My users differ in ldap attributes. I want session-timeout of some users
to
be the value of counter and for others the session-timeout that I define
in
freeradius for them.
How should I distinct them?
How will you tell them apart?
Think of how you will get user 1 to use ldap-1, and
as you see, many attributes not saved to the table radacct, there are
lost. My question is how freeradius know the mapping between them(the
attributes)?
Queries in raddb/sql/mysql/dialup.conf. You can edit the queries.
Ivan Kalik
-
List info/subscribe/unsubscribe? See
I need to ask again for help.
So I added this code to Autorize section of Default config file it
blocks banned users well! But I need to tell them why they got banned so I
tried diferent ways to add Reply-Message in the logic
Nothing helped me so far...
So maybe some one can tell me how
Ok... take this query for example..
(as found in the dialup.conf sql page)
group_membership_query = SELECT groupname \
FROM ${usergroup_table} \
WHERE username = BINARY '%{SQL-User-Name}' \
ORDER BY priority
Before I go ahead and try it, I am just curious, would
I am trying to authenticate my network against Windows 2003 Active
Directory. With help from Ivan Kalik, I was able to use NTLM to
communicate with Windows 2003 server and authenticate EAP clients. On
the EAP side I am using PEAP since they are mostly windows XP clients
and I don't think
Alexander, I did read the links you gave me very carefully and I guess I
understand the logic... However it seems that I have to edit many files.
I am new to the FreeRadius and I don't have any programming
experience... Is there a document which can tell me briefly what these
files are for
post-auth, yes, see the virtual server config below. Remember TEST1 and
TEST2 are the same virtual server, just proxying to them via different
methods. That's why I was getting confused, They behave differently if
you proxy to them in different ways.
my initial thought was your attr_filter
i have domain1\user1 and this get radius proxy correctly to the
radius1 server (11.11.11.11) based on ntdomain prefix
have also set the ignore_null = yes
i have us...@domain1 and this get radius proxy correctly to the
radius1 server (11.11.11.11) based on suffix
have also set the
Thank you very much for your help! Now it works beautifully!
My next step is to integrate FreeRadius with my Windows domain to use
Windows AD for authentication. I am sure I will more questions for you
guys!
http://deployingradius.com/documents/configuration/active_directory.html
Ivan Kalik
I have figured out how to configure attributes. Here is my user file:
test Cleartext-Password := test
Tunnel-Type = 16777229,
Tunnel-Medium-Type = 16777222,
Tunnel-Private-Group-ID = 3
When I use MD5-Challenge, I got put in the right vlan I wanted. However
hi, when i want to start radius in debug mode. error happened.
Failed binding to authentication address * port 1812: Address already in
use
/usr/local/etc/raddb/radiusd.conf[240]: Error binding to port for 0.0.0.0
port 1812
Could you tell me what's wrong?
Freeradius is already running.
Have already uncomment (remove the # infront of the ntdomain under
/etc/raddb/sites-enabled/default), still not working. H1\user1 get proxy
to
NULL realm instead of H1 realm.
Post the debug with nidomain enabled. Do you have NULL realm defined in
proxy.conf?
Ivan Kalik
-
List
I have copied MAKE file from the 2.1.8 pre version.But not able to
generate
certificates.
When I try to run ./bootstrap , it throws error related to MAKE.in file
Please let me know the procedure to generate a certificate.
Read the README file in certs directory.
Ivan Kalik
-
List
Note: I test Cisco Secure ACS, no problem. But freeradius not release pool
ips. Thank you.
Because it will not release IPs without notification that user is offline
(accounting stop packet). If you want limited lifespan of assigned IP
address don't use ippool - use dhcp.
Ivan Kalik
-
List
Hello All,
I did not fixed this problem. same configuration works on
server (ubuntu). but on another server (freebsd) not works :(
Please look
to the 3 th line. its normally? (expand)
+- entering group post-auth
{...}
[sqlippool] No Pool-Name defined.
[sqlippool] expand -
[ldap] looking for check items in directory...
rlm_ldap: userPassword - User-Password ==
{SMD5}/S4d+fNkBFL3TnpjceYuUiDPd+Q=
rlm_ldap: sambaNtPassword - NT-Password ==
0x444338414235383730324637343230453244304232353743453938394634
rlm_ldap: sambaLmPassword - LM-Password ==
Sending Access-Accept of id 2 to 149.xxx.xxx.xxx:51678
Service-Type := Framed-User
Tunnel-Private-Group-Id:0 := ifac
Framed-Protocol := PPP
Tunnel-Type:0 := PPTP
Proxy-State = 0x1700fe800029
As you can see I have a
can advise how to rewrite the username in domain\user to u...@domain so
that
the realm can be done to proxy the radius request to the upstream radius
server.
or no rewrite of username is need. can the freeradius proxy based on
domain\user which domain\ can be use as realm to radius proxy to
It does, but ntdomain is not enabled by default. You need to uncomment
that entry in authorize.
Ivan Kalik
in the /etc/raddb/modules/realm, the windows domain prefix \\ does not
seem
to work. It still get proxy to the NULL realm. But if i use us...@h1 it is
proxy correctly to H1 realm and
In the relam already enable the ntdomain,
Yes. But is the virtual server using it? No. Why? Because it's not enabled
by default. How to enable it? Uncomment ntdomain entry in authorize
section of the defauly virtual server (raddb/sites-enabled/default).
Clear now?
Ivan Kalik
-
List
Hello All,
I did not fixed this problem. same configuration works on
server (ubuntu). but on another server (freebsd) not works :(
Please look
to the 3 th line. its normally? (expand)
+- entering group post-auth
{...}
[sqlippool] No Pool-Name defined.
[sqlippool] expand -
Hello,
I have a big problem please HELP.
I newbee for Radius,
I am use freeradius 2.x on the Suse 11.1. (Vmware ESXi 3.5)
I use ippool. (254 IP) I have a gprs POS machine. POS is work no problem
but,
When connect POS machine to radius server, and disconnect, ippool not free
ip on the
I am using the latest freeradius code with WiMax, Daloradius and MySQL. I
am getting group rejects with the server complaining that it can't use
MSCHAPv2. The confounding thing is that I had this working last week and
it's now acting differently. Here is the debug:
Password is wrong.
Ivan
I know. But cant control many pos or devices power down directly. How db
pool release active ip. I use rlm tool In the crontab every 30 minutes.
But I think wrong way. Can you give for active session on the db ippool
time out value or any way?
Or different configuration.
Note: this devices
I have problems with ip pool. I use sqlippool on my
configuration (postgresqlippool.conf included to radiusd.conf and
sqlippool
added to my default configuration file which in enabled-site directory)
But i receive errors that server cannot define ip for client or
[sqlippool] No Pool-Name
Document problems:
Here is an example excerpt from a page on the web:
CLIENTS
Make sure the clients (portmasters, Linux with portslave etc) are set up
to
use the host FreeRADIUS is running on as authentication and accounting
host.
Configure these clients to use a radius secret password.
So - another question - I want to insert to database name from inner
session, even if outer-session name is set. How i can do it?
This is documented in inner-tunnel virtual server. At least in current
version.
Ivan Kalik
-
List info/subscribe/unsubscribe? See
1- i dont know if i have to configure manually the clients.conf file
and it will be automatically written on mysql database or conversely,
i would write my data on mysql manually and those data will be
automatically writted on text files?
No.
maybe , i think there are independent of each.
Radius -X is always on, and I went through the clients.conf file. -X gives
a
lot information, since you asked here is my understanding. I'm not a
programmer so some of them are cryptic to me. I put in comments to what I
think they are, but they are only guesses. I would be very thankful if
attached is the complete debug log
Try using Calling-Station-Id instead of NAS-Port for accounting. Alter
(raddb/modules/)acct_unique to use Calling-Station-Id.
And use sql for session and accounting. It's quicker and queries can be
configured to use Calling-Station-Id instead of NAS-Port.
Where is the user file? Why the wiki did not list this file. How would I
know about the file. From the wiki, I don't see any talk about this file
you
talking about.
Read the documentation included with the server. Start with doc/README.
Ivan Kalik
-
List info/subscribe/unsubscribe? See
I hope to see step-by-step instructions to setup accounting system using
sql server with freeradius such that I can see a user's network usage
(Tx'd / Rx'd).
Use schema.sql from raddb/sql/your_database_type directory to create the
database tables.
Configure raddb/sql.conf.
Uncomment include
Arrogant.
Yes, terribly obscene suggestion - read available documentation. Don't ask
us what's written in the documentation you already have with you.
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Go ahead and take my out of this list.
I had enough of this.
So you can't be bothered even to read your mail to the end. Unsubscribe
link is in every mail.
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I am trying to set up freeradius to proxy requests 802.11 MSCHAPv2 to an
IAS
server. The IAS requests are authenticated by a Safeword server, which
doesn't support 802.11. So the idea is that freeradius takes the request,
proxies it to IAS as if it was a non-802.11 client, IAS passes it to
so, maybe You know, Patric, how I can insert into radacct table username
from inner session, not outer session?
Don't hijack other peoples threads. If you have something to ask - start
your own.
That is documented in post-auth section of inner-tunnel virtual server.
Ivan Kalik
-
List
thank you alan for the quick reply. It worked just fine. Now I am still
facing the problem with the radwho and radlast. Any idea
Yes, you have sent an authentication request. No accounting. So there is
nothing for radwho to show. It displays accounting information. In case
you weren't aware,
[acct_unique] WARNING: Attribute NAS-Port was not found in request, unique
ID MAY be inconsistent
...
rlm_radutmp: No NAS-Port seen. Cannot do anything.
Nothing misterious in those messages. NAS is not sending NAS-Port and
radutmp needs it to work.
Ivan Kalik
-
List
I get this when I login to the firewall
It would help if you wouldn't edit the debug. Post the whole thing request
+ processing (both for authentication and accounting).
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Where I could get the makefile v.2.1.8-pre
Probably it also solves the problem that I have.
Get the whole thing and take what you want:
http://git.freeradius.org/pre/
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Where I could get the makefile v.2.1.8-pre
Probably it also solves the problem that I have.
PS. I would take the whole certs directory.
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Actually I copied the file from /usr/share/doc/freeradius/examples/certs
folder
But I didnt change any in MAKE file
From which version? 2.1.7 or 2.1.8? 2.1.8 has the new Makefile which signs
client certificates with ca certificate.
Is there anyother way to debug it???
That's openSSL stuff.
Below is the complete Log..
Please let me know how to solve/debug it..
[tls] Done initial handshake
[tls] TLS 1.0 Alert [length 0002], warning bad_certificate
TLS Alert read:warning:bad certificate
It's adifferent error. Quite clear what is wrong. Did you try to alter
Hello everyone,
I know that it is something I have forgot to configure but I cant for my
life remember what it is.
What I want to do is to authenticate a user from a windows machine using
PEAP.
Things I´ve have configured in raddb and in raddb/modules is:
1. Added a user called Jens with
I almost have a working Radius setup...
It's working.
Well almost, because when I try to setup a pptp tunnel with my Windows XP,
I see the following om my radius server:
Packet number 1 has just been sniffed
From:127.0.0.1:54717
To: 127.0.0.1:1812
Type:
I'm new to this list and have never used one before. Here are my stats:
FreeRadius version 1.272
There is no such version.
My problem is when I try and start freeRadius it tells me it can't find
the other config files that are in etc/radiusd/ like proxy.confg and
clients.config. Here is
We use Freeradius/MySQL with Cisco-AVPair entries to send radreplies and
radgroupreplies that specify speeds and such with great success.
However, we are having a bit of difficulty sorting out how to sort out
Cisco-AVPair accounting entries so that we can insert them into the
database.
We
You can still change the ports on your private DNS server to any thing you
want for security reasons.
So, you say yourself that even in the case you are most fond of (DNS)
changing default port is OK as na option. What was the problem with
freeradius having the same option? Please stop trolling
I changed it but it's always the same problem:
[tls] TLS_accept: SSLv3 write certificate request A
[tls] TLS_accept: SSLv3 flush data
[tls] TLS_accept: Need to read more data: SSLv3 read client
certificate
A
Problem? What problem? Those are normal openSSL messages.
Ivan
So, trying to be clear, what we need is:
IF mobile CONNECTS via NAS1 - Gets IP from pool1
IF mobile CONNECTS via NAS1 again - Gets THE same IP from pool1
IF mobile CONNECTS via NAS2 - Gets IP from pool2
IF mobile CONNECTS via NAS2 again - Gets THE same IP from pool2
Iam using Freeeadius 2.1.0. The setup is working fine with EAP-TTLS,
PEAP
method.But for EAP TLS, it gives the below error..
Please let me know how to solve..
[eap] Handler failed in EAP/tls
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Well,
I got freeradius running on F12. I see the radiusd.conf file uses ports 0
instead of 1812 and 1813.
Now go back and read comments above port = 0 entry.
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
In a ldap authentication i try to check the expiration date.
With default ldap schema there is ldap attribute named shadowexpire. And
i'm pretty sure the format is unix timestamp.
Can i use it directly with freeradius ldap.attrmap like that :
checkItem Expiration
I changed it but it's always the same problem:
[tls] TLS_accept: SSLv3 write certificate request A
[tls] TLS_accept: SSLv3 flush data
[tls] TLS_accept: Need to read more data: SSLv3 read client
certificate
A
Problem? What problem? Those are normal openSSL messages.
Ivan Kalik
This is a fact--the internet would not work if DNS uses dynamic port to
listen to? You must understand, all these known port numbers are used to
start up client connections
Ok, let's say you want to use port 1645 for radius authentication. What do
you do? Go round the shops and see if they
I'm trying to setup a tunnel and authenticate with mschap, but it does not
seem to work.
No wonder:
ad_recv: Access-Request packet from host 127.0.0.1 port 45716, id=28,
length=65
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = wim
can i reject (and how ?) a demand by date (it's too late or too early to
connect)
Current-Time or then whatever.
with
Mysql users (in raddcheck table) and of course where can i store these two
fields (date_begin and date_end) in mysql radius database (new table ?,
new field ?)
As
!DOCTYPE html PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN
html
head
meta content=text/html;charset=ISO-8859-1 http-equiv=Content-Type
/head
body bgcolor=#ff text=#00
Hi again:br
br
I have just tried with both CN that I could found at my 'client
certificate'br
br
bigttsmalla
I have tried 'radiusd stop' but the process remains up and running.
While it's running in the foreground: Ctrl+C
If you close the session without exiting the debug - killall as suggested.
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Well after i read your post i tried to sign the client certificates with
the
ca. I make some changes in the makefile but it think I made something
wrong
because it doesn't work:
old:
client.csr client.key: client.cnf
openssl req -new -out client.csr -keyout client.key -config
Can you advice me where this re-authentication settings could be ?
Alvarion technical support.
Furthermore, I would like to know if I change my AAA architecture, could
my NAS (as proxy) forward (alvarion BTS) the interim-update package?
Again, Alvarion technical support. We have no idea what
ldap ldap_staff{
Queries the staff ou in AD
}
ldap ldap_student{
Queries the student ou in AD
}
if(!control:Auth-Type request:NAS-Port-Type == Async Ldap-Group ==
ADGROUP) {
update control {
Auth-Type = ntlm_auth
}
}
ADGROUP is replaced with whichever
...and I guest it is not due to the Client Certificate because it was
succeed authenticated in the previous tests
Probably is due to I am not sure what I should write in the box reserved
for Server or Certificate Name (on the Step 2 of 2 at the supplicant
windows software)
Anyone knows what
Hi,
I am not able to get authenticate from the free radius server. PLease fins
the logs for the same on my LNS
Where is your password?
[files] users: Matched entry DEFAULT at line 172
++[files] returns ok
It's not there and you have no sql or ldap.
Please let me know where I have done a
I have an issue with the default install of freeradius on Ubuntu 9.04.
I only added a user in /etc/freeradius/users:
wim Cleartext-Password := test123
I started freeradius:
/usr/sbin/freeradius -X
But when I try:
radtest wim test123 127.0.0.1 0 testing123
I see:
Sending
I currently have FreeRadius working with a MySQL back-end to authenticate
VPN users on my 2800 Cisco router. I have been trying to get the
download-able access list feature working but am hitting a brick wall. If
i
enable cisco-avpair:=ipsec:inacl=185 i can see the radius server
responding
BUT, we noted an interesting behaviour. If the client specify Windows to
use
another username to login, although freeradius complaints that the user
doesn't exist on ldap, it seems it still accepts this user, as long as the
certificate is fine. So, in this case, if the user isn't allowed to
i have installed debian, mysql server 5.0 (by aptitude install) and
freeradius-server-2.1.7 by wget and untar -xvfz , manually.
Question is:
it is necessary install freeradius-mysql package?
If you installed freeradius from source - no. Source has complete server.
But it is dependany on
Okay, so is there anyway for me to get the root CA installed without
having to do it manually on the clients?
Pay Microsoft huge ammount of money to include it in Windows Update.
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I'm a newbie, and I'm trying to configure a simple EAP-TLS
autententication by using client certificates.
I have follow different procedures that I have found on the web to do
that, but no successful currently
http://wiki.freeradius.org/WPA_HOWTO#HOWTO_Do_It:_An_Outline
- 2nd... What is
Wed Dec 2 17:09:32 2009 : Auth: Login OK: [rsteeves] (from client
Cisco port 2 cli 10.20.31.17)
Is it possible to also have freeradius log where I was logging into
in addition to where I logged in from?
Client is where user is logging into, cli is where user is logging from.
Give more
I´m having a problem deploying a FreeRadius server to authenticate
Wireless users with an Active Directory.
Have you followed the guide:
http://deployingradius.com/documents/configuration/active_directory.html
Has it worked for pap requests and exec ntlm_auth?
Ivan Kalik
-
List
Well, can anyone tell me, why nobody is helping me? I would not get on
your
nerves if there would be a solution to my problem. I was searching for a
time and i found this helpful solutions look in the FAQ and look in
the
eap.conf.
Well the FAQ tells about the xptensions and the help in
Read doc/rlm_ldap, bit about access attribute.
Ivan Kalik
Thanks Ivan.
My problem is that it seems that even if the user is not allowed to login
according to ldap (account doesn't exist or is disabled), access is
granted as long as the certificate is valid.
Lets try again:
Read
With FreeRadius, is it possible to lock out users after a specified number
of failed login attempts?
Can someone please point me in the right direction.
Use perl to count the number of failed attempts (and store username and
number of failed attempts somewhere). Use perl to check that number
DEFAULT Huntgroup-Name == VPN_Huntgroup, Auth-Type=ntlm_auth,
Ldap-Group == VPN_Users
It runs the LDAP group check, but still lets the user log in even
when he's not in the VPN_Users group:
Use unlang for better control of what happens:
if(Huntrgroup-Name == VPN_Huntgroup) {
Still trying to get our FreeRADIUS system working nicely after the AD
upgrade to server 2008. Compiling Samba to version 3.4.3 from source
fixed our ntlm_auth issue, but most users were still unable to connect.
I have 2 examples here, one of a user who failed to connect, one of a
user who
Hello everyone, I am installing a RADIUS server on a ubuntu server with
freeradius. All tests are working properly except when I try to connect
through an access point. This is the debug that I get:
[eap] EAP NAK
[eap] NAK asked for unsupported type 25
[eap] No common EAP types found.
I read some of the information saying it is possible to insert attribute
in Accounting Response Packet but RFC said almost no attribute will
inject into response packet.
No, it says that there is no need for any attribute in it. You can add
vendor specific attributes.
Ivan Kalik
-
List
If I understand correctly, I don't need to worry about ntlm_auth at
all in this case (because with MSCHAP I don't have a cleartext
password, and thus ntlm_auth won't do me any good), so I probably
don't need to update the Auth-Type?
If you are sure that all requests will be mschap. That if
Thanks Stefan
It's not the HOWTO that's out of date, it's your server version being
ancient. I can only strongly urge you to use the 2.x releases, they are
so much more convenient and feature-rich. Especially if you are setting
up a brand new instance, it's a very bad idea to start with this
While trying to run the FreeRadius I got this error. Please let me know
what should be done to overcome this. While checking it on FreeRadius
emails, i found the same problem has been encountered by others too, but
did`nt get to see the solution, thus posting it.
ERROR:
Could not link
Unfortunately, that did not work and now, I am still stuck to figure out
how could I do that.
To sum up this issue, I got Alvarion NAS,
You have our sincere condolences.
from my users, I can see
accounting start and accounting stop packet, every 10 minutes, I got an
accounting packet stop
Can you share with me how to add vendor attributes in Acct Response
Packet?
Like any other with unlang or with acct_users file.
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I've got a 1.1-3 FreeRadius server and trying to figure out what to do
to enable PAP authentication. CHAP is working when I use Radius Ping
but if I change the Password to
User-Password which if I understand it is supposed to enable PAP.
When I do this, I get a Access-Reject. Is there
I had install Debian lenny. later, mysql, later apache and later, download
freeradius freeradius-server-2.1.7.tar.gz, untar and ./configure, make and
make install. the errors like checking for gcc... no was solved.
now, i tried to run famous radiusd -x but i have the follow error
message:
*Failed binding to authentication address * port 1812: Address already in
use*
/usr/local/etc/raddb/radiusd.conf[240]: Error binding to port for 0.0.0.0
port 1812
One instance is already running. killall radiusd should stop it.
Ivan Kalik
-
List info/subscribe/unsubscribe? See
On 11/30/2009 05:07 PM, freerad...@corwyn.net wrote:
At 03:27 PM 11/30/2009, David Mitchell wrote:
1) Don't specify the Auth-Type. You still want to check the password I
assume. I think your config will let in any user who is in group
Group1 irrespective of the supplied password.
Sigh. Here
Is anyone try this attribute /*mpd-drop-user*/ in freeradius with Mysql?
MPD support this attribute to check the status of account during it
update the accounting and if the value for this attribute become
non-zero, it will disconnect the session for the user.
We use MPD to setup a PPPoE
So the only differences between the test cert and a real one is only what
is written in the ca.cnf?
Why do you think that test certificates aren't real? They also work.
How else would you test things with them.
I dont need to add or remove anything or make an extra file or something
like
t...@kalik.netIs it well written oon the login page? Try simpler password
(somethinglike 12345 - that will work even with CAPS LOCK on). If it
still failstake it up with chillispot people.
I have tried with 1234 :
...
Mon Nov 30 10:45:56 2009 : Info: Found Auth-Type = CHAP
Mon Nov 30
I think you are right, I will ask in the monowall forum.
Just that the forum is not very active on Captive Portal issues.
Could you be kind to suggest a NAS that you know which can help me achieve
my goal?
Thanks in advance - I know I am asking too much.
Yes you do. Now go and read
What I think is my final problem. I'm now working to authenticate
VPN users in the same scenario, using the l2tp client in
windows. Looks like everything automatically picks up that it's a
MSCHAP request.
Using a similar logic:
DEFAULT Huntgroup-Name == VPN_Huntgroup, Ldap-Group
I have been testing FreeRADIUS for a project we are looking at running
to authenticate users for Giganews.
I have got the authentication part working well, and the
authentication attempts get logged correctly into MySQL.
Now, I am trying to log the session details, such as data to and from
If what you have wrote is correct (and it does make sense) - to
Accounting-Response packet.
Ivan Kalik
This is what I though as well. However, I read somewhere MPD was support
this option but no details on where to put this attribute in.
Regards
t...@kalik.net wrote:
Is anyone try this
Permissions are now 600 for client.[pem|key] and [ca|server].pem (still
using ca and also server certificate on client), but the result is
similar.
Does it still say unknown ca or something else? If it's something else
you need to poost a new debug. If it's still the same you need to go to
I've been getting the message about the := condition being deprecated
soon.
I was wondering if there's going to be another alternative way to
accomplish
the following:
Are you sure it's := and not :-. You have new syntax for conditional
expansions in man unlang.
Ivan Kalik
-
List
I'm using freeradius-2.1.6, and I'm going to make a download limitation
for
my users. I used sqlcounter module and config it as follow:
According to the log messages, it shows anything is OK:
Where is my problem?
rlm_sqlcounter: Reply attribute Session-Octets-Limit is number 3009
Did
At 06:24 PM 11/25/2009, Ivan Kalik wrote:
Configure AD as ldap server in ldap module (.raddb/modules/ldap).
Then add to users file:
Hmm, is there supposed to be a ldap module by default? Because I
don't have that.
Yes, in 2.x.
Ivan Kalik
-
List info/subscribe/unsubscribe? See
At 05:58 PM 11/29/2009, t...@kalik.net wrote:
Hmm, is there supposed to be a ldap module by default? Because I
don't have that.
Yes, in 2.x.
Nope. Brand new clean install of the RPM
freeradius2-libs-2.1.7-2.el5
freeradius2-2.1.7-2.el5
freeradius2-utils-2.1.7-2.el5
Ah, you need to
1 - 100 of 2007 matches
Mail list logo