Re: FreeRadius Authorizing and Authenticating Anyone if One User Logs in
Hi Alan, Thanks for responding
Don't do that. PLEASE follow the instructions. "radiusd -X" is good enough. When i run "radiusd -X", i get the error
The program 'radiusd' can be found in the following packages: * radiusd-livingston * yardradius Try: apt-get install <selected package>
The debug log shows one user "test" logging in, twice. It doesn't show other users logging in.
That's because I logged the user "test" in and out, and then in again. My bad, should have just posted output from one login. Anyone else who connects to the network after this (the first user) simply gets access to the internet, without any redirect to the captive portal
You probably need to double-check the captive portal configuration. The "double login" has nothing to do with FreeRADIUS. The captive portal should allow ONE user in, when ONE user authenticates. The other users should be blocked.
As always, FreeRADIUS does authentication. It does NOT control network access. If a user is gaining network access when they shouldn't have it, the problem is the NAS (or Captive portal here).
Thanks a lot for that pointer, i'm scouring through the configs of the captive portal to see what might be wrong
Alan DeKok.
Lennon Mazonde
Well. .. That's probably because your binary is called something else. The feedback you're getting suggesting packages makes me think you're running debian or ubuntu.... in which case what you need to run is freeradius -X or freeradiusd -X cant quite recall and them renaming the binary is constantly annoying alan
On 3/29/2014 4:27 PM, Alan Buxey wrote:
Well. .. That's probably because your binary is called something else. The feedback you're getting suggesting packages makes me think you're running debian or ubuntu.... in which case what you need to run is
I'm running Ubuntu Server 12.04.
freeradius -X
or freeradiusd -X cant quite recall and them renaming the binary is constantly annoying freeradius -X works, thanks a lot! And yes, its quite frustrating when you read documentation and 'how-to's' only to realise the syntax is all different.
Thanks a lot Alan, Regards, Lennon
Lennon Mazonde wrote:
freeradius -X works, thanks a lot! And yes, its quite frustrating when you read documentation and 'how-to's' only to realise the syntax is all different.
The command-line options are all the same. Some distributions rename "radiusd" to "freeradius". Why? Well, "radiusd" MIGHT refer to a RADIUS server which was last released 10 years ago, and is no longer in active development. That is the pretty much the only platform-specific change. All of the configuration files, etc. remain the same. Alan DeKok.
Then you're on a Debian system and it's "freeradius -X" :-) Stefan From: Lennon Mazonde [mailto:lmmazonde@gmail.com] Sent: 29 March 2014 05:04 To: freeradius-users@lists.freeradius.org Subject: Re: FreeRadius Authorizing and Authenticating Anyone if One User Logs in Hi Alan, Thanks for responding Don't do that. PLEASE follow the instructions. "radiusd -X" is good enough. When i run "radiusd -X", i get the error The program 'radiusd' can be found in the following packages: * radiusd-livingston * yardradius Try: apt-get install <selected package> The debug log shows one user "test" logging in, twice. It doesn't show other users logging in. That's because I logged the user "test" in and out, and then in again. My bad, should have just posted output from one login. Anyone else who connects to the network after this (the first user) simply gets access to the internet, without any redirect to the captive portal You probably need to double-check the captive portal configuration. The "double login" has nothing to do with FreeRADIUS. The captive portal should allow ONE user in, when ONE user authenticates. The other users should be blocked. As always, FreeRADIUS does authentication. It does NOT control network access. If a user is gaining network access when they shouldn't have it, the problem is the NAS (or Captive portal here). Thanks a lot for that pointer, i'm scouring through the configs of the captive portal to see what might be wrong Alan DeKok. Lennon Mazonde -- This e-mail and any attachments may contain confidential, copyright and or privileged material, and are for the use of the intended addressee only. If you are not the intended addressee or an authorised recipient of the addressee please notify us of receipt by returning the e-mail and do not use, copy, retain, distribute or disclose the information in or attached to the e-mail. Any opinions expressed within this e-mail are those of the individual and not necessarily of Diamond Light Source Ltd. Diamond Light Source Ltd. cannot guarantee that this e-mail or any attachments are free from viruses and we cannot accept liability for any damage which you may sustain as a result of software viruses which may be transmitted in or with the message. Diamond Light Source Limited (company no. 4375679). Registered in England and Wales with its registered office at Diamond House, Harwell Science and Innovation Campus, Didcot, Oxfordshire, OX11 0DE, United Kingdom
participants (4)
-
Alan Buxey -
Alan DeKok -
Lennon Mazonde -
stefan.paetow@diamond.ac.uk