freeradius performance , requests per second
Hi I am using freeradius 1.1.6 on Suse Linux 10 , and mysql for database. My processor is Intel Pentium 4, 3.40 Ghz, RAM is 512 MB and hard disk is 80 GB. On this configuration how many requests , freeraradius can handle per second. Is there any tool which can test the performance of freeradius. Can you please tell me the average number of authentication requests that freeradius can process per second. can it handle 1 lac requests per second. thanks deepak - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS problem
hi shantunu see my comments below.. On 6/5/07, shantanu choudhary [EMAIL PROTECTED] wrote: hi all, i m trying to get EAP-TLS working for free radius, but i m not able to figure out how to handle all those certificates. You need one CA , one server certificate and one client certificate, both the certificates must be signed from same CA. Can u tell me how are u using those certificates and are u using openssl for generating those certificates and do need to run openssl explicitly along with radius server to check client certifiates, I have used openssl to generate certificates , and u need not run openssl with radius server after you have prepared all the certificates. all you need to do is to configure eap.conf file accordingly. and how to transfere those certificates to client. there is lot of help available and i tried few with some unsuccessful attempts. If u know really gud online help available please let me know... copy CA and client certificate on client machine. there are lot of tutorials on net for this. i used one given in linuxjournal . -deepak regards shantanu -- Download prohibited? No problem! CHAThttp://us.rd.yahoo.com/mail/in/ywebmessenger/*http://in.messenger.yahoo.com/webmessengerpromo.phpfrom any browser, without download. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-SIM : symbol lookup error
hI Ben there is one file asserts.h is missing search that on net, include that in rlm_sim and recompile. it worked for me. -deepak On 5/15/07, Ben2148 [EMAIL PROTECTED] wrote: I have exactly the same problem (symbol lookup error). Can anyone help me fixing it ? Thanks Ben -- View this message in context: http://www.nabble.com/EAP-SIM-%3A-symbol-lookup-error-tf3650034.html#a10620722 Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS authentication
Hi Alan I have downloaded freeradius 1.1.6 and implemented EAP-SIM using that. I have tested all the tests in src/tests and it worked fine. now i want to execute a script as and when radius receives acess-request for EAP-SIM I have written a script called notify.pl and in users file i made an entry DEFAULT Auth-Type==EAP, EAP-Type==SIM, Packet-Type==Access-Request Execute-Program=/notify.pl but even after user is authenticated, script is not executed at all. what condition should i use to execute the script when access-request for EAP-SIM comes first to freeradius. thanks deepak - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
EAP-SIM : symbol lookup error
Hi Alan I have downloaded freeradius 1.1.6 and configured for EAP-SIM and run successfully. but when i send a request using radeapclient to radius server i get this error ./radiusd: symbol lookup error: /usr/local/lib/rlm_sim_files- 1.1.6.so: undefined symbol: rad_assert I have set LD_LIBRARY_PATH, reconfigured and and rebuilt server with share disable option , but still get the same error. what is the problem, what should I do? this is log of radius - Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1:37454, id=33, length=89 User-Name = 23242010015 NAS-IP-Address = 255.255.255.255 Message-Authenticator = 0x42014f09257d6d91d04b6e145e251adb NAS-Port = 0 EAP-Message = 0x0220001401323332343230313030303030303135 ./radiusd: symbol lookup error: /usr/local/lib/rlm_sim_files-1.1.6.so: undefined symbol: rad_assert thanks Deepak - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS authentication
Hi Alan. Is there any way in freeradius, where freeradius server can invoke a java program in response to some event. eg if some user is logged out , this event should be propagated to java prog or to some other component. On 3/29/07, Alan DeKok [EMAIL PROTECTED] wrote: deepak kumar wrote: Thanks I have implemented EAP-TTLS , stored EAP-Type value in radpostauth table and able to connect to internet without UAM. Once a user is authenticated through EAP-TTLS , his details are put in radpostauth table and he is allowed to acess internet without UAM,but his accounting information is not stored in radacct table. how to store accounting information in radacct, in case of EAP-TTLS. This is in the FAQ. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS authentication
Thanks. I have used EAP-Type variable and stored its value in radacct table. but in all the cases(UAM,EAP-TLS, EAP-TTLS) the value for EAP-Type was null. i was expecting it to return TLS or TTLS in case of these methods. is it because of chilli.conf(which is notconfigured for WPA). or I missed something. thanks deepak On 3/23/07, Alan DeKok [EMAIL PROTECTED] wrote: deepak kumar wrote: Hi I am using freeradius 1.1 on linux suse 10.1. I have implemented EAP-TTLS, EAP-TLS and UAM. I want to know is there any way to know by which method user is authenticated. I mean if user is authenticated using UAM, EAP-TLS or EAP-TTLS. is there any attribute whose value we can store in radius database tables. there are two attributes Digest-Algorithm and EAP-Message , but I dont know how to put their values in radius tables. You should use EAP-Type, which is an attribute generated by the server that tells you the name of the EAP type being used. And to store attributes in the table, see doc/variables.txt. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS authentication
Hi I am using freeradius 1.1 on linux suse 10.1. I have implemented EAP-TTLS, EAP-TLS and UAM. I want to know is there any way to know by which method user is authenticated. I mean if user is authenticated using UAM, EAP-TLS or EAP-TTLS. is there any attribute whose value we can store in radius database tables. there are two attributes Digest-Algorithm and EAP-Message , but I dont know how to put their values in radius tables. thanks deepak - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS authentication
Hi Alan thanks for your prompt reply. can you tell me how to modify chillispot to work with EAP-TLS. my radius server, Router and Xsupplicant all are supporting EAP-TLS. deepak On 3/20/07, Alan DeKok [EMAIL PROTECTED] wrote: deepak kumar wrote: ... but even after client authentication from certificate. the router(chillispot) prompts for a username and password and then does authentication using UAM. Please tell me why this is asking for login name password after client certificate validation. Because chillispot is configured to do that. It's not a RADIUS problem. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
EAP-TLS authentication
Hi, I am using freeradius1.1 on linux suse 10.1 and chillispot for captive portal. I have implemented EAP -TLS using client and server side certificate and it worked well. but even after client authentication from certificate. the router(chillispot) prompts for a username and password and then does authentication using UAM. Please tell me why this is asking for login name password after client certificate validation. is something needs to be changed in chilli.conf , or any other radius conf file. thanks in advance dee - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html