attribute checking on
my radius infrastructure.
I've been looking
answers.
Best regards,
Olivier B.
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 13.11.2012 16:20, Phil Mayers wrote:
On 13/11/12 14:45, Olivier Beytrison wrote:
Hello,
[snip]
So I have two questions :
1. is this implementation possible ?
Yes. But I would argue it's not ideal (see below).
2. If it is possible, will the inner-tunnel for eap-peap and eap-ttls
On 13.11.2012 18:03, Phil Mayers wrote:
On 13/11/12 16:38, Olivier Beytrison wrote:
Well not really a solution here. The central LDAP system is one of the
Fair enough.
To summarize, if I proxy the outer tunnel, there will be more load on
the central server, and I'll add the custom
On 13.11.2012 19:08, Arran Cudbard-Bell wrote:
On 13 Nov 2012, at 17:23, Olivier Beytrison oliv...@heliosnet.org wrote:
On 13.11.2012 18:03, Phil Mayers wrote:
On 13/11/12 16:38, Olivier Beytrison wrote:
Well not really a solution here. The central LDAP system is one of the
Fair enough
Hello,
Just a quick question, before I loose too much time on this. Is the
debian build system on the master repository working ? I'm getting hard
time to build the deb packages.
git clone from yesterday, ubuntu 12.04 LTS
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO
On 16.11.2012 14:21, Arran Cudbard-Bell wrote:
On 16 Nov 2012, at 12:58, Olivier Beytrison oliv...@heliosnet.org wrote:
Hello,
Just a quick question, before I loose too much time on this. Is the
debian build system on the master repository working ?
I've had issues
On 16.11.2012 16:55, Alan DeKok wrote:
Olivier Beytrison wrote:
With those activated, it fails at linking rlm_sql_log.la
LINK rlm_sql_log.la rlm_sql_log.lo
libtool: link: warning: `-release' is ignored for convenience libraries
Well, that's minor.
ar:
/opt/src/freeradius/FR3
a summary of my changes. (the -ok version is the one containing
my modifications) : http://pastebin.com/kDrWDdF0
Hop this helps.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See
(--install):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
freeradius-ldap
freeradius-mysql
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
-
List
there slowly.
I pulled your change from tonight. Still got the problem that radmin
wasn't found during the package creation. Had to add radmin.mk in
src/main/all.mk SUBMAKEFILES in order to have it.
Package are now created correctly. I'll try installing them now.
Olivier
--
Olivier Beytrison
Network
On 20.11.2012 08:26, Olivier Beytrison wrote:
Yeah you have a typo, you have mods.enabled, it should be mods-enabled?
I'm also working on this, there was a bug in the MySQL configure script
that may have been causing issues with the .so not being built correctly.
PostgreSQL and a few
can't tell, don't know how to
look for it :p
Tried to run inside gdb but didn't get any helpful information. any
hints to find what's going on ?
In the mean time I think I'll dig into the source code.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv
On 20.11.2012 14:44, Alan DeKok wrote:
Olivier Beytrison wrote:
Well even with the libfreeradius-eap.so packaged into libfreeradius3,
eap is not starting. I checked on my other systems running 2.2.10, but
built with libtool and libltdl, the rlm_eap.so is linked with
libfreeradius-eap
method.
Statistics reports 60% of peap against 40% of ttls.
Total number of eduroam users live is approx 800
Olivier B.
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
On 20.11.2012 15:45, Alan DeKok wrote:
Olivier Beytrison wrote:
Other changes broke the make install process.
Whoops, typo. I've pushed another fix.
Yep thanks, this issue is resolved.
make install is ok for the binaries.
Now it barfs right after installing dhclient (last reference
On 20.11.2012 14:44, Alan DeKok wrote:
Olivier Beytrison wrote:
Well even with the libfreeradius-eap.so packaged into libfreeradius3,
eap is not starting. I checked on my other systems running 2.2.10, but
built with libtool and libltdl, the rlm_eap.so is linked with
libfreeradius-eap
On 20.11.2012 16:30, Alan DeKok wrote:
Olivier Beytrison wrote:
your change in checkrad.mk moved the binary from sbindir do bindir. Is
this change wanted or not? If yes i'll update the
debin/freeradius.install accordingly. if not we'll need a
install.sbindir in Makefile
I'll go fix
/freeradius/sql/mysql/cui.conf
Unable to open file /etc/freeradius/sql/mysql/cui.conf: No such file
or directory
Errors reading or parsing /etc/freeradius/radiusd.conf
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
On 21.11.2012 12:00, Arran Cudbard-Bell wrote:
On 21 Nov 2012, at 10:22, Olivier Beytrison oliv...@heliosnet.org wrote:
Unable to open file /etc/freeradius/radiusd.conf: No such file or
directory
Uh oh ? looking at /etc/freeradius, there's only the directories and
the symlinks
-linux-x86-64.so.2
Oh dear. That'd be why that's happening...
I have the same output. But I can't see what you saw. Is there a
libfreeradius-eap.so missing somewhere ?
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
On 21.11.2012 17:13, Alan DeKok wrote:
Olivier Beytrison wrote:
Aside this, I've been able to compile and make the packages, it
correctly loads the configuration, but I back at a previous problem :
/usr/local/freeradius/etc/raddb/mods-enabled/eap[17]: Failed to link to
module 'rlm_eap': /usr
On 22.11.2012 08:51, Olivier Beytrison wrote:
On 21.11.2012 17:13, Alan DeKok wrote:
Olivier Beytrison wrote:
Aside this, I've been able to compile and make the packages, it
correctly loads the configuration, but I back at a previous problem :
/usr/local/freeradius/etc/raddb/mods-enabled/eap
On 21.11.2012 14:52, Arran Cudbard-Bell wrote:
On 21 Nov 2012, at 13:41, Olivier Beytrison oliv...@heliosnet.org wrote:
Oh dear. That'd be why that's happening...
I have the same output. But I can't see what you saw. Is there a
libfreeradius-eap.so missing somewhere ?
Yep. Can't
\
+ experimental.conf hints huntgroups \
policy.txt preproxy_users proxy.conf radiusd.conf trigger.conf \
users attrs.access_challenge README.rst
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
Hi,
Now that I have my packages, i've started deploying FR3 for our eduroam
federation.
And I just saw that the eDir support is gone. now my question is :
1. is it abandoned ?
2. is it not yet ported to the new rlm_ldap code ?
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO
On 06.12.2012 17:45, Olivier Beytrison wrote:
Hi,
Now that I have my packages, i've started deploying FR3 for our eduroam
federation.
And I just saw that the eDir support is gone. now my question is :
1. is it abandoned ?
2. is it not yet ported to the new rlm_ldap code ?
Nevermind my
should do. In your case : Provide a Cleartext-Password
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
that the user defined in the ldap module
(identity) has sufficient rights in the LDAP to retrieve the attribute
containing the clear text password.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
-
List info/subscribe
On 28.12.2012 09:38, Thanakorn Rattanatikul wrote:
Still unable to connect.
Do you have any configuration files for connecting with LDAP form AP
FR LDAP ? I tried every way but nothing works.
Send a full output of freeradius -X
--
Olivier Beytrison
Network Security Engineer, HES-SO
, all the time, and yeah it's a pain.
Sometimes I reply to a mail then watch the online archives to see the
answers to my mail, before it arrives in my inbox ..
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe
file
DEFAULT
Session-Timeout :=
and be sure to call the file module in authorize
OR
in authorize, add
update reply {
Session-Timeout :=
}
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv
as zombie (it looks like it is dead).
Seems your FLTR Eduroam server is not replying to your request. Check
that you have the correct secret, that they configured the correct IP,
that your firewall is open (be careful, because the proxied packet is
usually sent from port 1814)
Olivier
--
Olivier
/freeradius-server/blob/master/doc/bugs
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 24.01.2013 14:26, Emmanuel BILLOT wrote:
I guess it is %{Realm} ?
this will contain the realm yeah.
But why do you want to to %{Stripped-User-Name}@%{Realm} when it is the
same as %{User-Name} ?
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73
%{User-Name}
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
pierre.dupont@12345678
We want to use both parts of adress in LDAP filter.
pierre.dupont is %{User-Name}
what should be the name of the variable for 12345678 ?
Ok %{Realm} seems to works, however anyway to force upcase on it ?
%{toupper:%{realm}} ?
--
Olivier Beytrison
Network Security
I end in jail ? ;)
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
NAS and from outside of my
eduroam realm. You can't trust people :p I only allow
WISPr-Location-Info as this start to be widely used in switzerland when
user are roaming :)
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info
better suited.
Thanks for the information!
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
192.168.0.102
auth testing123 -x
man radclient
-c count
Send each packet count times.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
-requests.txt server:port auth secret
Tested it here and works very well
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
should
be seperated by an blank line.
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
would not be eduroam-compliant anymore.
for ref : https://confluence.terena.org/display/H2eduroam/eduroam+IdP
second section, Anonymous outer identites
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
-
List info
it, just echo control:Cleartext-Password after ldap.authorize
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Le 22.02.2013 09:30, Adrien Morvan a écrit :
Hello
I'm facing a problem with the server.
I set it and test it with a basic radtest and it exits without warning
or error message.
The last line is
Thu Feb 21 08:33:14 2013 : Info: +- entering group authorize {...}
So i guessed there was a
EAP-PEAP (MSCHAPv2). (None of the free radius configuration
files have changed).
see doc/bugs to report a segfault
Olivier B.
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
flaws. you should go with the latest 2.2.X git branch
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 04.03.2013 22:17, Olivier Beytrison wrote:
On 04.03.2013 21:56, Matt Zagrabelny wrote:
Greetings,
I am configuring a general purpose RADIUS server that any number of
clients can connect to for authn - it uses a PostgreSQL DB as the
backend datastore. I would also like to setup a secondary
the
documentation in doc/bugs [1] ? Also provide a freeradius -X output, and
the relevant configuration part of your virtual server(s).
Olivier
[1] https://github.com/FreeRADIUS/freeradius-server/blob/v2.x.x/doc/bugs
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv
way to do this? Or
should I create a module to do this?
First question, how are your users identifying with freeradius ? PAP ?
CHAP ? MSCHAP ? EAP ?
If the password is sent in clear by the user, you could use the md5 xlat
function then compare the value in your database.
Olivier
--
Olivier
output.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
should have a rlm_jradius.so
file where your freeradius libraries are installed.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
it outside the else or when the user enters the wrong password the
database is queried twice.
in radiusd.conf, there's an instantiate {} section where you can put sql
Olivier B.
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mobile: +41 (0)78 619 73 53
Mail: oliv
right now is just using the
users file).
authorize {
ldap
if (notfound) {
reject
}
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Unfortunately this old archive is unavailable. 404
Is there any other good howto about freeradius + LDAP + groups -- ho to
make them wor together?
everything is in the wiki
http://wiki.freeradius.org/modules/Rlm_ldap#Group-Support
--
Olivier Beytrison
Network Security Engineer, HES-SO
Listening on proxy address * port 1814
freeradius is listening on eth0 port 1812, not on all interfaces. so
sending packets to localhost won't work.
netstat -puln | grep radius will show exactly where freeradius is
listening if really.
Fix your listen section and it should work
Olivier
--
Olivier
.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
. But again hard to tell without a radius -X output. Just
send it here on the list, a complete request output, and maybe the
relevant virtual-server configuration snippet
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe
}
this will be true if the attribute doesn't exist.
and btw, on your previous messages :
if (control:Calling-Station-Id != %{Calling-Station-Id})
last is misplaced
if (control:Calling-Station-Id != %{Calling-Station-Id})
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
.
And anyway, Micro$oft is not paying attention to it and will disregard it.
so no, you can't send a message to the user.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
On 25.03.2013 09:26, AemNet wrote:
Hi everybody
is there any way log the requests for the radius in a DB like MySQL? In
other words is possible to put radius.log entry in a DB without use the
local system syslog daemon?
This is not possible directly from freeradius.
What you can do, is
script which pipe the freeradius log file and then
insert the text into a DB. But again that's beyond the scope of this
list. Freeradius doesn't offer the ability to put the log file into a DB.
Olivier B.
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
{
fail = return
}
if(fail){
files_local
}
else {
files
}
}
this *should* work.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http
-Name:-%{User-Name}}
}
You could also use the preproxy_users which allow you to rewrite the
request before it is proxied. It contains the exact example for your case.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe
If you don't call sql within your virtual server and want to use it
only to load your NASes, then add sql to the instantiate {} section in
radiusd.conf
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See
${logdir}
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
that this file will grow quickly depending on the amount of
request your server handle.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
that your are compiling freeradius without ssl
support ? this mean no eap, no tls, ect ?
You should first install the openssl development files before compiling
freeradius
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe
On 2 avr. 2013, at 04:13, Mitsuhiro Nakamura nakam...@1pacific.ddo.jp wrote:
Alan,
Thank you.
Our database has some problem and the response is slow.
Since the problem itself seems to take long time to fix it, we wanted to
avoid it.
Look at the decoupled accounting virtual server
configuration shipped with Freeradius.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
management, but that's another story).
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
can't tell you if that's supported nor
working.
On a final note, people have been using ldap with credentials in a file
for ages. It's down to the security of the server and the filesystem
permission to ensure that only authorized users can access this file.
Olivier
--
Olivier Beytrison
Network
On 28 avr. 2013, at 22:58, Mehdi Ravanbakhsh baba...@gmail.com wrote:
Dear
A.L.M.Buxey
i have 2 Cisco-AVPair in request attribute :
Cisco-AVPair = client-mac-address=90f6.52d2.384f
and
Cisco-AVPair = circuit-id-tag=Azadegan-1 atm 2/16:251:0.35
You have multiple time the same
running Version 3 in production. I've froze the branch, tested it
carefully, cherry-picked the fix I needed, and deployed it. Version 3
brings some nice things and an important performance improvement.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv
with the provided password.
you don't have this password with 802.1x/EAP. you work only with
challenges, hash and keys.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
the outer.
..and save some more hits to LDAP by wrapping the call to it in the
authorization stage to just the EAP Identity packet :-)
That's pretty interesting, what's the if() you're doing to achieve that?
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv
guess you're keeping the accounting information in a database or
something. You need to run an expiration query so the session is marked
closed when freeradius doesn't hear from the NAS for a certain amount of
time.
Search through the list as this came up a few weeks ago.
Olivier
--
Olivier
which mean it's over the
network. add a client for the machine on which you run radtest, and it
will work.
freeradius silently drop packets from unknown client.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe
:= ADSL-Agent-Remote-Id
}
}
Where in effect if the string is longer than 31 chars take the right
most 31 chars and only return that.
if ( ADSL-Agent-Remote-Id =~ /(.{0,31})$/ ) {
update reply {
SubscriberID := %{1}
}
}
that should do it.
Olivier
--
Olivier Beytrison
Network
On 10.07.2013 07:48, Olivier Beytrison wrote:
if ( ADSL-Agent-Remote-Id =~ /(.{0,31})$/ ) {
if ( ADSL-Agent-Remote-Id =~ /(.{1,32})$/ ) {
that's even better as it won't match an empty attribute (you never know ...)
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv
: *** [build/lib/local/libfreeradius-radius.la] Error 1
Got exactly the same right now on a system which was running fine till now.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
the attribute
Called-Station-SSID with the SSID Name.
So all the tools to do it easily are in your hands.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
easily.
And (again with 3.0.0) you can do a foreach on your multi valued
attributes, and erase those you don't need in the loop.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
HEAD (3.0) and indeed, this
also doesn't work. I'll have a look at it and see why it doesn't call
the paircmp callback.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
-Type == 1) || (EAP-Message[0] =~ /^0x02..00061a..$/)) {
noop
}
else {
# rest of config goes here
}
}
}
For complete thread :
http://lists.freeradius.org/pipermail/freeradius-users/2013-June/067100.html
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO
.
With Arran we suppose they made a lazy copy-past from the LDAP part of
the document.
Olivier
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
://www.f5.com/pdf/deployment-guides/iapp-radius-dg.pdf
[2]
https://devcentral.f5.com/articles/radius-aware-load-balancing-via-irules#.UlUfIobjx1Y
--
Olivier Beytrison
Network Security Engineer, HES-SO Fribourg
Mail: oliv...@heliosnet.org
-
List info/subscribe/unsubscribe? See http
On 09.10.2013 11:25, Olivier Beytrison wrote:
On 09.10.2013 10:41, Alex Sharaz wrote:
I was wondering if there's a way off having a bit more granularity in terms
of how the f5 load balances incoming RADIUS requests.
Another nice thing to do is to do persistence based on radius AVP
https
92 matches
Mail list logo