rlm_realm doesn't strip the username

Tomasz Zieleniewski tzieleniewski at gmail.com
Fri Oct 12 20:53:19 CEST 2007 

I forgot about the atachment:)

On 10/12/07, Tomasz Zieleniewski <tzieleniewski at gmail.com> wrote:
>
> I wasn't able to find anything meaningful so
> I attached the whole output in the log file.
>
> Bests
> Tomasz
>
> On 10/12/07, tnt at kalik.co.yu <tnt at kalik.co.yu> wrote:
> >
> > radiusd -X of the server startup.
> >
> > Ivan Kalik
> > Kalik Informatika ISP
> >
> >
> > Dana 12/10/2007, "Tomasz Zieleniewski" <tzieleniewski at gmail.com> piše:
> >
> > >I do not use clients.conf file, I use database.
> > >
> > >When I switch to my previous build 2.0.0-pre0 it works.
> > >When I run 2.0.0-pre2 it doesn't.
> > >I use the same configuration.
> > >
> > >Cheers
> > >tomasz
> > >
> > >On 10/12/07, tnt at kalik.co.yu <tnt at kalik.co.yu> wrote:
> > >>
> > >> Add this to clients.conf:
> > >>
> > >> client 127.0.0.1 {
> > >>         secret          = testing123
> > >>         shortname       = localhost
> > >> }
> > >>
> > >> Ivan Kalik
> > >> Kalik Informatika ISP
> > >>
> > >>
> > >>
> > >> Dana 12/10/2007, "Tomasz Zieleniewski" <tzieleniewski at gmail.com>
> > pi�e:
> > >>
> > >> >Thank you Alan
> > >> >
> > >> >I updated to 2.0.0-pre2. But now I have some errors and I can'
> > tcheck
> > >> >again:)
> > >> >Now when my NAS sends the Accounting request or I try to run
> > 'radtest'
> > >> tool,
> > >> >the verification fails.
> > >> >I didn't change anything in the configuration and in the database. I
> > have
> > >> >the same NAS configuration.
> > >> >I get the following error in the debug mode:
> > >> >
> > >> >Ignoring request to authentication address * 1812 from unknown
> > client
> > >> >127.0.0.1 port 37391
> > >> >
> > >> >Please point me what do I missed:)
> > >> >
> > >> >Best regards
> > >> >tomasz
> > >> >
> > >> >Tomasz Zieleniewski wrote:
> > >> >> > I am using radius version 2.0.0-pre0.
> > >> >> > I have the following problem that when I receive the
> > >> Accounting-Request
> > >> >> > with the username whose domain part is not checked with any of
> > my
> > >> realm
> > >> >> > defined in the proxy.conf file. The username is not stripped.
> > >> >> > I use the suffix rule for domain: 'username at domain" in my realm
> > >> module
> > >> >> > and I inoke it in preacct in radiusd.conf.
> > >> >> > I have the DEFAULT realm defined and it doesn't have the nostrip
> >
> > >> option
> > >> >> > activated.
> > >> >> > So I think when there is no domain match the username should
> > also be
> > >> >> > stripped??
> > >> >>
> > >> >>   Likely, yes.  What does debug mode say?
> > >> >>
> > >> >>   You could also try running CVS head, which has a number of fixes
> > over
> > >> >> 2.0-pre0.
> > >> >>
> > >> >>   Alan DeKok.
> > >> >>
> > >> >>
> > >> >> ------------------------------
> > >> >>
> > >> >> Message: 10
> > >> >> Date: Fri, 12 Oct 2007 10:16:43 -0300
> > >> >> From: "Sergio Belkin" < sebelk at gmail.com>
> > >> >> Subject: Re: TLS fatal access_denied
> > >> >> To: "FreeRadius users mailing list"
> > >> >>         < freeradius-users at lists.freeradius.org>
> > >> >> Message-ID:
> > >> >>         <8c6f7f450710120616t48014e18g8c02184fdaef6b97 at mail.gmail.com
> > >
> > >> >> Content-Type: text/plain; charset=ISO-8859-1
> > >> >>
> > >> >> 2007/10/11, tnt at kalik.co.yu <tnt at kalik.co.yu >:
> > >> >> > How sure are you that you are using EAP-TTLS?
> > >> >> >
> > >> >> > >  rlm_eap: EAP NAK
> > >> >> > > rlm_eap: EAP-NAK asked for EAP-Type/peap   <==
> > >> >> >
> > >> >> > Ivan Kalik
> > >> >> > Kalik Informatika ISP
> > >> >> >
> > >> >> > -
> > >> >> > List info/subscribe/unsubscribe? See
> > >> >> http://www.freeradius.org/list/users.html
> > >> >> >
> > >> >>
> > >> >> I am pretty sure because I has  default_eap_type = ttls. I've just
> >
> > >> >> fixed, it was a problem of certificates...
> > >> >>
> > >> >> thanks-
> > >> >>
> > >> >> --
> > >> >> --
> > >> >> Sergio Belkin -
> > >> >>
> > >> >>
> > >> >> ------------------------------
> > >> >>
> > >> >> -
> > >> >> List info/subscribe/unsubscribe? See
> > >> >> http://www.freeradius.org/list/users.html
> > >> >>
> > >> >>
> > >> >> End of Freeradius-Users Digest, Vol 30, Issue 49
> > >> >> ************************************************
> > >> >>
> > >> >
> > >> >
> > >>
> > >> -
> > >> List info/subscribe/unsubscribe? See
> > >> http://www.freeradius.org/list/users.html
> > >>
> > >
> > >
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20071012/7b97ced0/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: radiusdX.log
Type: application/octet-stream
Size: 17378 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20071012/7b97ced0/attachment.obj>

More information about the Freeradius-Users mailing list