Hi,
You could use a huntgroup for the MAC addresses and then define what to do for
that huntgroup.
Thor.
- Original Message -
From: syharash syhar...@yahoo.com
To: freeradius-users@lists.freeradius.org
Sent: Tuesday, April 12, 2011 12:11:51 PM GMT +01:00 Amsterdam / Berlin / Bern
/
Hi,
Read http://wiki.freeradius.org/Rlm_sql section Instances
Regards,
Thor.
- Original Message -
From: c schwarz c.schw...@funknetz.at
To: freeradius-users@lists.freeradius.org
Sent: Tuesday, April 12, 2011 1:36:17 PM GMT +01:00 Amsterdam / Berlin / Bern /
Rome / Stockholm /
Hi,
Read http://wiki.freeradius.org/Fail-over
Regards,
Thor.
- Original Message -
From: Marco Kalmbach mc...@gmx.de
To: freeradius-users@lists.freeradius.org
Sent: Tuesday, April 12, 2011 3:24:35 PM GMT +01:00 Amsterdam / Berlin / Bern /
Rome / Stockholm / Vienna
Subject: ldap and
Hi,
Read http://wiki.freeradius.org/Rlm_ldap
You might want to play with basedn and filter.
Regards,
Thor.
- Original Message -
From: pradyumna dash pradyumna_dash...@yahoo.co.in
To: freeradius-users@lists.freeradius.org
Sent: Tuesday, April 12, 2011 4:34:52 PM GMT +01:00 Amsterdam /
Hi,
If you're going to use LDAP, then just add the Called-Station-Id to your search
filter and add one or multiple attributes to match against in your LDAP entries.
Regards,
Thor.
- Original Message -
From: Sergio Belkin seb...@gmail.com
To: FreeRadius users mailing list
Hi,
I have the same problem with both 2.1.11 and 2.1.12-pre ...
I'm on CentOS 4.6 with following RPMs:
$ rpm -qa | grep devel
glibc-devel-2.3.4-2.39
krb5-devel-1.3.4-60.el4_7.2
mysql-devel-5.0.54-1.el4.centos
openssl-devel-0.9.7a-43.17.el4_8.5
kernel-smp-devel-2.6.9-67.0.4.EL
/
Bern / Rome / Stockholm / Vienna
Subject: Re: Postgresql undefined symbol PQinitSSL
Thor Spruyt wrote:
Any ideas on what could be the problem here or any solution or tips on where
to look further?
FreeRADIUS is built with Postgresql SSL. So it assumes that
Postgresql can do SSL, too
Sam Schultz wrote:
P.S. A link to a list of known-good access points, or personal
recommendations on access points would also be appreciated.
We will be replacing a few 3com APs soon because they don't
play well with...well...ANYTHING. One (3com OfficeConnect)
doesn't even
There is no uninstall and make clean just cleans the source tree.
Use rpmbuild to make an rpm.
- Original Message -
From: elmalhi abdelghani
To: FreeRadius users mailing list
Sent: Friday, March 23, 2007 3:48 PM
Subject: Re : freeradius unistalling
hi,
but i found always my directory
http://wiki.freeradius.org/Rlm_sql
- Original Message -
From: Nirmal
To: FreeRadius users mailing list
Sent: Monday, April 09, 2007 1:53 PM
Subject: Re: two database
can i use two sql database in sql.conf for free radius version 0.9 ?
currently i m using freeradius 0.9
Mordor Networks wrote:
hi Graham
yes sir i know but my question is how to do that im all new to all
this.. thank you
Connect to your mysql database and type show tables;, then you'll see a
list of tables in your database.
It's probably the radacct table you need to query for session
Alan DeKok wrote:
If you're familiar with RADIUS, it will contain little useful
information.
I can confirm this.
I was pretty disappointed about the value of the book when I bought it 3
years ago.
I doesn't go indepth into anything.
Thor.
-
List info/subscribe/unsubscribe? See
Hugh Messenger wrote:
I will be out of the office from Wednesday May 30 until Monday
June 4.
What a coincidence! I'll be out of the office during those dates as
well ... hunting down and killing everyone who writes broken
autoresponders.
Sorry, I know I shouldn't increase list pollution
- Original Message -
From: Gulen Buyukbayram [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, June 17, 2004 1:56 PM
Subject: cdr
Hi,
I need to configure free radius so that I can generate CDR and send them
to an
external database. Does anyone have any idea about how I can do
My best guess is that the passwords are stored encrypted at the radius
server, which will never work since CHAP is one-way encyption.
You have 2 options:
- use CHAP and store passwords unencrypted at the radius server
- use PAP and store passwords encrypted at the radius server.
Regards,
Thor.
I noticed this also.
The reason is that the directory is not created by the install.
If you create the /usr/local/var/run/radiusd directory, it should work.
Regards,
Thor.
- Original Message -
From: wadih jalad [EMAIL PROTECTED]
To: [EMAIL PROTECTED];
[EMAIL PROTECTED]; [EMAIL
What is failing? Is FreeRadius ignoring the response packets or do they not
arrive?
- Original Message -
From: Brian Andrus [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, June 25, 2004 8:00 AM
Subject: RE: Replies on port 1029
Well it is very odd to me. The proxy requests to me
- Original Message -
From: Alan DeKok [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, June 27, 2004 3:17 PM
Subject: Re: Replies on port 1029
Thor Spruyt [EMAIL PROTECTED] wrote:
This doesn't say anything about which source port that is typically used
in
case of a radius
- Original Message -
From: Ernesto Freyre [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, July 05, 2004 8:04 PM
Subject: redirecting to specific web page
Hi, Please I would want to know if here somebody could help me with this
problem:
I need my radius users to be
- Original Message -
From: María Bezaida Diaz Vásquez [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, July 12, 2004 11:00 PM
Subject: Can someone say me what means a line in Freeradius.log
Hello,
I need that someone say me what means 6001 in the line bellow,
The port.
It
- Original Message -
From: Amit Gupta [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, July 13, 2004 10:25 PM
Subject: I have to make choice between GNUradius and freeradius. My
requirements are generally those of ISP. Which one will you recommend to
me???
Thanks Everybody for
Hi,
I need to configure a proxy radius in the following setup:
- users with @realmA should always be proxied to server A
- users with @realmB should only be proxied to server B if Wispr-Location-Id
is either '1432' or '3456', otherwise they should be denied
- users with @realmC should only be
I can use Wispr-Location-Id == ...
instead of Nas-Port == ...
Thor.
- Original Message -
From: Alan DeKok [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, July 22, 2004 11:29 PM
Subject: Re: Proxy or not based on realm and location
Thor Spruyt [EMAIL PROTECTED] wrote:
How do
Where's the DialupAdmin project's homepage?
Why has it not been added to FreeRadius' related projects page?
- Original Message -
From: Kostas Kalevras [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, July 23, 2004 2:46 PM
Subject: Re: New Opensource project-AAAadmin
On Fri, 23
I think poptop is able to disconnect the user automatically when the session
is lost.
- Original Message -
From: Barry Murphy [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, July 26, 2004 12:56 PM
Subject: Re: dialup admin replacement
My problem is the poptop pptp server (with
Hi,
I have freeradius 0.9.3 running with Postgresql database backend.
The only thing the radius checks is the password and then executes an
external script if authentication is ok.
The section in the users file is:
DEFAULT Auth-Type = Local
Exec-Program-Wait =
Might be caused by acct packets for the same sessions coming from different
IP addresses, which causes Client-IP-Address to have a different value.
- Original Message -
From: George Chelidze [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, July 26, 2004 1:37 PM
Subject:
: Exec-Program-Wait attributes not included in Access-Accept
On Mon, Jul 26, 2004 at 03:58:37PM +0200, Thor Spruyt wrote:
I have freeradius 0.9.3 running with Postgresql database backend.
The only thing the radius checks is the password and then executes an
external script if authentication
Hi,
I have a homeserver and a proxyserver running on the same machine, but on
different ports and different compilations (so they're actually independant
of each other).
When I run the homeserver with -X, it prints out the User-Password attribute
of the Access-Request packet, which I think is
- Original Message -
From: Kostas Kalevras [EMAIL PROTECTED]
On Mon, 26 Jul 2004, Thor Spruyt wrote:
Is there any way to prevent this from happening on the homeserver?
Use EAP-TTLS-PAP,MS-CHAP,CHAP as authentication protocol. That's something
the
client decides though
- Original Message -
From: apellido jr., wilfredo p. [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, July 27, 2004 6:13 PM
Subject: Re: Simultaneous Login Problem
Tue Jul 27 23:21:22 2004 : Error: Discarding duplicate request from client
cyclades:1026 - ID: 166 due to
kill -HUP `cat /var/run/radius/radius.pid`
- Original Message -
From: jh vg [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, July 28, 2004 11:46 AM
Subject: (no subject)
Hi
I want to develop a project that supports WLAN roaming. I need the realms
to
be configured dynamic
Freeradius doesn't do routing, it does AAA.
What you need is a NAS (Network Access Server) which optionally communicates
to a radiusserver via the radius protocol.
The NAS can be all sorts of things depending on what you want to accomplish.
For example the NAS could be PoPToP (a Linux PPTP VPN
Hi all,
Anybody going crazy with WLAN roaming implementations? I am!
The Wispr standard has not been adopted at all... not surprisingly since
it's too limited.
Does anybody know if there's a better WLAN romaing standard under
development?
Regards,
Thor.
-
List info/subscribe/unsubscribe?
: Opinions on WLAN roaming
Thor Spruyt wrote:
Hi all,
Anybody going crazy with WLAN roaming implementations? I am!
do you mean crossing accesspoints without having to reauthenticate?
cisco has a fastreconnect which isn't very well supported. we ended up
setting up access points
- Original Message -
From: Yyc [EMAIL PROTECTED]
To: Post [EMAIL PROTECTED]
Sent: Friday, July 30, 2004 5:14 AM
Subject: where i can get radius config information?
hello,
where i can get some information about how to config freeradius with
special device?
for example, i will config 2
Hi,
According to me, this is the start:
if ($line =~ /^([\w ]+) : (\w+): (.+)$/) {
$datetime = $1;
$type = $2;
$message = $3;
}
I agree that splitting up the $message part further is not easy.
Maybe the developers could agree on a more granular logformat.
Regards,
Thor.
-
List
realm mydomain.com {
type= radius
authhost= LOCAL
accthost= LOCAL
strip
}
realm NULL {
type= radius
authhost= LOCAL
accthost= LOCAL
}
- Original Message -
From: Matt [EMAIL
- Original Message -
From: Edgars [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, August 03, 2004 8:31 AM
Subject: postgresql new column
i have added one column named 'status' in the 'radacct' table. Then
changed a little bit 'accounting_start_qurey' (setting this variable to
- Original Message -
From: Edgars [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, August 03, 2004 12:46 PM
Subject: Re: postgresql new column
acctterminatecause is not he helper in this case because it's saving the
blank field sometimes too.
Well, it was just a suggestion :)
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, August 03, 2004 6:49 PM
Subject: CHAP against PASSWD
How can you authenticate CHAP against PASSWD?
I'm currently running FreeRadius 0.8.1 on FreeBSD. So far I've had no
problems using PAP on PASSWD.
- Original Message -
From: Larry Wade [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, August 03, 2004 10:07 PM
Subject: Creating a Starbucks
I am in the process of securing a visitors wireless lan. Does anyone
know of a good tutorial for this? I need to auto-generate a
- Original Message -
From: Alejandro Galue [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, August 04, 2004 5:37 PM
Subject: RE: Modify packet type in rlm_exec?
To reject users:
print Reply-Message := 'You can not login now';
exit 1;
BUT, Reply-Message on Access-Reject is
Hi,
I was wondering... what's the best to do to get a change in 1.0.0 ?
- patch against 0.9.3
- patch against 1.0.0-pre3
- patch against nightly build
Also, after submitting to [EMAIL PROTECTED], how do I know if it's
going to be applied?
Or is it better to get on de developers list?
Thanx,
Hi,
I first configured and maked freeradius-0.9.3 and that worked perfectly.
After that, I configured and maked freeradius-1.0.0-pre3, but make failed
(see below).
Both were done on the same system (fedora core 1), the mysql rpm is
installed (0.9.3 works).
Are there any new dependencies to
Hi,
I tried to configure snapshot-20040807 on fedora core 1, but it failed (see
below).
I have successfully compiled 0.9.3 on the same system.
I have successfully configured 1.0.0 on the same system (although make threw
errors on rlm_sql_mysql).
If need be, I can make config.log available.
Thor Spruyt wrote:
Hi,
I tried to configure snapshot-20040807 on fedora core 1, but it
failed (see below).
checking whether we are using the GNU C++ compiler... no
checking whether g++ accepts -g... no
checking how to run the C++ preprocessor... /lib/cpp
configure: error: C
'
gmake[1]: *** [common] Error 1
gmake[1]: Leaving directory `/root/freeradius-snapshot-20040807'
make: *** [all] Error 2
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
of `krb5_kt_read_service_key'
discards qualifiers from pointer target type
rlm_krb5.c: In function `krb5_auth':
rlm_krb5.c:305: warning: implicit declaration of function
`krb5_get_in_tkt_with_password'
gmake[6]: *** [rlm_krb5.o] Error 1
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475
patched sources of prereleases :)
I'd rather have the Linux community stick to originals than every distro
modifying sources just to get it work with their system :)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See
' ) \
ORDER BY Attribute DESC
In sql.conf I can't find such configuration item.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
: Attribute CHAP-Password is required for authentication.
Cannot use User-Password.
I guess you better provide some more debugging output.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
Paul Hampson wrote:
On Sat, Aug 07, 2004 at 08:57:10PM +0200, Thor Spruyt wrote:
Looking into the libltdl directory, I don't see a Makefile, but only
a Makefile.in and Makefile.am
In 1.0.0-pre3, the libltdl directory does contain a Makefile!
Check the list archives, the fix should
://download.fedora.redhat.com/pub/fedora/linux/core/development/SRPMS/f
reeradius-1.0.0-0.pre3.2.src.rpm.
Thanx.
I just created a sybolic link and then it works.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http
Hi,
For who it may concern... I just want to point out that the
http://www.freeradius.org/cvs-log/ link on
http://www.freeradius.org/development.html isn't working anymore. Well...
the link is, but the content isn't :)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32
Hi,
Does anybody know how to send inline mail with real tabs in Outlook Express?
Or can anybody name me an emailclient on Windows that can do this?
Thanx!
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http
Hi,
As Alan pointed out, the following is old and now deleted.
authenticate_query = SELECT Value,Attribute FROM ${authcheck_table}
Does this mean that the sql module will always use the standard radcheck
table for authentication and that can't be changed anymore?
--
Regards,
Thor Spruyt
E
vincent jacob wrote:
Hi
There is any possibility of having two radius server one master and
one slave?
Read the docs about configurable_failover and radrelay
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See
Yyc wrote:
hello,
anybody knows? thanks.
regards.
Read http://www.freeradius.org/list/users.html
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok wrote:
Thor Spruyt [EMAIL PROTECTED] wrote:
Does this mean that the sql module will always use the standard
radcheck table for authentication and that can't be changed anymore?
The SQL module hasn't done authentication for over 2 years.
What I mean is that the username
will use and if it will be
configurable.
Or will the authorization_check_query be used to retrieve the password?
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
sql in the authorize section in radiusd.conf and that works.
The issue is that the authenticate_query is not used anywhere by freeradius.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
Alan DeKok wrote:
Perhaps I don't understand what you're getting excited about.
You've just posted a number of messages about this topic, when I
already told you that query wasn't used.
Is the authorize_query also used to retrieve the user's password from the
database?
--
Regards,
Thor
Contact Siemens for the ISP In A Rack offering.
And post your message in text format next time :)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
- Original Message -
From: Barry Murphy
To: [EMAIL PROTECTED]
Sent: Tuesday, August 10, 2004 9:07
Hi,
Just to let you know that this issue is gone in 1.0.0
Thanx!
Thor.
Paul Hampson wrote:
On Sun, Aug 08, 2004 at 02:54:33PM +0200, Thor Spruyt wrote:
Paul Hampson wrote:
On Sat, Aug 07, 2004 at 08:57:10PM +0200, Thor Spruyt wrote:
Looking into the libltdl directory, I don't see a Makefile
John Wry wrote:
but, when my users dial in (over modem ttys0) freeradius is
bypassed Thanks.
FreeRadius can't help it that the NAS doesn't authenticate against it!
Check the NAS (I guess pppd in your case) to have it authenticate against
your radius.
--
Regards,
Thor Spruyt
E: [EMAIL
.
Port 1814 is thus the source port freeradius uses as a client to send
packets to the servers it proxies to.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
and/or logout.
The webapplication can tell a custom access control application to change
firewall rules for this user.
The access control application can optionally do user authentication at the
radius server.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
to explicitly specifying
/index.html?
In case of Apache look for a configuration item called DirectoryIndex
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
instead of HTML next time :)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
- Original Message -
From: Jean-Paul BALOCHE
To: [EMAIL PROTECTED]
Sent: Thursday, August 19, 2004 3:23 PM
Subject: 2 freeradius running on one server ?
Hi,
I would
Example 2: to accept the user with Session-Timeout set to 600 and
Idle-Timeout set to 60:
Script should output Session-Timeout := 600,\nIdle-Timeout := 60,\n and
exit with code 0
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe
Adam Shelley wrote:
Thor Spruyt wrote:
2) in order to understand something, you first have to know quite
some things
Such as reading the supplied documentation.
;-)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe
The minimum you need is 1 record for each user in
the radcheck table.
insert into radcheck (username, attribute, op,
value) values ('testuser', 'User-Password', ':=', 'testpass');
--Regards,
Thor SpruytE: [EMAIL PROTECTED]W: www.thor-spruyt.comM: +32 (0)475 67 22
65
- Original
?
No, the backend used by freeradius is transparent for the NAS.
How do I configure it in the clients file?
Like any other NAS in the clients.conf file.
And further:
- Use a descriptive subject line
- Put your questions on different lines to make it easy to comment on.
--
Regards,
Thor Spruyt
E: [EMAIL
.
It seems that FreeRadius only allows the user if he enters the password from
the record with the highest id.
Are there any possibilities to do such thing for OTPs, so that the user can
either login with his real password or with his OTP?
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor
NAS = Network Access Server
In fact any device or system that has a radius
client can be a NAS and communicate to a radius server.
In your wireless example, the AP "can" be the NAS,
but doesn't "have to".
In your wired example, you'll need an access device
that has a radius client.
.
An external script that configures the proxyserver might be usefull here.
The High-Speed Dial-up clients authenticate from 2 seperate NAS
servers so
we can easily distinguish them from our normal dialup client NAS's.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67
Tobias Amon wrote:
Now I get the Error: Forbidden You don't have permission to access
/dialup on this server
Possibly because following symbolic links is not allowed.
Check documentation on apache.httpd.org and your httpd.conf or .htaccess
files.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED
{
secret = xxx
shortname = pptp_test
}
What should i add here to make mshap2 with ancryption to work?
Thank you anyway!
Nothing. This is only used to identify the NAS.
You need to check in radiusd.conf that the mschap module is used.
--
Regards,
Thor Spruyt
E: [EMAIL
Doug Lewis wrote:
Can Freeradius provide authentication to cable modems?
Your question should be the other way around: Can cable modems authenticate
with radius servers?
I doubt cable modem can or will ever be able to, but I think the CMTS might
be able to.
--
Regards,
Thor Spruyt
E: [EMAIL
:= Reject
Reply-Message = Invalid Account,
Fall-Through = Yes
DEFAULT Auth-Type := Local
Exec-Program-Wait = /opt/radius1/bin/auth.pl
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info
-Message := \$message\\n;
print LOG \n;
close LOG;
exit 1;
}
As for accepting the user, the script collects attributes in a hash and then
finishes with:
foreach (keys %attr) { $output .= $_ := $attr{$_},\n; }
print $output;
exit 0;
--
Regards,
Thor Spruyt
E: [EMAIL
[EMAIL PROTECTED] wrote:
my users config file is:
panekm Auth-Type = Local, Password = 700isok
Shouldn't it be User-Password instead of Password ?
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http
if your
radius server is not on the same machine as your poptop.
This file sure makes splitting authentication and accounting between two
radius servers very easy.
Make sure both servers(if different) are listed in /etc/radiusclient/servers
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W
Lucas Oliveira wrote:
i dont know what to do..
In order to be able to configure pppd for radius, pppd should first be
compiled with the radius module of course.
Maybe that's your problem.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info
I did't give you a walkthrough for exactly what you want to do of course.
You stated that the problem was setting up pppd to use radius and the info
below should help you with that!
PS: Please send plain-text mail next time.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M
(...) VALUES
(...);
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
In order to have pppd use radius, it should be compiled with the radius
module.
If you don't have the radiusclient on your system, then probably the module
wasn't compiled (which is the default).
Plain-text mail please.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32
Because the radiusclient wasn't compiled in. Grrr.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
- Original Message -
From: John H.
To: [EMAIL PROTECTED]
Sent: Friday, August 27, 2004 7:45 AM
Subject: Re: freeradius+poptop+LDAP+Samba
John H. wrote:
Ok Thor, I got a different email address cuz myway
stinks.
Hey nice :)
How do I verify my version of ppp, the rpm from
poptop's page, has radius plugin?
find / -name radiusclient
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
: try to make it work with just the users file.
If that works, then try it with ldap!
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thor Spruyt wrote:
I would like to implement OTP (one-time password) and I tried to add a
seconds record with the User-Password attribute for each user in
radcheck. It seems that FreeRadius only allows the user if he enters
the password from the record with the highest id.
Are there any
Thor Spruyt wrote:
I now found a way that seems to work. I created an additional sql { }
and added it to the authorize section.
The seems to work, but I'm wondering if it's a good way to do this or
are there better ways?
Huh... I found something nice accidentally...
rlm_sql_postgresql: query
Thor Spruyt wrote:
So leaving the op field empty will result in FreeRadius trying to
match both retrieved passwords!
Am I doing something stupid here?
Never mind... it doesn't work :(
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info
Brad Dixon wrote:
rlm_sql unknown attribute Password
WHY ?
Have a look in the dictionary file and you won't find such attribute!
You need the User-Password attribute :)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe
Cris Boisvert wrote:
mysql radius -e INSERT into userinfo (UserName, Name, Mail) Values
('blahtest3', 'blahtestname3', 'blahtestmail3');
Odd question for the freeradius list :)
You need quotes around the query!
mysql radius -e INSERT INTO ... ( ...) VALUES ( ...);
--
Regards,
Thor Spruyt
E
).
If the behaviour of the rlm_exec module is so restrictive, then I doubt many
people will switch to it.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
valid to authenticate!
It was this simple all the time... if you know :)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius what do to for the user (I don't know if this is
possible)
3) Freeradius controls access to squid (via an external script which changes
firewall rules or configuration files)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe
,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
1 - 100 of 329 matches
Mail list logo
