Hi Yervand,
How to set VSA in Access-Reject reply ?
Is that adding dictionary files is enough or any other support needs to be
done?
Rgds,
Shankar ganesh
-Original Message-
From:
[EMAIL PROTECTED]
org
[mailto:[EMAIL PROTECTED]
eradius.org]On Behalf Of Yervand Petrosyan
Sent: Wednesday,
Well, the *full* output would have been helpful (including the startup
messages). And a backtrace from the coredump.
HTH
K. Hoercher
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Nicolas Baradakis wrote:
I'd like to set it up with the commandline switch (-i ip-addr), but
this does not seem to work (tested on versions 0.2, 1.0.1 and 1.2): the
server only takes the address from the configuration file and completely
ignores the commandline switch. I do realise that the
Hi,
I should have tried that mapping.
HOWEVER
It still doesn't work.
I can perform radtest queries username/LDAPpassword, and I get the accept
response.
If I use the query with username/remotepassword, I get rejected.
Okay, I can't verify what I propose now, so I might be wrong, but:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
/usr/local/etc/raddb/users[227]: Parse error (reply) for entry
hextest: unknown attribute type 8
Errors reading /usr/local/etc/raddb/users
thsi works with the 2.0pre CVS code.. so theres something not quite right
in the 1.1.3 code.
On Tue, Aug 29, 2006 at 07:32:23PM -0400, King, Michael wrote:
cp: will not overwrite just-created
`/var/tmp/freeradius-root/usr/share/doc/freeradius-1.1.3/README' with
`README'
error: Bad exit status from /var/tmp/rpm-tmp.49148 (%doc)
I get this error too. It looks like line 102 in the spec
Hi,
The CVS snapshot indicates that this will be version 2.0. Is this the
you've checked out the main HEAD. if you want 1.1.x CVS you need to specify
the correct HEAD when doing the CVS
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ok i really don't get it. I made all certificates myself using only
openssl (no scripts) and entered path to them in TLS part of the
eap.conf file. CA, server cert.., everything is there in the same
directory (in my case - CERTS, with big letters) (how would i sign
certificate if i wouldn't create
Hi
I've downloaded the most recent source, freeradius-1.1.3.tar.gz, and I'd
like to verify the file against the PGP signature but I can't find the
public key anywhere. Can someone point me to it's location?
Thanks
--
Jonathan
-
List info/subscribe/unsubscribe? See
Yervand Petrosyan wrote:
In 1.1.3 version Access-Reject doesn't return in reply
VSA attributes but it is works well in 1.0.1.
Something was changed?
Yes, because it was considered as a bug.
See http://bugs.freeradius.org/show_bug.cgi?id=207
I also note Vendor-Specific attributes aren't allow
Michael Check wrote:
On 8/22/06, Michael Check [EMAIL PROTECTED] wrote:
We tried googling around and we're happy to hear that freeradius will
be a part of 10.5, but we'd like to get it running now... There
really is no other docs we've found on getting it compiled (after
difficulty
On Wed 30 Aug 2006 12:13, Nicolas Baradakis wrote:
Yervand Petrosyan wrote:
In 1.1.3 version Access-Reject doesn't return in reply
VSA attributes but it is works well in 1.0.1.
Something was changed?
Yes, because it was considered as a bug.
See
On Wed, Aug 30, 2006 at 08:47:13AM +0100, B Thompson wrote:
On Tue, Aug 29, 2006 at 07:32:23PM -0400, King, Michael wrote:
cp: will not overwrite just-created
`/var/tmp/freeradius-root/usr/share/doc/freeradius-1.1.3/README' with
`README'
error: Bad exit status from
Geoffroy,
I would be most intersted in your posting. At this point I'm try to get
plain old rlm_unix working using /etc/passwd secret to get a foundation
established, but I'm getting authnet failures, which I think are to do with
the compliation and radiusd.conf of unix and pam.
Regards
Hello
I am currently trying to have my FreeRadius server check the Service-Type
values, and reject Login attempts from a user that should be used for
service-type Outbound only.
My client equipment always send the Service-Type attribute in its requests.
This attribute is defined into the
Dear everybody,I've installed the radius 's CVS version of 08-23-06.I've this architecture : client AP Radius A Radius B 802.1X proxyingThe client does not have adress of IP, it recover his IP address by the DHCP server installed in radius server A, after being
Jonathan Casiot wrote:
I've downloaded the most recent source, freeradius-1.1.3.tar.gz, and I'd
like to verify the file against the PGP signature but I can't find the
public key anywhere. Can someone point me to it's location?
http://freeradius.org/pgp/[EMAIL PROTECTED]
--
Nicolas
Hi
All,
Could
some body help me on the same?
Thanks
and regards
Shankar ganesh
-Original Message-From: Shankar Ganesh
[mailto:[EMAIL PROTECTED]Sent: Wednesday, August 30,
2006 11:02 AMTo:
freeradius-users@lists.freeradius.orgSubject: How to return the
values from the
Zitat von Nicolas Baradakis [EMAIL PROTECTED]:
Michael Check wrote:
On 8/22/06, Michael Check [EMAIL PROTECTED] wrote:
We tried googling around and we're happy to hear that freeradius will
be a part of 10.5, but we'd like to get it running now... There
really is no other docs we've
Hi people,
1)
In my activity I realize that when the conexion to Internet of a NAS is
NOT good (there are some reday in the DSL), the NAS send several Start
requests. My problen is my RADIUS server ask for all these requests and they
are inserted in my DB. So, when the user or the NAS
: http://www.peternixon.net/public.asc
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url :
https://list.xs4all.nl/pipermail/freeradius-users/attachments/20060830/de8f9431
Mitaine Yoann wrote:
Dear everybody,
I've installed the radius 's CVS version of 08-23-06.
I've this architecture :
client AP Radius A Radius B
802.1X
proxying
The client does not have adress of IP, it
Hello,i've installed freeradius 1.1.2 and I've configured eap-ttls
in eap.conf
tls {
private_key_password = whatever
private_key_file = ${raddbdir}/certs/cert-srv.pem
certificate_file = ${raddbdir}/certs/cert-srv.pem
Hello, I need to use Dialup Admin that is installed alone in a dedicated server.In the dialupadmin admin.config, it states thats it needs the /etc/local/radius in the same machine.
What can I do? (considering that the freeradius in installed in another server)Thank you.
-
List
Santiago Balaguer García wrote:
Hi people,
1)
In my activity I realize that when the conexion to Internet of a NAS is
NOT good (there are some reday in the DSL), the NAS send several Start
requests. My problen is my RADIUS server ask for all these requests and
they are inserted in my DB.
hi,
got a small question for those used to xlate etc. I have a development/test
setup
here which is happily authenticating via EAP/TTLS and PEAP. however, what
I am seeing is that Windows users using PEAP are having their real name logged
and recorded, whereas the Mac TTLS and Windows TTLS folk
On 8/30/06, Tilen [EMAIL PROTECTED] wrote:
Ok i really don't get it. I made all certificates myself using only openssl
(no scripts) and entered path to them in TLS part of the eap.conf file.
CA, server cert.., everything is there in the same directory (in my case -
CERTS, with big letters) (how
On Wed, 30 Aug 2006, Guilherme Franco wrote:
Hello,
I need to use Dialup Admin that is installed alone in a dedicated server.
In the dialupadmin admin.config, it states thats it needs the
/etc/local/radius in the same machine.
What can I do? (considering that the freeradius in installed in
Dear everybody,In my previous email , I forgot to say that when I received a proxing packet, I tried to match a rule on the radius server B like :DEFAULT Huntgroup-Name == "foo", Autz-Type := Ldapwhere foo is defining in huntgroups file as : foo Client-IP-Address == x.x.x.xin the users file.But
Phil Mayers wrote:
Mitaine Yoann wrote:
When I proxied the request from to server A to the server B, there
wasn't
Client-IP-Address in the packet.
Client-IP-Address is added by the preprocess module. Have you removed
this from authorize? If so, don't do that.
Client-IP-Address is an
K. Hoercher wrote:
On 8/29/06, Fabiano Martins [EMAIL PROTECTED] wrote:
I've benn searching with no sucess about this... It's frustrating...
there is no documents about.
Perhaps the looking into the very obscure doc/rlm_sqlcounter file
helps, although it' not DOC for some strange reason.
Yervand Petrosyan wrote:
Really, it would be reasonably to have this option
configurable.
As always, patches are welcome.
--
Nicolas Baradakis
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
0
Wed Aug 30 15:53:02 2006 : Debug: modsingle[authorize]: calling
auth_log (rlm_detail) for request 0
Wed Aug 30 15:53:02 2006 : Debug: radius_xlat:
'/usr/local/freeradius/var/log/radius/radacct/10.0.0.20/auth-detail-20060830'
Wed Aug 30 15:53:02 2006 : Debug: rlm_detail:
/usr/local
Yes yes, i understand, this works now :) I copied CA public key to wireless client and now it works. Now i only get this error:
rlm_mschap: No User-Password configured. Cannot create LM-Password.
rlm_mschap: No User-Password configured. Cannot create NT-Password.
rlm_mschap: Told to do
Am Dienstag, 29. August 2006 22:35 schrieb Kevin Bonner:
(...)
The private enterprise number 3317 is assigned by IANA [1] to Port
Community Rotterdam, which released the GNOME-SMI MIB module. The
GNOME-SMI MIB is used in mibs/GNOME-PRODUCT-RADIUSD-MIB, and using that
file you can obtain a
I've just compiled the CVS version from 20060830 with
prefix=/root/bin/freeradius-cvs. When starting radiusd it complains
that the compiled modules have the wrong version:
I've been running 2.0.0-pre0 for quite some time, and constanty cvs update too.
I'm not sure what exact date my check out
Nick Larsen [EMAIL PROTECTED] wrote:
Segmentation fault: 11 (core dumped)
[EMAIL PROTECTED] [/etc/raddb]#
See doc/bugs. It describes exactly what to do when you get a core dump.
And the contents of the core dump say what's going wrong, too.
Alan DeKok.
--
http://deployingradius.com
Thank you very much Kostas!I really apreciate your help!On 8/30/06, Kostas Kalevras [EMAIL PROTECTED]
wrote:On Wed, 30 Aug 2006, Guilherme Franco wrote: Hello,
I need to use Dialup Admin that is installed alone in a dedicated server. In the dialupadmin admin.config, it states thats it needs the
Shankar Ganesh C [EMAIL PROTECTED] wrote:
Could some body help me to know how to return values from the exec program ?
scripts/exec-program-wait
It describes what to do.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The
[EMAIL PROTECTED] wrote:
The CVS snapshot indicates that this will be version 2.0. Is this the
next planned release or is it more like a development branch which is
maintained together with a stable 1.1-branch?
We plan on releasing 2.0 this fall, based on what's in CVS.
Alan DeKok.
--
I would be most intersted in your posting. At this point I'm try to get
plain old rlm_unix working using /etc/passwd secret to get a foundation
established, but I'm getting authnet failures, which I think are to do with
the compliation and radiusd.conf of unix and pam.
So... post the
On Wed, 2006-08-30 at 15:35 +0200, Graham Beneke wrote:
K. Hoercher wrote:
On 8/29/06, Fabiano Martins [EMAIL PROTECTED] wrote:
I've benn searching with no sucess about this... It's frustrating...
there is no documents about.
Perhaps the looking into the very obscure doc/rlm_sqlcounter
luigi natalino [EMAIL PROTECTED] wrote:
I've launched chillispot with --eapolenable option - chilli --eapolenable
I've installed and configured SecureW2 client on WinXP.
The problem is that EAP-TTLS are not used as shown in this log:
Which shows a CHAP session.
Have I done any mistake in
Christian Hahn [EMAIL PROTECTED] wrote:
I've just compiled the CVS version from 20060830 with
prefix=/root/bin/freeradius-cvs. When starting radiusd it complains
that the compiled modules have the wrong version:
- 8
radiusd: entering modules setup
Module: Library search path
Tilen [EMAIL PROTECTED] wrote:
rlm_mschap: No User-Password configured. Cannot create LM-Password.
...
Hm, now i have to make LDAP passwords in NT hash and it will work (still
gotta figure out how)? Or should i make changes in ldap.attrmap file too?
No. If you have the clear-text password
Set up the ldap module
right for your server and map your NAS attributes to the LDAP attributes ! Shouldnt
be hard to set up !
Regards,
Edvin Seferovic
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tilen
Sent: Mittwoch, 30. August 2006
16:58
To: FreeRadius
Mitaine Yoann wrote:
*/Michael Mitchell [EMAIL PROTECTED]/* a écrit :
Client-IP-Address is an internal freeRADIUS attribute, and is not
defined in the RFC's. Hence it is never proxied to another server.
Yes, I am aware of that. I said that, in fact.
In fact, the
Tilen [EMAIL PROTECTED] wrote:
rlm_ldap: Added password {crypt}$1$9wlsOcEJ$QA/FskGvrnnmsj1SWi1kY/ in check
items
...
rlm_mschap: Told to do MS-CHAPv2 for test with NT-Password
rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
Lisa Casey [EMAIL PROTECTED] wrote:
Wed Aug 30 14:19:28 2006 : Error: ERROR: Cannot find a configuration =
entry for module exec.
If that's from a previously working configuration, it looks like
your disk has been corrupted.
Can you restore from a backup of yuor configuration?
Alan
I ran the CA.all script, before it issues the 2nd certificate i get this error message. Surely i know someone should have faced this issue, could you pls help me to resolve it.
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password :
An
I seem to be having the same problem.
Editing Line 102 allowed the package to build.
Where did you remove /usr/local/bin from your path?
Mike
-Original Message-
From:
[EMAIL PROTECTED]
g
[mailto:[EMAIL PROTECTED]
adius.org] On Behalf Of B Thompson
Sent: Wednesday, August 30,
Nick Larsen [EMAIL PROTECTED] wrote:
I did notice in the output, just before the backtrace: radlog(L_ERR,
rlm_eap_tls (%s): xlat failed.,
Could this be the problem?
It may be related.
This GDB was configured as sparc64-marcel-freebsd...
warning: exec file is newer than core file.
Mitaine Yoann wrote:
In my previous email , I forgot to say that when I received a proxing
packet, I tried to match a rule on the radius server B like :
DEFAULT Huntgroup-Name == foo, Autz-Type := Ldap
where foo is defining in huntgroups file as :
foo Client-IP-Address == x.x.x.x
in the
Cool,Thanks, I'll try FreeRADIUS 1.1.3, let hope it solves my problems ;)Regards,NickOn 8/31/06, Alan DeKok
[EMAIL PROTECTED] wrote:Nick Larsen
[EMAIL PROTECTED] wrote: I did notice in the output, just before the backtrace: radlog(L_ERR, rlm_eap_tls (%s): xlat failed., Could this be the
hello all
im new to radius, but i got freeradius configured with mysql. radtest is
working fine for my test user.
now i configured an ippool, which get successfully loaded on startup.
again radtest works fine, only new thing is the following trace:
rlm_ippool: enter postauth
rlm_ippool: Could
SORRY NOW WITH PROPER SUBJECT :D
hello all
im new to radius, but i got freeradius configured with mysql. radtest is
working fine for my test user.
now i configured an ippool, which get successfully loaded on startup.
again radtest works fine, only new thing is the following trace:
Hi,
How can i make
freeradius listen to different UDP ports?
Thanks and
regards
Shankar
ganesh
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi All,
I need some general info on Free Radius.
1)Does it support 64-bit compilers?
2)Does it has support for both Solaris and HP-Unix.
3)Is it Multi Threaded safe.
Thanks in advance,
Ram.
On Thu, 2006-08-31 at 10:34 +0530, Shankar Ganesh C wrote:
Hi,
How can i make freeradius listen to different UDP ports?
Thanks and regards
Shankar ganesh
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Shankar Ganesh wrote:
How can i make freeradius listen to different UDP ports?
Hi Shankar,
This is very clearly explained in the radiusd.conf configuration file.
Search for listen
regards,
Mike
-
List info/subscribe/unsubscribe? See
60 matches
Mail list logo