On Fri, Mar 30, 2012 at 7:26 AM, Fajar A. Nugraha l...@fajar.net wrote:
On Fri, Mar 30, 2012 at 4:22 AM, Thomas Fagart tfag...@brozs.net wrote:
As I was not very familiar with MS-CHAP, I've google a little and it seems
to me that my goal (ie ms chapv2 welcome server without having user/passwd
On Mon, Mar 26, 2012 at 6:03 AM, Mutheu mut...@lavabit.com wrote:
snip
pfsense/Monowall have 'reauthentication' feature and contrary to what many
people think, the user is only presented the login screen once and the NAS
'remembers' the infor and each minute, it resends the infor to
You're not meaning something like coova-chilli (a captive portal)
http://www.coova.org/ are you ?
Timothy
On 07/05/2010 20:46, VU VAN HUNG wrote:
sunhualing wrote:
hostapd as a NAS, authenticator
wpa-supplicant as a supplicant
On Fri, May 7, 2010 at 1:31 AM, Jeff Voskamp javos
Depending on your hardware, you might want to try radsecproxy. It does
currently have a 16 character password limit though
Johan Meiring wrote:
Hi all,
The radius spec currently identifies a Nas (client) by the Nas's IP
address
(Packet-Src-Ip-Addres?). That is how radius works.
We have a
well, looking from the log, your virtual_server doesnt appear to set any
attribute
in its post-auth stage. calling the right thing or SQL table?
post-auth, yes, see the virtual server config below. Remember TEST1 and
TEST2 are the same virtual server, just proxying to them via different
the virtual server is stripping the
attributes from the reply.
Can anyone tell me
a) The approprate documentation covering this is so I know.
b) What I have done wrong (and where to find the answers)
or
c) This is an actual bug and someone will look at it
Thanks
Timothy
-
List info/subscribe/unsubscribe
2009/12/21 Alan Buxey a.l.m.bu...@lboro.ac.uk:
Hi,
If I authenticate to TEST1/user
My response is only a successful auth.
If I authenticate to TEST2/user
My response is a successful auth WITH Attributes (in this case the
attribute I'm setting is
Cisco-AVPair = shell:priv-lvl=15
where
I think we're getting too far into the detail and losing sight of the
problem I was trying to report initially.
I'd expect the only difference between the proxying to a remote server,
and proxying to a virtual server to be efficency / ports used, not
functionality, aka it's more efficnt to use
I think we're getting too far into the detail and losing sight of the
problem I was trying to report initially.
I'd expect the only difference between the proxying to a remote server,
and proxying to a virtual server to be efficency / ports used, not
functionality, aka it's more efficnt to use
Armin Krämer wrote:
I tried out the registry patch AuthMode with a value of 2 whch causes
windows to authenticate with the machine certificate only. Then I
generated a client certificate with openssl with the special OID
1.3.6.1.4.1.311.17.2 which was posted in the mailing list some time ago.
Alan DeKok wrote:
Only if you do it *before* the supplicant stops responding.
FYI, I think I've figured out what's happening.
On my Mac, the 802.1x supplicant will abandon the EAP-TLS authentication
after the Server Hello Done message if it doesn't have a proper
certificate and private
Michael Griego wrote:
I'm very curious about the outcome of this as well. The AP is
*supposed* to block all traffic except for EAP traffic pending the
required EAP-Success from the Authentication Server. If the AP is
allowing non-EAP traffic through, and, given that the client-AP traffic
This is a neat one.
EAP-TLS is working just fine between an XP supplicant, a Cisco AP1200
WAP running 12.3(4)JA, and FreeRADIUS 1.0.1 (plus a patch to allow
multiple root CAs for EAP-TLS trust). Client certificates are on
smartcards, and the AP has a reauthentication timer set, with the
Alan DeKok wrote:
That would appear to be a bug in the AP. I'd be curious to know how
many AP's have that bug. If so, it would be a very, very, serious
problem.
Which is why it startled me.
I'm not sure how to fix that, to be honest. There's little you can
do on the RADIUS server to
Hi people...
I had a similar problem when I tried out the freeradius-1.0.0-pre1 build
with fedora core 2... whenever I try to get my cisco AP to auth with
freeradius, I get the same unknown client message, and the IP is already
added in the clients.conf file...
Localhost works though, ports are
Hi everyone.
Had some problem with my email accounts and subscription... anyway,
Just a quick question about LEAP. Am I right to say that as long as the
client wlan card supports LEAP, I just need any 802.1x compatible AP to
pass through the LEAP request to the FreeRADIUS server? Or do I need
16 matches
Mail list logo
