On 11/24/2012 08:40 PM, Hoggins! wrote:
I don't know if I understand the process correctly : as far as I
understand, an authentication request is handled successively by the
listed modules in the authorize {} section, right ?
So, now that I figured that I have to use PAP as phase2, I can have th
I don't know if I understand the process correctly : as far as I
understand, an authentication request is handled successively by the
listed modules in the authorize {} section, right ?
So, now that I figured that I have to use PAP as phase2, I can have the
cleartext password. But I don't know how
OK, that explains a lot. I guess I need to find a method that lets the
Cleartext-Password go through. I don't know how to do this, actually, as
our passwords are now stored hashed.
Any hint?
Le 23/11/2012 19:18, Alan Buxey a écrit :
> eg if using PEAP, the client never sends a password, instead i
What EAP type? eg if using PEAP, the client never sends a password, instead its
challenge-response which works because the SQL contains a copy of the password
so MSCHAP can derive an agreement. Gmhow dies your curl do this? Are you trying
thus in the authenticate section and feeding an authoriza
Hello everyone,
We're facing an issue with rlm_exec, or at least Ithink our problem
comes from there.
We use FreeRADIUS for a Wifi access point. We userlm_sql, and our
clients authenticate using 802.1x, with a certificate and a pair of
login/password credentials. Everything works just fine, and w
HeinKonijn wrote:
> The next thing I want and am unable to get working is is.
> Client 10.1.1.1 only accepts members in LDAP group "group1"
> Client 10.1.1.2 only accepts members in LDAP group "group2"
Use the "unlang" rules to write this logic. It's not hard.
There are examples of using LDA
hieve this?
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Newbie-question-Multiple-cliets-and-multiple-LDAP-groups-tp5655379p5655379.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks. Matteo:
But I don't have this 192.168.1.29 in my network and I have not configured any
NAS yet. it was just genetic tests based on "radtest"...
--- On Mon, 8/30/10, mat...@crs4.it wrote:
> From: mat...@crs4.it
> Subject: Re: radius newbie question
&
tening on proxy address * port 1814
Ready to process requests.
where did that "NAS-IP-Address = 192.168.1.29" come from?
Thanks in advance
--- On Sat, 8/28/10, gahn wrote:
From: gahn
Subject: Re: radius newbie question
To: "FreeRadius users mailing list"
Date: Saturday, Aug
tication address * port 1812
Listening on accounting address * port 1813
Listening on command file /var/run/radiusd/radiusd.sock
Listening on proxy address * port 1814
Ready to process requests.
where did that "NAS-IP-Address = 192.168.1.29" come from?
Thanks in advance
--- On Sat, 8/2
t; From: Alan Buxey
> Subject: Re: radius newbie question
> To: "FreeRadius users mailing list"
> Date: Saturday, August 28, 2010, 11:46 AM
> Hi,
>
> > host# radtest testing password localhost 10
> testing123
> > radclient:: Failed to find IP address for gi
Hi,
> host# radtest testing password localhost 10 testing123
> radclient:: Failed to find IP address for giraffe
> radclient: Nothing to send.
where does giraffe come from? whats in your /etc/resolv.conf?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi all:
I just installed a radius server on a freebsd machine. It seems to be started
properly until I am trying to test it with "radtest":
host# radtest testing password localhost 10 testing123
radclient:: Failed to find IP address for giraffe
radclient: Nothing to send.
here is what is in my
Thanks Alan:
I will be looking into the version 2. really appreciate your advice..:)
> Date: Wed, 18 Feb 2009 04:37:33 +0100
> From: al...@deployingradius.com
> To: freeradius-users@lists.freeradius.org
> Subject: Re: newbie question for freeradius
>
> ip freak wrote:
>
ip freak wrote:
> Thanks.
>
> 1) rlm unix cache is set to 0.
> 2) yes, i am using FreeBSD7.1 and whatever the version the FreeBSD comes
> with.
>
> what really want to do is simple, just use /etc/passwd file for
> authentication.
Then use the default configuration that comes with 1.1.X for the
reeradius-users@lists.freeradius.org
> Subject: Re: newbie question for freeradius
>
> Jacques Marneweck wrote:
> > FreeBSD's /etc/master.passwd file always has a comment at the top
> > starting with a # which means ignore the line.
>
> That is non-standard...
Jacques Marneweck wrote:
> FreeBSD's /etc/master.passwd file always has a comment at the top
> starting with a # which means ignore the line.
That is non-standard...
Anyways... if you're getting that message, it's because:
1) you're using a very old version of the server
AND
a) y
Hi Alan,
FreeBSD's /etc/master.passwd file always has a comment at the top
starting with a # which means ignore the line.
Regards
--jm
On 17 Feb 2009, at 8:52 PM, Alan DeKok wrote:
ipfreak wrote:
i would like to use unix file /etc/passwd to authenticate users on my
routers and somehow it
ipfreak wrote:
> i would like to use unix file /etc/passwd to authenticate users on my
> routers and somehow it always fails:
Because you broke the "passwd" file.
> rad_recv: Access-Request packet from host 192.168.10.101:61706, id=153,
> length=53
> User-Name = "tester"
> User-
in /etc/passwd with password "test" in the freebsd box.
Thanks in advance
--
View this message in context:
http://www.nabble.com/newbie-question-for-freeradius-tp22063719p22063719.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Jair Santos wrote:
> I also recognize that you tried to help me , but Alan, just because someone
> is an expert this doesn't mean that he/she have the right to criticize the
> ones that are not. I am here for help not to be criticized,
Help often involves pointing out what you're doing wrong.
October 07, 2008 10:06 AM
> To: FreeRadius users mailing list
> Subject: Re: Newbie question
>
>
> Jair Santos wrote:
> > Please understand that when we, as users, go to a site to
> download a
> > program, the site structure and distribution of information is
&g
Jair Santos wrote:
> Please understand that when we, as users, go to a site to download a
> program, the site structure and distribution of information is completely
> new. We , (I) try to understand it but we have no time to read everything.
> I believe that this is normal and yes , we make mi
mailto:[EMAIL PROTECTED]
us.org] On Behalf Of Alan DeKok
> Sent: Monday, October 06, 2008 11:12 PM
> To: FreeRadius users mailing list
> Subject: Re: Newbie question
>
>
> Jair Santos wrote:
> > Well guys, let's clarify.
>
> You didn't click on the link
John Dennis wrote:
> I'm not sure why you were having problems with the upstream spec file,
> but you can use the src rpm from Fedora
libreadline is available both as a 32-bit && 64-bit library. The
build system is creating a 64-bit binary, but ld tries to link to the
32-bit version of libreadl
Jair Santos wrote:
> Well guys, let's clarify.
You didn't click on the link for 2.1.1 on the main web page:
freeradius.org. Instead, you clicked on the "download" link. You
didn't click on the "tar" file link for 2.1.1 on that page, either. You
didn't click on the "git.freeradius.org" link fo
Jair Santos wrote:
> I got it from
>
> cvs -d :pserver:[EMAIL PROTECTED]:/source checkout radiusd
>
> Isn't that the right one ?
No. If you read the "download" web page, it says that development has
moved to git.freeradius.org.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www
ennis
Sent: Monday, October 06, 2008 3:57 PM
To: FreeRadius users mailing list
Subject: Re: Newbie question
Jair Santos wrote:
Well guys, let's clarify.
I downloaded with
cvs -d :pserver:[EMAIL PROTECTED]:/source checkout radiusd
No doubt about that.
I have no control about
ehalf Of [EMAIL PROTECTED]
Sent: Monday, October 06, 2008 3:04 PM
To: FreeRadius users mailing list
Subject: Re: Newbie question
Hi,
radiusd: FreeRADIUS Version 2.0.6, for host
x86_64-unknown-linux-gnu,
built
2.0.6 ?
well, thats not the latest available version
:
> [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
us.org] On Behalf Of [EMAIL PROTECTED]
> Sent: Monday, October 06, 2008 3:04 PM
> To: FreeRadius users mailing list
> Subject: Re: Newbie question
>
>
> Hi,
> >
> > radiusd: FreeRADIUS Version 2.0.6, fo
Jair Santos wrote:
radiusd: FreeRADIUS Version 2.0.6, for host x86_64-unknown-linux-gnu, built
Gee, I thought you were building and using 2.1.1 ;-)
You need to be careful with where you install things and what your paths
are. Looks to me like you've installed your latest in /usr/local/sbin
Hi,
>
> radiusd: FreeRADIUS Version 2.0.6, for host x86_64-unknown-linux-gnu, built
2.0.6 ?
well, thats not the latest available version
2.1.1 is the latest and the default config files dont mention
snmp.conf at all. if you install ver older versions then
you *will* come across wierd issues d
t; Sent: Monday, October 06, 2008 2:27 PM
> To: FreeRadius users mailing list
> Subject: RE: Newbie question
>
>
> So, what version do you have now (radiusd -v).
>
> Ivan Kalik
> Kalik Informatika ISP
>
>
> Dana 6/10/2008, "Jair Santos" <[EMAIL PROTECTED
gt;It ran smoothly.
>
>Jair Santos
>
>
>
>
>
>
>> -Original Message-
>> From:
>> [EMAIL PROTECTED]
>> [mailto:[EMAIL PROTECTED]
>us.org] On Behalf Of [EMAIL PROTECTED]
>> Sent: Monday, October 06, 2008 1:54 PM
>> To: FreeRadius users
day, October 06, 2008 1:54 PM
> To: FreeRadius users mailing list
> Subject: RE: Newbie question
>
>
> It's not. But neither is that include in radiusd.conf. You
> wouldn't be mixing versions? Attached is snmp.conf from 2.0.5.
>
> Ivan Kalik
> Kalik Informati
http://freeradius.org as well.
>
>
>
>Jair Santos
>
>
>
>
>
>> -Original Message-
>> From:
>> [EMAIL PROTECTED]
>> [mailto:[EMAIL PROTECTED]
>us.org] On Behalf Of [EMAIL PROTECTED]
>> Sent: Monday, October 06, 2008 12:51 PM
>&g
age-
> From:
> [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
us.org] On Behalf Of Jair Santos
> Sent: Monday, October 06, 2008 1:04 PM
> To: 'FreeRadius users mailing list'
> Subject: RE: Newbie question
>
>
> And it is not on the files downloaded fro
users mailing list
> Subject: RE: Newbie question
>
>
> Is snmp.conf in downloaded files. If it is just copy it. Should be:
>
> /home/jsantos8890/downloads/freeradius/freeradius-server-2.1.1
/raddb/snmp.conf
>
> Ivan Kalik
> Kalik Informatika ISP
>
>
>
&g
y, October 06, 2008 12:51 PM
> To: FreeRadius users mailing list
> Subject: RE: Newbie question
>
>
> Is snmp.conf in downloaded files. If it is just copy it. Should be:
>
> /home/jsantos8890/downloads/freeradius/freeradius-server-2.1.1
/raddb/snmp.conf
>
> Ivan Kal
me to download from the repository so I did it. It
>complied and insttalled ok but I got the runtime snmp error.
>
>Please can someone help me ?
>
>Thanks
>
>
>
>
>Jair Santos
>
>
>
>
>> -Original Message-
>> From:
>> [EMAIL PROTEC
Sent: Monday, October 06, 2008 12:04 PM
> To: FreeRadius users mailing list
> Subject: RE: Newbie question
>
>
> >I got it from
> >
> >cvs -d :pserver:[EMAIL PROTECTED]:/source checkout radiusd
> >
> >Isn't that the right one ?
> >
> >Jair S
e runtime snmp error.
Please can someone help me ?
Thanks
Jair Santos
> -Original Message-
> From:
> [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
us.org] On Behalf Of Anders Holm
> Sent: Monday, October 06, 2008 11:59 AM
> To: FreeRadius users mailing list
>
>I got it from
>
>cvs -d :pserver:[EMAIL PROTECTED]:/source checkout radiusd
>
>Isn't that the right one ?
>
>Jair Santos
>
That look fine. snmp.conf should be in there.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
r Santos
>
>
>
>
>
>
>
>> -Original Message-
>> From:
>> [EMAIL PROTECTED]
>> [mailto:[EMAIL PROTECTED]
> us.org] On Behalf Of [EMAIL PROTECTED]
>> Sent: Monday, October 06, 2008 11:33 AM
>> To: FreeRadius users maili
, 2008 11:33 AM
> To: FreeRadius users mailing list
> Subject: RE: Newbie question
>
>
> >When running the server with
> >
> > $ radiusd -X
> >
> >I got
> >
> >Unable to open file "/usr/local/etc/raddb/snmp.conf": No
> suc
>When running the server with
>
> $ radiusd -X
>
>I got
>
>Unable to open file "/usr/local/etc/raddb/snmp.conf": No such file or
>directory
>Errors reading /usr/local/etc/raddb/radiusd.conf
>
>
>The snmp.conf is not there and in my radiusd.conf there is
>
>snmp= no
>$INCLUDE snmp.conf
>
>So my
dius users mailing list
> Subject: Re: Newbie question
>
>
> It is true but then you'll probably have the older version.
> Centos for
> example goes with FR 1.1.3
>
> Maxim Sirenko wrote:
> > It is always better to install from packages that belong t
s.org] On Behalf Of Marinko Tarlac
> Sent: Sunday, October 05, 2008 6:20 AM
> To: FreeRadius users mailing list
> Subject: Re: Newbie question
>
>
> It is true but then you'll probably have the older version.
> Centos for
> example goes with FR 1.1.3
>
>
from ports.
There will not be problems with linkers and compilers.
Everything was thought about hundreds times.
- Original Message - From: "Alan DeKok"
<[EMAIL PROTECTED]>
To: "FreeRadius users mailing list"
Sent: Sunday, October 05, 2008 9:27 AM
Subject: Re:
Citando Jair Santos <[EMAIL PROTECTED]>:
> Hi all,
>
> I just got into this list and I am trying to instal in a RedHat ES 5.2, 64
> bits.
>
> I ran ./configure and when I ran make I got the following error.
>
> cc -o .libs/radmin .libs/radmin.o /usr/lib/libreadline.so
> /usr/lib/libtermcap.so .li
.
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list"
Sent: Sunday, October 05, 2008 9:27 AM
Subject: Re: Newbie question
Jair Santos wrote:
I just got into this list and I am trying to instal in a RedHat ES 5.2,
64 bits.
I ran
Jair Santos wrote:
> I just got into this list and I am trying to instal in a RedHat ES 5.2,
> 64 bits.
>
> I ran ./configure and when I ran make I got the following error.
...
> /usr/lib/libreadline.so: could not read symbols: File in wrong format
You have both 32-bit and 64-bit libraries on
Hi all,
I just got into this list and I am trying to instal in a RedHat ES 5.2, 64
bits.
I ran ./configure and when I ran make I got the following error.
cc -o .libs/radmin .libs/radmin.o /usr/lib/libreadline.so
/usr/lib/libtermcap.so .libs/util.o .libs/log.o .libs/conffile.o
/home/jsantos8
http://www.freeradius.org/radiusd/doc/rlm_passwd
Deny access after one month - Expiration attribute.
Ivan Kalik
Kalik Informatika ISP
Dana 7/12/2007, "Monah Baki" <[EMAIL PROTECTED]> piše:
>Hi all,
>
>I am new to freeradius and I want to know if it's possible to perform the
>following.
>I pro
Hi all,
I am new to freeradius and I want to know if it's possible to perform the
following.
I provide for multiple people access to the internet via a proxy server
with authentication (htpasswd), server is FreeBSD.
I want to deny them access after 1 month. I was wandering if freeradius
can work w
Hi,
> Thanks for everyone's help. I have it working nicely now, but have one
> more situation I just started testing.
>
> I want to use the same radius servers to authenticate users on a
> different wireless network though a captive portal to the same
> eDirectory servers via LDAP.
>
> In ord
Thanks for everyone's help. I have it working nicely now, but have one
more situation I just started testing.
I want to use the same radius servers to authenticate users on a
different wireless network though a captive portal to the same
eDirectory servers via LDAP.
In order for the captive po
Hi,
> Do I then remove ldap from the authorize section so that it doesn't call
> it every packet? I did a bunch of testing and it seems that I have to
> do that to reduce the number of calls to our eDirectory servers.
yes - only call it from the INNER check. otherwise you are in exactly
the same
Nathan Hay wrote:
> Do I then remove ldap from the authorize section so that it doesn't call
> it every packet? I did a bunch of testing and it seems that I have to
> do that to reduce the number of calls to our eDirectory servers.
Yes. But it has to be listed inside of a sub-block, as describ
Do I then remove ldap from the authorize section so that it doesn't call
it every packet? I did a bunch of testing and it seems that I have to
do that to reduce the number of calls to our eDirectory servers.
Thanks for helping me out.
Nathan
Nathan P. Hay
Network Engineer
Computer Services
C
On Wed, 2007-10-31 at 08:59 -0400, Nathan Hay wrote:
> I have FreeRadius 1.1.7 installed and talking to our eDirectory
> servers via LDAP to authenticate users to our wireless network. It
> works great, but our eDirectory servers get hit with 11 requests each
> time a single client authenticates.
I have FreeRadius 1.1.7 installed and talking to our eDirectory servers
via LDAP to authenticate users to our wireless network. It works great,
but our eDirectory servers get hit with 11 requests each time a single
client authenticates. Running FreeRadius in debug mode, I see 10
requests of the f
tion
> >
> > -Ursprüngliche Nachricht-
> > Von: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] Im Auftrag von Alan
> > DeKok
> > Gesendet: Mittwoch, 24. Oktober 2007 12:38
> > An: FreeRadius users mailing list
> > Betreff: Re: AW: Newbie Que
where I can find the NAS
> documentation
>
> -Ursprüngliche Nachricht-
> Von: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Im Auftrag von Alan
> DeKok
> Gesendet: Mittwoch, 24. Oktober 2007 12:38
> An: FreeRadius users mailing list
> Betreff: Re: AW: Newbie Q
Bernd wrote:
> I'm sorry...I never worked with RADIUS, please consider that. I don't mind
> reading documentations :) - but I don't know where I can find the NAS
> documentation
We don't have copies of it. You haven't even said what kind of NAS it
is, so it's impossible for us to help you.
t: Mittwoch, 24. Oktober 2007 12:38
An: FreeRadius users mailing list
Betreff: Re: AW: Newbie Question o.O
Bernd wrote:
> > Do the AP's send RADIUS requests to authenticate the MAC when they see
> a new machine? If not, you can't do it.
>
> How do I know if they do?
...
>
Bernd wrote:
> > Do the AP's send RADIUS requests to authenticate the MAC when they see
> a new machine? If not, you can't do it.
>
> How do I know if they do?
...
>> Unfortunately, you're being told to go read the NAS documentation.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http:
er 2007 11:21
An: FreeRadius users mailing list
Betreff: Re: Newbie Question o.O
Bernd wrote:
> I'm trying to set up a WLAN (5 APs) with a RADIUS Server (SuSe 10.2).
RADIUS
> should authenticate the MAC Adresses of the WLAN Users to grant them
access
> to the network.
Do the A
Bernd wrote:
> I'm trying to set up a WLAN (5 APs) with a RADIUS Server (SuSe 10.2). RADIUS
> should authenticate the MAC Adresses of the WLAN Users to grant them access
> to the network.
Do the AP's send RADIUS requests to authenticate the MAC when they see
a new machine? If not, you can't do
Hi!
I'm trying to set up a WLAN (5 APs) with a RADIUS Server (SuSe 10.2). RADIUS
should authenticate the MAC Adresses of the WLAN Users to grant them access
to the network. There are often new computers, which should get access to
the Network immediately and without installing anything.
RADIUS is
Excuse the greenness of question.
Is there a 'how-to' on authreply_table? I am just starting with freeradius
+ mysql and want to get freeradius to do a db dip and respond with required
plus a couple extra fields of data to the NAS.
Appreciated
murray
-
List info/subscribe/unsubscribe? See htt
it's own.
Ivan Kalik
Kalik Informatika ISP
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Antuan Avdioukhine
Sent: 10 April 2007 09:10
To: FreeRadius users mailing list
Subject: Re: Very Newbie question
On Mon, Mar 26, 2007 at 09:23:49PM +0100, [
On Mon, Mar 26, 2007 at 09:23:49PM +0100, [EMAIL PROTECTED] wrote:
Did I understand you correctly? After discovering documentstion and
reading this mailing list I gueas that you meas something like this:
For 2nd category I'm using entries in 'users' file something about:
internalAuth-type :
Best (read: simplest) thing to do is NOT to let second group use any
username and password. Have them all use the same one (for instance
username: local; password: local). Then just add Calling-Station-Id as a
check item for that user. If you need to limit the number of such users
on-line you can
Greetings!
I'm very newbie in FreeRadius software. Now I have to setup FreeRadius
server for dialup users billing. We have three categories of dialup
users:
1. Traditional users, who authenticates itselves with login and
password; some of them must have fixed IP.
2. Internal telephony network us
> -Original Message-
>
> When I run radiusd, it says it is running properly, but I
> check with netstat -n and I don't see anything listenning on
> port 1812. The port setting in the configuration file is '0'
> (which is I think 1812 by default).
>
> Is this normal? I don't think my a
Markus Krause wrote:
> as far as i kno udp usually has no states so netstat can show nothing
> on port 1812 (most of the time).
No. The socket is open, so netstat should show it.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/
as far as i kno udp usually has no states so netstat can show nothing
on port 1812 (most of the time).
just a few guesses:
did you try radtest or radclient?
does "tcpdump udp port 1812" show any attempts of the ap to connect to
the server?
did you set up clients.conf?
markus
Zitat von "M
When I run radiusd, it says it is running properly, but I check with netstat -n
and I don't see anything listenning on port 1812. The port setting in the
configuration file is '0' (which is I think 1812 by default).
Is this normal? I don't think my ap can access to radius server..
Regards,
On
M. Onur ERGiN wrote:
> Hello,
>
> I am pretty new to radius.. I have installed the latest version on
> Fedora Core 5. I configured my AP. But now, I can't figure out how will
> the wireless clients authenticate. How will they enter their
> username/passwords?
This is not a radius question.
Wi
Hello,
I am pretty new to radius.. I have installed the latest version on Fedora Core
5. I configured my AP. But now, I can't figure out how will the wireless
clients authenticate. How will they enter their username/passwords?
Thanks,
Onur.
-
Looking for ea
Wayne Hill <[EMAIL PROTECTED]> wrote:
> But this:
> DEFAULT Auth-Type=System,My-Group=="filtered",NasType=Aleron
>
> Complains of an unexpected trailing comma.
Yeah, the parser is a little dumb. It should be a bit better in
1.1.2.
The solution is to list "My-group" as an attribute in the
di
That did it, but it's brought about some other weirdness. When I
replace Group with My-Group in some lines, I now get complaints about
an unexpected trailing comma, where there is none.
Eg. The following line returns with no error:
DEFAULT Auth-Type=System,Group=="filtered",NasType=Aleron
Wayne Hill <[EMAIL PROTECTED]> wrote:
> Right now, I have it set up with an entry for rad_group with the
> following:
>
> passwd rad_group{
> filename = /usr/local/etc/raddb/group
> format="*User-Name:~Group"
Don't use the "Group" attribute. It's for Unix groups.
The rlm
Hey guys/gals,
I'm a newbite with freeradius and have come upon an interesting issue.
Here at my job we've been using Radiator-ODBC for quite some time and
are hoping to phase this out and begin using freeradius, along with
some more modern hardware, instead.
Here's the issue I'm coming ac
dictionary.nokia file is here
VENDOR Nokia 94
ATTRIBUTE Nokia-IPSO-User-Role229 string Nokia
ATTRIBUTE Nokia-IPSO-SuperUser-Access 230 integer Nokia
users file is here
admin Auth-Type = Local, Password =="admin123"
Nokia-Ipso-User-Role
On Tue, 17 Jan 2006, Rich Marriner wrote:
The radacct will be empty, because your not working with accounting packets
using radtest, only Auth packets.
Fernando wrote:
Hy!
I have a dummy question...
running radtest, i get a Accept-Accept, and everything seems ok, but the
database radacct
The radacct will be empty, because your not working with accounting
packets using radtest, only Auth packets.
Fernando wrote:
Hy!
I have a dummy question...
running radtest, i get a Accept-Accept, and everything seems ok, but the
database radacct table doesn't get updated, in fact the t
Hy!
I have a dummy question...
running radtest, i get a Accept-Accept, and everything seems ok, but the
database radacct table doesn't get updated, in fact the table is blank
after many tests. Is it normal? Or i've mistaken something?
Thanks for the help
Fernando S.
SanInternet Systems
www
le remote
authorization on the Netscreen. If you have a chance, please post your
configuration. Thanks.
Chad
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mark
Tunnell
Sent: Friday, November 04, 2005 4:32 PM
To: FreeRadius users mailing list
Subje
I got it! It turns out that not all the dictionary files in
/usr/local/share/freeradius directory are included by default. Once I
added "$INCLUDE dictionary.netscreen" to the
/usr/local/share/freeradius/dictionary file, everything started working.
Thanks to everyone who responded,
Mark
-
L
Mark Tunnell <[EMAIL PROTECTED]> wrote:
> users: Matched entry markt at line 2
So, what is that entry?
If it's one of the ones you posted earlier, it should send back the
attributes you've configured.
At least, it does so in my configuration.
Are you sure you're using the same name
>I'm using FreeRADIUS 1.0.5. to authenticate admin logins to a
>NetScreen5. I'm able to authenticate accounts just fine. Now I'd
>like to begin pulling administrative privileges from the Radius
>server, but I haven't figured out how to do that. I've referenced the
>dictionary.netscreen fil
Sorry, I was using an "x" instead of an "X". Here's the full debug:
[EMAIL PROTECTED] ~]# radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.co
Mark Tunnell <[EMAIL PROTECTED]> wrote:
> Here's the debug from the Radius server:
>
> Ready to process requests.
> rad_recv: Access-Request packet from host 172.17.200.13:2913, id=16,
> length=51
> User-Name = "markt"
> User-Password = "testing"
> NAS-IP-Address = 172.
Can you show the debug output, as suggested in the README, INSTALL,
and FAQ?
Alan DeKok.
Here's the debug from the Radius server:
Ready to process requests.
rad_recv: Access-Request packet from host 172.17.200.13:2913, id=16,
length=51
User-Name = "markt"
User-Password =
Try changing NS-Admin-Privilege = "Read-Only-Admin"
To
NS-Admin-Privilege = "1"
Chad
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mark
Tunnell
Sent: Friday, November 04, 2005 1:23 PM
To: freeradius-users@lists.freeradius
Mark Tunnell <[EMAIL PROTECTED]> wrote:
> I've referenced the
> dictionary.netscreen file in my clients.conf file, nastype =
> netscreen,
That isn't necessary.
> I've tried various permutations like:
>
> markt Auth-Type := Local, User=Password == "testing"
> NS-Admin-Privilege = "Read-
I'm using FreeRADIUS 1.0.5. to authenticate admin logins to a
NetScreen5. I'm able to authenticate accounts just fine. Now I'd
like to begin pulling administrative privileges from the Radius
server, but I haven't figured out how to do that. I've referenced the
dictionary.netscreen file in my
"jamrock" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> I have done some reading re: radius in general and Freeradius in
particular.
>
> When should one use radius?
>
> I have read that radius is useful when one needs a centralized
user/password
> database. I guess that would be go
1 - 100 of 113 matches
Mail list logo