Freeradius and What's Up Gold Question

Duane Cox duanec at mail.illicom.net
Fri Oct 21 01:31:53 CEST 2005


If you can't change the shared secret in WUG then change the secret in your 
clients.conf to match what is in WUG.

Or better yet, abandon WUG and it's windows platform and use 
www.intermapper.com  It is a MUCH better product and works just fine with 
freeradius, I'm doing so here.  It also runs on linux.

Duane Cox

----- Original Message ----- 
From: "Linda Pagillo" <linda at n2thenet.com>
To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Thursday, October 20, 2005 5:08 PM
Subject: Re: Freeradius and What's Up Gold Question


> Thank you once again Mr.DeKok. I have already added the secret to my 
> clients.conf entry. I also already checked into adding the shared secret 
> to WUG and there is no way to do this, so i'm told. Is there another way 
> around this problem? Perhaps i have my clients.conf entry incorrect. Here 
> is what i have:
>
> client xx.xxx.xxx.xx  {
>       secret          = mysecrethere
>       shortname       = shortnamehere
> }
>
> It is different for the entries i have for my NAS. Here is an example of 
> of those:
>
> client xx.xxx.xxx.xxx {
>       secret          = mysecrethere
>       shortname       = shortnamehere
>        nastype        = nastypehere
>        login          = loginhere
>        password       = passwordhere
> }
>
> Am I missing something? Thanks again.
>
>
>
>
>
> ----- Original Message ----- 
> From: "Alan DeKok" <aland at ox.org>
> To: "FreeRadius users mailing list" 
> <freeradius-users at lists.freeradius.org>
> Sent: Thursday, October 20, 2005 3:45 PM
> Subject: Re: Freeradius and What's Up Gold Question
>
>
>> "Linda Pagillo" <linda at n2thenet.com> wrote:
>>> This is how Ipswitch explains how it works:
>>>
>>> "What we specified for a test is an INVALID test for the userid TEST as
>>> it not encoded using the secret key. Then what we expect back is a
>>> response telling us the userid doesn't exist.
>>
>>  This isn't how RADIUS works.  A "reject" is not the same as "user
>> doesn't exist".  RADIUS has "reject", not "user doesn't exist".
>>
>>> You will have to include the Monitor station (that is, the computer
>>> running WUG) in the /etc./raddb/clients file on the Radius server."
>>
>>  And the shared secret.
>>
>>> Now, the way I see it, it can be one of two things... The first... I
>>> have my WUG set at 5 seconds as a time out. Could freeradius, at times,
>>> be taking more than 5 seconds to respond to a sent request?
>>
>>  Sure, but it should be rare.  AND the WUG should re-transmit the
>> packet, as is normally done by RADIUS clients.
>>
>>> The second... does freeradius lock out users after a certain amount of
>>> bad requests
>>
>>  No.
>>
>>  Alan DeKok.
>> -
>> List info/subscribe/unsubscribe? See 
>> http://www.freeradius.org/list/users.html
>> ---
>>
>>
>>
> - List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html
> 




More information about the Freeradius-Users mailing list