Hello, Alan!
You wrote on Mon, 19 Mar 2007 17:54:52 +0100:
AD> Hmm... it looks like similar patches were added in revision 1.72
AD> of
AD> that file. I've double-checked the code, and found one more
AD> location.
AD> Please try the attached patch.
I applied the patch and it does not work.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Martin Gadbois ha scritto:
> peppeska wrote:
>
>>> freeradius.pid not found ??? what???
>>>
>>>
>
> Start it like this, as root:
> # radiusd -X
k
I don't have radiud but work with #freeradius -X
Thank!
- --
--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please freeradius User... HELP ME!
So, I use a pppoe-freeradius-ldap system for access and autenticate
user.. but some go wrong.. and when I try to connect me appare this
error... what's wrong in my configuration?
look this! this is the freeradius ou
Deramus, Chris wrote:
> This no longer seems to work, as FreeRADIUS seems to be attempting to
> compare the clear-text password with the MD5 password returned from the
> database. I'm guessing it's an oversight on my end, and wanted to see if
> anyone on this list noticed anything. I have included
Marwan Sultan wrote:
> This system is up and running since september 2006, last week, we start to
> see a strange problem
> some account are disappearing from the system!!
FreeRADIUS doesn't do SQL writes to delete accounts. The problem lies
elsewhere.
Alan DeKok.
--
http://deployingradiu
Nitin Naveen wrote:
>
> Hi,
>
> I want to add new VSA parameters to freeradius. This means that I need
> to add a new dictionary file. But
> I am not able to understand is how do I add attributes whose value is
> another attribute. For eg.
I have no idea what you mean by that.
The dictionar
> -Message d'origine-
> De :
> [EMAIL PROTECTED]
> radius.org
> [mailto:[EMAIL PROTECTED]
> sts.freeradius.org] De la part de peppeska
> Envoyé : mardi 20 mars 2007 10:34
> À : FreeRadius users mailing list
> Objet : freeradius, ldap error - HELP ME!
>
>
> -BEGIN PGP SIGNED MESSAG
deepak kumar wrote:
...
> but even after client authentication from certificate. the
> router(chillispot) prompts for a username and password and then does
> authentication
> using UAM.
> Please tell me why this is asking for login name password after client
> certificate validation.
Because chi
> > rlm_ldap: ldap_get_conn: Checking Id: 0
> > rlm_ldap: ldap_get_conn: Got Id: 0
> > rlm_ldap: attempting LDAP reconnection
> > rlm_ldap: (re)connect to localhost:389, authentication 0
> > rlm_ldap: bind as cn=admin,dc=example/root to localhost:389
> > rlm_ldap: waiting for bind result ...
> >
Hi,
I have two backend RADIUS servers with a front end proxy server.
All servers are running 1.1.5.
Authentication type is EAP-PEAP.
On the front end i've got a stripped down radiusd.conf just doing Realm
detection and proxying.
And a proxy.conf
realm sussex.ac.uk {
type = RADIUS
Hi Alan
thanks for your prompt reply.
can you tell me how to modify chillispot to work with EAP-TLS.
my radius server, Router and Xsupplicant all are supporting EAP-TLS.
deepak
On 3/20/07, Alan DeKok <[EMAIL PROTECTED]> wrote:
deepak kumar wrote:
...
> but even after client authentication fr
Arran Cudbard-Bell wrote:
> Whats happening if the first round of authentication will go to
> radius1.uscs.susx.ac.uk
>
> Second will go to radius2.uscs.susx.ac.uk, but the second doesn't know
> about the previous request and bails out with.
Round robin && EAP don't work together very well.
Alan,
Thanks so much for the response, I wasn't aware that the (md5) header
needed to be in the database. The requested information is below:
UserNameAttribute Value
op
test.user Password
c1dd8z473d9gf5c13b0d89b32d15333 :=
-Original Message-
Fr
Hi Folks,
I am newbie to Freeradius and considering using it.
However, I have a specific requirement, which I cannot find any info on
either on Web Search or Wiki or FAQ.
I wish to use Freeradius as an Accounting Proxy, essentially to copy a
Accounting Request to a server. The Freeradius box will
deepak kumar wrote:
> Hi Alan
> thanks for your prompt reply.
> can you tell me how to modify chillispot to work with EAP-TLS.
This isn't the chillispot list. Go ask them.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The bl
Alexander V. Klepikov wrote:
>
> I applied the patch and it does not work. It seemes to me, it's becuase
> SQL socket may be unconnected and sqlsocket->conn != NULL,
That sounds like a bug to me.
> so I think
> it's better to check sqlsocket->state . Corrected patch is attached.
OK.
Alan
Deramus, Chris wrote:
> Thanks so much for the response, I wasn't aware that the (md5) header
> needed to be in the database.
See the README && the comments above the "pap" section in
radiusd.conf. They say to read "man rlm_pap", which explains this.
If you don't want to update the "value" f
WRIGHT Alan wrote:
> However, there are some requirements.
>
> 1. Freeradius needs to proxy accounting to another server
> 2. Freeradius needs to provide an accounting response to the first
> radius box, without waiting for a response from the proxied Server
>
> Is this possible with Freeradius t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
peppeska wrote:
> Martin Gadbois ha scritto:
>> peppeska wrote:
>
freeradius.pid not found ??? what???
>> Start it like this, as root:
>> # radiusd -X
>
> k
> I don't have radiud but work with #freeradius -X
> Thank!
>
The -X on
Hi everybody,
I have a problem with freeradius 1.0.2 and mysql 4.0.24, on a debian
stable, used for about 1700 clients. I often have (about 10 times an
hour) errors like these:
Tue Mar 20 12:21:29 2007 : Auth: Login incorrect: [/Y] (from
client port 0)
Tue Mar 20 12:21:40 2007 :
Dear all,
I just did a fresh install of freeradius-1.1.5 on a FreeBSD 6.1-RELEASE.
Installation was sucessful. Then I tried to start the radiusd with
"radiusd -X" and got following error:
radiusd in free(): error: chunk is already free
---
Mathieu Lemaitre wrote:
> I have a problem with freeradius 1.0.2 and mysql 4.0.24, on a debian
> stable, used for about 1700 clients. I often have (about 10 times an
> hour) errors like these:
>
> Tue Mar 20 12:21:29 2007 : Auth: Login incorrect: [/Y] (from
> client port 0)
> Tue Mar
Sam Schultz wrote:
>
> I have set a DEFAULT entry that sets the User-Name attribute via
> ':=', but I still end up with two User-Name attributes (anonymous
> identity & real identity). This is especially strange, since
> use_tunneled_reply & copy_request_to_tunnel are both enabled as
> well.
rickan wrote:
> Dear all,
>
> I just did a fresh install of freeradius-1.1.5 on a FreeBSD 6.1-RELEASE.
> Installation was sucessful. Then I tried to start the radiusd with
> "radiusd -X" and got following error:
>
> radiusd in free(): error: chunk is already free
It's been noted already. Gr
Greetings. First I'd like to thank everyone who works
on this project. Freeradius is amazing.
For our issue, I have browsed the online
documentation, faq, and mailing lists.
We have a need to alter the accounting records that we
proxy to another company. The attribute that we need
to rewrite i
Hi Alan,
thanks a lot for your hint. Yes, the branch_1_1 is working fine!
Best regards
Rickan
On 3/20/07, Alan DeKok <[EMAIL PROTECTED]> wrote:
rickan wrote:
> Dear all,
>
> I just did a fresh install of freeradius-1.1.5 on a FreeBSD 6.1-RELEASE.
> Installation was sucessful. Then I tried t
Looking for some help on configuring pam_radius_auth with linux for pop3 and
imap services.
Anyone have any clues?
I currently have my /etc/pam.d/pop3 and imap files showing:
auth sufficient /lib/security/pam_radius_auth.so try_first_pass
accountsufficient /lib/security/p
> Message: 2
> Date: Tue, 20 Mar 2007 12:30:47 +0100
> From: Alan DeKok <[EMAIL PROTECTED]>
> Subject: Re: Proxying Eap Requests in round robbin.
> To: FreeRadius users mailing list
>
> Message-ID: <[EMAIL PROTECTED]>
> Content-Type: text/plain; charset=ISO-8859-1
>
> Arran Cudbard-Bell wr
Arran Cudbard-Bell wrote:
> Damn, so theres no way to do load balancing with radius packets
> containing EAP attributes ?
As always, patches are welcome. :)
> Completely different topic, but is it normal for freeRADIUS to authorize
> the user in each round of authentication ? Can it not cache
Hi,
I'm using a system (openvpn) with 'radiusplugin' to let FR authenticate
users and manage IP Pools.
Openvpn sometimes needs to renegotiate the connections and thus sends
authentication requests while the connection is still active (with an
already assigned IP address): this causes FR to assign
Thibault Le Meur wrote:
> Openvpn sometimes needs to renegotiate the connections and thus sends
> authentication requests while the connection is still active (with an
> already assigned IP address): this causes FR to assign a new IP address from
> the pool (which seems normal since FR has no way t
Thanks for your reply,
> Thibault Le Meur wrote:
> > Openvpn sometimes needs to renegotiate the connections and
> thus sends
> > authentication requests while the connection is still
> active (with an
> > already assigned IP address): this causes FR to assign a new IP
> > address from the poo
As always, patches are welcome. :)
Yes I'm already putting one together the sql module, honestly
who hardcodes sql queries :P
No i don't want to select * from nas.. gah
Am I right in thinking that for radius to be able to proxy eap
successfully, the request_list module would have to be updated
Does anyone know how to change the service type that pam_radius_auth passes
to the server?
Currently, it is sending an interactive login, but I need to change it to a
network login.
This is using pam.d on a FC6 system.
Thank you
Dan Delaney
-
List info/subscribe/unsubscribe? Se
On Tue, 20 Mar 2007 09:38:25 -0500 Alan DeKok
<[EMAIL PROTECTED]> wrote:
>Sam Schultz wrote:
>>
>> I have set a DEFAULT entry that sets the User-Name attribute via
>> ':=', but I still end up with two User-Name attributes
>(anonymous
>> identity & real identity). This is especially strange, sin
Yes you're right,
I saw this wrong information in a non official radius forum,
Is there a way or another to check on a network basis like
192.168.2.100/30 ?
In our productive architecture, the number of ip addresses should be a
/21 subnet (2046 hosts)...
I can write one line per ip but maybe the
You can use >= and <=.
johnClient-IP-Address >= 192.168.2.100, Client-IP-Address <=
192.168.2.103, Proxy-To-Realm := proxy
Ivan Kalik
Kalik Informatika ISP
Dana 20/3/2007, "freeradius" <[EMAIL PROTECTED]> piše:
>Yes you're right,
>I saw this wrong information in a non official radius forum
aphics)
Apache 2.0.52
PHP 4.3.9
mysql 4.1.20
freeRADIUS 1.1.5
dialup_admin ? (CVS snapshot 20070320)
firefox 1.5.0.10
I have freeRADIUS installed and working with users stuffed into a flat
file, verified with 'radtest'. I can get the main page of
dialup_admin to come up, b
Hi everyone,
I'm having a hell of a time upgrading from 1.1.3 to 1.1.4 due to PAP.
First of all, leaving my settings as they are doesn't work at all. I'm
beginning to wonder if my 1.1.3 configuration shouldn't work at all yet
somehow magically does what I want it to. I currently (1.1.3) don't h
Hi,
> It worked for me right out of the box at one time, too. I have a
> feeling it was using either freeradius 1.1.3 or 1.0.3 (or whatever
> FC2 came pre-packaged with). I'll probably test my configuration
> against
> an earlier version later & see if I can establish it as a "bug". The
> versio
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thibault Le Meur ha scritto:
>> >>
>> >> Comment this line in your ldap section of radiusd.conf:
>> >> # access_attr = "dialupAccess"
> >
> > And comment this one too, like this :
> > # access_attr_used_for_allow = yes
I do it! and now there is the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hey,
freeRADIUS works quite good and it's possible to authenticate via PAM,
for example local logins, ssh-logins, su, chsh, gdm, ... are working
quite fine.
The only thing is the htaccess from apache2 which will not work. The
Radius gets the request
Hello,
I have a MikroTik router that is passing accounting data to the freeradius
database. I look in radacct and every entry is has duplicates with the exact
same information. Does anyone know if this is the MikroTik causing this or
freeradius? How do I fix this?
Thanks,
Matt Neumark
-
List
Dan Delaney wrote:
> Does anyone know how to change the service type that pam_radius_auth
> passes to the server?
Source code modifications.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubs
freeradius wrote:
> Is there a way or another to check on a network basis like
> 192.168.2.100/30 ?
Yes and no. Regular expressions work, but they're ugly.
> In our productive architecture, the number of ip addresses should be a
> /21 subnet (2046 hosts)...
> I can write one line per ip but
45 matches
Mail list logo