Navodit Bhardwaj navodit.bhard...@gmail.com writes:
Can someone help me with detail steps for configuring CHAP
This is covered by
wiki.freeradius.org/guide/Basic-configuration-HOWTO
Bjørn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ondrej Famera fam...@fi.muni.cz writes:
freeRADIUS server:
radius.example.com
- IPv4: 10.0.0.1
- IPv6: 2001:a:b:c::1
NAS device:
dev1.example.com
- IPv4: 10.0.0.2
- IPv6: 2001:a:b:c::2
RADIUS nas table:
id | nasname | shortname | type | ports |secret |
community
Henrik Karlsson henrik.karls...@generic.se writes:
Hi guys,
I am a quite new user of the Free Radius Server and i have a problem.
I have an old Dial In system.
I want to reject all calls from one or more Calling Station ID regardless of
username or password. I have tried to edit the user
Alan DeKok al...@deployingradius.com writes:
fknet wrote:
Hello people!
What's the ideal Hardware (processor+memory) to run FreeRadius+MySQL for
authentication of 3000 PPPoE users?
Any iPhone 4 could handle that traffic.
Yes, but how do I build FR for an iphone?
Bjørn :-)
-
List
Arran Cudbard-Bell a.cudba...@freeradius.org writes:
On 30 Oct 2012, at 07:57, Bjørn Mork bj...@mork.no wrote:
Alan DeKok al...@deployingradius.com writes:
fknet wrote:
Hello people!
What's the ideal Hardware (processor+memory) to run FreeRadius+MySQL for
authentication of 3000 PPPoE users
Ben Brown bbr...@plus.net writes:
On Fri, Aug 17, 2012 at 08:56:37PM +0100, Scott Lambert wrote:
+ATTRIBUTE Mikrotik-Delegated-IPV6-Pool22 string
I'd suggest that this should be type 'ipv6prefix'.
I don't think so. It seems this is referring to a pre-configured pool
by
Alan DeKok al...@deployingradius.com writes:
fab junkmail wrote:
I have tried filtering out Proxy-State attribute for proxied CoA in
pre.proxy section but it does not seem to work for me. Debug mentions
the following which makes me think it is not using the DEFAULT section
of attrs.pre-proxy:
alan buxey a.l.m.bu...@lboro.ac.uk writes:
what does 'which radclient' tell you and what does eg 'locate radclient'
give you?
Or the most obvious one: What does radclient -v say?
Bjørn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan Buxey a.l.m.bu...@lboro.ac.uk writes:
At my new working place I have inherited a FR 1.1.3 running on CentOS 5.6.
Beyond being outdated and unsupported, this FR setup is causing a lot of
problems so I plan a migration to RHEL5 and FR 2.1.12.
I've been searching but I cannot find a
Paul Stewart p...@paulstewart.org writes:
I'm trying to get an understanding on a FreeRadius installation how to
enable the unisphere.dictionary. There are specific attributes in that file
that we need such as Unisphere-Ingress-Policy-Name. By default, this
dictionary file is commented out
Alan DeKok al...@deployingradius.com writes:
claude.brown wrote:
- Performance issues on our MySQL backend that we didn't have budget to
resolve
- Thread lock-up's inside MySQL library yet no MySQL server queries were
active
I've seen lots of people running MySQL with 300K+ users, and no
Arran Cudbard-Bell a.cudba...@freeradius.org writes:
The wiki does NOT require you to login to view content, that's the
whole point of the new wiki. You're trying to access a page that
doesn't exist. If you had even bothered to read the URL you'd have
seen that it contained the word create,
Hello,
I just stumbled across this which made me worry a bit:
commit f8f58e4bec03d832ad4480b90e7dd531ae0d787d
Author: Alan T. DeKok al...@freeradius.org
Date: Wed Oct 19 17:20:37 2011 +0200
Only string can have encrypt=2
diff --git a/src/lib/dict.c b/src/lib/dict.c
index f613664..bdf8065
Alan DeKok al...@deployingradius.com writes:
It's a typo. The real message is about encrypt=3
Thanks. I'm going to relax again then :-)
Bjørn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
JennyBlunt jennyshoeh...@me.com writes:
Sorry, my mistake - I had not added as another row in my radcheck table.
Is there a decent online reference for such commands - I find myself wasting
a lot of time here and looking through other forums...
The Wiki is starting to look very good. Thanks
Energ po...@ponch.ru writes:
how do i update RAD_REPLY correctly with perl if i want to add addtiotional
Cisco-AVPair in reply?
lets say user profile has Cisco-AVPair=something1. I can have multiple of
those by adding to user profile another pair like this
Cisco-AVPair+=something1. But how
Alan DeKok al...@deployingradius.com writes:
Pierre Rondou wrote:
It's possible that you're simply sending packets too fast. If the
server doesn't read them from the socket quickly enough, the kernel will
simply discard them.
Well, then, why is this only happening in the multi-thread
Andrej andrej.gro...@gmail.com writes:
On 26 October 2011 04:48, Bjørn Mork bj...@mork.no wrote:
If the server is too slow to process requests, the kernel will throw
away the UDP packets. This happens when the server is slow... whether
it's threaded or not.
But then the client won't get
Dan Fisher | Fluidata danfis...@fluidata.co.uk writes:
Hi,
We are using Cisco and Juniper devices as LAC's to terminate DSL
sessions before sending on via L2TP to customer LNS's. We allow our
customers to use radius Attribute 67 via our radius servers to specify
the tunnel-server-endpoint
Alexander Clouter a...@digriz.org.uk writes:
Alex rsm alex-...@hotmail.com wrote:
And added the following in src/modules/rlm_perl/example.pl
sub authorize {
print This is a TEST\n;
.
}
However, When I send a simple test request I don't see my debug line.
I also don't see
yup. FR 2.1.12 rc working nicely. Release it, and see some more
traffic here
Bjørn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Arran Cudbard-Bell a.cudba...@freeradius.org writes:
Ok I revise my statement - Almost no vendors send Acct-Session-ID in
the Access-Request :).
But really its very very rare for vendors to do this. I've never
personally seen a product in the wild that does, and i've worked with
a fair few.
Arran Cudbard-Bell a.cudba...@freeradius.org writes:
Acct-Session-ID isn't inserted into the postauth table, because it's
generally not available in the Access-Request.
It is theoretically possible to pre-assign an Acct-Session-ID, and its
supported by the standards, but no NAS vendors do it
Arran Cudbard-Bell a.cudba...@freeradius.org writes:
As Alan says your NAS won't generate Accounting-Requests if the RADIUS
server rejects the user (unless its very broken).
Why would that be broken?
Yes, I do see that you can trigger RADIUS accounting traffic without
authenticating, but
Arran Cudbard-Bell a.cudba...@freeradius.org writes:
RFC 2866:
When a client is configured to use RADIUS Accounting, at the start of
service delivery it will generate an Accounting Start packet
describing the type of service being delivered and the user it is
being delivered to,
Hello,
I am trying to setup CoA proxying to a number of Juniper MXes. These
are a bit clumsy to configure as CoA servers: The CoA clients cannot be
configured explicitly. Instead they reuse the auth/acct configuration,
including secret, for CoA clients.
So I have a few hundred CoA servers
Alan DeKok al...@deployingradius.com writes:
Bjørn Mork wrote:
My problem is that the configuration seems a bit clumsy, given that I
cannot really change neither IP address nor secret from what's already
there in the FreeRADIUS client definition. It would have been ideal to
just add a flag
Been running a week now, and the prerelease still looks good here as
well.
Bjørn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok al...@deployingradius.com writes:
Alan Buxey wrote:
hmm, command.c and auth.c appears to have been updated but
still see no joy with 'radmin' as munin user (who is in radiusd group)
Mon Sep 5 15:55:04 2011 : Error: Unauthorized connection to
/var/run/radiusd/radiusd.sock from
Dom dvers...@tekcorner.ca writes:
[pap] WARNING! No known good password found for the user.
Looks good so far, but you need to tell freeradius the password for this
user...
E.g. by adding something like this to the users file:
aew...@domain.com Cleartext-Password := password
or configure
Dom dvers...@tekcorner.ca writes:
That is why I am so confused. I do have this user in the users file
and even tested authentication using NTradping and it works fine going
directly from the Internet to the radius server. However when I try
to authenticate via the LNS I see this error.
Alan Buxey a.l.m.bu...@lboro.ac.uk writes:
Oh, I've experienced lots of them! So many, in fact, that I figured it
was a common and well understood occurrence. Let me come up with an
easily reproducible example and I'll post the relevant information.
2.1.11 is out...and 2.1.12 is almost ready
Arran Cudbard-Bell a.cudba...@freeradius.org writes:
Hi Alex,
I just built from master myself
And it seems to be working fine for me...
radmin del client ipaddr 192.168.1.1
ERROR: No such client
radmin del client
del client ipaddr ipaddr - Delete a dynamically created client
radmin del
tohaikmeng tohaikm...@live.com writes:
[root@FC-O ~]# radmin -e del client ipaddr
ERROR: Must specify ipaddr
[root@FC-O ~]# radmin -e del client ipaddr ipaddr 192.168.169.74
ERROR: Client 192.168.169.74 was not dynamically defined.
Yes, that looks true even with yesterday's patch, provided
Arran Cudbard-Bell a.cudba...@freeradius.org writes:
On 23 Aug 2011, at 09:52, tohaikmeng wrote:
What do you mean by parameter parsing?
This:
radmin del client ipaddr 192.168.168.111
ERROR: Must specify ipaddr
radmin del client ipaddr ipaddr 192.168.168.111
Obviously the first form you
John Dennis jden...@redhat.com writes:
* FreeRADIUS has way too much churn for a critical system
service. Think about other system services, how often do you see
kerberos, bind, iptables, pam, MySQL, etc. going through significant
revisions? Are the administrators of those services constantly
Igor Xpinha fishsemxpi...@gmail.com writes:
# This is very important ! Without this script will not get the filled hashesh
from main.
use vars qw(%RAD_REQUEST %RAD_REPLY %RAD_CHECK);
#use Data::Dumper;
# This is hash wich hold original request from radius
my %RAD_REQUEST;
# In this hash
Arran Cudbard-Bell a.cudba...@freeradius.org writes:
Hi Bjørn,
Could you please resubmit this via GitHub.
http://wiki.freeradius.org/GitHub
Done. Thanks for the excellent instructions.
One question I didn't find the answer to though: Should I rebase patches
like this for all active
This should make it compatible with JUNOSe version 12.1.1
and JUNOS version 11.2.
Signed-off-by: Bjørn Mork bj...@mork.no
---
share/dictionary.erx |8
1 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/share/dictionary.erx b/share/dictionary.erx
index 93584d2..7b84f0c
JAHANZAIB SYED aaca...@hotmail.com writes:
The 'client' refuses to use Linux to share there media ftp server
because of some of there own reasons. They insist to stick on IIS.
So again I am asking for help , is there any way IIS can get
authentication from freeradius server. there is a
Fajar A. Nugraha l...@fajar.net writes:
Short version, you need to compile oracle support yourself. There
won't be any distro ship with freeradius-oracle due to lincense issue
(well, except Oracle Linux, if they want to).
I don't think they can either. If they did, they would have to change
Aurélien Lafranchise aurelien_lafranch...@snype.org writes:
I don't understand why, because the instant client is a free tool
No, it is not. The license terms are here:
http://www.oracle.com/technetwork/licenses/instant-client-lic-152016.html
As you can see, there are plenty of restrictions
After upgrading to 2.1.11 I've noticed that I always get a
Duplicate virtual server error when HUPing the server. This is
obviously a result of the change in commit 5a710e98 but I have no idea
how to fix it.
Steps to recreate from a fresh and default FreeRADIUS 2.1.11
installation:
1) start
Bjørn Mork bj...@mork.no writes:
After upgrading to 2.1.11 I've noticed that I always get a
Duplicate virtual server error when HUPing the server. This is
obviously a result of the change in commit 5a710e98 but I have no idea
how to fix it.
Steps to recreate from a fresh and default
Alan DeKok al...@deployingradius.com writes:
Bjørn Mork wrote:
Which implies that commit 5a710e98 is completely bogus. We cannot check
for existing servers that way. It would be possible to eliminate those
with matching file names and line numbers, but that would still fail for
no good
Brent Wilkinson br...@air2data.com writes:
I unfortunately have a large amount of hotspots that are behind dynamic
ip's. We have tried to get as many of them onto statics as possible but are
having issues with that. After having read through a few dozen different
threads and readmes does
Pierre Durand pierre.dur...@upmf-grenoble.fr writes:
Pierre Durand wrote:
But how sending also detailed logs
(/var/log/freeradius/radacct/IP/detail-* i need?
raddb/sites-available/copy-acct-to-home-server
Sorry, the purpose is to send detailled logs to a
John Dennis jden...@redhat.com writes:
So why does this group think PKI doesn't work?
PKI works. gnupg is an example of that.
SSL doesn't work. Faulty design: Single trust anchor, black or white
trust only, and large commercial interests are all reasons for that.
Bjørn
-
List
Alan DeKok al...@deployingradius.com writes:
Alexander Shikoff wrote:
if take a look on line 358 of share/dictionary.dhcp you may notice '=':
VALUE DHCP-Parameter-Request-List DHCP-Keep-Alive-Interval 38
VALUE DHCP-Parameter-Request-List DHCP-Keep=Alive-Garbage 39
Is it
Brian Carpio bcar...@broadhop.com writes:
I have a production environment which is running freeradiusd 2.1.8 and
last night in the logs I see the following message
Sat Jan 1 20:11:24 2011 : Error: Mon Jan 10 17:04:58 2011 : Info: Exiting
normally.
No one was on the box doing anything...
Fabien COMBERNOUS fcombern...@kezia.com writes:
In a complex environment to change a piece of software can have
unexpected consequences. And so to change it, it demands long testing
procedures for several teams. I already worked in this kind of
environment. And you have to give good reasons
Josip Rodin j...@entuzijast.net writes:
As usual, it would have helped if all parties would have steered away from
snappy remarks. Rather than do that, it's often simpler and eminently more
productive to keep silent.
You are of course correct. I apologise for my unnecessary comment. I
will
Phil Pierotti phil.piero...@gmail.com writes:
k, so is there *any* way to make re-read the config actually reread *all*
the config as opposed to only some arbitrary portion of said config which
might possibly meet your needs, or maybe not?
Just add re-read the config support to *all* modules.
Alan DeKok al...@deployingradius.com writes:
Josip Rodin wrote:
Just ran across this IRL:
Calling-Station-Id: GigabitEthernet 1/0/3.2045:2045#587202578###pppoe
c0:d0:44:e4:cf:3b#
Arg. That's a *stupid* thing to do.
It would have been saner to define VSAs to hold all of this
Michele Petrazzo michele.petra...@unipex.it writes:
today I discover a strange behaviour with FR and the PG backend: if
the authorize_group_check_query query returns a value that has a plus
sign (+) inside the groupname, FR thread that value as unicode. I
think this because into the next
Michele Petrazzo michele.petra...@unipex.it writes:
Only for curiosity, these chars are hard-coded inside the sources or
in other place and loaded at startup?
defined like any other module option default in
src/modules/rlm_sql/rlm_sql.c :
static const CONF_PARSER module_config[] = {
/*
Murray Long mur...@skyrove.com writes:
Would it be possible to control which realm freeradius proxies to,
from within the rlm_perl module?
$RAD_CHECK{'Proxy-To-Realm'} = 'foo';
Bjørn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ichiro tanaka i_tan...@hotmail.co.jp writes:
Proxy-Server recognition was repaired, if proxy-server did not include
dictionary.ascend.
I believe it is time to revisit the Ascend dictionary fixup. This was
done once, and then reverted for between 2.1.7 and 2.1.8:
commit
Alan DeKok al...@deployingradius.com writes:
Thanks to everyone for being patient. Version 2.1.10 has just been
released.
Great!
Just a minor web bug you might want to fix. There are spurious colons
after the server name in the download links on
http://freeradius.org/download.html
Alan DeKok al...@deployingradius.com writes:
I've put some preliminary tar files on:
http://git.freeradius.org/pre/
If there are any issues, let me know now. Otherwise we'll release
2.1.10 on Monday.
A little late into the game, but I just noticed this:
bj...@nemi:~$ radclient -v
RCS keywords don't make sense with git, so use the RADIUSD_VERSION
macro instead, like the server and radmin already do.
Signed-off-by: Bjørn Mork bj...@mork.no
---
src/main/radclient.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/main/radclient.c b/src/main
John Horne john.ho...@plymouth.ac.uk writes:
Running Freeradius 2.1.10 on CentOS 5.5 I have been taking a quick look
at the radmin 'hup' command. However, I am having a problem getting it
to work:
radmin -e hup
ERROR: You do not have write permission. See mode = rw
in
JUND, Aurélien aurelien.j...@sfr.com writes:
example.pl:
sub authorize {
if ($RAD_REQUEST{'Service-Type'} = Framed-User){
This isn't a perl boolean expression...
$RAD_CHECK{'Cleartext-Password'} = 1;
$RAD_REPLY{'Callback-Number'} = Number;
return
Alexander Kubatkin k...@kaa.su writes:
this is with $RAD_REPLY{'DHCP-Domain-Name-Server'} = [$ns1,$ns2] ;
[..]
rlm_perl: Added pair DHCP-Domain-Name-Server = NS1_ip
rlm_perl: Added pair DHCP-Domain-Name-Server = NS2_ip
So, this works as expected.
Sending DHCP-Ack of id ef3e6917 from
Boian Jordanov bjorda...@orbitel.bg writes:
On Aug 22, 2010, at 3:06 PM, Alexander Kubatkin wrote:
В сообщении от Воскресенье 22 августа 2010 10:48:56 автор Alan DeKok написал:
Alexander Kubatkin wrote:
This isn't working, i'm trying to put 2 dns-servers in dhcp configuration
like this:
JUND, Aurélien aurelien.j...@sfr.com writes:
3 hashes are given to the module and filled with value-pairs (Attribute
names and values):
# %RAD_CHECK Read-only Check items
# %RAD_REQUEST Read-only Attributes from the request
#
Alan DeKok al...@deployingradius.com writes:
Version 2.1.10 should be released soon. If there are any pressing
issues people would like to get addressed, now is the time to speak up.
I don't have any issues with the code, but I have one with the
repository: Could you please tag the 2.1.9
Alan DeKok al...@deployingradius.com writes:
Bjørn Mork wrote:
I don't have any issues with the code, but I have one with the
repository: Could you please tag the 2.1.9 release (and of course the
2.1.10 as well when it is released)? It's so much easier to look for
small differences
Erick de A. Fabbio erickfab...@gmail.com writes:
*radusergroup*
idrevenda: 1
username: john
groupname: office
priority: 1
Nope, I don't think so.
[sql] expand: SELECT ug.groupname FROM radusergroup ug
WHERE ug.username = '%{SQL-User-Name}' and ug.idrevenda =
Jakob Hirsch j...@plonk.de writes:
Hi,
Alan DeKok, 2010-05-24 12:28:
* re-open log file after HUP. Closes bug #63.
Since the update to 2.1.9 a new log file is _only_ opened on HUP. Is
this behaviour intended?
Previously we just let logrotate rename the old logfile and freeradius
John Horne john.ho...@plymouth.ac.uk writes:
On Thu, 2010-06-17 at 17:54 +0200, Alan DeKok wrote:
John Horne wrote:
Why does it think it looks like it is dead?
Because the home server didn't respond to *another* request.
Each request has a timer. If the home server doesn't respond
Alan DeKok al...@deployingradius.com writes:
John Horne wrote:
Hmm. Given that the servers are lightly loaded, I guess we are looking
at packet loss over the network?
Yes. Many packets lost. The NAS re-transmits, FR re-transmits, and
the home server doesn't respond.
The default
f0rud fzerorub...@gmail.com writes:
So Mikrotik accept this (and then I can say shared secret is OK),
Sure? Did you try deliberately using a wrong secret to verify that the
NAS validates the request?
but
radclient report this as failed. how its possible? in this case server
is NAS and
lixo lixao l...@corelabs.com.br writes:
Auth-Type := CHAP
This will always be wrong.
Bjørn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
lixo lixao l...@corelabs.com.br writes:
How it should be?
Removed. I.e. don't set Auth-Type at all. The server will either
figure it out or tell you why it can't. Which will help you debug
further.
Bjørn
2010/6/8 Bjørn Mork bj...@mork.no
lixo lixao l...@corelabs.com.br writes:
Auth
Bjørn Mork bj...@mork.no writes:
while updating the outer.reply list gave:
Thu Jun 3 17:00:07 2010 : Info: [ttls] Got tunneled Access-Accept
Thu Jun 3 17:00:07 2010 : Info: [ttls] Saving response in the cache
But it still doesn't seem to work:
Fri Jun 4 07:09:03 2010 : Info: [ttls
Andreas Hartmann andihartm...@01019freenet.de writes:
Fri Jun 4 11:22:48 2010 : Info: [tls] WARNING: No information in
^
cached session!
^^^
Fri Jun 4 11:22:48 2010 : Info: [eap] Freeing handler
Fri Jun 4 11:22:48
Andreas Hartmann andihartm...@01019freenet.de writes:
Yes, you're right - I meant option eap - tls - cache - enable is
switched _on_ and fast_reauth is on too on the supplicant. My wrong :-(.
You can see it at this log entry at the initial login:
Wed Jun 2 20:29:14 2010 : Info: [tls] Adding
Alexander Clouter a...@digriz.org.uk writes:
The 'No information to cache' means you do not have anything useful
(for example 'User-Name') in the reply packet.
Makes sense.
In the post-auth of my inner-eap virtual server I have added:
post-auth {
...
# needed for TTLS cache
Bjørn Mork bj...@mork.no writes:
Alexander Clouter a...@digriz.org.uk writes:
The 'No information to cache' means you do not have anything useful
(for example 'User-Name') in the reply packet.
Makes sense.
In the post-auth of my inner-eap virtual server I have added:
post-auth
Rameshbabu Ragothaman rameshbabu.ragotha...@ibec.net writes:
Is this fix available now ? (freeradius server to read the change in
nas-table without restart)
Looks like I've expired the rest of this thread so this might have been
brought up before, but did you check out the
I thought I might share a configuration part that has proven useful for
us...
Based on the howto at http://wiki.freeradius.org/SQL_Huntgroup_HOWTO ,
we found that we might as well add the huntgroup name to the NAS table
when adding new NASes. No need to maintain two separate tables with the
NAS
Hmm, this release doesn't seem to be tagged in the v2.1.x branch on
git://git.freeradius.org/freeradius-server.git
Am I looking at the wrong repository (again)?
Bjørn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Jan Zacharias j...@dfki.de writes:
I'm trying to get the freenac check_mac perl script running and get this
error:
freeradius: symbol lookup error: /usr/lib/perl/5.10/auto/Fcntl/Fcntl.so:
undefined symbol: Perl_Istack_sp_ptr
See e.g.
Nicolas Goutte nicolas.gou...@extragroup.de writes:
Am 25.05.2010 um 15:12 schrieb Jan Zacharias:
Isn't there a way to find out the perl version? I thought of print
$1 but this does not
work as intended.
Try using
perl -V
Or if you want to check the version of the embedded perl
Jan Zacharias j...@dfki.de writes:
Hey Bjørn,
thank you very much! The output is:
perl version: v5.10.1
So it's clear that libperl and perl version do match.
However if I add a use IO::Socket::INET in the myfile,
I still get freeradius: symbol lookup error:
VU VAN HUNG vanhung2...@gmail.com writes:
Do anyones know why Diameter support faster roaming than RADIUS ?
Higher marketing budgets
I've read some references but I dont understand.
In my experience, that often means that the claim just is not true.
Anyway, I believe you'd better ask
piston pisto...@yahoo.com writes:
Due some limitation, my partner is using two different server to
handle different auth-type (PAP / EAP), said server1 only take PAP
cannot handle EAP, server 2 take EAP cannot handle PAP.
But their user (realm xyz.com), login at my location maybe
Tevfik Ceydeliler tevfik.ceydeli...@astron.yasar.com.tr writes:
##Users conf:
Tevfikceydeliler Proxy-To-Realm := SecOvid, Pool-Name := STATICPOOL
Service-Type := Framed-User,
Framed-Protocol == PPP,
Framed-MTU = 576,
Mark Smith mark.sm...@abelalarm.co.uk writes:
I have a Centos 5.3 server running the latest version of FreeRadius.
latest as in the latest included with Centos? If so, then upgrade.
As you can see, the last two Cisco-AVPair lines, that have the attribute of
'+=', appear twice in the
Satyam Mathura satz...@gmail.com writes:
Line 204 in my users file is the following:
DEFAULT Auth-Type := Reject
You don't want that. It removes the server's ability to figure it out
by itself.
my radgroupcheck config:
++--++++
|
James Nedila j...@colonynetworks.com writes:
I have a rlm_perl script where i'd like to return multiple Cisco-AVPair
attributes in an Access-Accept response.
Since rlm_perl is passed hashes for RAD_REQUEST, RAD_CHECK, and RAD_REPLY,
is there a way to pass an array as the value for the
Alan DeKok al...@deployingradius.com writes:
Palmer J.D.F. wrote:
We migrated to 2.1.8 (from 2.1.7) last week while things were quiet, as
the users have re-appeared after the holiday we've started to receive a
few reports from users stating that they have been getting lots of
prompts for
Alan DeKok al...@deployingradius.com writes:
Maybe something like:
if (*Cisco-AVpair =~ /^client-mac-address=(.+)$/) {
i.e. * means any one matches
Is it ever useful to match on a single one? You'll always have a hard
time knowing the order and number of attributes.
I believe
Osmany osm...@oc.quimefa.cu writes:
On Thu, 2010-01-07 at 09:06 -0500, Osmany wrote:
On Thu, 2010-01-07 at 08:42 -0500, Michel Bulgado wrote:
Bjørn Mork wrote:
Michel Bulgado mic...@casa.co.cu writes:
Try this way, remember the operator.
|312|t...@internet.quimefa.cu
Michel Bulgado mic...@casa.co.cu writes:
Try this way, remember the operator.
|312|t...@internet.quimefa.cu|Calling-Station-Id | += | 72061490
|298|t...@internet.quimefa.cu|MD5-Password | := | password
|313|t...@internet.quimefa.cu|Calling-Station-Id | += | 72061490
Please read the
Just stumbled across a semi-related issue (all accounting modules
returned noop for a request) which made me wonder if not the recently
added documentation for handling noop accounting requests should be
promoted to enabled by default? It does not make much sense to ignore
valid accounting
Osmany osm...@oc.quimefa.cu writes:
This time I used:
|298|t...@internet.quimefa.cu|MD5-Password | := | password
|313|t...@internet.quimefa.cu|Calling-Station-Id | =~ | 6480342|55
and it still accepts the user from regardless of the phone number it's using.
this is what comes up
Alan DeKok al...@deployingradius.com writes:
Bjørn Mork wrote:
Just stumbled across a semi-related issue (all accounting modules
returned noop for a request) which made me wonder if not the recently
added documentation for handling noop accounting requests should be
promoted to enabled
Ben Wiechman wiechman.li...@gmail.com writes:
Try removing the radreply entry with auth-type := accept. Won't that
allow the user in regardless of the check items?
It should not be in the radreply table in any case so that should
certainly be removed.
But I don't think it makes any
1 - 100 of 196 matches
Mail list logo
