My Static IP Client conf. not work

Tevfik Ceydeliler tevfik.ceydeliler at astron.yasar.com.tr
Tue Jan 12 08:15:05 CET 2010 

Hi Adrian,
I change the operator for Framed IP Address and Netmask.
But nothing changed.
Client  get Access-Accept but no IP address assigned. I check it with "ipconfig" 
Regards...


 Tevfik Ceydeliler
  



-----Original Message-----
From: freeradius-users-bounces+tevfik.ceydeliler=astron.yasar.com.tr at lists.freeradius.org [mailto:freeradius-users-bounces+tevfik.ceydeliler=astron.yasar.com.tr at lists.freeradius.org] On Behalf Of freeradius-users-request at lists.freeradius.org
Sent: Monday, January 11, 2010 6:59 PM
To: freeradius-users at lists.freeradius.org
Subject: Freeradius-Users Digest, Vol 57, Issue 31

Send Freeradius-Users mailing list submissions to
	freeradius-users at lists.freeradius.org

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.freeradius.org/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
	freeradius-users-request at lists.freeradius.org

You can reach the person managing the list at
	freeradius-users-owner at lists.freeradius.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

   1. RE: My Static IP Client conf. not work (Adrian Boros)
   2. Re: rlm_sqlippool required? (John Dennis)
   3. NT/LM password from LDAP (PAP works, MSCHAP doesn't).
      (Lech Karol Paw?aszek)


----------------------------------------------------------------------

Message: 1
Date: Mon, 11 Jan 2010 09:38:18 -0500
From: "Adrian Boros" <adrian at dsl4u.ca>
Subject: RE: My Static IP Client conf. not work
To: "'FreeRadius users mailing list'"
	<freeradius-users at lists.freeradius.org>
Message-ID: <0fc901ca92cb$b789fad0$269df070$@ca>
Content-Type: text/plain;	charset="us-ascii"

Hello Tevfik,

Try changing the operator from == to := when assigning the Framed IP and Framed Netmask.  I would also recommend it for others but
you're better off reading the following link which should give you an understanding of the operators in use:

http://wiki.freeradius.org/Operators

Best regards,
Adrian Boros

-----Original Message-----
From: freeradius-users-bounces+adrian=dsl4u.ca at lists.freeradius.org
[mailto:freeradius-users-bounces+adrian=dsl4u.ca at lists.freeradius.org] On Behalf Of Tevfik Ceydeliler
Sent: Monday, January 11, 2010 4:55 AM
To: freeradius-users at lists.freeradius.org
Subject: My Static IP Client conf. not work


Hi,
I have a client, when I put this client into an IP pool everything is
ok. But when I move him for framed-Ip (static IP),he can't get that IP
address.
Note: I use a secovid as realm and NAS is Telecom Operator (For APN)
I dont know what i should check. Can you help me to start?
#################################################################
Here is the user configuration:
FOR POOL -->
tevfikceydeliler       Service-Type ==
Framed-User,Packet-Type==Access-Request, Proxy-To-Realm := 10.1.1.51,
Pool-Name := BirmasGPRS

For Static IP -->
tevfikceydeliler        Packet-Type==Access-Request, 
				Proxy-To-Realm := 10.1.1.51, 
				Framed-IP-Address == 172.30.65.90, 
				Framed-IP-Netmask == 255.255.255, 
				Framed-MTU = 1500, 
				Framed-Routing = None, 
				Framed-Protocol = PPP, 
				Service-Type = Framed, 
				Fall-Through = Yes

AND DEFAULTS -->
DEFAULT Framed-Protocol == PPP
        Framed-Protocol = PPP,
        Framed-Compression = Van-Jacobson-TCP-IP

DEFAULT Hint == "CSLIP"
        Framed-Protocol = SLIP,
        Framed-Compression = Van-Jacobson-TCP-IP

DEFAULT Hint == "SLIP"                            
        Framed-Protocol = SLIP

DEFAULT Auth-Type := Accept

###################################################

Bu elektronik postada bulunan tum fikir ve gorusler ve ekindeki dosyalar sadece adres sahip/sahiplerine ait olup, Yasar Toplulugu
Sirketleri bu mesajin icerigi ile ilgili olarak hic bir hukuksal sorumlulugu kabul etmez. Eger gonderilmesi dusunulen kisi veya
kurulus degilseniz, lutfen gonderen kisiyi derhal haberdar ediniz ve mesaji sisteminizden siliniz.The information contained in this
e-mail and any files transmitted with it are intended solely for the use of the individual or entity to whom they are addressed and
Yasar Group Companies do not accept legal responsibility for the contents. If you are not the intended recipient, please immediately
notify the sender and delete it from your system.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



------------------------------

Message: 2
Date: Mon, 11 Jan 2010 11:38:31 -0500
From: John Dennis <jdennis at redhat.com>
Subject: Re: rlm_sqlippool required?
To: FreeRadius users mailing list
	<freeradius-users at lists.freeradius.org>
Message-ID: <4B4B5407.8060901 at redhat.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

On 01/09/2010 04:33 PM, John Kane wrote:
>> John Kane wrote:
>>> Is the rlm_sqlippool required when allocating IPs from an SQL DB?
>>
>>    Yes.
>>
>>>   I am
>>> trying to set this up on a 1.1.3 install, and don't see that module.
>>
>>    Install 2.1.8.
>>
>>    Alan DeKok.
>> -
>
> Thanks Alan, unfortunately I am chained to Red Hat RPMs on this project,
> and their latest is 1.1.3 without the rlm_sqlippool module.  I pulled
> the 1.1.3 down from the FreeRADIUS site, and it has that module (maybe
> our RH friend John Dennis can explain to me why it is on the FR site but
> not the RH RPM, and if I should open a ticket to RH to get it added).


More current versions of FreeRADIUS than 1.1.3. are available for RHEL 5 
and CentOS5, see:

http://wiki.freeradius.org/Red_Hat_FAQ

The latest build for RHEL5 is 2.1.7, I'll be adding 2.1.8 shortly. Note 
these are not official builds.

We anticipate 2.1.7 will show up as an official build in the RHEL 5.5 
update under the package name freeradius2. 2.1.8 was released after the 
cut off date, thus RHEL 5 will only have 2.1.7 and 1.1.3.

As for why 1.1.3 didn't ship with rlm_sqlippo0l (it does ship with 
rlm_ippool) I can't tell you, it was before my time.

If you would like to open a bug against the 1.1.3 RHEL 5.5 version 
please contact your support TAM.

-- 
John Dennis <jdennis at redhat.com>

Looking to carve out IT costs?
www.redhat.com/carveoutcosts/


------------------------------

Message: 3
Date: Mon, 11 Jan 2010 17:58:50 +0100
From: Lech Karol Paw?aszek <ike at szluug.org>
Subject: NT/LM password from LDAP (PAP works, MSCHAP doesn't).
To: FreeRadius users mailing list
	<freeradius-users at lists.freeradius.org>
Message-ID: <4B4B58CA.8070706 at szluug.org>
Content-Type: text/plain; charset="utf-8"

Hello.

I've working FreeRADIUS installation for 802.1x authentication and
authorization using EAP-TLS with passwords - NT/LM hashes - stored in
LDAP. And it works nice.

Right now I'm deploying (yes. at this particular moment!) IPsec/L2TP VPN
which will be utilizing RADIUS via ppp connection. And for PAP it works
nice. However MSCHAP doesn't want to work. I'm kinda lost because EAP
connection uses MSCHAP(v2) as well and this one works flawlessly.

;-) Am I missing something? I believe it should work. Or it cannot?

I've attached FreeRADIUS' logfile. Any pointers/hints much appreciated.

Kind regards,

-- 
Lech Karol Paw?aszek <ike>
"You will never see me fall from grace" [KoRn]
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: freeradius.txt
Url: <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20100111/b23cbdf2/attachment.txt>

------------------------------

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


End of Freeradius-Users Digest, Vol 57, Issue 31
************************************************

Bu elektronik postada bulunan tum fikir ve gorusler ve ekindeki dosyalar sadece adres sahip/sahiplerine ait olup, Yasar Toplulugu Sirketleri bu mesajin icerigi ile ilgili olarak hic bir hukuksal sorumlulugu kabul etmez. Eger gonderilmesi dusunulen kisi veya kurulus degilseniz, lutfen gonderen kisiyi derhal haberdar ediniz ve mesaji sisteminizden siliniz.The information contained in this e-mail and any files transmitted with it are intended solely for the use of the individual or entity to whom they are addressed and Yasar Group Companies do not accept legal responsibility for the contents. If you are not the intended recipient, please immediately notify the sender and delete it from your system.

More information about the Freeradius-Users mailing list