[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: Freeradius-Users digest, Vol 1 #911 - 23 msgs
From: "atanu das" <atanu_das () rediffmail ! com>
Date: 2002-07-30 8:50:04
[Download RAW message or body]
Thanks boein,
but i do not have the lines that u have mentioned in my sql.conf
file.
atanu
On Mon, 29 Jul 2002 freeradius-users-request@lists.cistron.nl
wrote :
>Send Freeradius-Users mailing list submissions to
> freeradius-users@lists.cistron.nl
>
>To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.cistron.nl/mailman/listinfo/freeradius-users
>or, via email, send a message with subject or body 'help' to
> freeradius-users-request@lists.cistron.nl
>
>You can reach the person managing the list at
> freeradius-users-admin@lists.cistron.nl
>
>When replying, please edit your Subject line so it is more
>specific
>than "Re: Contents of Freeradius-Users digest..."
>
>
>Today's Topics:
>
> 1. Fwd: sql_oracle.fix (Yuri Bazhukov)
> 2. Re: Cisco VSA & FreeRADIUS (Thomas Jalsovsky)
> 3. RE: EAP-TLS key generation (Henrik Eriksson)
> 4. Freeradius 0.5 + mysql stop to authenticate (Marcello
>Lupo)
> 5. Unique Problem !!! (atanu das)
> 6. Re: Unique Problem !!! (Boian Iliev Jordanov)
> 7. freeradius upgrade (Igor Chen)
> 8. Re: freeradius upgrade (Michael Bailey)
> 9. rlm_sqlcounter (=?iso-8859-1?Q?HOPPÁL_Felicián?=)
> 10. Passwd expiration (Ralf Korczykowski)
> 11. SQL fail-over (Thomas Jalsovsky)
> 12. Re: Passwd expiration (Andrew Kelaidis)
> 13. op field in SQL tables (Shpend Bakalli)
> 14. Re: op field in SQL tables (Alan DeKok)
> 15. Re: Basic User Group question (Alan DeKok)
> 16. Re: Problem with Group reject in 0.6 (Alan DeKok)
> 17. Re: EAP-TLS key generation (Alan DeKok)
> 18. Re: Freeradius 0.5 + mysql stop to authenticate (Alan
>DeKok)
> 19. Re: freeradius upgrade (Alan DeKok)
> 20. Re: freeradius upgrade (Alan DeKok)
> 21. Binaries for Mac OS X (Adam C. Acord)
> 22. RE: Binaries for Mac OS X (Jason Lixfeld)
> 23. Problems with stripping realm off LOCAL auth?
>(markcapelle@pcmc.com)
>
>--__--__--
>
>Message: 1
> From: "Yuri Bazhukov" <ybazhukov@ktl.ru>
>To: <freeradius-users@lists.cistron.nl>
>Subject: Fwd: sql_oracle.fix
>Date: Mon, 29 Jul 2002 19:27:33 +1300
>charset="koi8-r"
>Reply-To: freeradius-users@lists.cistron.nl
>
>Fix for sql_oracle driver in CVS and v. 0.7
>It returns 1 in case of success, which is wrong (should return
>0)
>
>=========================================================================>* Forwarded by <>
>* From: "root" <root@ardom.ktl.local>
>* Date: Mon, 29 Jul 2002 19:27:19 +1300
>* To: <ybazhukov@ktl.ru>
>=========================================================================>
>--- sql_oracle.c Fri Jul 12 05:29:00 2002 +++ sql_oracle.c.new
>Mon Jul 29
>19:23:04 2002 @@ -280,7 +280,7 @@
>
> oracle_sock->results=rowdata;
>
>- return 1;
>+ return 0;
> }
>
>
>
>=========================================================================>----=====----
>Yuri Bazhukov
>
>
>
>--__--__--
>
>Message: 2
>Date: Mon, 29 Jul 2002 10:49:59 +0200 (CEST)
> From: Thomas Jalsovsky <admin@postel.sk>
>To: freeradius-users@lists.cistron.nl
>Subject: Re: Cisco VSA & FreeRADIUS
>Reply-To: freeradius-users@lists.cistron.nl
>
>
> > I've tested freeradius 0.6 and it works fine, I'm planning to
>replace my
> > production radius now. I have only one problem, I'd like to
>log Cisco
> > VSAs (like nas-rx-speed, nas-tx-speed) in SQL database. I have
>50+
> > AS5350 an AS5400 with IOS 12.2 and it sends VSA accounting
>as
> > Cisco-AVPair. Cisco-vsa-hack does not work with this. Any
>solution? This
> > is a sample accounting-stop record:
>the cisco_vsa_hack is only for handling situation:
>Cisco-VSA = "Cisco-VSA=value"
>this will be rewritten to Cisco-VSA = value
>
>The hack does not handle situation
>Cisco-AVPair = "Cisco-VSA=value"
>
>you will have to expand the hack (what I did a year ago, but
>wasn't
>applied to the FR code).
>
>Regards,
> Thomas
>
> >
> > Fri Jul 26 22:56:34 2002
> > NAS-IP-Address = xxx
> > NAS-Port = 670
> > Cisco-NAS-Port = "Async5/22*Serial2/6:2"
> > NAS-Port-Type = Async
> > User-Name = "xxx"
> > Called-Station-Id = "xxx"
> > Calling-Station-Id = "xxx"
> > Acct-Status-Type = Stop
> > Acct-Authentic = RADIUS
> > Service-Type = Framed-User
> > Acct-Session-Id = "0E000D11"
> > Framed-Protocol = PPP
> > Framed-IP-Address = xxx
> > Acct-Terminate-Cause = Lost-Carrier
> > Acct-Input-Octets = 3597499
> > Acct-Output-Octets = 36347730
> > Acct-Input-Packets = 55748
> > Acct-Output-Packets = 74657
> > Acct-Session-Time = 7280
> > Cisco-AVPair = "disc-cause-ext�11"
> > Cisco-AVPair = "pre-bytes-in�3"
> > Cisco-AVPair = "pre-bytes-out�2"
> > Cisco-AVPair = "pre-paks-in=5"
> > Cisco-AVPair = "pre-paks-out=5"
> > Cisco-AVPair = "pre-session-time%"
> > Cisco-AVPair = "connect-progress`"
> > Cisco-AVPair = "nas-rx-speed(800"
> > Cisco-AVPair = "nas-tx-speedP000"
> > Acct-Delay-Time = 0
> > Client-IP-Address = xxx
> > Timestamp = 1027716994
> >
> > Best Regards,
> > Felician Hoppal
> >
> >
> >
>
>
>
>--__--__--
>
>Message: 3
> From: Henrik Eriksson <henrik.eriksson@axis.com>
>To: "'freeradius-users@lists.cistron.nl'"
><freeradius-users@lists.cistron.nl>
>Subject: RE: EAP-TLS key generation
>Date: Mon, 29 Jul 2002 11:02:38 +0200
>charset="iso-8859-1"
>Reply-To: freeradius-users@lists.cistron.nl
>
> > -----Original Message-----
> > From: Alan DeKok [mailto:aland@ox.org]
> > Sent: Friday, July 26, 2002 8:50 PM
> >
> > Ok... but the server already includes HMAC, MD5, and SHA1
> > functions. So it doesn't require -lcrypto.
> >
> > Would it be possible for you to re-write the patch to use
>the
> > functions which come with the server? That way, people
>without
> > -lcrypto can still use MPPE-keys
>
>I saw that Frank Cusack where going to fix that for code
>duplication reasons. Still, OpenSSL's libssl and libcrypto
>are needed for the TLS operations anyway so that dependency
>will not disappear.
>
> > Still, I'm inclined to add the patch, as a number of people
>have
> > said it works for them.
>
>I saw it was in the cvs. Great! The changes to
>modules/rlm_eap/eap.[ch] was left out though, so rlm_eap from
>cvs doesn't compile right now.
>
>/henrik
>
>
>--__--__--
>
>Message: 4
>Date: Mon, 29 Jul 2002 11:08:01 -0100
> From: Marcello Lupo <lupo@itspecialist.it>
>To: freeradius-users@lists.cistron.nl
>Subject: Freeradius 0.5 + mysql stop to authenticate
>Reply-To: freeradius-users@lists.cistron.nl
>
>Hi to all...
>I use freeradius 0.5 with mysql 3.23.39 on slackware 8.0.
>The problem now is happened 2 times.
>After 10-15 days of work the radius server stop to authenticate
>requests
>tha it have to handle directly with mysql, while it continue
>perfectly
>to authenticate request that are proxied to another server.
>
>
>I have a infinite list of Login Incorrect in my log and only
>Login OK
>for proxied requests.
>I tried to kill -1 the main radius process and the problem
>persist. I
>had to kill -9 the main radius process and restart it manually.
>There
>was 12 radius processes at that time.
>
>This is some logs.
>
>Mon Jul 29 10:44:18 2002 : Auth: Login incorrect: [seff/xxxx]
>(from nas
>as53001 port 20025)
>Mon Jul 29 10:44:19 2002 : Auth: Login incorrect: [emanuele/xxxx]
>(from
>nas main port 10116 cli 035xxxxx)
>Mon Jul 29 10:44:19 2002 : Auth: Login incorrect: [valligran/xxx]
>(from
>nas main port 10126 cli 035xxxxx)
>Mon Jul 29 10:44:20 2002 : Auth: Login OK: [pg.000023@pg] (from
>nas main
>port 10131 cli 0363xxxxx)
>Mon Jul 29 10:44:20 2002 : Auth: Login incorrect: [grcsrl/xxxx]
>(from
>nas as53001 port 20028 cli 035xxxxx)
>Mon Jul 29 10:44:23 2002 : Auth: Login incorrect: [leidi/xxxx]
>(from nas
>main port 10122 cli 035xxxx)
>Mon Jul 29 10:44:24 2002 : Auth: Login incorrect: [emanuele/xxxx]
>(from
>nas main port 10109 cli 035xxxxx)
>Mon Jul 29 10:44:25 2002 : Info: Sending duplicate authentication
>reply
>to client main:63431 - ID: 243
>Mon Jul 29 10:44:25 2002 : Info: Sending duplicate authentication
>reply
>to client main:63431 - ID: 244
>Mon Jul 29 10:44:27 2002 : Auth: Login incorrect: [valligran/xxx]
>(from
>nas main port 10115 cli 035xxxxxx)
>Mon Jul 29 10:44:27 2002 : Info: Sending duplicate authentication
>reply
>to client main:63431 - ID: 245
>
>Have you any suggestion?
>
>There is a way to have logged all the debug output of radius
>-xxyy to a
>file instead of stdout?
>So i can try to leave for 15 days it on with the debug and after
>i can
>see what he is doing?
>
>Thank you bye,
>MArcello
>
>
>--__--__--
>
>Message: 5
>Date: 29 Jul 2002 09:58:39 -0000
> From: "atanu das" <atanu_das@rediffmail.com>
>To: freeradius-users@lists.cistron.nl
>Subject: Unique Problem !!!
>format=flowed
>Reply-To: freeradius-users@lists.cistron.nl
>
>Dear FreeRadius users,
>
>We have got a avery unique problem in our entire ISP
>(experimental
>setup).
>The problem is like this.
>
>Our central billing server is located in location "A" and apart
> from the central dialup node in
>
>location "A", we also have two other nodes in location "B" and
>location "C".
>
>
> +---------+
> | NAS |
> +---------+
> |
> |
> +----------------------+
> | Centralised Billing |
> | & Authentication | LOCATION "A"
> | Server. |
> | REMOTE RADIUS SERVER |
> +----------------------+
> / \
> / \
>+----------------/----------+ +-------\-----------------+
>| / | | \ |
>| +---------------------+ | | +---------------------+ |
>| | PROXY RADIUS SERVER | | | | PROXY RADIUS SERVER | |
>| | (Forwarding Server) | | | | (Forwarding Server) | |
>| +---------------------+ | | +---------------------+ |
>| | | | | |
>| | | | | |
>| +----------+ | | +--------+ |
>| | NAS | | | | NAS | |
>| +----------+ | | +--------+ |
>| LOCATION "B" | | LOCATION "C" |
>| | | |
>+---------------------------+ +-------------------------+
>
>Location "B" and location "C" forwards all the authentication
>packets of the dial-up users to the
>
>remote radius server located at "A". Location "A" authenticates
>the user and sends the
>
>access-accept or access-reject packet back to the two nodes
>i.e.,
>either at location "B" and
>
>location "C". Subsequently, if any users are authenticated at
>any
>of the two nodes "B" or "C", a
>
>detail file is created at the nodes as well as in the main
>remote
>server at "A". Right now we are
>
>using MySql for Authentication, Authorization and Accounting,
>and
>this MySQL databse is in the
>
>remote Radius Server at Location "A" where our billing server
>bills the users accordingly.
>
>As I have mentioned earlier, a detail file is created at the
>nodes
>as well as in the remote
>
>server. I am not having any problems as long as the link
>between
>all the networks is up.
>
>The problem arises when the link between location "A" and
>location
>"B" or between location "A"
>
>and location "C" is down.
>
>Supposing a users connects at location "B". He is
>authenticated,
>authorised and billing starts at
>
>Location "A". The accounting database is updated with the
>"start-entry" of the user at location
>
>"A". Now while he is connected, the link between Location "A"
>and
>location "B" fails. The
>
>connected user, when he sees the link is down, disconnects from
>the NAS. The detail file entry of
>
>the user is updated in location "B", but since the link is
>down,
>it could not send the "stop
>
>entry" of the user to the central server at Location "A" nor it
>could generate the detail file at
>
>location "A". Due to this, the database is updated with
>stop-time
>0.00 and the billing of the
>
>user go on. Next time when he tries to login, when the link
>comes
>up, he is denied access, as the
>
>central server it is still showing the user as connected.
>
>So how do I solve this problem? Is my setup is correct or there
>are some other methods in Radius?
>
>
>Atanu Das
>System Develeopment
>SS NetCom Pvt Ltd
>
>
>
>
>--__--__--
>
>Message: 6
>charset="windows-1251"
> From: Boian Iliev Jordanov <bjordanov@orbitel.bg>
>Organization: Orbitel Inc
>To: freeradius-users@lists.cistron.nl
>Subject: Re: Unique Problem !!!
>Date: Mon, 29 Jul 2002 13:52:29 +0300
>Reply-To: freeradius-users@lists.cistron.nl
>
>Íà Monday 29 July 2002 12:58, atanu das
>íàïèñàõòå:
> > ser go on. Next time when he tries to login, when the link
>comes
> > up, he is denied access, as the
> >
> > central server it is still showing the user as connected.
> >
> > So how do I solve this problem? Is my setup is correct or
>there
> > are some other methods in Radius?
>
>Hi
>use in sql.conf file the following directive deletestalesessions
>= yes
>and uncomment following in the sql.conf
>---
># Uncomment simul_count_query to enable simultaneous use
>checking
># simul_count_query = "SELECT COUNT(*) FROM ${acct_table1}
>WHERE
>UserName='%{SQL-User-Name}' AND AcctStopTime = 0"
>---
>Also read the Simultaneous-Use under docs directory.
>
>
>--
>--
>Best Regards,
>
>Boian Jordanov
>SNE
>Orbitel - the Internet Company
>tel. +359 2 937 07 23
>
>
>
>--__--__--
>
>Message: 7
>Date: Mon, 29 Jul 2002 14:26:01 +0300 (EEST)
> From: Igor Chen <cron@office.lintec.com.ua>
>To: freeradius users <freeradius-users@lists.cistron.nl>
>Subject: freeradius upgrade
>Reply-To: freeradius-users@lists.cistron.nl
>
>Hi!
>I tried to upgrade my freeradius-snapshot-20020131 to freeradius
>0.7, but
>it seems to have many differences in .conf files. Where can i
>read
>about new file format?
>
>--
>cron-ripe
>
>
>
>--__--__--
>
>Message: 8
>Date: Mon, 29 Jul 2002 12:49:58 +0000
> From: Michael Bailey <mbailey@empoweredsystems.com>
>To: freeradius-users@lists.cistron.nl
>Subject: Re: freeradius upgrade
>Reply-To: freeradius-users@lists.cistron.nl
>
>On Mon, Jul 29, 2002 at 02:26:01PM +0300, Igor Chen wrote:
> > Hi!
> > I tried to upgrade my freeradius-snapshot-20020131 to
>freeradius 0.7, but
> > it seems to have many differences in .conf files. Where can i
>read
> > about new file format?
>
>Diff is your friend.
>
>(diff -u freeradius-0.6/raddb/radiusd.conf
>freeradius-0.7/raddb/radiusd.conf)
>
>radiusd.conf has no uncommented changes
>sql.conf has %{NAS-Port-Id} changed to %{NAS-Port} in
>accounting_start_query
>and accounting_stop_query_alt
>
>Would it be possible to break up the really long lines in
>sql.conf
>to make reading easier? It took some effort to scan for the
>field
>that was changed.
>
>cheers,
>
>Mike
>
>
>--__--__--
>
>Message: 9
> From: =?iso-8859-1?Q?HOPPÁL_Felicián?><felician.hoppal@enternet.hu>
>To: <freeradius-users@lists.cistron.nl>
>Subject: rlm_sqlcounter
>Date: Mon, 29 Jul 2002 15:18:29 +0200
>charset="iso-8859-1"
>Reply-To: freeradius-users@lists.cistron.nl
>
>Hello,
>
>I'd like to use rlm_sqlcounter with freeradius 0.7 (using oracle
>backend)>,
>but it does not work. I have the following config:
>
> sqlcounter totalcounter {
> counter-name = Total-Session-Time
> check-name = Total-Time-Limit
> sqlmod-inst = sql
> key = User-Name
> reset = never
> query = "SELECT SUM(AcctSessionTime) a FROM
>acct_intern>et
>WHERE UserName='%{%k}'"
> }
>
>When i try to authenticate the user with Total-Time-Limit check
>attribute>:
>
>rlm_sqlcounter: Entering module authorize code
>sqlcounter_expand: 'SELECT SUM(AcctSessionTime) a FROM
>acct_internet WHE>RE
>UserName='%{User-Name}''
>radius_xlat: 'SELECT SUM(AcctSessionTime) a FROM acct_internet
>WHERE
>UserName='jakab303@netelek.hu''
>sqlcounter_expand: '%{sql:SELECT SUM(AcctSessionTime) a FROM
>acct_intern>et
>WHERE UserName='jakab303@netelek.hu'}'
>radius_xlat: Runing registered xlat function of module sql for
>string
>'SELECT SUM(AcctSessionTime) a FROM acct_internet WHERE
>UserName='jakab303@netelek.hu''
>rlm_sql: - sql_xlat
>radius_xlat: 'SELECT SUM(AcctSessionTime) a FROM acct_internet
>WHERE
>UserName='jakab303@netelek.hu''
>rlm_sql: Reserving sql socket id: 4
>rlm_sql: - sql_xlat finished
>rlm_sql: Released sql socket id: 4
>radius_xlat:
>'h???ÀÙÑ*p???p???ÐÙÑ*ÐÙÑ*ØÙÑ*ØÙÑ*àÙÑ*>àÙÑ*èÙÑ*èÙÑ*ðÙÑ*ðÙÑ*øÙÑ*øÙÑ*'
>rlm_sqlcounter: (Check item - counter) is greater than zero
>rlm_sqlcounter: Authorized user jakab303@netelek.hu,
>check_item=216000,
>counter=0
>rlm_sqlcounter: Sent Reply-Item for user jakab303@netelek.hu,
>Type=Session-Timeout, value=216000
> modcall[authorize]: module "totalcounter" returns ok
>
>I think variable "counter" should be equal to the result of sql
>query. Bu>t
>counter = 0, and FreeRADIUS does not apply the correct
>Session-Timeout >to
>the user.
>
>SQL> SELECT SUM(AcctSessionTime) a FROM acct_internet WHERE
>UserName='jakab303@netelek.hu';
>
> A
>----------
> 44318
>
>Thank You,
>Felician Hoppal
>
>
>
>
>
>--__--__--
>
>Message: 10
>Date: Mon, 29 Jul 2002 15:23:50 +0200
> From: Ralf Korczykowski <rk@ordix.de>
>To: freeradius-users@lists.cistron.nl
>Subject: Passwd expiration
>Reply-To: freeradius-users@lists.cistron.nl
>
>Hi-
>
>We are experiencing problems configuring the
>"Password-Expiration" attribute using freeradius 0.6
>communicating with an Ascend MAX2012, TAOS 7.2.4.
>
>
>Is the "Password-Expiration" item supposed to be set
>as a check or reply item / Which device is validating
>the expiration, the radiusd or the nas?
>
>What operand should be used?
>
>
>
>Thanks a bunch in advance.
>
>
>ralf
>--
>---
>
>
>Dipl.-Ing. Ralf Korczykowski
>Senior Consultant Systeme & Netze
>
>ORDIX AG
>Westernmauer 12-13
>D-33098 Paderborn
>
>Tel. 05251-1063-14
>FAX. 05251-1063-99
>Email: rk@ordix.de
>http://www.ordix.de
>
>
>
>--__--__--
>
>Message: 11
>Date: Mon, 29 Jul 2002 15:27:27 +0200 (CEST)
> From: Thomas Jalsovsky <admin@postel.sk>
>To: FreeRADIUS Mailing list <freeradius-users@lists.cistron.nl>
>cc: freeradius-devel@lists.cistron.nl
>Subject: SQL fail-over
>Reply-To: freeradius-users@lists.cistron.nl
>
>
>Hello,
>
> what is the status of the SQL fail-over code? Does it work? I
>tested half year ago but it didn't work. Does anybody working on
>it?
>
> Thanks in advance,
> Thomas
>
>
>
>--__--__--
>
>Message: 12
> From: "Andrew Kelaidis" <akelaidis@hotmail.com>
>To: freeradius-users@lists.cistron.nl
>Subject: Re: Passwd expiration
>Date: Mon, 29 Jul 2002 16:41:48 +0300
>Reply-To: freeradius-users@lists.cistron.nl
>
> >Hi-
> >
> >We are experiencing problems configuring the
>"Password-Expiration"
> >attribute using freeradius 0.6
> >communicating with an Ascend MAX2012, TAOS 7.2.4.
> >
> >Is the "Password-Expiration" item supposed to be set
> >as a check or reply item / Which device is validating
> >the expiration, the radiusd or the nas?
>
>The attribute is "Expiration" and is a check item.
>
> >
> >What operand should be used?
> >
> >Thanks a bunch in advance.
>
>_________________________________________________________________
>MSN Photos is the easiest way to share and print your photos:
>http://photos.msn.com/support/worldwide.aspx
>
>
>
>--__--__--
>
>Message: 13
> From: "Shpend Bakalli" <shbakalli@gmx.net>
>To: <freeradius-users@lists.cistron.nl>
>Subject: op field in SQL tables
>Date: Mon, 29 Jul 2002 16:05:51 +0200
>charset="iso-8859-1"
>Reply-To: freeradius-users@lists.cistron.nl
>
>Hi everybody,
>
>Can somebody tell me the meaning of the "op" field in the SQL
>tables of
>freeradius (radcheck, radreply etc.).
>
>thanx,
>Shpend Bakalli
>
>
>
>
>--__--__--
>
>Message: 14
> From: "Alan DeKok" <aland@ox.org>
>To: freeradius-users@lists.cistron.nl
>Subject: Re: op field in SQL tables
><008d01c23709$137bd0b0$0b000a0a@pickelo>
>Date: Mon, 29 Jul 2002 10:24:07 -0400
>Reply-To: freeradius-users@lists.cistron.nl
>
>"Shpend Bakalli" <shbakalli@gmx.net> wrote:
> > Can somebody tell me the meaning of the "op" field in the SQL
>tables of
> > freeradius (radcheck, radreply etc.).
>
> 'man 5 users'. It's not perfect, but it's there.
>
> Alan DeKok.
>
>
>--__--__--
>
>Message: 15
> From: "Alan DeKok" <aland@ox.org>
>To: freeradius-users@lists.cistron.nl
>Subject: Re: Basic User Group question
><001401c23684$27127820$50043b41@rsquires>
>Date: Mon, 29 Jul 2002 10:24:37 -0400
>Reply-To: freeradius-users@lists.cistron.nl
>
>"Roger Squires" <rsquires@flash.net> wrote:
> > Users should be authenticated against the passwd file, then
>segregated based
> > on their unix 'groups' entry, and have different cisco (I have
>a Cisco 5200
> > NAS) access-lists applied to them based on which group they
>belong to. Any
> > help or an example would be greatly appreciated !
>
> The FAQ and the 'users' file distributed with the server?
>
> Alan DeKok.
>
>
>--__--__--
>
>Message: 16
> From: "Alan DeKok" <aland@ox.org>
>To: freeradius-users@lists.cistron.nl
>Subject: Re: Problem with Group reject in 0.6
><1027909199.22334.10.camel@bajor.istnet.net.au>
>Date: Mon, 29 Jul 2002 10:25:28 -0400
>Reply-To: freeradius-users@lists.cistron.nl
>
>bart <bart@istnet.net.au> wrote:
> > Upgrade to 0.6 seems to have broken my Group Reject config.
> > Can anyone tell me what I'm doing wrong?
>
> 0.5 had problems with the Group attribute. 0.6 shouldn't.
>
> Try upgrading to 0.7.
>
> Alan DeKok.
>
>
>--__--__--
>
>Message: 17
> From: "Alan DeKok" <aland@ox.org>
>To: freeradius-users@lists.cistron.nl
>Subject: Re: EAP-TLS key generation
><B6B64A8D263A4945BB5DCF3F9F400EB401600351@mailse02.axis.se>
>Date: Mon, 29 Jul 2002 10:27:20 -0400
>Reply-To: freeradius-users@lists.cistron.nl
>
>Henrik Eriksson <henrik.eriksson@axis.com> wrote:
> > I saw it was in the cvs. Great! The changes to
> > modules/rlm_eap/eap.[ch] was left out though, so rlm_eap
> from
> > cvs doesn't compile right now.
>
> Sorry, it should be OK now.
>
> As for Frank's comment, I think it may be useful/possible to
>have an
>'rlm_mppe' module. That should remove the duplication, and
>simplify
>the code.
>
> Alan DeKok.
>
>
>--__--__--
>
>Message: 18
> From: "Alan DeKok" <aland@ox.org>
>To: freeradius-users@lists.cistron.nl
>Subject: Re: Freeradius 0.5 + mysql stop to authenticate
><3D453021.22B2FC93@itspecialist.it>
>Date: Mon, 29 Jul 2002 10:28:38 -0400
>Reply-To: freeradius-users@lists.cistron.nl
>
>Marcello Lupo <lupo@itspecialist.it> wrote:
> > I use freeradius 0.5 with mysql 3.23.39 on slackware 8.0.
> > The problem now is happened 2 times.
> > After 10-15 days of work the radius server stop to
>authenticate requests
> > tha it have to handle directly with mysql, while it continue
>perfectly
> > to authenticate request that are proxied to another server.
>
> Upgrade to 0.7. 0.5 had issues that if the connection to the
>MySQL
>server went down, it would have problems coming back up.
>
> > There is a way to have logged all the debug output of radius
>-xxyy to a
> > file instead of stdout?
>
> Not right now, no. This could go into the next release.
>
> Alan DeKok.
>
>
>--__--__--
>
>Message: 19
> From: "Alan DeKok" <aland@ox.org>
>To: freeradius-users@lists.cistron.nl
>Subject: Re: freeradius upgrade
><Pine.LNX.4.33.0207291347510.1752-100000@office.lintec.com.ua>
>Date: Mon, 29 Jul 2002 10:30:03 -0400
>Reply-To: freeradius-users@lists.cistron.nl
>
>Igor Chen <cron@office.lintec.com.ua> wrote:
> > I tried to upgrade my freeradius-snapshot-20020131 to
>freeradius 0.7, but
> > it seems to have many differences in .conf files. Where can i
>read
> > about new file format?
>
> There isn't a new file format. Some of the configuration
>entries
>have been updated, changed, or have had additional
>documentation
>written.
>
> Alan DeKok.
>
>
>
>--__--__--
>
>Message: 20
> From: "Alan DeKok" <aland@ox.org>
>To: freeradius-users@lists.cistron.nl
>Subject: Re: freeradius upgrade
><20020729124958.G1396@empoweredsystems.com>
>Date: Mon, 29 Jul 2002 10:30:34 -0400
>Reply-To: freeradius-users@lists.cistron.nl
>
>Michael Bailey <mbailey@empoweredsystems.com> wrote:
> > Would it be possible to break up the really long lines in
>sql.conf
> > to make reading easier?
>
> Yes. There was a patch posted last week or so which I will
>probably
>apply this week.
>
> Alan DeKok.
>
>
>--__--__--
>
>Message: 21
>Date: Mon, 29 Jul 2002 10:21:26 -0500
>Subject: Binaries for Mac OS X
> From: "Adam C. Acord" <acacord@mac.com>
>To: freeradius-users@lists.cistron.nl
>Reply-To: freeradius-users@lists.cistron.nl
>
>Has anyone successfully compiled the FreeRadius Server under Mac
>OS X?
>If so, would you be interested in sending me the details, or even
>a
>binary?
>
>Please respond to me directly, as I'm not yet a member of the
>list.
>
>Thanks in advance
>
>-aa
>
>
>
>--__--__--
>
>Message: 22
> From: "Jason Lixfeld" <jlixfeld@fastvibe.com>
>To: <freeradius-users@lists.cistron.nl>
>Cc: <acacord@mac.com>
>Subject: RE: Binaries for Mac OS X
>Date: Mon, 29 Jul 2002 11:25:38 -0400
>charset="us-ascii"
>Reply-To: freeradius-users@lists.cistron.nl
>
>If I'm not mistaken, the *NIX OS X kernel is a FreeBSD variant,
>is it
>not? Anything you can compile for FreeBSD would work on OS X?
>
> > -----Original Message-----
> > From: freeradius-users-admin@lists.cistron.nl
> > [mailto:freeradius-users-admin@lists.cistron.nl] On Behalf
>Of
> > Adam C. Acord
> > Sent: Monday, July 29, 2002 11:21 AM
> > To: freeradius-users@lists.cistron.nl
> > Subject: Binaries for Mac OS X
> >
> >
> > Has anyone successfully compiled the FreeRadius Server under
> > Mac OS X?
> > If so, would you be interested in sending me the details, or
>even a
> > binary?
> >
> > Please respond to me directly, as I'm not yet a member of the
>list.
> >
> > Thanks in advance
> >
> > -aa
> >
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
>
>
>
>
>--__--__--
>
>Message: 23
>Subject: Problems with stripping realm off LOCAL auth?
>To: freeradius-users@lists.cistron.nl
> From: markcapelle@pcmc.com
>Date: Mon, 29 Jul 2002 10:47:34 -0500
>Reply-To: freeradius-users@lists.cistron.nl
>
>I am having a problem when sending a realm to LOCAL. It seems
>that when
>sent to LOCAL the realm is not being stripped off so my LDAP
>search for the
>user fails. When I send the request off to a back-end RADIUS
>server, the
>realm is stripped and the auth request succeeds. Anyone have any
>ideas on
>what I am doing wrong? I read the documentation and it says that
>the realm
>is stripped off by default unless the "nostrip" option is used in
>the
>proxy.conf file. Here is a snippet from my proxy.conf file...
>----- proxy.conf -----
>realm x.com {
> type = radius
> authhost = LOCAL
> accthost = LOCAL
>}
>
>realm y.com {
> type = radius
> authhost = 10.0.y.yy:1812
> accthost = 10.0.y.yy:1813
> secret = testing123
>}
>------------------------------
>
>
>
>
>
>--__--__--
>
>-
>List info/subscribe/unsubscribe? See
>http://www.freeradius.org/list/users.html
>
>
>End of Freeradius-Users Digest-
>List info/subscribe/unsubscribe? See
>http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic