PLS Help I get no response for 2 monthe (missing
Assa Tal
Tal.Assa at comverse.com
Mon May 8 14:06:23 CEST 2006
Hi Stepan 10x for your prompt respond
I Used radrelay and it works fine
the point is that I would like to do it without additional proccess
Like u said with the hint file
where can I get this patch for the hint file ?
And how do I tell him not to look for User-Name
10x in adv
Tal assa
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.freeradius.org/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
freeradius-users-request at lists.freeradius.org
You can reach the person managing the list at
freeradius-users-owner at lists.freeradius.org
When replying, please edit your Subject line so it is more specific than "Re: Contents of Freeradius-Users digest..."
Today's Topics:
1. PLS Help I get no response for 2 monthe (missing User-name
attribute) (Assa Tal)
2. Re: PLS Help I get no response for 2 monthe (missing
User-nameattribute) (Stefan Winter)
3. cisco ap350(WLAN) vs freeradius with PEAP (Gabor Szelei)
4. Re: Special characters in users file (sumi thra)
5. Re: FreeRadius + MySQL & Encrypted passwords (Miguel Angel Quiles)
----------------------------------------------------------------------
Message: 1
Date: Mon, 8 May 2006 09:50:45 +0300
From: "Assa Tal" <Tal.Assa at comverse.com>
Subject: PLS Help I get no response for 2 monthe (missing User-name
attribute)
To: <freeradius-users at lists.freeradius.org>
Message-ID:
<FE225DCF1021F34FB2269676A45BB8814434AF at il-tlv-mail01.comverse.com>
Content-Type: text/plain; charset="us-ascii"
Hello All freeradius mailinglist
I would appriciate you help
Description
a telephony service provider is sending Radius req to my RADIUS
server who proxy them to a backend server
I have configured a free radius server Version 1.1.0 to act as a
proxy server to proxy the request to a backend server
These are the configuration file clients.conf and the proxy.conf
Client.conf
client 172.28.185.31/32 {
secret=secretgprs1
shortname=RADIUS_GGSN
Proxy.conf
realm NULL {
type = radius
authhost=LOCAL
accthost=172.31.201.98:1813 (backend server)
secret=secretgprs1
}
#
# This realm is for ALL OTHER requests.
#
realm DEFAULT {
type = radius
authhost=LOCAL
accthost=172.31.201.98:1813
secret=secretgprs
The problem
I have noticed that radius request are not proxied at all
So I started to dig in and found that freeradius will not proxy
accounting If the attribute User -Name is missing
As you can see I made some logs and u can see very vividly the
problem.
I made my own test to emulate the problem with a radius client and as
u can see it was proxies
The big Q is how to I force the freeradius to pass the request and not
to check these header or maybe to use some sort of INJECTION
To the header .
I
Tia
Tal assa
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://list.xs4all.nl/pipermail/freeradius-users/attachments/20060508/c9d74efc/attachment-0001.html
------------------------------
Message: 2
Date: Mon, 8 May 2006 09:22:03 +0200
From: Stefan Winter <stefan.winter at restena.lu>
Subject: Re: PLS Help I get no response for 2 monthe (missing
User-nameattribute)
To: FreeRadius users mailing list
<freeradius-users at lists.freeradius.org>
Message-ID: <200605080922.03232.stefan.winter at restena.lu>
Content-Type: text/plain; charset="iso-8859-15"
> a telephony service provider is sending Radius req to my RADIUS
> server who proxy them to a backend server
You probably meant he is sending *accounting* requests to you? Please be
specific in your wording.
> I have configured a free radius server Version 1.1.0 to act as a
> proxy server to proxy the request to a backend server
> These are the configuration file clients.conf and the proxy.conf
>
> Client.conf
> client 172.28.185.31/32 {
> secret=secretgprs1
> shortname=RADIUS_GGSN
>
>
> Proxy.conf
> realm NULL {
> type = radius
> authhost=LOCAL
> accthost=172.31.201.98:1813 (backend server)
> secret=secretgprs1
> }
>
> #
> # This realm is for ALL OTHER requests.
> #
> realm DEFAULT {
> type = radius
> authhost=LOCAL
> accthost=172.31.201.98:1813
> secret=secretgprs
If authhost and accthost are different, there is a bug somewhere. So if you
don't receive auth requests anyway and just want to proxy everything that
comes in, you'd better set authhost and accthost to the same value.
> The big Q is how to I force the freeradius to pass the request and not
> to check these header or maybe to use some sort of INJECTION
> To the header .
How about logging all accounting packets to a detail file and using radrelay?
BTW: this injection you are talking about works as well and you don't need
radrelay then, and it *could* be done in the hints file, but you would
require a patch I submitted some time ago because otherwise hints will ignore
those acct packets without User-Name.
Stefan
--
Stefan WINTER
RESTENA Foundation - Réseau Téléinformatique de l'Education Nationale et de
la Recherche
R&D Engineer
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
email: stefan.winter at restena.lu Tel.: +352 424409-1
http://www.restena.lu Fax: +352 422473
------------------------------
Message: 3
Date: Mon, 8 May 2006 11:08:34 +0300
From: "Gabor Szelei" <gabor.szelei at gmail.com>
Subject: cisco ap350(WLAN) vs freeradius with PEAP
To: freeradius-users at lists.freeradius.org
Message-ID:
<7d0cfac60605080108h5468318h4322eefcded4759a at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Hi,
Ive been trying to get $subject working.
My last state is the client has been authenticated, but no traffinc is
going through.
Does anyone have a working config for Cisco350 with PEAP?
What kindof reply is CISCO expecting from radius?
br, Gabor Szelei
------------------------------
Message: 4
Date: Mon, 8 May 2006 14:35:18 +0530
From: "sumi thra" <sumi.techno at gmail.com>
Subject: Re: Special characters in users file
To: "FreeRadius users mailing list"
<freeradius-users at lists.freeradius.org>
Message-ID:
<b3f2d4780605080205s3d3cb334x3416f717c954fd16 at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
On 4/28/06, Alan DeKok <aland at nitros9.org> wrote:
>
> "sumi thra" <sumi.techno at gmail.com> wrote:
> It works in 1.1.1, so my conclusion is that you're running an older
> version, or that there's something broken in your local system.
Yes. it works fine when the configuration is like this..
DEFAULT Group-Name == "Group1", Symbol-Wlan-Index == ssid1
But, when i use ~ symbol( to allow more that one wlan access/reject ), The
above default policy will not work for more than one wlan's.
DEFAULT Group-Name == "Group1", Symbol-Wlan-Index =~ ssid1|ssid2|ssid3|ssid4
Now im seeing the error.
Please correct me if the above configuration is wrong.
Thanks
Sumithra
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://list.xs4all.nl/pipermail/freeradius-users/attachments/20060508/945188ae/attachment-0001.html
------------------------------
Message: 5
Date: Mon, 8 May 2006 11:34:17 +0200
From: "Miguel Angel Quiles" <wingfox at gmail.com>
Subject: Re: FreeRadius + MySQL & Encrypted passwords
To: "FreeRadius users mailing list"
<freeradius-users at lists.freeradius.org>
Message-ID:
<62f3bdd50605080234y3484cf74t6d0f9ba9f61d3e7b at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi,
I would like to find out how to configure freeradius so I don't have to
save clear text passwords in the users file.
I've been following the mail list but I've seen so many ways of configuring
crypted passwords, md5, .... that right now I've got a mess in my head.
If someone can help me, to address me to a tutorial, or a link to a website
where I can find some clear info over this, I would appreciate.
Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://list.xs4all.nl/pipermail/freeradius-users/attachments/20060508/9f4f6df3/attachment-0001.html
------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
End of Freeradius-Users Digest, Vol 13, Issue 21
************************************************
More information about the Freeradius-Users
mailing list