RE: Freeradius Login

2007-03-29 Thread King, Michael
-Original Message- I'm assured that Windows Vista now has a proper 'do not cache this' feature ;-) It does. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: freeradius and cisco hidden share

2007-04-09 Thread King, Michael
It sounds like your trying to encrypt the shared secret in the router config. Or, your trying to copy the encrypted shared secret and paste it. (The 7 is what tipped me off) First, you need to verify that you have the password-encryption is enabled in the IOS. This is the magic that makes

RE: freeradius and cisco hidden share

2007-04-09 Thread King, Michael
One further comment. The shared secret in FreeRADIUS CANNOT be the really long number in the IOS config file. This is an encrypted hash of the REAL secret. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: freeradius and cisco hidden share

2007-04-09 Thread King, Michael
-Original Message- So the piece of confusion is how you get that encrypted hash in there in the first place when configuring a new key. Service password-encryption http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_command_

RE: kill -HUP

2007-04-12 Thread King, Michael
Read the last two days on the mailing list archives. It's all they've been talking about. It seems to work. But i see freeradius 1.1.6 correct a bug about HUP. - List info/subscribe/unsubscribe? See

RE: FreeRADIUS and Active Directory

2005-04-26 Thread King, Michael
My first FreeRadius Post, and I don't think I can answer your problem, but I think I can clarify the problem. When you configure the MSCHAPv2 properties in the Windows client, you are selecting Automatically Use my Windows Username and Password (And Domain if available) You get the error you

RE: FreeRADIUS and Active Directory

2005-04-26 Thread King, Michael
Is there a How-to on using FreeRADIUS / PEAP / Active Directory I've been trying to hobble along with http://www.dslreports.com/forum/remark,9286052~mode=flat But it wasn't for this specific instace. I'm dying right now on this snip modcall: entering group authenticate for request 1

RE: FreeRADIUS and Active Directory

2005-04-26 Thread King, Michael
and Active Directory King, Michael [EMAIL PROTECTED] wrote: /usr/local/sbin/radiusd: relocation error: /usr/local/lib/rlm_eap_peap-1.0.2.so: undefined symbol: eaptls_process Yuck. You're running an unfriendly OS. The simplest way to fix this is to re-build re-install the server via

RE: FreeRADIUS and Active Directory

2005-04-26 Thread King, Michael
The --disable-shared fixed that problem, and I replaced all the certificates and I was successfully able to logon via TLS, and low and behold. PEAP works now too. Thanks. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: FreeRADIUS and Active Directory

2005-04-26 Thread King, Michael
Ok, scratch half of my last message. I left it configured for TLS. PEAP isn't working for me. I'm getting this failure: Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 14 rlm_mschap: No User-Password configured. Cannot create LM-Password.

RE: FreeRADIUS and Active Directory

2005-04-27 Thread King, Michael
Ok. I have it working. Wohoo! Ntlm_auth was killing me for a while, but I got that straightened out. Now comes the corner cases. 25% of my users probably didn't follow the directions we published, and didn't put the domain name in the Microsoft 802.1x client box. Is there a way to construct

RE: FreeRADIUS and Active Directory

2005-04-27 Thread King, Michael
5 more minutes of testing, I tired ntlm_auth --request-nt-key --username=%{mschap:User-Name} --challenge=%{mschap:Challenge} --nt-response=%{mschap:NT-Response} On a whim, and it worked (removed domain from ntlm_auth) Sorry for the excess question. - List info/subscribe/unsubscribe? See

RE: certification problems

2005-04-28 Thread King, Michael
See Step 2 in this webpage http://www.dslreports.com/forum/remark,9286052~mode=flat It worked for me. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Zuromski, Brian Sent: Thursday, April 28, 2005 12:32 PM To: 'freeradius-users@lists.freeradius.org'

Re: 802.1x and authenticating machine account

2005-04-28 Thread King, Michael
Has anyone figured a way to authenticate the computer account in Active Directory? Other than pGina. I don't have the option of changing the client OS. radius_xlat: Running registered xlat function of module mschap for string 'NT-Response' radius_xlat: '/usr/bin/ntlm_auth --request-nt-key

RE: 802.1x and authenticating machine account

2005-04-28 Thread King, Michael
Could you share your proxy config? I have a radius server (Funk Steel Belted Radius) that can do machine authentications. Thanks. Mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Griego Sent: Thursday, April 28, 2005 3:13 PM To:

RE: 802.1x and authenticating machine account

2005-04-28 Thread King, Michael
Alan DeKok wrote: What's so special about machine authentication? Short Version. (Forgive my use of nomenclature) When your sitting at a logon prompt at windows (Hit CTRL-ALT-DELETE), it (the client machine) has no user credentials to perform an 802.1x session. Hence, it has no network

RE: RadZap

2005-05-09 Thread King, Michael
The point Alan is trying to make. that is the one i got and i tried to compile it from scratch but it fails on ./configure I hate playing twenty questions. Why don't you post the output of ./configure Actually, capture the whole thing to file. ./configure myconfig.log 21

RE: RADIUS NETWORK

2005-05-11 Thread King, Michael
Before this get's too much further. You are experiencing a hard time because you have not done any research on your own, you are just asking for help. Especially when many howto's / write up's exist on the exact subject you are inquiring about. For people with no sense of humor

RE: Apple Airport Extreme with EAP-TTLS...

2005-05-12 Thread King, Michael
Achim Friedland wrote: I configured my iBook for the airport the same way like for the CISCO AP, so I don't think it's a problem at the client. I'm using freeradius-1.0.2 on debian unstable from tarball because of the strange tls-bindings in the offical debian package... I haven't

RE: Noob - Freeradius, wireless access point authentication

2005-05-19 Thread King, Michael
-Original Message- On Behalf Of Joseph Abadi I then configured the access point, but., when I try to join the wireless network on a win xp client, it hangs ... no authentication happens, it never prompts me for a username or a password. It simply hangs stating that windows

RE: Authenticate as computer .....

2005-05-24 Thread King, Michael
On Behalf Of Lorel hardy I've read in previous post that it is only possible with an Active Directory (AD) server, and as you well think I don't want an AD server... Actually, it hasn't been figured out yet, people are just proxieing it off to a machine that can do machine authentications

RE: FR eap-ttls , winxp client configuration

2005-06-15 Thread King, Michael
Do not comment TLS. TLS is required to Make TTLS work. (TTLS uses the TLS section) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bruno Quintas Sent: Wednesday, June 15, 2005 2:24 PM To: FreeRadius users mailing list Subject: Re: FR eap-ttls

Server Suggestion

2005-07-14 Thread King, Michael
We're going to be setting up a freeRADIUS server to service around 400 simultaneous connections. (500 AP's, 4000 users, about 400 online at once) Accounting info would be on another different server.(Not part of FreeRADIUS) What's a good server for this? What's more important? Memory or CPU?

RE: Server Suggestion

2005-07-15 Thread King, Michael
If the AP's are wireless, then CPU is more important, as EAP uses SSL, which has a large CPU impact. Would FreeRADIUS take advantage of a Dual CPU system? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Deploying certificates on XP

2005-08-11 Thread King, Michael
Active Directory has this support. I'm not sure how it's used, but I know it's there. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ksochack Sent: Thursday, August 11, 2005 10:56 AM To: FreeRadius users mailing list Subject: Deploying

Proxying Machine Authentications

2005-08-17 Thread King, Michael
I currently have our wireless users authenticating to our Active Directory 2003 domain using PEAP and TTLS. We want to proxy our machine authentications off to something else that can authenticate them. Does anyone have any examples of how to do this? I know all the machine accounts show up on

RE: 12077 error???

2005-09-15 Thread King, Michael
-Original Message- From: [EMAIL PROTECTED] Behalf Of Armin Krämer Hi, I set up freeradius with eap-tls and after I generated my certificates with TinnyCA and configured it in eap.conf File I get this error message...Does anyone knows what causes this error? Thanks Armin

RE: Call-Check

2005-10-05 Thread King, Michael
I wonder if it's this one? http://www.cisco.com/univercd/cc/td/doc/product/voice/sipproxy/radiusps/ radpreau.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Wednesday, October 05, 2005 2:01 PM To: FreeRadius users mailing

Wireless Provisioning Service Protocol

2005-10-05 Thread King, Michael
Has any thought been given on adding the WPS (Wireless Provisioning Service) Protocol to FreeRADIUS? http://msdn.microsoft.com/library/default.asp?url=/library/en-us/randz/p rotocol/portal_wireless_provisioning_service_protocol.asp It sounds really cool in theory. From:

radwtmp

2005-10-31 Thread King, Michael
So what is the radwtmp and what is it's purpose? Mine's at 500 megs, and growing. I'm wondering if I should get concerned, since I might have misconfigured something. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: wireless+freeradius+AD

2005-11-21 Thread King, Michael
Oh, excellent. I just joined this list hoping to query the members on finding more information on doing wireless+activedirectory+freeradius, unfortunately I could not find any good postings, or web toots/examples. Hi Robin, Welcome to the club. I would need to use Microsoft IAS. Is

RE: Freeradius How to integrate Active Directory [AD Integration WindowsXP NTLM Tutorial]

2005-11-22 Thread King, Michael
Hi Robin -Original Message- I have one Debian specific error rlm_eap: Failed to link EAP-Type/tls: rlm_eap_tls.so: cannot open shared object file: No such file or directory radiusd.conf[9]: eap: Module instantiation failed. it seems that the shared object is not shipped when

RE: Freeradius How to integrate Active Directory [AD IntegrationWindowsXP NTLM Tutorial]

2005-11-23 Thread King, Michael
Thank you. I'm a relative new Debian addict, so I was unaware of the repercussions. I learned something today, time to go home. :-) I'll throw that into my notes. Based on the list activity in the last few days, I'm hoping to reformat, and make clearer my notes. Seems there is a need for

RE: WLAN 802.1x FreeRadius with LDAP

2005-11-29 Thread King, Michael
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Christian Poessinger Sent: Tuesday, November 29, 2005 10:12 AM To: 'FreeRadius users mailing list' Subject: RE: WLAN 802.1x FreeRadius with LDAP auth: type EAP Processing the authenticate

RE: WLAN 802.1x FreeRadius with LDAP

2005-11-29 Thread King, Michael
-Original Message- Zoltan Ori wrote: You have ntlm_auth in your mschap configuration. You don't want that for LDAP. You don't need anything NT in that module. The default configuration had everything commented out but authtype = MS-CHAP. Start with that and then add what you

Decyhpering error message

2005-11-30 Thread King, Michael
I have a single user that cannot associate to a AP. By chance, it's actually me. I'm failing 802.1x authentication . (We're using PEAP, with the XP client) with FreeRadius talking to AD Other users get on the AP fine. Watching the radius.log I see this error message. (I have not had a chance

RE: XP auth + PEAP

2005-12-05 Thread King, Michael
Several clients From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of debik Sent: Monday, December 05, 2005 6:30 PM To: FreeRadius users mailing list Subject: XP auth + PEAP Have enybody

RE: Help needed with MS-CHAP

2006-02-23 Thread King, Michael
Just to further my own knowledge. -Original Message- Charles Blake wrote: I am trying to set up a freeradius-1.1.0 server for authenticating users using MS-CHAP passwords. I pretend to authenticate users against shadow. You can't do that. MS-CHAP requires the NT

Problem with ntlm_auth

2006-03-01 Thread King, Michael
So I'm setting up my freeRADIUS server to use Active Directory. I am closely mirror my existing installation. However, I receive this error message while running /usr/sbin/freeradius -X -A . (Which is one I did not encounter last time) (I have trimmed it to what I hope is the pertinent section)

RE: Problem with ntlm_auth

2006-03-02 Thread King, Michael
-Original Message- On Behalf Of Phil Mayers It is supposed to be like that. It's been like that forever as far as I know. I don't know why it was working for you - is your samba from an OS package and it's possible they changed the perms? (It's even worse on RHEL4 systems -

RE: EAP module Problem

2006-03-03 Thread King, Michael
-Original Message- yes ssl, is fun :-) now i have another problem, it seems that the the peap module isnt loading... because when i will compile ./configure rlm_eap_tls or other ssl modules he says me that iv not installed openssl but i have installed it. whats the

Machine Authecitation with PEAP

2006-03-09 Thread King, Michael
Has anyone gotten Machine Authentication with PEAP working? rad_recv: Access-Request packet from host 10.0.1.21:32768, id=2, length=342 User-Name = host/boy-it-tel-2528.campus.bridgew.edu Calling-Station-Id = 00-0B-7D-1B-B0-BA Called-Station-Id =

RE: Machine Authecitation with PEAP

2006-03-09 Thread King, Michael
-Original Message- [mailto:[EMAIL PROTECTED] adius.org] On Behalf Of james Sent: Thursday, March 09, 2006 3:06 PM From my experience this means the credentials the machine is sending are wrong or your version of samba is too old - get 3.0.21c (or at least 3.0.21a) Regards,

RE: Machine Authecitation with PEAP

2006-03-09 Thread King, Michael
-Original Message- If it helps, this the ntlm command (which i think you have correct): /usr/bin/ntlm_auth --request-nt-key --username=cse-mpr$ --challenge=4de0a9c09623ab12 --nt-response=d4b9516b28ba1760f8d31f8ac2b257d74a2439b9e104a102 - are you passing the domain correctly? (i

Version 1.1.1 stops responding

2006-03-23 Thread King, Michael
So I built 1.1.1 on Debian. After a period of so many hours (variable) it stops responding. (Sometimes 2hours, sometimes 16hours) Now here's where it get's weird, (and makes me suspect it might not be freeRADIUS at the root cause) If I stop and restart the freeRADIUS service, it continues to

RE: Version 1.1.1 stops responding

2006-03-24 Thread King, Michael
I'm running it in debug mode (and piping it to a file) Freeradius -X -A crash.log After a few hours this is what I got. On the command line. rad2:/home/mking# /usr/sbin/freeradius -X -A crash.log Killed rad2:/home/mking# The last few lines from the log file are rlm_eap: Request found,

RE: Version 1.1.1 stops responding

2006-03-24 Thread King, Michael
Mine seg faulted as well.. (This time I didn't overwrite the log) rad2:/home/mking# /usr/sbin/freeradius -X -A crash.log Segmentation fault rad2:/home/mking# I don't believe running /usr/sbin/freeradius -X -A is capturing anything useful. Is there something else I can do? Here's the last

RE: PEAP ntlm_auth strange behaviour

2006-03-25 Thread King, Michael
Try running the server in Debug mode /path/to/freeradius -X -A from the command line, and ask that user to login. It might give more info than just External Script Failed -Original Message- From: [EMAIL PROTECTED] g [mailto:[EMAIL PROTECTED] adius.org] On Behalf Of Jérémy

RE: Version 1.1.1 stops responding

2006-03-27 Thread King, Michael
Just for some reference (Trying to find commonalities): What OS/Distro are you? I'm Debian testing release How did you Install? (Prebuilt binary / created local package and install / install from source) I created a local Debian package, and installed it. What modules did you enable?

RE: Version 1.1.1 stops responding

2006-03-27 Thread King, Michael
-Original Message- From: adius.org] On Behalf Of Alan DeKok Until we can get more information about what's happening (strace/ktrace, or gdb backtrace), there isn't much anyone can do to fix it. How would I create those traces? (I'm looking for a suggested command line, since

RE: How do I set up simple AD integration?

2006-04-11 Thread King, Michael
Is there a how-to or tutorial for this simple case? I have searched this list and google generally. I have read the articles referred to on the FreeRadius home page and several others and I still can't see how the configuration works. Any and all help gratefully received. Steve.

RE: How do I set up simple AD integration?

2006-04-11 Thread King, Michael
To: FreeRadius users mailing list Subject: RE: How do I set up simple AD integration? -Original Message- From: [EMAIL PROTECTED] ists.freer adius.org [mailto:freeradius-users-bounces+sburton=shepherd-construction [EMAIL PROTECTED] ts.freeradius.org]On Behalf Of King

RE: How do I set up simple AD integration?

2006-04-12 Thread King, Michael
Wed Apr 12 13:21:06 2006 : Error: TLS_accept:error in SSLv3 read client cert ificate A Wed Apr 12 13:21:07 2006 : Info: rlm_eap_mschapv2: Issuing Challenge Wed Apr 12 13:21:07 2006 : Auth: Login OK: [DOMAIN\\USERNAME] (from client localhost port 0) Wed Apr 12 13:21:07 2006 : Auth: Login OK:

RE: freeradius and active directory

2006-04-28 Thread King, Michael
Yes. It's called ntlm_auth You need samba installed to use it, and join the freeradius computer to the domain. (Yes, you can join Linux to an active directory domain) -Original Message- From: [EMAIL PROTECTED] g [mailto:[EMAIL PROTECTED] adius.org] On Behalf Of Philippe

RE: with_ntdomain_hack

2006-05-10 Thread King, Michael
-Original Message- I can't seem to figure out how to get with_ntdomain_hack set correctly. I am trying to get peap going against active directory with winbind. It works if I enter in the username and password from the windows supplicant prompt, but when I set the supplicant

RE: with_ntdomain_hack

2006-05-10 Thread King, Michael
- From: [EMAIL PROTECTED] ius.org [mailto:[EMAIL PROTECTED] .freeradius.org] On Behalf Of King, Michael Sent: Wednesday, May 10, 2006 3:39 PM To: FreeRadius users mailing list Subject: RE: with_ntdomain_hack -Original Message- I can't seem to figure out how to get

RE: Using PEAP and WinXP

2006-05-24 Thread King, Michael
-Original Message- From: [EMAIL PROTECTED] g [mailto:[EMAIL PROTECTED] adius.org] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, May 24, 2006 3:02 PM To: freeradius-users@lists.freeradius.org Subject: Using PEAP and WinXP Hi, I have a question regarding the setup for

Server Specs

2006-06-01 Thread King, Michael
We're going to be setting up a few new FreeRADIUS servers on virtual hardware. The server admin is asking me what I need for specs. (Virtually, they can allocate whatever I need) It's about 200-500 simultaneous authentications. (This is my prediction for the next 4 years, we're about 10 right

RE: peap authentication with active directory

2006-06-07 Thread King, Michael
-Original Message- From: On Behalf Of Kartthik Raghunathan A supplicant ie. win XP machine validates the identity and logon credentials against active directory using peap-mschapv2 randomly ie. every 30 mins or 60 mins. This disturbs the wireless connectivity often and am

RE: ntlm_auth and clear-text passwords

2006-07-03 Thread King, Michael
-Original Message- On Behalf Of [EMAIL PROTECTED] Users telnet the switch, therefore a clear-text password will be sent. Just a completely left field question. Any particular reason you have chosen not to enable SSH on that switch? It's in the IOS (Assuming you have the correct IOS

RedHat RPM's

2006-07-31 Thread King, Michael
I'm just confirming, As per the FAQ, there are no (Official) Redhat RPM's at the moment. The best way to install on Red Hat Enterprise Linux ES release 4 (Nahant) is to install from source? I'm setting up a new server (and redhat is a new distro for me) and I'd like to start off on the right

RE: Autoreply: Does Freeradius support IAPP (802.11f)??

2006-08-10 Thread King, Michael
Can we bump this guy from the list now? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, August 10, 2006 11:00 PM To: freeradius-users@lists.freeradius.org Subject: Autoreply: Does Freeradius support IAPP (802.11f)??

List check

2006-08-22 Thread King, Michael
Just checking to see if the list is up. The homepage was down for a bit (~10 minutes) but the wiki is still not responding. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: List check

2006-08-22 Thread King, Michael
-Original Message- King, Michael [EMAIL PROTECTED] wrote: Just checking to see if the list is up. The homepage was down for a bit (~10 minutes) but the wiki is still not responding. The list is hosted in the Netherlands, the Wiki in Texas, and the main web site in Chicago

RE: Max ATPS

2006-08-23 Thread King, Michael
-Original Message- Why? 1.1.3 just came out. Indeed. Did I miss the announcement yesterday? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Ntlm_auth Help

2006-08-24 Thread King, Michael
I'm building a new radius server. I'm copying an existing one. I'm getting the following error from freeRADIUS when I run it -x (FreeRADIUS 1.1.3) Exec-Program: /usr/bin/ntlm_auth --request-nt-key --username=mking --challenge=46b51a98d607a3a9 --nt-response= hex decode of failed! (only got 0

Rlm_eap error

2006-08-24 Thread King, Michael
Ok, I now have 1.1.3 working great. However, my log files now have an extra (and repeated) error message Thu Aug 24 16:50:33 2006 : Error: TLS_accept:error in SSLv3 read client certificate A Thu Aug 24 16:50:33 2006 : Error: rlm_eap: SSL error error::lib(0):func(0):reason(0) Thu Aug

RE: Ntlm_auth Help

2006-08-24 Thread King, Michael
-Original Message- --nt-response=%{mschap:NT-Response) ^^^ You seem to have the wrong variety of bracket here!?? This may be the reason --nt-response is being set to nul, and hence the above error. Score one for the eagle eyed gentlement.

RE: New to FreeRADIUS and looking for answers...

2006-08-27 Thread King, Michael
Well Scott. You've seemed to make everyone chime in on the lack of documentation on the Internet for Linux as a whole (That's a summary of the 5 proceeding messages) But nobody answered your question. :-) Scott, your looking at the wrong software product for what you do. Well, FreeRADIUS

Building Freeradius RPM on Redhat ES 4.0

2006-08-29 Thread King, Michael
We're trying to build FreeRADIUS 1.1.3 into a RPM to install on our RedHat ES 4.0 servers. Following the directions in the Wiki http://wiki.freeradius.org/index.php/FreeRADIUS_Wiki:FAQ#How_do_I_build_ a_RPM_package_from_sources.3F I get the following error(s) and I've attached the referenced

RE: Building Freeradius RPM on Redhat ES 4.0

2006-08-29 Thread King, Michael
-Original Message- I saw this last week building 1.1.3 on RHEL 4.0 ES (Update 3) too. Was fixed by just applying the latest patches from Redhat. Appears to be due to a mismatch between various software levels. With the latest fixes, it is all OK. Which patches? Just run

RE: Building Freeradius RPM on Redhat ES 4.0

2006-08-30 Thread King, Michael
, 2006 6:14 AM To: FreeRadius users mailing list Subject: Re: Building Freeradius RPM on Redhat ES 4.0 On Wed, Aug 30, 2006 at 08:47:13AM +0100, B Thompson wrote: On Tue, Aug 29, 2006 at 07:32:23PM -0400, King, Michael wrote: cp: will not overwrite just-created `/var/tmp/freeradius-root

RE: Problems getting eap-mschapv2 working.

2006-09-01 Thread King, Michael
Did you generate the certificates that are mentioned there? The one's that ship with the server are expired, you have to generate your owncertificate. What version of FreeRADIUS. Version 1.1.1 fixed alot of little PEAP things. Version 1.1.3 of course is what you should be running.

Failed Logins

2006-09-04 Thread King, Michael
So we've had many thousands of succcessful AD/PEAP authentications. Today, the thing just died. I shut the server off so that all the AP's started using my backup server. This is the logs that I have from when it happened. Unfortuanly, everything seemed fine after I rebooted the server (my

RE: Failed Logins

2006-09-05 Thread King, Michael
-Original Message- It looks like a memory corruption issue. Either there's a bug in the server, or there's bad RAM in the system. Any suggestions on how to test memory on a Debian box remotely? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Failed Logins

2006-09-05 Thread King, Michael
24 hrs later, Different radius server. (on a different box, this one is RedHat) FreeRadius 1.1.3 Same problem, throwing the same Error. Tue Sep 5 13:24:33 2006 : Error: rlm_eap: SSL error error::lib(0):func(0):reason(0) Tue Sep 5 13:24:33 2006 : Error: TLS Alert write:fatal:bad

RE: WPA/RADIUS Problems

2006-09-06 Thread King, Michael
-Original Message- 3. debian source package builds on unstable without problem here. And it provides a minimal intrusive way of enabling ssl and postgres related stuff. Just to follow up. It appears that in FreeRadius 1.1.3, if you follow the directions in the WIKI

RE: Failed Logins

2006-09-06 Thread King, Michael
mailing list Subject: Re: Failed Logins King, Michael [EMAIL PROTECTED] wrote: 24 hrs later, Different radius server. (on a different box, this one is RedHat) FreeRadius 1.1.3 Same problem, throwing the same Error. This may be related: https://www.aet.tu-cottbus.de

The maximum number of threads (32) are active, cannot spawn new thread to handle request

2006-09-06 Thread King, Michael
So, I've rolled back to my freeRADIUS 1.0.4 server, cause it hasn't crashed like my 1.1.3 has been doing. I got this today in it's debug logs. Is there a config option to increase the number of threads? Is there a better way to fix that? Wed Sep 6 13:08:22 2006 : Auth: Login OK:

RE: The maximum number of threads (32) are active, cannot spawn new thread to handle request

2006-09-06 Thread King, Michael
-Original Message- See thread pool in radiusd.conf. It looks like your DB is slow... Entirely possible. It is Active Directory (Via the ntlm_auth program) so I have no control over it. :-( So, I've rolled back to my freeRADIUS 1.0.4 server, cause it hasn't crashed

RE: EAP-MSChapv2 authentication

2006-09-13 Thread King, Michael
Paul, I think what Alan was getting at is that Your client asked for EAP-TTLS, not EAP-MSChapV2. This might be the root of your problem. If you Intend to do MSChapV2 inside of TTLS Tunnels, you MUST setup a certificate. This is make quite clear in the eap.conf file, that TTLS is dependant on

RE: Write access to the wiki

2006-09-19 Thread King, Michael
-Original Message- No, actually you cant. I disabled new user creation as a all the spam bots appeared to be smart enough to create new users then use them for spamming. Peter, MediaWiki has a captcha extension to prevent this problem.

RE: Authentication against Active Directory page

2006-09-22 Thread King, Michael
Alan, What domain were you testing against? 2000 or 2003? (I ask, because I was under the impression that KRB5 had to be setup as well) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Friday, September 22, 2006 3:26 PM To: FreeRadius

RE: Windows Vista doing PEAP

2006-10-04 Thread King, Michael
-Original Message- Try: http://www.striker.ottawa.on.ca/~aland/vista.patch You'll have to re-build re-install the EAP module (you don't need to touch the rest of the server). It won't help, but it will print out a little more information. We'll probably have to do a few cycles

RE: Windows Vista doing PEAP

2006-10-04 Thread King, Michael
Things didn't work so hot. :-( Seg Fault I created the vista.patch file by pasting the file you referenced into a vi session. I moved it into freeradius-1.1.3 I used the command: patch -p0 vista.patch Which gave me a success. (Well two of them for each file) I recreated my .deb file and

RE: Windows Vista doing PEAP

2006-10-04 Thread King, Michael
Just to double check that I didn't cut paste wrong, I wget'd the file from your server, repatched, recompiled, and reinstalled. Same seg fault, at same place. rlm_eap_tls: Start returned 1 VISTA[eap_compose:475]: reply-id 6 VISTA[eap_compose:476]: reply-code 1 VISTA[eap_compose:514]:

Deploying radius page comment

2006-10-05 Thread King, Michael
Just reading thru the deployingradius.com pages On page: http://deployingradius.com/documents/configuration/active_directory.html You reference the krb5.conf file like this: [realms] ... realm.company.com = { kdc = nt-server-hostname.company.com } ... However, someone on the list

RE: FreeRADIUS user Survey

2006-10-05 Thread King, Michael
Still a 404 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Thursday, October 05, 2006 3:59 PM To: FreeRadius users mailing list Subject: Re: FreeRADIUS user Survey Guilherme Franco [EMAIL PROTECTED] wrote: Survey Not Found

RE: Windows Vista doing PEAP

2006-10-06 Thread King, Michael
Not to rude, have you had a chance to poke that Patch again? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Wednesday, October 04, 2006 6:54 PM To: FreeRadius users mailing list Subject: Re: Windows Vista doing PEAP King, Michael

RE: 1.1.3 or 2.0?

2006-10-06 Thread King, Michael
-Original Message- I would say 1.1.3 is fine to use. 2.0 will be out in a few months, so you're free to upgrade then, too. I think question he was trying to get across, is 2.0 going to be significantly different from 1.1.3 from a config standpoint. - List

RE: Windows Vista doing PEAP

2006-10-10 Thread King, Michael
doing PEAP King, Michael [EMAIL PROTECTED] wrote: Not to rude, have you had a chance to poke that Patch again? Reload it from the same URL as last time. If it still crashes, see doc/bugs. I don't see how it can crash at all, so the crash looks like a symptom of another issue. Alan DeKok

RE: Windows Vista doing PEAP

2006-10-11 Thread King, Michael
PROTECTED] On Behalf Of K. Hoercher Sent: Wednesday, October 11, 2006 2:06 AM To: FreeRadius users mailing list Subject: Re: Windows Vista doing PEAP Hi On 10/10/06, King, Michael [EMAIL PROTECTED] wrote: I'm assuming it built it that way. Anways, here's what I got following those direcitons (Which

RE: Windows Vista doing PEAP

2006-10-11 Thread King, Michael
list Subject: Re: Windows Vista doing PEAP Hi On 10/10/06, King, Michael [EMAIL PROTECTED] wrote: I'm assuming it built it that way. Anways, here's what I got following those direcitons (Which is what leads me to think the symbols go stripped) If you look at or around line 188, there should

RE: Windows Vista doing PEAP

2006-10-11 Thread King, Michael
Alan, here is your requested capture. This was with RC1 I will be reattempting with RC2 in a little bit. rad2:~# gdb /usr/sbin/freeradius GNU gdb 6.4.90-debian Copyright (C) 2006 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are

SSL_read failed in a system call

2006-10-11 Thread King, Michael
I posted this to the list back in September, but was unable to chase it then. http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg294 52.html I think it's load related. I found this on the net: http://www.mail-archive.com/modssl-users@modssl.org/msg16180.html There is

RE: Windows Vista doing PEAP

2006-10-12 Thread King, Michael
-Original Message- Are you sure you're using the new code? It looks to me like it's NOT installing the server with symbols, and it's NOT printing the new debugging messages. I was, I just wasn't building the server right. I figured it out a few hours later (See my later emails)

RE: Securew2

2006-10-12 Thread King, Michael
Weird.. I just got this email this morning... SecureW2 is no longer at www.securew2.org Please visit http://securew2.alfa-ariss.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alessandro Agostini Sent: Thursday, October 12, 2006 9:53 AM To:

SSL_read failed in a system call

2006-10-13 Thread King, Michael
I posted this to the list back in September, but was unable to chase it then. http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg294 52.html But it has returned with a vengeance. It only seems to affect the 1.1.3 server. I have not tried any other versions, other than the

RE: SSL_read failed in a system call

2006-10-18 Thread King, Michael
Just following up, anyone got a suggestion. I've still got the server locked up in a state where it throws this error message at will. Mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of King, Michael Sent: Friday, October 13, 2006 9:34 AM

RE: Windows Vista doing PEAP

2006-10-18 Thread King, Michael
I got the same results as below with RC2. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of King, Michael Sent: Wednesday, October 11, 2006 1:56 PM To: FreeRadius users mailing list Subject: RE: Windows Vista doing PEAP Alan, here is your requested

  1   2   >