------------------ Original ------------------
Date: Fri, Sep 2, 2011 06:11 AM
To: "freeradius-users"<freeradius-users@lists.freeradius.org>;
Subject: Freeradius-Users Digest, Vol 77, Issue 5
Send Freeradius-Users mailing list submissions to
freeradius-users@lists.freeradius.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.freeradius.org/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
freeradius-users-request@lists.freeradius.org
You can reach the person managing the list at
freeradius-users-owner@lists.freeradius.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."
Today's Topics:
1. How to update a MySql table after successfully WIFI
authentication? ( 2394263740 )
2. Re: How to update a MySql table after successfully WIFI
authentication? (Arran Cudbard-Bell)
3. Re: Example configuration that proxy PEAP MSCHAPv2 to an IAS
server (Jacob Dawson)
4. Using encrypted passwords in users file (sundoo)
5. cisco 3825 authentication error (Dom)
6. Re: Using encrypted passwords in users file (Paul Bartell)
7. Re: Pre release of 2.1.12 (Alan Buxey)
----------------------------------------------------------------------
Message: 1
Date: Thu, 1 Sep 2011 22:29:11 +0800
From: " 2394263740 " <2394263740@qq.com>
Subject: How to update a MySql table after successfully WIFI
authentication?
To: " freeradius-users " <freeradius-users@lists.freeradius.org>
Message-ID: <tencent_3B36E2AF6F7D0370683C1EB1@qq.com>
Content-Type: text/plain; charset="iso-8859-1"
Hello,
I'm using free radius server 2.1.11 on Linux Enterprise Server 6.1.
OS: Linux Enterprise Server 6.1
Radius: free radius server 2.1.11
Database: Mysql
I got a WIFI network, using one radius server.
The whole thing works fine.
I got a requirement, which is, after each successful WIFI connection, one record need be added into connectionlog table.
CREATE TABLE connectionlog (
radacctid bigint(21) NOT NULL auto_increment,
acctsessionid varchar(64) NOT NULL default '',
acctuniqueid varchar(32) NOT NULL default '',
username varchar(64) NOT NULL default '',
groupname varchar(64) NOT NULL default '',
realm varchar(64) default '',
nasipaddress varchar(15) NOT NULL default '',
nasportid varchar(15) default NULL,
nasporttype varchar(32) default NULL,
acctstarttime datetime NULL default NULL,
acctstoptime datetime NULL default NULL,
acctsessiontime int(12) default NULL,
acctauthentic varchar(32) default NULL,
connectinfo_start varchar(50) default NULL,
connectinfo_stop varchar(50) default NULL,
acctinputoctets bigint(20) default NULL,
acctoutputoctets bigint(20) default NULL,
calledstationid varchar(50) NOT NULL default '',
callingstationid varchar(50) NOT NULL default '',
acctterminatecause varchar(32) NOT NULL default '',
servicetype varchar(32) default NULL,
framedprotocol varchar(32) default NULL,
framedipaddress varchar(15) NOT NULL default '',
acctstartdelay int(12) default NULL,
acctstopdelay int(12) default NULL,
xascendsessionsvrkey varchar(10) default NULL,
PRIMARY KEY (radacctid),
KEY username (username),
KEY framedipaddress (framedipaddress),
KEY acctsessionid (acctsessionid),
KEY acctsessiontime (acctsessiontime),
KEY acctuniqueid (acctuniqueid),
KEY acctstarttime (acctstarttime),
KEY acctstoptime (acctstoptime),
KEY nasipaddress (nasipaddress)
) ;
Can you please kindly advise how to do this?
Which file should be edited?
Where is the context to put in the script?
What is the script?
Thanks!
Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20110901/440326d6/attachment.html>
------------------------------
Message: 2
Date: Thu, 1 Sep 2011 16:36:40 +0200
From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Subject: Re: How to update a MySql table after successfully WIFI
authentication?
To: FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>
Message-ID: <C781BD59-4F30-48C4-B6CC-FF4790379DE1@freeradius.org>
Content-Type: text/plain; charset=iso-8859-1
Look in raddb/sql/mysql/dialup.conf
The postauth query is the one you need to edit.
Then uncomment the 'sql' module in
raddb/sites-available/default
post-auth {
}
-Arran
Arran Cudbard-Bell
a.cudbardb@freeradius.org
RADIUS - Half the complexity of Diameter
------------------------------
Message: 3
Date: Thu, 1 Sep 2011 10:40:18 -0400
From: Jacob Dawson <dawson@vt.edu>
Subject: Re: Example configuration that proxy PEAP MSCHAPv2 to an IAS
server
To: FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>
Message-ID: <14B9C69C-CB59-4CA7-9F5B-39CD6C81404C@vt.edu>
Content-Type: text/plain; charset=us-ascii
It's largely successful, but as I mentioned in my note to this group from the 29th, I've run into problems with Windows clients having a disagreement with FreeRADIUS about the final stages of the PEAP-MSCHAPv2 conversation, after IAS has authenticated them successfully.
- Jacob
On 31 Aug 2011, at 16:32, Alan DeKok wrote:
>
> It really should work... it works for my tests.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
------------------------------
Message: 4
Date: Thu, 1 Sep 2011 08:57:14 -0700 (PDT)
From: sundoo <sandu_nastas@yahoo.com>
Subject: Using encrypted passwords in users file
To: freeradius-users@lists.freeradius.org
Message-ID: <1314892634927-4758890.post@n5.nabble.com>
Content-Type: text/plain; charset=us-ascii
Hello, I'm new to FreeRadius and to linux. Maybe this question will sound
stupid, but I really need you help.
I have a server running freeradius.
These are some outputs of the configuration:
*etc/freeradius/radiusd.conf*
# passwd = /etc/passwd
shadow = /etc/shadow
# group = /etc/group
*/etc/freeradius/users*
test1 Auth-Type := Crypt-Local, User-Password :=
"$1$NzW2iwkn$ygDcJgb4WhAEqQYfySFkj/"
Service-Type = Administrative-User,
Cajun-Service-Type := 3,
*/etc/shadow*
test1:$1$cnEh49V6$Q.68mw.3P5rgmsfhbo/iC1:15217:0:99999:7:::
I would like to change the password for the user test1. But in the users
file I see only the encrypted password. Where is the original password
stored ?
How do I change it ?
Thanks a lot for your help.
--
View this message in context: http://freeradius.1045715.n5.nabble.com/Using-encrypted-passwords-in-users-file-tp4758890p4758890.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
------------------------------
Message: 5
Date: Thu, 01 Sep 2011 15:45:02 -0400
From: Dom <dversace@tekcorner.ca>
Subject: cisco 3825 authentication error
To: freeradius-users@lists.freeradius.org
Message-ID: <4E5FE0BE.8010800@tekcorner.ca>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
I am trying to terminate vpdn sessions through our cisco 3825 using
freeradius. I am new to this whole process and I was hoping to get some
assistance with the missing configuration.
Below is the error message I am receiving when trying to authenticate
via the router.
rad_recv: Access-Request packet from host 64.34.66.5 port 1645, id=19,
length=135
Framed-Protocol = PPP
User-Name = "aewais@domain.com"
User-Password = "password"
Calling-Station-Id = "bas203300000455"
Connect-Info = "1000000000"
NAS-Port-Type = Virtual
NAS-Port = 532
NAS-Port-Id = "Uniq-Sess-ID532"
Service-Type = Framed-User
NAS-IP-Address = 64.34.66.5
# Executing section authorize from file
/etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] Looking up realm "domain.com" for User-Name = "aewais@domain.com"
[suffix] No such realm "domain.com"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry DEFAULT at line 172
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.
Authentication may fail because of this.
++[pap] returns noop
ERROR: No authenticate method (Auth-Type) found for the request:
Rejecting the user
Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> aewais@domain.com
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 19 to 64.34.66.5 port 1645
Waking up in 4.9 seconds.
Cleaning up request 0 ID 19 with timestamp +381
Ready to process requests.
------------------------------
Message: 6
Date: Thu, 1 Sep 2011 14:54:29 -0700
From: Paul Bartell <paul.bartell@gmail.com>
Subject: Re: Using encrypted passwords in users file
To: FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>
Message-ID:
<CAHXqhmh49eNKABTpwmv0Rb1+UX7WPMaN4UB0RQKiiGVSuGoDzg@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
that is the hashed password. You can change it by generating a hash of
your new password... you would probably use crypt(3) to do that... The
original password was never stored in cleartext form. You could store
a cleartext password if you really wanted to, but that is less than
secure.
On Thu, Sep 1, 2011 at 8:57 AM, sundoo <sandu_nastas@yahoo.com> wrote:
>
> Hello, I'm new to FreeRadius and to linux. Maybe this question will sound
> stupid, but I really need you help.
> I have a server running freeradius.
> These are some outputs of the configuration:
>
> *etc/freeradius/radiusd.conf*
> # passwd = /etc/passwd
> ?shadow = /etc/shadow
> # group = /etc/group
>
>
> */etc/freeradius/users*
> test1 Auth-Type := Crypt-Local, User-Password :=
> "$1$NzW2iwkn$ygDcJgb4WhAEqQYfySFkj/"
> ? ? ? ?Service-Type = Administrative-User,
> ? ? ? ?Cajun-Service-Type := 3,
>
> */etc/shadow*
> test1:$1$cnEh49V6$Q.68mw.3P5rgmsfhbo/iC1:15217:0:99999:7:::
>
>
> I would like to change the password for the user test1. But in the users
> file I see only the encrypted password. Where is the original password
> stored ?
>
> How do I change it ?
>
> Thanks a lot for your help.
>
> --
> View this message in context: http://freeradius.1045715.n5.nabble.com/Using-encrypted-passwords-in-users-file-tp4758890p4758890.html
> Sent from the FreeRadius - User mailing list archive at Nabble.com.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Random quote of the week/month/whenever i get to updating it: "Quis custodiet
ipsos custodes?": "who shall watch the watchers themselves?" - Juvenal
------------------------------
Message: 7
Date: Thu, 1 Sep 2011 23:11:23 +0100
From: Alan Buxey <A.L.M.Buxey@lboro.ac.uk>
Subject: Re: Pre release of 2.1.12
To: FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>
Message-ID: <20110901221123.GF16795@lboro.ac.uk>
Content-Type: text/plain; charset=us-ascii
Hi,
> it's now running on our most busy server. Both -X and
> background-multithreaded do their usual job. I do not see any problems
> so far.
its on one of our production servers and on a couple of other
systems.
alan
------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
End of Freeradius-Users Digest, Vol 77, Issue 5
***********************************************