Hi Barry,
Would it not be better to contact the maintainer of the pppd for the Debian
distribution and ask him/her why pppd is not sending the stop accounting packet to the
radius server when a connection is dropped (for whatever reason) That would fix
the problem the way it should be
Google WinRAR . . . That will unpack it... in a Windows System...
gm...
- Original Message -
From: Johnno [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, July 25, 2004 6:07 PM
Subject: Re: dialup admin replacement
I download this and had a look see.. but the rar file coming
On Fri, 23 Jul 2004, Gary McKinney wrote:
Hi Kostas,
It's nice to see Dialup_Admin can handle a large operation!
I realize dialup_admin is in the radiusd CVS - I would have thought it
would
have been at least a separate CVS to make allowing others to work with
it
directly
Kostas,
Are you also a user too??? [grin]...
Kidding aside - is there some place where the dialup_admin is being
maintained (CVS) and where freatures can be added to the code (not to
mention bringing the code up to current levels) ???
BTW: I have not setup the database side completely yet but
PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, July 23, 2004 6:36 PM
Subject: Re: New Opensource project-AAAadmin
On Fri, 23 Jul 2004, Gary McKinney wrote:
Kostas,
Are you also a user too??? [grin]...
Yes, dialupadmin is used in both my university (ntua.gr/15000 users) and
in the
greek
See body of message below for responses:
-- Original Message --
From: PedroRibeiro (B) [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Date: Thu, 22 Jul 2004 10:34:57 +0100
Sorry for the repost but this problems are forcing-me to leave our
FreeRADIUS open
Sounds like the NAS is not sending an accounting stop packet when the connection dies
(for whatever reason). This is not a Freeradius problem (how could it know?)...
Gary N. McKinney
-- Original Message --
From: Barry Murphy [EMAIL PROTECTED]
Nothing to do with Freeradius...
Congratulations Alan!!!
Better grab that sleep now because it's about to become a thing of the past
[grin].
gm..
- Original Message -
From: Alan DeKok [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, July 22, 2004 5:25 PM
Subject: Re: Is Release
Hmm - think I saw an earlier posting (it's in the archives) about this very
subject!
I think you want to take a look at the configurable_failover file in the doc
directory where you untarred the freeradius package - it describes what you
are looking for...
gm...
- Original Message
Hiya Graeme,
If you are using an SQL database backend it is very easy to implement
this...
You setup group names in the radgroupreply table with the attributes to be
returned to the NAS for that group - you can have multiple records with the
same group name to allow multiple attributes. Each
Take a look at man dictionary, the dictionary file in the /raddb radius directory
(the same directory where radiusd.conf lives) and the dictionary file in the share
directory (it's in the path specified by the dictionary file in the /raddb
directory... all should become as clear as mud!
the
require('../lib/defaults.php3'); is reached. for example in the
user_new.php3.
If i comment this line out, i get the page where i can set up a new
user. so far so good...
What can go wrong with the defaults.php3?
rico
Gary McKinney wrote:
You could try turning on the sql debug
Actually - not really a silly question!
Since you reported what actually happened and why I suspect the information
will be useful to others who attempt to do the same thing (two servers
running on the same box) and run into the same senario...
Of course it DOES require someone to look at the
yes, the problem with these files, but the register_globals in the
php.ini are on
rico
Gary McKinney wrote:
Do you have the same problem with:
group_new.php3
user_admin.php3
user_edit.php3
and user_state.php3
as you have with user_new.php3 ?
If so - is the register_globals
Hmmm,
Looks like most everything is correct - from what
you have sent here...
A couple of things:
1. Is postgresql case sensitive ( I play with
MySQL)??? If so check the case (caps or lower case) of the record field
names to make sure the schema's match for the database and queries.
2.
Hi Apellido,
this is a known issue - here is Alan's previous response (it's in the
archives too!):
-
The solution is to edit libltdl/Makefile, and change:
top_builddir = .
to:
top_builddir = ./..
-
This corrected the build process for me with FreeBSD 5.2.1
gm...
-
What are you using for a Supplicant???
gm...
- Original Message -
From:
[EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, July 09, 2004 5:37 AM
Subject: EAP TLS: rlm_eap: Failed in
handler
Sorry...my first posting was not easy to read ;-(Here the
same
It would probably help [grin] if you sent the radiusd -x output instead of the Cisco
debug output - this list does not normally perform vendor specific troubleshooting (
but if someone on the list has seen the specific type of problem they usually
respond)
Gary N. McKinney
Network
, sounds like the
problem is with the supplicant side? Any experience with other supplicant?
I am not using the linksys card, what I have is a cisco 350 wireless card in a IBM
T30 notebook.
- Yi
Gary McKinney [EMAIL PROTECTED] wrote:
HI Yi,
I have basically the same setup here at home
Hmmm - Yep ... I wonder if the problem is the DATE ( CVS July 7, 2004
)...
Actually Alan answered this question a couple of days ago...
Has to do with the newer version of libtool...
The current fix is to go into the libtldl source directory per Alan and
perform the following:
Drew,
Check to make sure the Ascend you have uses the Ascend-VSA attributes, if
not I think there is a setting in the ascend configuration for the ascend to
use the VSA attributes... See the file ascend in the docs section of the
source directory for the freeradius server - it discusses this very
Are you sure the NAS is sending accounting packets
gm...
- Original Message -
From: Maqbool Hashim [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, July 01, 2004 5:46 AM
Subject: Accounting and SQL, help!
Anson Rinesmith wrote:
Run radius in debug mode (radiusd -X) and
Try searching for: radiusniff (just one 's')...
gm...
- Original Message -
From: nsinit [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
[EMAIL PROTECTED]
Sent: Tuesday, June 29, 2004 9:22 PM
Subject: Re: Re: Sniff radius
yeah i found it yesterday afet the post , thx anyway .
i use
Looks like the 'name' of the NAS in the
clients.conf file is not correct or the shared (secret) password is not correct
- careful of whitespace and non-printable characters in the clients.conf file or
the PM3 - also, I think this is case sensitive as well...
gm..
- Original Message
Hi Chris,
I have compiled earlier versions of CVS on FreeBSD 5.2 and had no problems I'm
currently downloading the latest CVS to see if it compiles on a FreeBSD 5.2 machine
now... will post results...
Gary N. McKinney
Network Administrator
Computer Services Dept.
Brevard County
Alan,
I attempted to perform a ./configure and then a make without making any changes to the
latest CVS 20040630 (out of the box compile attempt). Attached are the ./configure
results and the attempt a performing the make operation...
This was executed on a FreeBSD 5.2.1 system. There is a
Gotta lov libtool!!!
Gary N. McKinney
Network Administrator
Computer Services Dept.
Brevard County Library System
-- Original Message --
From: Alan DeKok [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Date: Wed, 30 Jun 2004 15:36:30 -0400
Gary
Fabio,
Veja o rlm_sql da lima na seção dos docs do diretório de fonte.
BTW: Use por favor o inglês nesta lista.
Obrigado!
(Brought to you by: http://world.altavista.com/babelfish/tr ) [Grin]
Gary N. McKinney
Network Administrator
Computer Services Dept.
Brevard County Library System
Hi,
Check in your users file to see if you have Auth-Type = System set
there... if so that may be your problem...
gm..
- Original Message -
From: Ali Asghar [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, June 28, 2004 4:56 AM
Subject: Problem Getting Free Radius Work with MySql
Dave,
You may want to check out MySQL 4.x - there is a hex() function to return a
hexidecimal representation..
gm...
- Original Message -
From: Dave Mason [EMAIL PROTECTED]
To: freeradius mailing list [EMAIL PROTECTED]
Sent: Friday, June 25, 2004 2:30 PM
Subject: Re: how to save binary
Hans,
I think all you have to do is comment out the unix line in the Authentication
section of the radiusd.conf file and restart the radius server.
Gary N. McKinney
Network Administrator
Computer Services Dept.
Brevard County Library System
-- Original Message
Brian,
That is the correct way for operation!
Radius Listens on Ports 1812 and 1813 ( for authentication and accounting
respectively) BUT responds back to the NAS on the first non-priviledged port the
system has available for use this is normal RFC operation in TCP/IP communications
for
Hi Ted,
Why would the Access-Accept packet NOT come from the same IP (radius
server) the request was sent to originally??? To do otherwise would open up
the NAS or AP to spoofing attacks...
What vendors are you referring to in terms of accepting Access-Accept
packets from an IP other than the
Keith,
There is a text document in the Docs directory under the source directory
where you un-tarred the source code called aaa.txt. It will answer some
of your questions. As for the others:
1. How do I limit the traffic for a user?
You dont, at least not with radius - unless there is a
Arnauld,
It almost looks like something in the supplicant is not configured properly
to use the certificate sent from the server during the handshake phase... I
have attached a copy of some of my notes (written to myself so some of the
meaning in the notes may not be exactly correct - but heck -
Wrong color [GRIN]...
Actually - I am adding things that are not in dialup_admin, such as
suspension of users, billing and integrating with email services for the
billing and setting up user email accounts - the simple stuff...
gm...
- Original Message -
From: Kostas Kalevras [EMAIL
Hi Arnauld,
Have you looked at the make output from the compile to see if there are
any error or warning messages? It sounds like either there is an error in
the latest CVS stopping the compilation of modules (most likely not) or
something is missing the compilation requires - from the sounds of
somewhere, but I just thought I'd ask while I was here.
Thanks for the help!
mack
On 22 Jun 2004 at 12:37, Gary McKinney wrote:
Mack,
Take a look at the following URL:
http://3w.denobula.com:5/EAPTLS.pdf
It may be a little dated but all of the info is still relevent... one
Mack,
Take a look at the following URL:
http://3w.denobula.com:5/EAPTLS.pdf
It may be a little dated but all of the info is still relevent... one thing to take
notice of is
there is NO user password exchanged as EAP/TLS does not use a user's password
for authentication - that chore is
else, maybe
that will
help me form better questions. Thanks for the help!
mack
On 19 Jun 2004 at 6:34, Gary McKinney wrote:
Mack,
Check the email archives over the last three months - there is a great
deal of information on using EAP/TLS and how to use LDAP with
freeradius (including
it on lists/boards, but have never seen a translation.
Thanks for the help,
mack
On 21 Jun 2004 at 6:10, Gary McKinney wrote:
Mack,
I Was not trying to blow you off by making the statement of reading
the archives... I am still, what I consider, a newbie as well...
The statement
Mack,
Check the email archives over the last three months - there is a great deal
of information on using EAP/TLS and how to use LDAP with freeradius
(including example snippets).
gm...
- Original Message -
From: Mack [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, June 18, 2004
A followup for all...
I have been looking for an inexpensive WAP (Wireless Access Point) or WRT (Wireless
Router) that sends the Radius Accounting information to the Radius Server - to date I
have NOT found any of the inexpensive WAP or WRT devices which send the accounting
information to the
Now I am curious...
From following this thread I am wondering how many transactions a second can a DB
handle successfully perform before the system starts to lose information???
I am wondering for a given platform and OS (such as linux or FreeBSD running on a
2.0Ghz based system with 1-Gig of
with any
problems!
Gary McKinney
- Original Message -
From: Michael Ding [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Saturday, June 12, 2004 3:10 PM
Subject: Help Please
Hi All,
I am new to FreaRadiaus, I just installed FreeRadiuas on RedHat. I am
trying
to set up
Milver,
This is not a Freeradius issue (Freeradius only sends to the NAS what is set in the
attribute)and as such should be taken elsewhere.
Having said that
There was a great deal of discussion around 6 years ago on the best setting for
dialup users in relation to MTU size and dialup
Slightly off topic (Freeradius that is):
Unix is User Friendly - It's just picky about it's Friends!
Something an old unix guru told me once - long, long ago
Gary N. McKinney
Network Administrator
Computer Services Dept.
Brevard County Library System
-- Original Message
Alan,
I am currently working on a php based front-end (so to speak) to allow
configuration for
freeradius's use of mysql database tables (modified for my specific use) and your
response
given below brought up a question I have read about the radcheck/radreply table
entries in the mysql
]
Reply-To: [EMAIL PROTECTED]
Date: Wed, 02 Jun 2004 12:27:47 -0400
Gary McKinney [EMAIL PROTECTED] wrote:
I am currently working on a php based front-end (so to speak) to
allow configuration for freeradius's use of mysql database tables
Ok... what's wrong with dialup_admin? It's been around
Hmmm -
The logic of the request does not really make much sense... If the
FreeRadius
server is responding to the NAS but the mysql server back-end is not
responding
that does not mean the radius server is broken...
I would think you could setup to authenticate through multiple mysql backend
Sure - get a supplicant (client) software package (such as Odyssey from Funk Software
- I think and comes bundled with some of the WiFi capable cards such as the Linksys
wireless-G card WPC54G - at least here in the US).
I use this very setup for a Win2000 laptop
Gary N. McKinney
Network
Joseph,
From the info you sent to the list it looks like the NT authentication is not
happening...
NOTE: I don't know why it is but the EAP - Start not found shows up in the debug
normally [grin]...
Here is the line that indicates the actual problem:
rlm_eap_leap: No User-Password or
HI Alexander,
I think if you search in the archives you will find
you need to have the MySQL development package installed to compile the
FreeRadius to work with the MySQL package... the MySQL binaries package does not
have all of the pieces required to compile the rlm_sql_mysql
module...
]
Date: Wed, 19 May 2004 10:09:12 -0400
Hi Gary:
Does souce instalation package (example: 4.0.18) contains development
package?
Kirti
-Original Message-
From: Gary McKinney [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 19, 2004 6:26 AM
To: [EMAIL PROTECTED]
Subject: Re: Urgent Cannot
the Freeradius server with the MySQL database
Hope this helps...
Gary McKinney
On Friday 30 April 2004 02:34 am, Linda Pagillo wrote:
Thanks. I already read all of that and i did everything he said to do. I'm
happy that i read that because it was the only thing that really helped me
to get started
:47AM -0400, Gary McKinney wrote:
I realize this is not a direct FreeRadius issue but possibly could be indirectly
related if the
actual problem still exists with thread locking...
I checked the FreeBSD site for any PR listings for what you have described... did
not find
anything - have you
OH... Your just being modest!!! {Big Grin}
Gary N. McKinney
Network Administrator
Computer Services Dept.
Brevard County Library System
-- Original Message --
From: Alan DeKok [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Date: Fri, 23 Apr 2004
Network Administrator
Computer Services Dept.
Brevard County Library System
-- Original Message --
From: Alan DeKok [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Date: Fri, 23 Apr 2004 15:08:21 -0400
Gary McKinney [EMAIL PROTECTED] wrote:
I realize
From you description it appears it is something in the configuration of Apache
Gary N. McKinney
Network Administrator
Computer Services Dept.
Brevard County Library System
-- Original Message --
From: Charles Thomas [EMAIL PROTECTED]
Reply-To:
Just a thought... try checking in the httpd-error.log file to see what Apache is
saying is the problem... it may be rather cryptic but should point you in the right
direction
Gary N. McKinney
Network Administrator
Computer Services Dept.
Brevard County Library System
--
Hi Paul,
I realize this is not a direct FreeRadius issue but possibly could be indirectly
related if the
actual problem still exists with thread locking...
I checked the FreeBSD site for any PR listings for what you have described... did not
find
anything - have you checked against the latest
Steve,
Did moving the the com_err from RLM_LIBS line to
the HEADERS line correct the problem compiling??
( you know what they say: "Just because it compiled
does not mean it compiled!")...
If that corrected the compile problem and it works
for you I suspect the changes would be of
Hey Steve,
You really did not give very much info but I suspect you don't
have Kerboros installed in the machine...
Gary N. McKinney
Network Administrator
Computer Services Dept.
Brevard County Library System
-- Original Message --
From: Steve
!!!
Gary N. McKinney
- - Original Message -
From: Alan Russell [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, April 02, 2004 11:01 AM
Subject: Re: Alan
- Original Message -
From: Gary McKinney [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, April 01, 2004 10:12
Vasudevan,
This is how I preceive things:
Indeed the radius server is sending the accept back to the nas...
Wed Mar 31 12:45:51 2004 : Debug:
rad_check_password: Found Auth-Type Accept
Wed Mar 31 12:45:51 2004 : Debug:
rad_check_password: Auth-Type = Accept, accepting the
Hi Shannon,
By default I don't think FreeRadius compiles with the sql drivers. You have
to configure FreeRadius to compile with the MySQL drivers before you can
use MySQL with it. Once compiled with the drivers it should work...
At least that is what I remember - check the configuration
artur,
You may want to try the latest CVS Snapshot instead of the 0.9.3 version.
The 0.9.3 version does not have all of the code to support what you are
attempting to do (or at least it did not when I was working on getting the
EAP/TTLS protocols working with a Linksys WRT45G Wireless router and
Aime
Having NOT worked with Debian for a while (5 years) I would check to see
if the package is available on the Debian site - I suspect it is an optional
package you need to install - probably the same for the devhelper package
as well...
check here first:
68 matches
Mail list logo