Re: Configuration doubt
Osvaldohp wrote: This is my users file: mike Auth-Type = System, User-Password == mike Session-Timeout := 3600, What i am doing wrong? You're telling the server to look in /etc/passwd for the users password, and then also telling it what the users password is. Don't set Auth-Type. Use 1.1.6. Use Cleartext-Password, not User-Password, as suggested in the FAQ. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuration doubt
On Monday 16 July 2007 08:05:15 Alan DeKok wrote: Osvaldohp wrote: This is my users file: mike Auth-Type = System, User-Password == mike Session-Timeout := 3600, What i am doing wrong? You're telling the server to look in /etc/passwd for the users password, and then also telling it what the users password is. Don't set Auth-Type. Use 1.1.6. Use Cleartext-Password, not User-Password, as suggested in the FAQ. Alan DeKok. Don't forget to use the ':=' operator for the Cleartext-Password attribute, in addition to all of the above. -Kevin signature.asc Description: This is a digitally signed message part. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuration doubt
Help you with what? If you managed to add the password to the check table what could be the problem in adding Session-Timeout to the reply table? Ivan Kalik Kalik Informatika ISP Dana 16/7/2007, Osvaldohp [EMAIL PROTECTED] piše: I have a hotSpot that give access to the internet for my users. I use IPCOP with advproxy addon like a point controller. So when a user try to aceess the internet IPCOP (advproxy) ask for a username and password and then try to authenticate the user in the radius server. Everything is great so far my only problem is i can't limit the user to access the internet using Session-timeout attribute. I really don't know what i have to do now. Can someone help me? Message sent using Prodepa Webmail 2.7.9 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuration doubt
Hi Ivan. It worked just fine. Just what I needed! Thanks a lot. On 7/12/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: You can use huntgroups: nasA NAS-IP-Address == aaa.aaa.aaa.aaa User-Name = jane, User-Name = peter nasB NAS-IP-Address == bbb.bbb.bbb.bbb User-Name = john, User-Name = peter nasC NAS-IP-Address == ccc.ccc.ccc.ccc User-Name = john, User-Name = peter nasD NAS-IP-Address == ddd.ddd.ddd.ddd User-Name = george, User-Name = peter John can use B and C, Jane only A, George only D while Peter can use them all. If John tries to connect to A he will be rejected even if his credentials (user/pass) are correct. This also works with (SQL, Ldap) groups. This doesn't scale very well. It's a quick and easy solution for a small number of devices and users (groups). Ivan Kalik Kalik Informatika ISP Dana 12/7/2007, Thiago Drechsel [EMAIL PROTECTED] piše: Hi all. I'm new with freeradius. I'd like some help to configure my Radius server, in order to acomplish the following task: I have a radius server, called R. This radius authenticates users wha want to access our lab equipments, called A, B, C, D and etc. I want to restrict access to these equipments to some users, using radius. For example, user john only can access equipments B and C, but can't access equipments A and D. Can anyone help me with this task? Thanks in advance Thiago - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuration doubt
You can use huntgroups: nasA NAS-IP-Address == aaa.aaa.aaa.aaa User-Name = jane, User-Name = peter nasB NAS-IP-Address == bbb.bbb.bbb.bbb User-Name = john, User-Name = peter nasC NAS-IP-Address == ccc.ccc.ccc.ccc User-Name = john, User-Name = peter nasD NAS-IP-Address == ddd.ddd.ddd.ddd User-Name = george, User-Name = peter John can use B and C, Jane only A, George only D while Peter can use them all. If John tries to connect to A he will be rejected even if his credentials (user/pass) are correct. This also works with (SQL, Ldap) groups. This doesn't scale very well. It's a quick and easy solution for a small number of devices and users (groups). Ivan Kalik Kalik Informatika ISP Dana 12/7/2007, Thiago Drechsel [EMAIL PROTECTED] piše: Hi all. I'm new with freeradius. I'd like some help to configure my Radius server, in order to acomplish the following task: I have a radius server, called R. This radius authenticates users wha want to access our lab equipments, called A, B, C, D and etc. I want to restrict access to these equipments to some users, using radius. For example, user john only can access equipments B and C, but can't access equipments A and D. Can anyone help me with this task? Thanks in advance Thiago - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html