ever you wish.
>
> For better or for worse we have customers with vastly differing levels of
> skill, so we try very hard not to cause too many problems.
>
> best regards
>
> Hugh
>
>
> On 26 Mar 2013, at 19:03, Alexander Hartmaier
> wrote:
>
>> So you pref
Thanks Heikki!
Best regards, Alex
On 2013-04-26 16:21, Heikki Vatiainen wrote:
> On 04/23/2013 10:57 AM, Alexander Hartmaier wrote:
>
>> will you include the dictionary in the goodies dir? I don't see it in
>> the 4.11 patch tarball.
> Hello Alexander,
>
> the di
or mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
--
Best regards, Alexander Hartmaier
T-Systems Austria GesmbH
TSS Security Services
Network Security & Monitoring Engineer
phone: +43(0)57057-4320
fax: +43(
On 2013-06-28 16:38, Heikki Vatiainen wrote:
> On 06/28/2013 03:17 PM, Mueller, Jason C wrote:
>
>> I am still using ipv6:::, since I have not yet convinced system
>> administrators to change the bindv6only attribute to 1.
>>
>> The example above (which a couple of others also suggested) works for
Hi,
it seems Radiator has a bug when replying to Radius requests on hosts
that have more than one IPv4 address on an interface.
For example with the default binding of 0.0.0.0 and a Linux server with
the following ip addresses (ip addr output):
inet 1.2.3.8/24 brd 1.2.3.255 scope global eth0
Using the default isn't secure in any way...
BR Alex
On 2013-07-09 13:39, Karl Gaissmaier wrote:
> Hi Radiator team,
>
> regression tests are helpful:
>
> git diff Radius/AuthRADSEC.pm for version 4.9 to 4.11:
>
>
>> @@ -119,13 +144,15 @@ sub initialize
>> my ($self) = @_;
>>
>> $self->
On 2013-07-09 14:14, Karl Gaissmaier wrote:
> Am 09.07.2013 14:04, schrieb Alexander Hartmaier:
>> Using the default isn't secure in any way...
>
> it's wihtin RADSEC and not RADIUS.
So? You can configure the Secret in an AuthBy RADSEC section the same
way you can config
in error messages in the log:
Tue Jul 16 08:49:46 2013: ERR: Bad attribute=value pair: n...@fqdn.org
Tue Jul 16 08:49:46 2013: ERR: Bad attribute=value pair: +4312345678
Is this because mobile and mail are not in the dictionary? Why isn't the
error also thrown for memberof?
--
Best regards
On 2013-07-16 16:46, Heikki Vatiainen wrote:
> On 07/16/2013 12:03 PM, Alexander Hartmaier wrote:
>
>> AuthAttrDef mobile,GENERIC,request
>> AuthAttrDef mail,GENERIC,request
>> AuthAttrDef memberof,GENERIC,request
>>
>> This results in e
rom being a Radius Server.
--
Best regards, Alexander Hartmaier
T-Systems Austria GesmbH
TSS Security Services
Network Security & Monitoring Engineer
phone: +43(0)57057-4320
fax: +43(0)57057-954320
*"*"*"*"*"*"*"*"*"*"*"*"*"*&
Hi Heikki,
On 2013-08-19 14:22, Heikki Vatiainen wrote:
> On 08/16/2013 02:45 PM, Alexander Hartmaier wrote:
>
>> I've migrated our main Radiator installation to new servers and just
>> faced the problem that an AuthBy RADIUS didn't send a packet out
>> altho
Heikki++
I hope the reference manual was updated to reflect this feature as well.
On 2013-08-22 16:37, Heikki Vatiainen wrote:
> Hello,
>
> there was recently discussion about IPv6 wildcard address binding and
> support for defining IPv6 clients with CIDR notation.
>
> Patch set for Radiator 4.11
corresponding LDAP CNs.
According to the trace 4 log the check runs twice but both times using
the first OSC-Group-Identifier-LDAP value.
Is this a bug?
--
Best regards, Alexander Hartmaier
T-Systems Austria GesmbH
TSS Security Services
Network Security & Monitoring Engineer
phone: +43(0)57057-4320
fax: +
Hi Heikki,
On 2013-09-17 14:23, Heikki Vatiainen wrote:
> On 09/16/2013 03:59 PM, Alexander Hartmaier wrote:
>> I just tried to implement a check for group membership:
>>
>> AuthAttrDef memberOf,OSC-Group-Identifier-LDAP,check
>>
>> OSC-Group-Identifier-LDAP i
On 2013-09-18 12:30, Heikki Vatiainen wrote:
> On 09/18/2013 01:14 PM, Heikki Vatiainen wrote:
>
>> Thanks, noted. Also noted Garry's message. Something like
>> %{RequestOr:attributename} should be quite straight forward to do and
>> understand. However, %{RequestAnd:attributename} requires a bit m
On 2013-09-18 16:53, Garry Shtern wrote:
> Ah, I was a bit confused. That makes sense now.
>
> This begs a necessity for a method that retrieves all groups a user belongs
> to into a multi-value attribute that is checked against with
> %{RequestOr:}="Group1|Group2". At least for LDAP.
That's alr
rialized).
Is there some feature I've overlooked?
--
Best regards, Alexander Hartmaier
T-Systems Austria GesmbH
TSS Security Services
Network Security & Monitoring Engineer
phone: +43(0)57057-4320
fax: +43(0)57057-954320
*"*"*"*"*"*"*"*"*&quo
you interessted in supporting Message::Passing,
Log::Log4perl or Log::Any?
They support a lot of outputs which would be a great feature addition!
On 2013-09-19 19:56, Klara Mall wrote:
> Hi Alexander,
>
> On 09/19/2013 04:57 PM, Alexander Hartmaier wrote:
>> Since quite some time I&
On 2013-09-20 11:44, Heikki Vatiainen wrote:
> On 09/20/2013 11:35 AM, Alexander Hartmaier wrote:
>
>> @Radiator guys: are you interessted in supporting Message::Passing,
>> Log::Log4perl or Log::Any?
>> They support a lot of outputs which would be a great feature additi
ns: 0
requests sent: 1865
requests timed out: 4
responses with no matching requests: 0
responses not processed: 0
responses containing errors: 1861
Did someone else notice these problems? Authentication works without any
problems.
--
Best regards, Alexander Hartmai
27;? Does it
happen too if you configure the radius servers ip addresses instead of
their dns names?
@Radiator guys: any update from you?
>
> Steve
>
>
> On Oct 11, 2013, at 4:38 AM, Alexander Hartmaier
>
> wrote:
>
>> Hi,
>> our switching guys report
On 2013-10-18 11:07, Heikki Vatiainen wrote:
> On 10/18/2013 11:23 AM, Alexander Hartmaier wrote:
>> On 2013-10-11 13:56, Caporossi, Steve G. wrote:
>>> We also have issues with NXOS; in our case using RADIUS.
>>>
>>> It always seems to begin with these sy
101 - 122 of 122 matches
Mail list logo
