get it to work. The attributes are added and in the
debug I can see that they go to the NAS in the access-challenge
sections but they are not present in the final access-accept.
Is there any way to make this work?
Thanks
--
Ben Thompson
-
List info/subscribe/unsubscribe? See http
On Mon, Mar 29, 2010 at 01:02:09PM +0100, Leighton Man wrote:
Is there any way to make this work?
I have it working with:
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = 141
}
Hi
I have a server running 2.1.5 which has been running happily for a
long time with the same config. However, I recenlty tried upgrading to
2.1.8 and found that after HUP the server dies :-
Mon Mar 8 22:05:58 2010 : Info: Loaded virtual server inner-tunnel
Mon Mar 8 22:05:58 2010 : Info:
: 179
11:26:12.568122 IP vpn.york.ac.uk nasaaa2.york.ac.uk: ICMP vpn.york.ac.uk udp
port 33286 unreachable, length 215
Can anyone suggest what might be the problem here? I don't understand the upd
port unreachable
or the received RADIUS server response with invalid length messages.
Thanks
Ben
On Thu, 2006-03-23 at 12:15 -0500, Alan DeKok wrote:
Ben Thompson [EMAIL PROTECTED] wrote:
Could someone advise how to go about debugging this problem?
b) look at the logs to see what SSL errors are being returned right
before the Error reading certificate file message.
Hi
Thanks
On Thu, 2006-03-23 at 09:24 -0500, King, Michael wrote:
So I built 1.1.1 on Debian.
After a period of so many hours (variable) it stops responding.
(Sometimes 2hours, sometimes 16hours)
Now here's where it get's weird, (and makes me suspect it might not be
freeRADIUS at the root cause)
debugging this problem?
Thanks
Ben Thompson
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
the realm. Does this mean the supplicant is
incorrectly handling the username and stripped username?
Thanks
Ben Thompson
University of York
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Fri, 2005-12-02 at 10:03 -0800, Laker Netman wrote:
I am considering use of a CA-signed SSL certificate.
Comodo (instantssl.com) offers an Intranet SSL
certificate good on a single, internal host. All of
their documentation refers to set up with a web server
or for email verification.
On Thu, 2005-09-15 at 13:54 -0400, Alan DeKok wrote:
Ben Thompson [EMAIL PROTECTED] wrote:
Could anyone advise me whether it is possible to configure my server so
that the actual username used get's logged in the accounting records
instead of this roaming identity string?
Configure
/P72721/en/UtilAdv.htm
Could anyone advise me whether it is possible to configure my server so
that the actual username used get's logged in the accounting records
instead of this roaming identity string?
Many Thanks
Ben Thompson
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
On Tue, 2005-09-06 at 10:49 +0200, Nicolas Baradakis wrote:
Ben Thompson wrote:
I have set up FreeRADIUS so that I am using the relam format
[EMAIL PROTECTED] I have succesfully got this working by adding the
relevent realm to proxy.conf and setting authhost and acchost to LOCAL
would like to know if it is possible to change this
behavoir so that users must specify the realm suffix.
Thanks
Ben Thompson
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
found out yesterday that the Secure Server and Secure Server Pro
certificate offerngs from Verisgn do contain the EKU oid. These can be
bought on-line using conventional methods, so it looks like I can use
one of those.
Thanks again,
Ben Thompson
-
List info/subscribe/unsubscribe? See http
Hi
Has anybody got a digital certificate (with the extended key usage
attributes required for PEAP) installed on their FreeRADIUS box that has
been signed by a commercial trusted CA?
I have come to suspect that this is impossible due to the fact that
Verisign are the only company marketing such
as this one is a bit
pricey.
Thanks
Ben Thompson
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Mon, 2005-08-22 at 12:12 -0400, Alan DeKok wrote:
Ben Thompson [EMAIL PROTECTED] wrote:
I have read about the requirement for the certificate to include the
Server Authentication (1.3.6.1.5.5.7.3.1) OID in the Enhanced Key Usage
section and I would like to know if anyone else has had
Ben Thompson wrote:
The trouble is I need to assign different VLAN's to users depending
which access point they connect from. What I would like to know is if it
is possible to use Huntgroups to look up the VLAN id based on something
like the IP address of the access point?
You could
On Wed, 2005-08-17 at 10:51 -0400, Alan DeKok wrote:
Ben Thompson [EMAIL PROTECTED] wrote:
Thanks for that advice. I can see that I could end up with a very large
users file using this method. Is there any limit on the size of the
users file?
Memory. Also, the CPU time required
to be the correct one for AP2 which may be different to AP1.
Any advice would be appreciated,
Ben Thompson
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
20 matches
Mail list logo