eap-tls authentication with free radius 1.1.5 (Alan DeKok)
anoop_c at sifycorp.com
anoop_c at sifycorp.com
Tue May 8 11:27:49 CEST 2007
Hi
i didn\'t get the exact problem. I have gone through eap.conf.
Pls make little bit clear abt the problem
Anoop
freeradius-users-request at lists.freeradius.org:
> Send Freeradius-Users mailing list submissions to
> freeradius-users at lists.freeradius.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.freeradius.org/mailman/listinfo/freeradius-users
> or, via email, send a message with subject or body \'help\' to
> freeradius-users-request at lists.freeradius.org
>
> You can reach the person managing the list at
> freeradius-users-owner at lists.freeradius.org
>
> When replying, please edit your Subject line so it is more specific
> than \"Re: Contents of Freeradius-Users digest...\"
>
>
> Today\'s Topics:
>
> 1. Re: MySQL and postauth_query (George Embrey)
> 2. Re: FreeRadius crash (A.L.M.Buxey at lboro.ac.uk)
> 3. Re: MySQL and postauth_query (Peter Nixon)
> 4. Re: rlm_sqlippool in freeradius 1.1.6 (Peter Nixon)
> 5. Re: IP billing with freeradius (satish patel)
> 6. Re: IP billing with freeradius (Peter Nixon)
> 7. Re: eap-tls authentication with free radius 1.1.5 (Alan DeKok)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 08 May 2007 14:38:39 +1000
> From: George Embrey <george at vmail.net.au>
> Subject: Re: MySQL and postauth_query
> To: FreeRadius users mailing list
> <freeradius-users at lists.freeradius.org>
> Message-ID: <463FFECF.7080101 at vmail.net.au>
> Content-Type: text/plain; charset=\"us-ascii\"
>
> Hugh Messenger wrote:
>
> >George Embrey <george at vmail.net.au> says:
> >
> >
> >>Queries to Windows MySQL servers from Linux Systems often fail unless
> >>the lower_case_table_names parameter is set to 0 in the my.ini file
> in
> >>the MySQL directory.
> >>
> >>
> >
> >I\'m familiar with that issue, and I checked all the table case-ness.
> The
> >problem seems to be with providing an empty string (\'\') as the value
> for an
> >auto-incrementing integer primary index.
> >
> >
> Yes that is true \'\' or empty strings are not nulls or integers... I
> suggest replacing the \'\' with the word null, this will sort out the
> issue based on the query you specified.
>
> >The problem with setting lower_case_table_names to 0 is that I could
> end up
> >blowing away my MyISAM tables elsewhere in that server, as per the
> warning
> >the service control gives, if I moof a query on those and use the
> \"wrong\"
> >case:
> >
> >
> >
> I would rename the MyISAM tables using phpmyadmin or using SQL and sort
> out the Database to run case sensitive in the first place like the ANSI
> standard.
>
> Or much better still mysqldump the entire MySQL server into a file
> \"textfilename.sql\", sort out the table names etc... using a good text
> editor, place a drop table if exists before each create table entry,
> save the file then run mysql -uroot -p < \"textfilename.sql\" to recreate
> all of the databases including data with tablenames in the correct
> case...
>
> Maybe I am just too fussy...
>
> >\"You have forced lower_case_table_names to 0 through a command-line
> option,
> >even though your file system \'E:MySQLData\' is case insensitive.
> This
> >means that you can corrupt a MyISAM table by accessing it with
> different
> >cases. You should consider changing lower_case_table_names to 1 or 2\"
> >
> >
> >
> Only if you live in an all windows world... \"Compatability is a bitch
> it
> demands the use of standards, the little things which M$ don\'t adhere
> to
> very well\" ;-)
>
> >It\'s working fine with my modifie query, so I\'m just going to put this
> down
> >to \"a 5.x thing\" and live with my change. Compared to the wholesale
> hack
> >and slash job I\'ve had to do on the sqlippool queries to get them to
> work,
> >it\'s no Big Whoop, LOL!
> >
> >But thanks for the suggestion, I appreciate your time.
> >
> > -- hugh
> >
> >-
> >List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> >
> >
>
> George Embrey
> CEO / Senior Systems Architect.
> Vmail Internet Services Pty Ltd.
> 318 Shoal Point Road
> Shoal Point QLD 4750
> Australia
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> https://lists.freeradius.org/pipermail/freeradius-users/attachments/20070508/56754559/attachment-0001.html
>
>
> ------------------------------
>
> Message: 2
> Date: Tue, 8 May 2007 06:48:22 +0100
> From: A.L.M.Buxey at lboro.ac.uk
> Subject: Re: FreeRadius crash
> To: FreeRadius users mailing list
> <freeradius-users at lists.freeradius.org>
> Message-ID: <20070508054822.GA4652 at lboro.ac.uk>
> Content-Type: text/plain; charset=us-ascii
>
> Hi,
>
> > FreeRadius 1.1.2 on FreeBSD 6.1 using libpthread. I have tried using
>
>
> upgrade to 1.1.6
>
> alan
>
>
> ------------------------------
>
> Message: 3
> Date: Tue, 8 May 2007 09:43:50 +0300
> From: Peter Nixon <listuser at peternixon.net>
> Subject: Re: MySQL and postauth_query
> To: freeradius-users at lists.freeradius.org
> Cc: Hugh Messenger <hugh at alaweb.com>
> Message-ID: <200705080943.51157.listuser at peternixon.net>
> Content-Type: text/plain; charset=\"iso-8859-1\"
>
> --snip--
> > Compared to the wholesale
> > hack and slash job I\'ve had to do on the sqlippool queries to get them
> to
> > work, it\'s no Big Whoop, LOL!
>
> Please forward them to me so that I may include them in cvs. (I
> generally try
> to avoid MySQL whereever possible, hence the reason sqlippool only
> officially works with Postgres at present.)
>
> Cheers
>
> --
>
> Peter Nixon
> http://www.peternixon.net/
> PGP Key: http://www.peternixon.net/public.asc
>
>
> ------------------------------
>
> Message: 4
> Date: Tue, 8 May 2007 09:45:10 +0300
> From: Peter Nixon <listuser at peternixon.net>
> Subject: Re: rlm_sqlippool in freeradius 1.1.6
> To: FreeRadius users mailing list
> <freeradius-users at lists.freeradius.org>
> Message-ID: <200705080945.10871.listuser at peternixon.net>
> Content-Type: text/plain; charset=\"iso-8859-1\"
>
> On Tue 08 May 2007, Hugh Messenger wrote:
> > I said:
> > > Is the rlm_sqlippool in 1.1.6 known to work with MySQL 5?
> > >
> > > Actually, I\'m fairly sure it\'s not even getting as far as talking to
> the
> > > db. No matter what I try, it just tells me \'missing pool_name\'.
> >
> > Turns out I borked something else in the users file which was breaking
> the
> > Pool-Name statement in sqlippool mode.
> >
> > The next problem was getting the sqlippool queries to work. After
> more
> > head / desk pounding, just after I finally got them working, I found
> this
> > post with pretty much the same changes for MySQL in it:
> >
> >
> http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg30520
> >.html
> >
> > So ... I\'m now happily autenticating against my Windows AD (using PAM
> and
> > winbind), assigning PPPOE rate limit information via per user
> radreply
> > table entries, assigning IP\'s from sqlippools based on
> > \'Called-Station-ID\', and accounting in the database.
> >
> > I am now officially a Happy Camper.
>
> Excellent!
>
> --
>
> Peter Nixon
> http://www.peternixon.net/
> PGP Key: http://www.peternixon.net/public.asc
>
>
> ------------------------------
>
> Message: 5
> Date: Tue, 8 May 2007 07:58:18 +0100 (BST)
> From: satish patel <linuxtrap at yahoo.co.in>
> Subject: Re: IP billing with freeradius
> To: FreeRadius users mailing list
> <freeradius-users at lists.freeradius.org>
> Message-ID: <182554.14422.qm at web8414.mail.in.yahoo.com>
> Content-Type: text/plain; charset=\"iso-8859-1\"
>
> thnks for reply dear
>
> But my requiremnt is a bit different means i explain u in
> depth i have datacenter in data center many customers and we are giving
> ip pool to our customer and terminate that pool on 6500 cisco core
> switch so i want bandwidth counter on that port wheather all customer
> server connected so that i can billing of that perticuler port means how
> much upload and how much download traffic of that port then i can
> genrate bill of that port it is not possible i can genrate traffic uage
> of verey servers so that i want to genrate traffic counter of that
> single cisco switch port you got it my point it is possibel through mrtg
> but i want counter values so it is possible with freeradius
>
> tnt at kalik.co.yu wrote: If you are using sql accounting then make a
> sqlcounter that counts octets
> and send Auth-Type Reject if counter is over 10GB.
>
> Ivan Kalik
> Kalik Informatika ISP
>
> Dana 7/5/2007, \"satish patel\"
> pi?e:
>
> >Dear Sir
> >
> > I am working in data center so i need ip base billing
> means which ip address useing how much bandwidth means i give 10 GB data
> transfer to my one customer and 10GB data transfer reached then i got
> mesge or i can block the port of server what ever this is example so it
> is possible can i accouting of data transfer through my core switch ??
> >
> >
> >Reghards
> >
> >Satish Patel
> >
> >
> >$ cat ~/satish/url.txt
> >
> >System administrator ( Data Center )
> >
> >please visit this site
> >
> >http://linux.tulipit.com
> >
> >---------------------------------
> > Office firewalls, cyber cafes, college labs, don\'t allow you to
> download CHAT? Here\'s a solution!
> >
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
>
> $ cat ~/satish/url.txt
>
> System administrator ( Data Center )
>
> please visit this site
>
> http://linux.tulipit.com
>
> ---------------------------------
> Office firewalls, cyber cafes, college labs, don\'t allow you to
> download CHAT? Here\'s a solution!
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> https://lists.freeradius.org/pipermail/freeradius-users/attachments/20070508/19ce8126/attachment-0001.html
>
>
> ------------------------------
>
> Message: 6
> Date: Tue, 8 May 2007 10:10:21 +0300
> From: Peter Nixon <listuser at peternixon.net>
> Subject: Re: IP billing with freeradius
> To: FreeRadius users mailing list
> <freeradius-users at lists.freeradius.org>
> Message-ID: <200705081010.21684.listuser at peternixon.net>
> Content-Type: text/plain; charset=\"iso-8859-9\"
>
> On Tue 08 May 2007, satish patel wrote:
> > thnks for reply dear
> >
> > But my requiremnt is a bit different means i explain u
> in
> > depth i have datacenter in data center many customers and we are
> giving ip
> > pool to our customer and terminate that pool on 6500 cisco core switch
> so
> > i want bandwidth counter on that port wheather all customer server
> > connected so that i can billing of that perticuler port means how
> much
> > upload and how much download traffic of that port then i can genrate
> bill
> > of that port it is not possible i can genrate traffic uage of verey
> > servers so that i want to genrate traffic counter of that single
> cisco
> > switch port you got it my point it is possibel through mrtg but i
> want
> > counter values so it is possible with freeradius
>
> Satish.
>
> I already answered this question yesterday. If you want traffic per IP
> with
> multiple IPs on a single port then you need to use NetFlow or sFlow. The
>
> cisco switch does not expose this type of information in RADIUS
> accounting.
>
> Regards
>
> --
>
> Peter Nixon
> http://www.peternixon.net/
> PGP Key: http://www.peternixon.net/public.asc
>
>
> ------------------------------
>
> Message: 7
> Date: Tue, 08 May 2007 09:42:03 +0200
> From: Alan DeKok <aland at deployingradius.com>
> Subject: Re: eap-tls authentication with free radius 1.1.5
> To: FreeRadius users mailing list
> <freeradius-users at lists.freeradius.org>
> Message-ID: <464029CB.5090509 at deployingradius.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> anoop_c at sifycorp.com wrote:
> > Hi list
> > I am tryinmg to do EAP_TLS certificate based authentication
> with free radius 1.1.5.The setup worked well with
> freeradius-snapshot-20021028.But as Windows vista is not supporting the
> same.So i am trying to do the authentication with 1.1.5 version
>
> Why are you using 1.1.5 when 1.1.6 is out?
> ...
> > Sending Access-Challenge of id 3 to 192.168.0.50 port 1027
> ...
> > Waking up in 6 seconds...
> > --- Walking the entire request list ---
> > Cleaning up request 0 ID 0 with timestamp 463f12e8
>
> Read \"eap.conf\". This exact problem is discussed there.
>
> Alan DeKok.
> --
> http://deployingradius.com - The web site of the book
> http://deployingradius.com/blog/ - The blog
>
>
> ------------------------------
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> End of Freeradius-Users Digest, Vol 25, Issue 24
> ************************************************
>
More information about the Freeradius-Users
mailing list