Re: Configuration doubt

2007-07-16 Thread Alan DeKok 
Osvaldohp wrote:
 This is my users file:
 mike  Auth-Type = System, User-Password == mike
   Session-Timeout := 3600,
 
 What i am doing wrong?

  You're telling the server to look in /etc/passwd for the users
password, and then also telling it what the users password is.

  Don't set Auth-Type.

  Use 1.1.6.

  Use Cleartext-Password, not User-Password, as suggested in the FAQ.

  Alan DeKok.
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Configuration doubt

2007-07-16 Thread Kevin Bonner 
On Monday 16 July 2007 08:05:15 Alan DeKok wrote:
 Osvaldohp wrote:
  This is my users file:
  mike  Auth-Type = System, User-Password == mike
Session-Timeout := 3600,
 
  What i am doing wrong?

   You're telling the server to look in /etc/passwd for the users
 password, and then also telling it what the users password is.

   Don't set Auth-Type.

   Use 1.1.6.

   Use Cleartext-Password, not User-Password, as suggested in the FAQ.

   Alan DeKok.

Don't forget to use the ':=' operator for the Cleartext-Password attribute, in 
addition to all of the above.

-Kevin


signature.asc
Description: This is a digitally signed message part.
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Configuration doubt

2007-07-16 Thread tnt 
Help you with what? If you managed to add the password to the check table
what could be the problem in adding Session-Timeout to the reply table?

Ivan Kalik
Kalik Informatika ISP


Dana 16/7/2007, Osvaldohp [EMAIL PROTECTED] piše:

I have a hotSpot that give access to the internet for my users. I use IPCOP
with advproxy addon like a point controller.
So when a user try to aceess the internet IPCOP (advproxy) ask for a
username and password and then try to authenticate the user in the radius
server.
Everything is great so far my only problem is i can't limit the user to
access the internet using Session-timeout attribute.
I really don't know what i have to do now. Can someone help me?


Message sent using Prodepa Webmail 2.7.9


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Configuration doubt

2007-07-13 Thread Thiago Drechsel 

Hi Ivan.

It worked just fine. Just what I needed!

Thanks a lot.

On 7/12/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:


You can use huntgroups:

nasA   NAS-IP-Address == aaa.aaa.aaa.aaa
   User-Name = jane,
   User-Name = peter

nasB   NAS-IP-Address == bbb.bbb.bbb.bbb
   User-Name = john,
   User-Name = peter

nasC   NAS-IP-Address == ccc.ccc.ccc.ccc
   User-Name = john,
   User-Name = peter

nasD   NAS-IP-Address == ddd.ddd.ddd.ddd
   User-Name = george,
   User-Name = peter

John can use B and C, Jane only A, George only D while Peter can use them
all. If John tries to connect to A he will be rejected even if his
credentials (user/pass) are correct. This also works with (SQL, Ldap)
groups. This doesn't scale very well. It's a quick and easy solution
for a small number of devices and users (groups).

Ivan Kalik
Kalik Informatika ISP


Dana 12/7/2007, Thiago Drechsel [EMAIL PROTECTED] piše:

Hi all.

I'm new with freeradius. I'd like some help to configure my Radius
server,
in order to acomplish the following task:

I have a radius server, called R. This radius authenticates users wha
want
to access our lab equipments, called A, B, C, D and etc.


I want to restrict access to these equipments to some users, using
radius.
For example, user john only can access equipments B and C, but can't
access equipments A and D.

Can anyone help me with this task?


Thanks in advance

Thiago



-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Configuration doubt

2007-07-12 Thread tnt 
You can use huntgroups:

nasA   NAS-IP-Address == aaa.aaa.aaa.aaa
   User-Name = jane,
   User-Name = peter

nasB   NAS-IP-Address == bbb.bbb.bbb.bbb
   User-Name = john,
   User-Name = peter

nasC   NAS-IP-Address == ccc.ccc.ccc.ccc
   User-Name = john,
   User-Name = peter

nasD   NAS-IP-Address == ddd.ddd.ddd.ddd
   User-Name = george,
   User-Name = peter

John can use B and C, Jane only A, George only D while Peter can use them
all. If John tries to connect to A he will be rejected even if his
credentials (user/pass) are correct. This also works with (SQL, Ldap)
groups. This doesn't scale very well. It's a quick and easy solution
for a small number of devices and users (groups).

Ivan Kalik
Kalik Informatika ISP


Dana 12/7/2007, Thiago Drechsel [EMAIL PROTECTED] piše:

Hi all.

I'm new with freeradius. I'd like some help to configure my Radius server,
in order to acomplish the following task:

I have a radius server, called R. This radius authenticates users wha want
to access our lab equipments, called A, B, C, D and etc.


I want to restrict access to these equipments to some users, using radius.
For example, user john only can access equipments B and C, but can't
access equipments A and D.

Can anyone help me with this task?


Thanks in advance

Thiago



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html