Hi all.
I had a freeradius server 1.1.7 running up with some errors when doing updates
in radacct (mysql) some hours after it just started. Since then, I decided to
upgrade to 2.0.4. But now, it refuses to start with the error "rlm_ippool:
Failed to open file $(raddbdir)/db.ippool: No such file
>> Does the file exist? FreeRADIUS is at the mercy of the OS here. If
>>the OS says "no such file or directory", it means "no such file or
>>directory". No amount of playing with the FreeRADIUS configuration will
>>make the file suddenly exist.
>> Does the db.ippool file exist?
>>
>> Alan DeKok.
>
Hi all,
I'm working in setting up a basic scenario which involves 3
components: a client using Xsupplicant a AP making use of hostapd and
a Radius server using FreeRadius ;). I'm trying to probe the EAP-TNC
method but i have received this message from the FreeRadius server:
rlm_eap: ERRO
I have two applications that authenticate via radius. These
applications require separate radius conf files, log files, users
files, etc. How can I run two distinct radius servers on one server to
serve these applications? Also, these applications run on one server,
so how can I have their server c
> might i suggest using virtual machines, instead of messing around with
> multiple instances. (radius is rather non resource intensive)
If I can avoid it, I would not like to mess around with virtual machines.
On Thu, Jun 12, 2008 at 8:11 PM, [EMAIL PROTECTED]
<[EMAIL PROTECTED]>
If I do decide to run multiple radius daemons, how can I tell the
application server running pptpd and xl2tpd, which both authenticate
ppp sessions via radius, to use radius server1 for pptpd and radius
server2 for xl2tpd?
On Thu, Jun 12, 2008 at 9:12 PM, [EMAIL PROTECTED]
<[EMAIL PROTEC
Hi again, I solved the last trouble with ippool.db using the sqlippool instead.
But I got a new shining problem. :)
Now, almost everything seems to be working fine. Almost, cause I have some
account multiplication in the radacct table. Only a few users are doing that.
And the multiplication doesn
A new doubt. Is there anyway to safe disconnet an user from the radius server,
in a way that it auto disconnects him from the nas (a pppoe server)? And about
that Packet of Disconnect, is it still working?
I forgot to cite the version I'm using, and considering the message was sent on
weekend,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi, i'm new with freeradius, and i have a few issues with ip allocation
from a mysql database. The server it's functional, it's running with a
pppoe server, authentication goes ok, the user gets authenticated with
the values from mysql tables, but i n
is in the Access-Accept packet? Perhaps you have a dhcp
| server running as well and that one is allocating IPs.
|
| Ivan Kalik
| Kalik Informatika ISP
|
|
| Dana 16/7/2008, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> piše:
|
| Hi, i'm new with freeradius, and i have a few issu
45:31')
.
Sending Access-Accept of id 28 to 192.168.1.1 port 37704
Ivan Kalik wrote:
| Run the server in debug mode (radiusd -X) and see what's in the
| Access-Accept packet.
|
| Ivan Kalik
|
|
| Dana 17/7/2008, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> piše:
|
| in radi
7;2008-07-17
11:45:31')
rlm_sql_mysql: query: INSERT INTO radpostauth
~ (username, pass, reply, authdate) VALUES (
~'gogu', 'gogu123',
~ 'Access-Accept', '2008-
r. I've updated the file at
"http://alexandrunet.ro/radius_log"; and it now has the full log from the
time the user connects.
Alan DeKok wrote:
| [EMAIL PROTECTED] wrote:
|> sry for the bad output, but this ware the lines with "Access-Accept",
|> this is the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
:) yes that's what it was thank you for your "help". I'm sorry you had a
bad day my friend.
Paul.
Alan DeKok wrote:
| [EMAIL PROTECTED] wrote:
|> sorry about that, you have a good point, i just restarted the server and
|>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
there is not dhcp running on that server, and there is no dhcprelay. I
supposed it's the radius default, i don't know if that makes any sense
to you:), anyways i will dig more. Thank you.
[EMAIL PROTECTED]:/usr/local/etc/raddb# ps -aux |
#x27;m sure you have begin here also at one point.
Again sry you had a bad day.
Paul.
Alan DeKok wrote:
| [EMAIL PROTECTED] wrote:
|> there is not dhcp running on that server, and there is no dhcprelay. I
|> supposed it's the radius default,
|
| No.
|
| If RADIUS doesn't assig
Saludos a todos (Hi everybody)
He descubierto el lanzamiento de un nuevo libro de RADIUS en la Web:
www.radiusdoc.com (Parece muy interesante)
I've discovered a new RADIUS book in the website:
www.radiusdoc.com (It appears to be very interesting and helpful).
Francisco Montes
Ahora t
These situations are often in the VoIP billing world. If the rate
changes during a call there is little
you can do in a prepaid billing system (in a postpaid situation this is
not a problem). You have to choose
either to bill your customer with the rate that is valid at the
beginning of the call
... but I use it on a
production system and it works like
a charm.
Sebo PL wrote:
I think it could be done by some special DB function.
You can write one in plpgsql, then you can exec it using the sql
radius module.
2008/12/3 [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> <[EMAIL PROTECTED]
hello,
i was wondering what sql tables i need to have.
Im trying to setup freeradius with mysql and i cant get out.
i've got the following tables:
radius (12)
* Browse badusers
* Browse mtotacct
* Browse nas
* Browse radacct
* Browse radcheck
* Browse radgroupcheck
Hi.
How to configure freeradius to send vendor specif attribute in a radius-accept
message based on eap-tls?
___
Mutui a tassi scontati da 30 banche. Richiedi online e risparmia. Servizio
gratuito.
http://click.libero.it/mutuionl
Hi,
I'm trying to authenticate and authorize Cisco routers administrators But not the autorization (privilege level). so not when i add "aaa authorization exec default group radiusvrf if-authenticated" to the cisco router to be able to manage privileges with radius.
to make it work, i think i
e du 27/10/06 à 10h27> De : "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>> A : freeradius-users@lists.freeradius.org> Copie à : > Objet : openldap+freeradius+Cisco> >
Hi,
I'm trying to authenticate and authorize Cisco routers administrators But not the auto
Hi,
I saw that dialup_admin can use ldap or SQL to manage users. I'd like to know if i can, using dialup-admin:
1- authenticate users with ldap and add in the radius server answer per user attributes that are stored in my sql DB.
2- authenticate users with ldap and add in the radius server answer
clear why
you would build a server for it if you don't have a client?
Dave.
Original Message----
From: [EMAIL PROTECTED]
Date: Nov 15, 2006 14:49
To: "FreeRadius users mailing list"<[EMAIL PROTECTED]
org>
Subj: Re: PEAPv2 Server
"MURAT SEZGIN" <[EMAIL PROTEC
hello,
I am trying to switch from cvs version 2006-08-24 to cvs version
2006-11-16 and my accounting redundant group is processing the second
module even if the first one is returning ok. why is detail_fail
processed if sql returns ok ?
Is something (I do not find in doc / changelog) change
thanks,
Razvan Radu
Alan DeKok wrote:
"[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote:
2006-11-16 and my accounting redundant group is processing the second
module even if the first one is returning ok. why is detail_fail
processed if sql returns ok ?
It's a b
hello,
I am trying to use the redundant feature of freeradius and I do not
understand why the sql module (postgresql driver) returns ok when a
query fails.
from radiusd -X
rlm_sql (sql): Reserving sql socket id: 61
rlm_sql_postgresql: Status: PGRES_FATAL_ERROR
rlm_sql_postgresql: Error colum
I'm sorry,
The other day I said that there is nothing "unusual" about SecurID
RADIUS authentication. I'm so used to EAP, I forgot about the PAP auth
with a SecurID value as a password.
If the RSA Authentication Manager, finds that the token is in New Pin
or Next Tokencode mode, it will issue
Hi everybody,
I'm using freeradius to authenticate and authorize users to cisco
switches/routers/FW.
My issue is that i want to do aaa for 3 things on the same device: device
administrators login (telnet), for 802.1x EAP/MD5 (, and to manage firewall
FWSM ACLs (radius attribute in the response
hi,
i configured freeradius using configuration files( user, huntgroups, clients,
...). it works great.
now i 'd like to be able to manage my radius server with the web GUI dailup
admin.
my issue is that i don't see how i can put a nas ip in a huntgroup with this
GUI.
Can i have my nasip list /
Hi,
i'd like to athenticate user in ldap and put them in groups using sql.
so i don't want to check their password in the radcheck table.
my issue is that i don't see how not to check the password using the web GUI
dialup admin ?
thanks for your help
regards
jey
> Message du 21/12/06 à 0
hi,
i don't understand why dialup admin need its own sql table "badusers" and a
script to get bad logins whereas rejected users can be found in the freeradius
table "radpostauth" ?
Regards,
Thomas-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
i'd like to know which DB (postgresql or mysql) you advice me, to store
accounting and see it thanks to the GUI dailupadmin ?
can i find the same freeradius features with this 2 DB ?
i don't see 2 features , in postgresql.conf:
- readclients = yes
-Default profile
that i see in sql.conf.
Hi,
i'm using freeradius 1.0.1 from Red Hat entreprise 4.
my radius server is connected to a ldap directory to store users and to a mysql
database to store NAS
I want the radius server to authenticate users thanks to the "users" file even
if the ldap directory is not reachable and the radius serv
> Message du 10/01/07 à 15h38
> De : "Alan DeKok"
> A : [EMAIL PROTECTED], "FreeRadius users mailing list"
> Copie à :
> Objet : Re: ldap { fail=1}
>
> [EMAIL PROTECTED] wrote:
> >
> > i'm using freeradius 1.0.1 fro
> Message du 10/01/07 à 15h38
> De : "Alan DeKok"
> A : [EMAIL PROTECTED], "FreeRadius users mailing list"
> Copie à :
> Objet : Re: ldap { fail=1}
>
> [EMAIL PROTECTED] wrote:
> >
> > i'm using freeradius 1.0.1 fro
you seem to have EAP commented out. if you want to use
EAP/802.1x then that isnt going to help...
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
on a fundamental note, your TLS connection to the
eDirectory is failing. this could be due
to firewall, configuration problem, wrong cert or TLS not
enabled on the eDirectory etc.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
I use freeradius-1.0.4-1.FC4.1 version in a PC Linux Fedora Core 4.
This radius server
authenticates to user in function to his login and key, if the
information is correct the
radius server must send to user to the vlan 2 according to forms in
the file users of the
radius server. Th
Hi,
I use freeradius-1.0.4-1.FC4.1 version in a PC Linux Fedora Core 4. I
form the file uses:
lucy Auth-Type := EAP, User-Password == "lucy"
Service-Type = Framed-User,
Tunne-type = VLAN,
Tunnel-medium-type = IEEE-802,
Tunnel-Private-Group-Id = 2
I have th
Hi,
carlos Auth-Type = EAP, User-Password == "carlos"
I remove the parte indicated carlos User-Password == "carlos"
The problem continue i did thefollowing:
In my swich I form three vlan 2,3,4 After I signed ip to the vlans and
ports too.
This is a
you certainly arent checking that the VLAN is 2 - and if it isnt then fail
the authentication. i can understand what you are trying to do...but
do do THAT sort of thing you will need to use checking attributes,
not setting attributes.
you should find that the port which carlos is attached
Hi all,
I'm running freeradius 1.0.1 on CentOS 4.4 and I'm trying to get the
radius to log to a syslog server. I followed the example
"Syslog_HOWTO" but its not working. I was hoping that someone else
might know the answer / fix.
Thanks in Advance,
-
List info/subscribe/unsubscribe? See
Hi Alan,
Ok, seems the default install is dated that comes with CentOS 4.4...
I've upgraded to FreeRADIUS Version 1.1.7 now and logging seems to be
working but I'd like to be able to get more usable data.
I nthe /etc/syslog.conf file I have this entry:
# .* will log all messages in the same
Hello.
How do I do for that my clients linux (fedora core 4) soliciten
autenticarse ante el servidor freeradius antes de conectarse a la red.
Should I install an additional program for my client lunix asking for
authentication?. Or is only necessary in some file modoficacion sde
linux, as
Hi everyone! I'm trying to set a conditional variable in my sql.conf.
According to value of %{NAS-Port-Type} my variable (i.e. MYVAR) should
be assigned to value returned by different programs through 'exec'
module. I couldn't find any examples how to do it. So I will appreciate
if someone he
Hi.
I want work with linux clients (fedora core 4), but how i do for that
the client linux question for a login and panssword for that it
connect to the net.
Should I install an additional program for my client lunix asking for
authentication?.
Liset Vizcardo
I run radiusd -X in the server
=====
[EMAIL PROTECTED] certs]# radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
Config: including file: /etc/raddb/clients.conf
Config
Hello.
I create mi certificate with openssl its version is openssl-0.9.7f-7.10.
The configuration from eap.conf is
eap {
default_eap_type = ttls
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_usern
Hi Alan,
thank you for your quick answer.
Please send me some example about this proxy configuration.
Rgdrs,
Radim
> Hi,
>
> > Everything work OK, Ovislink send request to FreeRadius
> > server, FreeRadius send Access-Request to IAS (mschapv2)
> > IAS send Access-Accept, but Ovislink received
>
Hi there,
i looked around and found nothing which really helped, so i'll ask you :)
I want my freeradius to rewrite the vlan attributes for cetrain clients.
Setup is like having all users in my ldap, with vlan etc. and all is working
fine so far. Now i have an office which has other vlans due to a
Hi there!
On Mon, Mar 17, 2008 at 9:56 AM, Alan DeKok <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > I want my freeradius to rewrite the vlan attributes for cetrain clients.
>
> From what... to what? Do you have examples?
Sure, thanks for your time btw!
My
ot;10"
Tunnel-Private-Group-ID := "23"
?
Thanksalot!
2008/3/17 Ivan Kalik <[EMAIL PROTECTED]>:
> users file:
>
> DEFAULT NAS-IP-Address == office switch/router IP, Ldap-Group ==
> "admin"
> Tunnel-Private-Group-ID :=
Hi!
mh, ok, sounds bad - what happens if 1000 users "re-connect" to the
network.. will i get
1000 forked perl scripts..?
And how should the script look like/get implemented?
Thanksalot!
2008/3/17 Ivan Kalik <[EMAIL PROTECTED]>:
> I don't think so. It's a reply attri
Hi there,
On Mon, Mar 17, 2008 at 4:49 PM, Ivan Kalik <[EMAIL PROTECTED]> wrote:
> >mh, ok, sounds bad - what happens if 1000 users "re-connect" to the
> >network...
>
> Ldap is likely to be much more of a problem than a perl script.
For that reason its a c
Heya,
i'm a bit stuck. My xp box should auth with ssl cert - works ok so
far. But how to assign vlan?
When doing this with user, i put my user + pass into users file -
works. But for ssl cert?
I want my xp box authentificated by ssl cert and after that, my user
should logon to "his" vlan.
So that
Hi,
thanks for replys!
i'm very sorry, there is a little missunderstanding :(
Switch works ok so far, so nothing needs to be done there.
My client is xp box with logon client which can do maschine auth and
prompt the user for his name and pass...
So i use ssl to auth the maschine (has a general c
MS-Chap is in RFC 2433 (Oct 1998)
MS-Chap V2 is in RFC 2759 (Jan 2000)
see also
Microsoft Specific RADIUS attributes - RFC 2548 (Mar 1999)
Dave.
Original Message
From: [EMAIL PROTECTED]
Date: Feb 9, 2007 6:01
To: "FreeRadius users mailing list"<[EMAIL PROTECTED]
org&g
I am trying to authenticate Cisco enable password requests via freeradius
(1.1.3.) on a mysql
(5.0.26) database.
As per http://wiki.freeradius.org/Cisco, the router tries to authenticate user
$enab15$ but it
doesn't get matched on mysql query because '$' gets escaped to '=24'
radius_xlat: '$en
Hi,
I'd like to know if FreeRadius Pam_RADIUS is still up to date ?
Do you have any suggest to make it work with Red Hat Entreprise Linux 4 ?
Thanks,
Thomas-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
OK authentication works
but not accounting whereas i have in etc/pam.d/system-auth :
account sufficient /lib/security/$ISA/pam_radius_auth.so
any idea why my REDHAT does not send any accounting ?
Thomas
> Message du 23/02/07 à 17h39
> De : "[EMAIL PROTECTED]"
> A
Hello,
I use freeradius 1.0.1 LDAP connector to request a LDAP directory.
I notice that Freeradius tries 6 times to find a user in my LDAP directory when
this user doesn't existe.
Is there a mean to make freeradius tries only one time ?
Thanks
Thomas-
List info/subscribe/unsubscribe? See http://w
---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 165 to 192.18.136.44:1812
Reply-Message = "forbidden."
Waking up in 4 seconds...
> Message du 06/03/07 à 11h58
> De : "Michael Mitchell"
> A : "FreeRadius u
Hi,
is there a mean not te see passwords in freeradius debug mode (radiusd -X) ?
thanks
Thomas-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
econds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 165 to 192.18.136.44:1812
Reply-Message = "forbidden."
Waking up in 4 seconds...
> Message du 06/03/07 à 11h58
> De : "Michael Mitch
OK thanks
> Message du 09/03/07 à 09h52
> De : "Alan DeKok"
> A : [EMAIL PROTECTED], "FreeRadius users mailing list"
> Copie à :
> Objet : Re: freeradius ldap connector
>
> [EMAIL PROTECTED] wrote:
> >
> > you can see the debug. ther
Hi,
i have installed freeradius 1.1.5 on debian machine now how i can install
freeradius-mysql package?
When i try 'apt-get install freeradius-mysql' this is the error:
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the un
Hi all,
I use freeradius 1.0.1. I did a script that do a kill - HUP of radiusd when
someone add a NAS in the "nas" Mysql table.
It seems to work. But i see freeradius 1.1.6 correct a bug about HUP.
Can you tell me if i'm impacted by the bug corrected in 1.1.6
Thank you for your help
Thomas-
List
> Message du 13/04/07 à 11h43
> De : "Kostas Kalevras"
> A : [EMAIL PROTECTED], "FreeRadius users mailing list"
> Copie à :
> Objet : Re: assigning vlan based on NAS and LDAP field?
>
> O/H Matt Ashfield έγραψε: > HI all, > > We're u
www.deployingradius.com
or
yum install freeradius
vi /etc/raddb/*
or
wget ftp://ftp.freeradius.org:/pub/radius/freeradius-1.1.6.tar.bz2
tar -xjvf freeradius-1.1.6.tar.bz2
cd freeradius-1.1.6
./configure
make
make install
vi /etc/raddb/*
seriously, your question is just SO open.
alan
-
Li
Hello Alan,
I am trying to authenticate my cisco device login using freeradius,
freeradius should look into my win2003 ad for user information.
I agree I may have missed out something from the instruactions, I
have attached my radius.conf and eap.conf file.
why have you put the ntlm_auth line li
Ich bin am 14. Mai nicht im Haus und kann Ihre Nachricht erst am Dienstag den
15. Mai bearbeiten.
In dringenden Fällen wenden Sie sich bitte an Herrn René Böhm (E-Mail: [EMAIL
PROTECTED]).
Mit freundlichen Grüßen
Tobias Drollinger
-
List info/subscribe/unsubscribe? See http
Ich bin am 21. Mai nicht im Haus und kann Ihre Nachricht erst am Dienstag den
22. Mai bearbeiten.
In dringenden Fällen wenden Sie sich bitte an Herrn René Böhm (E-Mail: [EMAIL
PROTECTED]).
Mit freundlichen Grüßen
Tobias Drollinger
-
List info/subscribe/unsubscribe? See http
Ich bin am 25. Mai nicht im Haus und kann Ihre Nachricht erst am Dienstag den
29. Mai bearbeiten.
In dringenden Fällen wenden Sie sich bitte an Herrn René Böhm (E-Mail: [EMAIL
PROTECTED]).
Mit freundlichen Grüßen
Tobias Drollinger
-
List info/subscribe/unsubscribe? See http
Ich bin am Freitag den 8. Juni nicht im Haus und kann Ihre Nachricht erst am
Montag den 11. Juni bearbeiten.
In dringenden Fällen wenden Sie sich bitte an Herrn René Böhm (E-Mail: [EMAIL
PROTECTED]).
Mit freundlichen Grüßen
Tobias Drollinger
-
List info/subscribe/unsubscribe? See http
CP-IP
DEFAULT Hint == "SLIP"
Framed-Protocol = SLIP
DEFAULT Realm == "ocesb.com.my", Autz-Type := LDAP1, Auth-Type := LDAP1
user.ldif
dn: uid=user, ou=People, dc=ocesb, dc=com, dc=my, dc=.
mailLocalAddress: [EMAIL PROTECTED]
givenName: Tan Chee
accountStatus: active
r
ldap: server = "localhost"
ldap: port = 389
ldap: net_timeout = 1
ldap: timeout = 4
ldap: timelimit = 3
ldap: identity = "cn=Manager,dc=."
ldap: tls_mode = no
ldap: start_tls = no
ldap: tls_cacertfile = "(null)"
ldap: tls_cacertdir = "(null)"
ld
rns ok for request 4
rad_check_password: Found Auth-Type LDAP
auth: type "LDAP"
ERROR: Unknown value specified for Auth-Type. Cannot perform
requested action.
auth: Failed to validate the user.
Login incorrect: [[EMAIL PROTECTED]] (from client localhost port 0 cli
00-14-a5-d9-09-
CK Tan
IT Manager
Optical Communication Engineering S/B
19, Jalan Semangat,
46200 Petaling Jaya, Selangor Darul Ehsan
Tel: +60 3 76808000 EXT:1205
Fax: +60 3 76808010
H/P: +60 12 9033077
email: [EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
module "eap" returns fail for request 4
modcall: group authenticate returns fail for request 4
auth: Failed to validate the user.
New ldif :
dn: uid=user, ou=People, dc=ocesb, dc=com, dc=my, dc=.
mailLocalAddress: [EMAIL PROTECTED]
givenName: Tan Chee
accountStatus: active
radacct. If I'm using EAP-MD5 with L2 switch as NAS, a
login record will be there. What make this happen?
radius_xlat: 'INSERT into radpostauth (id, user, pass, reply, date)
values ('', '[EMAIL PROTECTED]', 'Chap-Password', 'Access-Accept',
NOW()
Dear Alan,
I try 2 different type of wireless NASs but still didn't insert the
record into table. Is that mean the wireless NAS by default do not send
accounting info or do not have this kind of function?
Regards
Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
...
However,
basic and what should I do if i need to add more
attribute? For example, the accounting packet do not include the full
username i.e. [EMAIL PROTECTED] Looking for your advice.
rad_recv: Accounting-Request packet from host 61.4.124.254:56195,
id=35, length=155
Acct-Session-Id = "000
Hi Alan,
> Read the hostapd documentation.
>
>
Nothing much the documentation about the attributes.
> If the User-Name in the Access-Request was "[EMAIL PROTECTED]", it looks
> like a bug in hostapd. If he User-Name in the Access-Request was
> "u
hi all,can any one please tell me where can i get radius client for radius
server suitable to Red Hat Enterprise Linux ES 3.Also please give the details
of different types of radius clients available for radius server in Red Hat
Linux ES 3.Also please tell me how to install and configure the rad
Hi,
I would like to learn how to set IP restrictions for each radius account :
By restrictions, I mean that account n° 1 can only reach IP subset n° 1,
account n° 2 can only reach IP subset n° 2,
An IP subset can be the whole WWW, a single IP or a specified family of IPs.
And I would like
Hi,
I am running freeradius 0.9.3 on redhat 9.0. My radius server
is used primarily for proxying to other ISP's. I currently have
over 30 external ISP's set up in my radius and most seem to
be working well. However for those ISP's that are using
ICradius, it seems to be very unhappy about the N
> Sure. See "preproxy_users"
>
> DEFAULT Realm = "icradius"
> NAS-IP-Address := 1.2.3.4
Thanks for the information.
> But why are you using NAT? My guess is that the problem is NAT, not
> ICRadius.
>
Perhaps NAT is the wrong term?
Everything is behind a firewall and we have only
one ext
> Sure. See "preproxy_users"
>
> DEFAULT Realm = "icradius"
> NAS-IP-Address := 1.2.3.4
>
Other than adding this to the preproxy_users file, is their any
additional configuration required? in radiusd.conf?
Thanks,
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users
>
> Sure. See "preproxy_users"
>
> DEFAULT Realm = "icradius"
> NAS-IP-Address := 1.2.3.4
>
As per your earlier suggestion I added:
DEFAULT Realm = "abc.com"
NAS-IP-Address := 1.2.3.4<- replaced with real IP
to the preproxy_users file and when I restart FreeRADIUS
I get:
Error: Errors
> That is not at all what I suggested. Please go back and read the
> message again.
Thanks, I did. For what ever reason in my mail client
the 2 lines have the same starting point so I did not pick
up on the second line being indented but thanks for
pointing it out to me. That did the trick!
15",
Service-Type = Administrative-User
Regards,
Jean-Paul.
Jeffrey C. Ollie wrote:
On Wed, 2004-03-03 at 10:39, Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
Hi, I am running freeradius-0.9.3 on RedHat 9.0. I have found your
documentation and faq page very helpful, however I cannot find an answe
Hi,
I am trying to proxy based off of Client-IP-Address where
the client IP's are in a /18 ip range.
I tried using a regular expression:
DEFAULT Client-IP-Address =~ "^10.1\.4\." , Proxy-To-Realm := "foo.com"
in my user file, which does work but does not properly define the entire
subnet.
What
hello,
is there a way to communicate a value/parameter between
authorize_check_query and authorize_reply_query ?
I use a extensive search to qualify a request from the radius
server and I do not want to do it twice.
I want to migrate my application from gnuradius to freeradius
and in gnuradius is
> > is there a way to communicate a value/parameter between
> > authorize_check_query and authorize_reply_query ?
>
> Yes. Put it into a RADIUS attribute.
ok, but I am confused on how to access an attribute set by
authorize_check_query, because it is added to the check list and I do
not know h
On Thu, 1 Apr 2004 12:16:30 -0600, Alan Russell wrote:
>No offense taken. I am developing this project myself (trying to learn as
>much as I can). I posted this comment because I set up freeradius with
>PEAP-TLS on a wireless network. I then connected one computer with ethernet
>to the same net
Hello,
I would like to build a custom module for freeRadius and have read the
doc/module_interface carefully.
I still miss some information about how "building" a module from scratch :
in other words how could I initialize my own module directory and files ?
Is there a script that allow this or
added them manually in Makefine.in.
Thank's again.
At 11:14 15/04/2004, you wrote:
Chris Ross
<[EMAIL PROTECTED]> wrote:
> > For your system, just build a module using normal C
and H files.
>
> Wasn't there some interest in moving towards having all
modules
> autoc
Hello,
Does anyone know how I could compile freeradius in C++ using g++ instead of
gcc ?
I am not very familiar with the underlying configure mechanism , all i know
is to type 'configure' an then 'make' ...
many thank's.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/use
1 - 100 of 167 matches
Mail list logo