Hi,
I'm trying to understand what exactly happens in the users file when
processing User-Password. The situation I'm seeing here is in a rather
complex scenario, and the results are not quite what I would expect. In
short, when a MS-CHAP'ed request comes in and users contains a check
On Thu 23 Mar 2006 16:14, Sergio Sagliocco wrote:
Hello to the list
I've configured my PIX 6.3(5) to authenticate PPTP VPN by FreeRadius.
I've noticed that if a user login fails, PIX send a STOP Accounting
Packet and then a START packet: in this way I have serious problem to
track the
Hi I want to proxy domains with multiple @ ex:
user@[EMAIL PROTECTED]how I wil put in the proxy.conf?
zzz.com or [EMAIL PROTECTED] ?
Thanks.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Stefan Winter wrote:
Hi,
I'm trying to understand what exactly happens in the users file when
processing User-Password. The situation I'm seeing here is in a rather
complex scenario, and the results are not quite what I would expect. In
short, when a MS-CHAP'ed request comes in and users
Hi again, what is the maximum of domains that I
cant put in the realms file of radius clistron version 1.6.4?
Tanks
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
George C. Kaplan [EMAIL PROTECTED] writes:
Alan DeKok wrote:
Guy Fraser [EMAIL PROTECTED] wrote:
You will have to edit the source code to the detail module to make
it do what you want.
Is that the way it is supposed to be, or is it on a todo list for it
to be fixed?
Fixed to do what,
That will not work. How is the mschap module supposed to know which
plaintext password to perform the challenge/response with? In fact,
since the value is a regexp, how is it supposed to even know what the
alternative values are (you cannot in general reverse a regexp to get
the matching
Hi,
been trying to prepare my installation to use HUP. After getting the
permissions in /etc/raddb right, I saw that $INSTALL_PREFIX/share is created
with rwx-- root:root permissions (at least when using a non-default
PREFIX during configure), and by default makes HUPing radiusd impossible
Stefan Winter wrote:
I don't expect it to do that. This line in the users file is supposed to work
only for services that use PAP, and can actually do a string comparison on
User-Password. What I would like to do when these people use VPN is that
users doesn't match, and the VPN-only
I'm running it in debug mode (and piping it to a file)
Freeradius -X -A crash.log
After a few hours this is what I got.
On the command line.
rad2:/home/mking# /usr/sbin/freeradius -X -A crash.log
Killed
rad2:/home/mking#
The last few lines from the log file are
rlm_eap: Request found,
Hi,
I have a follow-up as well. After configuring everything for doing SIGHUPs it
turned out that after a SIGHUP, the process sits there and does nothing any
more.
When I did killall -HUP radiusd in non-debug mode, the process kept running,
but didn't process anything any more.
When I did it
On Thu, 2006-03-23 at 12:15 -0500, Alan DeKok wrote:
Ben Thompson [EMAIL PROTECTED] wrote:
Could someone advise how to go about debugging this problem?
b) look at the logs to see what SSL errors are being returned right
before the Error reading certificate file message.
Hi
Thanks
Greetings,
does anybody know of a dictionary for Movaz equipment? Specifically,
their docs refer the to attributes Movaz-Initial-CLI-Access-Level and
Movaz-Max-CLI-Access-Level but don't provide the information needed to
encode them as far as I can tell. I'll try working with their support
Bjørn Mork wrote:
George C. Kaplan [EMAIL PROTECTED] writes:
To not log passwords in the detail file, because it puts them at
unnecessary risk of exposure.
The detail module logs radius packets. If that's not what you want,
then you probably shouldn't be using the detail module (except
Stefan Winter [EMAIL PROTECTED] wrote:
been trying to prepare my installation to use HUP. After getting the
permissions in /etc/raddb right, I saw that $INSTALL_PREFIX/share is created
with rwx-- root:root permissions (at least when using a non-default
PREFIX during configure), and by
Heiden, John [EMAIL PROTECTED] wrote:
I am pretty sure I have seen this before, but after searching the
archives, I can't find the solution. Anyway, under Solaris 9
(SPARC) I get the following during compilation:
Making static dynamic in rlm_eap...
make[6]: Entering directory
few lines of the freeradius -X -A
rlm_detail:
/var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/freeradius/radacct/10.0.1.32/auth-detail-20060324
modcall[authorize]: module auth_log returns ok for request 1002
modcall[authorize]: module chap returns noop
Is the message authenticator attribute properly implemented in
FreeRADIUS? I see this in the code:
/*
* EAP-Message is always associated with
* Message-Authenticator but not vice-versa.
*
* Don't add a Message-Authenticator if it's already
* there.
*/
vp =
Eliot, Wireless and Server Administrator,
Great Lakes Internet [EMAIL PROTECTED] wrote:
Is the message authenticator attribute properly implemented in
FreeRADIUS?
Huh? Would you expect the answer to be no?
This indicates that anytime it adds a Message-Authenticator attribute,
it
It would seem that I have been able to answer my own question for this.
After doing an Ethereal dump, I noticed that the Message-Authenticator
is indeed set to a valid value. This means that is simply isn't
displayed with a value (it gets printed before it is computed).
I also figured out that
I read a post from a long time ago about putting the
attribute (set to any value) in the response list, but that does not
seem to work (unless I did it wrong):
/etc/raddb/preproxy_users:
DEFAULT
Message-Authenticator = 1
You're adding it to the proxied packet. Read the
Eliot, Wireless and Server Administrator,
Great Lakes Internet [EMAIL PROTECTED]
Correct me if I'm
wrong, but EAP should be doing Message-Authenticator stuff without me
needing to tell it to add the attribute, right?
Yes.
Since you seem to know something about this, can you
Hi,
There's some progression on this friday night !! After the connection
was OK for my client, radacct table was always empty and it is always
the same if I do not change the following : Rename
accounting_start_query by postauth_query in my sql.conf.
It means that accounting_start_query is
Hi,
I was wondering if someone has any idea of how to solve the problem of
special characters(e.g. $) in FreeRadius 1.1.0.
Help is very appreciated. Thank you,
Natalia.
On 3/10/06, Natalia Escalera [EMAIL PROTECTED] wrote:
Hello,
Do you have any suggestion of how to fix the problem?
24 matches
Mail list logo