Well I suppose would need to see what information you are sending it and
what it is expecting. Nobody can see that except yourself so there is no way
we can probably understand why it is not working.
I would suggest you double check the ascend-session-key and not the unique
session field.
Well I suppose would need to see what information you are sending it and
what it is expecting. Nobody can see that except yourself so there is no way
we can probably understand why it is not working.
I would suggest you double check the ascend-session-key and not the unique
session field.
deepak kumar wrote:
Thanks
I have implemented EAP-TTLS , stored EAP-Type value in radpostauth table
and able to connect to internet without UAM.
Once a user is authenticated through EAP-TTLS , his details are put in
radpostauth table and he is allowed to acess internet without UAM,but
his
I am confusing between to community key one which is store in cat
/etc/raddb/snmp.cong
smux_password = verysecret
and second which is located in /etc/snmp/snmpd.conf
smuxpeer .1.3.6.1.4.1.3317.1.3.1 verysecret
rocommunity public
so which one i use to query to freeradius ??
verysecret ???
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey,
Eshun Benjamin schrieb:
The link below will help
http://docs.info.apple.com/article.html?artnum=303471
thanks a lot!
ca
mIke
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Darwin)
Comment: Using GnuPG with Mozilla -
Michael Messner wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hey all,
not a freeRADIUS problem but I hope that someone can help me.
I have no problem with my ibook to connect to a wireless network via
802.1x but I can't find any possibility to make a connection to a
802.1x-secured
Grzegorz_Bech wrote:
Hi
I have difficulty in setting radius to create logs of ACCESS-REJECT
authentication messages. It logs only ACCESS-ACCEPT packets (sent and
received).
You need to list the detail module in the post-auth section reject.
See the sample radiusd.conf for details.
Alan
On 3/28/07, Ramazan Ulker [EMAIL PROTECTED] wrote:
Hi
these are error lines in apache error log and apache conf files. thanks for
your assistance
No problem. The fewer passwords the better :). I don't see anything
that stands out. However, when I set up apache with our two-factor I
did
Brad Lachel wrote:
When the detail module is loaded, the auth_log appears to get loaded,
but the reply_log does not.
Most likely because it's not being referenced from anywhere.
It is probably due more to my like of knowledge in this area.
Can you post the contents of the
Module: Instantiated preprocess (preprocess)
Module: Loaded detail
detail: detailfile =
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (auth_log)
Module: Loaded realm
Claudiu Filip wrote:
...
Second:
8x-8x--
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 3 , fields = 5
rlm_sql (sql): Read entry nasname=1.2.3.4,shortname=nume,secret=secret
rlm_sql (sql): Adding client 1.2.3.4 (nume) to clients list
Here is the entire post-auth section:
post-auth {
# Get an address from the IP Pool.
# main_pool
#
# If you want to have a log of authentication
replies,
# un-comment the following line, and the 'detail
reply_log'
# section, above.
Brad's Junk Mail wrote:
That's not quite what I asked for...
Here are the lines I thought were relevant from the
radius.conf file:
Please post the lines I asked for, and double-check the default
configuration as I said. Posting out of context snippets from
radiusd.conf helps less than
Thanks, I was missing the info in the reject subsection.
On Mar 29, 2007, at 8:01 AM, Alan DeKok wrote:
Brad's Junk Mail wrote:
That's not quite what I asked for...
Here are the lines I thought were relevant from the
radius.conf file:
Please post the lines I asked for, and
O/H Alan DeKok έγραψε:
Claudiu Filip wrote:
...
Second:
8x-8x--
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 3 , fields = 5
rlm_sql (sql): Read entry nasname=1.2.3.4,shortname=nume,secret=secret
rlm_sql (sql): Adding client 1.2.3.4
Kostas Kalevras wrote:
Hmm that would mean stil having to add client entris in the
clients.conf. We 'd like to avoid that when using sql.
Yes. The reason is DoS attacks.
My idea was to limit the number of IP's looked up in SQL by network.
So if a particular network is getting lots of
Hello all.
My freeradius1.1.5 is configured to work with openldap and samba PDC,
resume, it works fine when i login with username/password/domain, but this
user already logon one time on domain, that is, the user is on cache in this
windows machine (XP and W2kPRO).
When i try with a
I am adding a new MSC to our list of clients and trying to verify the config
with -X and ntradping.
I keep getting rejected.
I have the following in clients.conf:
client 192.168.10.100 (MY LAPTOP IP FOR NOW) {
secret = [EMAIL PROTECTED]
shortname = cn3200_hiegalleria
Thanks for help
i got it and now my freeradius working with snmpd and it is working fine now
can u tell me what i monitor through snmpd means can i check how much users
login currently and how much failed and what stat i can check throgh this
feature
$ cat ~/satish/url.txt
System
On Thursday 29 March 2007 12:47:38 satish patel wrote:
Thanks for help
i got it and now my freeradius working with snmpd and it is working fine
now can u tell me what i monitor through snmpd means can i check how much
users login currently and how much failed and what stat i can check throgh
Sérgio Kojima wrote:
Hello all.
My freeradius1.1.5 is configured to work with openldap and samba PDC,
resume, it works fine when i login with username/password/domain, but
this user already logon one time on domain, that is, the user is on
cache in this windows machine (XP and W2kPRO).
Andrew Long wrote:
I am adding a new MSC to our list of clients and trying to verify the config
with -X and ntradping.
I keep getting rejected.
...
I note the could not find clear text password at bottom of reply, but am
not sure why this is so;
The password is present in radcheck.
Hi,
I'm using EAP-TTLS to supplicant authentication.
to authenticate the users at freeradius, I'm using users file to match user's
password:
user User-Password == test
Reply-Message = success
Is there a way, using DEFAULT, for example, to return success to all
Erico Augusto wrote:
Hi,
I'm using EAP-TTLS to supplicant authentication.
to authenticate the users at freeradius, I'm using users file to match
user's password:
user User-Password == test
Reply-Message = success
Is there a way, using DEFAULT, for example,
My freeradius is working, the thing is that the computer that logged in,
every time that it is turned off it remembers the user and do not ask for
it. Can someone help me???
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
group authorize for request 0
modcall[authorize]: module preprocess returns ok for request 0
radius_xlat:
'/usr/local/var/log/radius/radacct/10.10.10.1/auth-detail-20070329'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands
I think I got it, I can now authenticate with ntradping, but I get an
attribute dump:
unknown vendor 8744, size xx='' repeated many times...
Is this because I am impersonating the NAS from a laptop? ie., should
clear up when the NAS is actually authenticating or does this point to
another
Hi,
My freeradius is working, the thing is that the computer that logged in,
every time that it is turned off it remembers the user and do not ask for
it. Can someone help me???
Windows PEAP by any chance? ;-)
if so , you need to clear the EAPOL credentialeg
-8 cut here and
-Original Message-
I'm assured that Windows Vista now
has a proper 'do not cache this' feature ;-)
It does.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
We would like to load-balance 802.1X wireless authentications on
multiple radius servers. The problem is that EAP methods require a
series of requests and replies between the client and the same radius
server, but a normal radius proxy will treat each request as a new one
and forward them
30 matches
Mail list logo