essage-
> From: Sudhir Harwalkar
> Sent: Monday, April 16, 2012 4:33 PM
> To: 'Heikki Vatiainen'
> Cc: radiator@open.com.au
> Subject: RE: [RADIATOR] FW: FW: RADIATOR: EAP-FAST-MSCHAPv2
>
> As per your comment, I made changes for EAP-FAST MACHAPv2, If I enable AUTHBY
ssage-
> From: radiator-boun...@open.com.au [mailto:radiator-boun...@open.com.au] On
> Behalf Of Heikki Vatiainen
> Sent: Monday, April 16, 2012 11:52 PM
> To: radiator@open.com.au
> Subject: Re: [RADIATOR] FW: FW: RADIATOR: EAP-FAST-MSCHAPv2
>
> On 04/16/2012 06:02 PM, Sudhir Har
DEBUG: AuthBy LDAP2 result: REJECT, No such user
> Tue Apr 17 07:44:31 2012: INFO: Access rejected for p1z1x2c7s9y9b0o8ð:
> No such user
> Tue Apr 17 07:44:31 2012: DEBUG: Packet dump:
> *** Sending to 10.174.1.1 port 50118
> Code: Access-Reject
> Identifier: 242
>
g sure it can
recover from the case where the server does not recognise the PAC it sends.
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, ext
s generated and provisioned.
You should experiment with your client and see its logs for why it does
not work. The configuration I returned to you was working and tested
fine here.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere.
; Regards
> Sudhir H
>
> -Original Message-
> From: radiator-boun...@open.com.au [mailto:radiator-boun...@open.com.au] On
> Behalf Of Heikki Vatiainen
> Sent: Wednesday, April 18, 2012 3:08 AM
> To: radiator@open.com.au
> Subject: Re: [RADIATOR] RADIATOR: EAP-FAST-MSC
riginal Message-
> From: radiator-boun...@open.com.au [mailto:radiator-boun...@open.com.au] On
> Behalf Of Heikki Vatiainen
> Sent: Monday, April 16, 2012 2:39 PM
> To: radiator@open.com.au
> Subject: Re: [RADIATOR] FW: FW: RADIATOR: EAP-FAST-MSCHAPv2
>
> On 04/16/2012 11:12 AM,
nt instead of
> tacacs so config wise nothing seem to be wrong.
Ok.
Thanks!
Heikki
> Regards,
> Patrik Forsberg
>
> ___
> radiator mailing list
> radiator@open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
Hei
rom: radiator-boun...@open.com.au [mailto:radiator-boun...@open.com.au] On
> Behalf Of Heikki Vatiainen
> Sent: Wednesday, April 18, 2012 1:41 PM
> To: radiator@open.com.au
> Subject: Re: [RADIATOR] RADIATOR, EAP-TLS
>
> On 04/18/2012 10:00 AM, Sudhir Harwalkar wrote:
>
>>
3><246>wI><142>F
>>NAS-Port-Id = "ttyS0"
>>Service-Type = NAS-Prompt-User
>> NAS-Port = 0
>>NAS-IP-Address = 10.2.120.150
>>
>> Can't locate object method "userIsInGroup" via package "Radius:
not have any alternatives to what Radiator proposed. So now it is
at least responding to EAP-TLS start message, but still does not want to
actually start EAP-TLS.
The client configuration needs more work, most likely.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, fle
he SQLite DB is there and the PACs do not time
out. PACs can have limited lifetime and the client should be prepared
for this too.
Heikki
> - Sudhir
>
> -Original Message-
> From: radiator-boun...@open.com.au [mailto:radiator-boun...@open.com.au] On
> Behalf Of Heikki
On 04/18/2012 12:07 PM, Heikki Vatiainen wrote:
>> This might be by-design ofc.. just noticed it tho :)
>
> I'll check if there's such history behind this. Thanks for notifying us.
Hello Patrik,
the current patches now have this change.
2012-04-20 ServerTACACSPLUS.p
current Radiator
reference manual.
Thanks!
Heikki
> We use RAdmin for management of the RADIUS accounts.
>
> Thanks,
> ___
> radiator mailing list
> radiator@open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
He
7;s certificate.
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Y
swords would apply in this case.
> All other PAP client work fine.
Yes, with PAM that sounds correct.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus
ponse from the
original authentication, any related cisco-avpairs and such. So it looks
like there is no good way to recover the old functionality.
So maybe the need for reloading Radiator could be made less frequent?
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible
g.,
SQL and testing that it works when the client is removed from the config
file. The clients Radiator knows about are the combined set of clients
in the config file and from any ClientList* that are configured.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and c
lookup without realm but does not change the username
allowing MS-CHAP-V2 to succeed.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, ex
ne instance of radiusd running. You may want to
check that you do not e.g., have Radiator as Windows service enabled and
running.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password
the manual says, Range can be used only within a single /24
You could do:
Range 172.20.0.1 172.20.0.255
Range 172.20.1.0 172.20.1.254
However, I'm wondering why it does not give you an error.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable
-V2 is not good enough for PEAP/EAP-MSCHAP-V2.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
lgorithm (AuthBy ROUNDROBIN, HASHBALANCE, EAPBALANCE) to proxy
the incoming requests to backend instances.
> Currently the Perl service is only running on a single core out of the 4
> available.
That's correct. You need to have multiple instances to utilise all the
cores.
Thanks!
H
le.cfg line 38
So use AcctLogFileName in your Handlers and it should work. Notice the
spelling (f vs F). That's where the problem is.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, passwo
istinfo/radiator
>
>
> Michael Hulko
> Network Analyst
>
> Western University Canada
> Network Operations Centre
> Information Technology Services
> 1393 Western Road, SSB 3300CC
> London, Ontario N6G 1G9
>
> tel: 519-661-2111 x81390
> e-mail: mihu...@uwo.ca <mailto:mihu...@uwo.ca>
;
> This e-mail and the information it contains including attachments are
> confidential and meant only for use by the intended recipient(s);
> disclosure or copying is strictly prohibited. If you are not addressed,
> but in the possession of this e-mail, please notify the sender immedi
ACS+ keys for different types of network
> devices, it is important that I be able to grab the key for a
> particular Client from each LDAP entry.
The above suggestion is based on the guess that device-type has the IP
address or name that would go into when doing a static
configuration.
H
ou have this in the config:
EAPTLS_PEAPVersion 0
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS
ference manual for version 4.9, section "5.31
". There is one paragraph discussing how the failover with
multiple databases works.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+,
n give a try to OSC compiled Net-SSLeay, does it change anything?
See http://www.open.com.au/radiator/free-downloads/ and
http://www.open.com.au/radiator/free-downloads/Net-SSLeay.ppd which you
can use with "ppm install ".
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most port
use AuthBy
LDAP2 to fetch any required check and reply attributes from AD while
letting LSA do the authentication.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platyp
Mon May 21 12:10:24 2012: DEBUG: Reading users file ./users
Mon May 21 12:10:24 2012: DEBUG: Radius::AuthFILE looks for match with
hvn [hvn]
Mon May 21 12:10:24 2012: DEBUG: Radius::AuthFILE ACCEPT: : hvn [hvn]
Mon May 21 12:10:24 2012: DEBUG: AuthBy FILE result: ACCEPT,
Mon May 21 12:10:24 2
h (@{$rp->{Attributes}}) { \
my ($name, $value) = @$_; \
$ip = $value if $name eq 'Framed-IP-Address-' .
$p->{Client}->{Identifier}; \
push (@to_delete, $name) if $name =~ /^Framed-IP-Address-/; \
} \
$rp->add_attr('Framed-IP-Address', $ip
working is running Active State Perl
> 5.12.2 (Build 1202) (32-bit) and Net-SSLeay 1.36.0.1 also.
>
> So it's either a Windows Sever 2003 to 2008 issue or a 32-bit to 64-bit
> issue.
Ok, thanks for the information. I'll give 2008R2 with Perl 5.12.4 a try
and see how it works
are with me.
Please review the README. It has the information about setting up the
test environment. Also, http://tools.ietf.org/html/rfc4186 (the EAP-SIM
RFC) is a valuable source of information.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RAD
see from above, the
names vary between systems.
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC,
authenticated properly, but
> UserTwo or UserThree do not. We changed the Tacacs-Group to be ADMIN for
> UserOne, restarted the service and we still do not authenticate properly.
> When we try to limit access by IP address, it does not seem to work. What
> could I be missing?
give it a try. Please let us
know how it works for you.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, T
-Original Message-
> From: radiator-boun...@open.com.au [mailto:radiator-boun...@open.com.au] On
> Behalf Of Heikki Vatiainen
> Sent: Tuesday, May 22, 2012 12:06 AM
> To: radiator@open.com.au
> Subject: Re: [RADIATOR] EAP-SIM & EAP-AKA issues with radiator server
>
>
nce running map.cfg which will not work.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEA
tional information
> about a service profile. This new AAA server needs to be able to support
> Alvarion's R3-IF-Descriptor attribute, etc.
>
> If this sounds familiar I would really appreciate any and all configuration
> information.
I think the support in Radiator is alre
On 05/30/2012 04:09 PM, Heikki Vatiainen wrote:
> Thanks for the example. Most of the attributes are already in Radiator's
> dictionary but do you have documentation about the ones starting with
> Alvarion-?
The latest patches for Radiator 4.9 now have more Alvarion attributes
6 00 00 00 13 4d 16 43 4f 4e
>
> 4e 45 43 54 20 30 4d 62 70 73 20 38 30 32 2e 31
>
> 31 4f 0e 02 02 00 0c 12 0e 00 00 16 01 00 03 50
>
> 12 54 13 b6 4e 69 c8 f8 41 2e a4 ae b1 28 a4 66
>
> a9
>
> Code: Access-Request
>
> Identifier: 32
>
> Authenti
ou were running close to a fragment size limit, a longer password
> could trigger an issue.
>
> Start with the log files before tweaking your config though.
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NI
Check the ports so that they are like above and then it should work.
Thanks!
Heikki
> Regards,
> Shaikh
>
> -Original Message-
> From: radiator-boun...@open.com.au [mailto:radiator-boun...@open.com.au] On
> Behalf Of Heikki Vatiainen
> Sent: Monday, May 28, 2012 3:55
cfg should be started with
similar configuration file.
Heikki
> Regards,
> Shaikh
>
>
> -----Original Message-
> From: Heikki Vatiainen [mailto:h...@open.com.au]
> Sent: Thursday, June 07, 2012 6:51 PM
> To: Zaman, Shaikh
> Cc: radiator@open.com.au; Saini, Ranjeet
> Subje
h the log. The
log should tell you how far the authentication gets.
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory,
or any info you can give. I need to make sure I understand this
> so I can talk to our Information Security team.
Thanks for letting us know of this issue. I heard this will be looked at
soon, so expect an update in the near future.
Thanks again!
Heikki
--
Heikki Vatiainen
Radiator: the mo
tall DBD-mysql for accessing MySQL from Perl.
The authentication did not get far enough to reach MAP so that's why
there was nothing in MAP logs.
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+
ow which clients support this? Looks like wpa_supplicant does,
am I correct?
Looks like there are requirements for fairly recent OpenSSL versions
because of the advanced encryption methods.
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anyw
load the
MySQL DBD module.
For more about PPM utility, please see ActiveState documentation. This
is not related to Radiator.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT
g else? Need some more details here.
Please see the RFC. The RFC discusses about encryption. Note that
password and encryption are different things not related to each other.
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, file
On 06/07/2012 05:53 PM, Heikki Vatiainen wrote:
> Thanks for letting us know of this issue. I heard this will be looked at
> soon, so expect an update in the near future.
Patches for Radiator 4.9 now has this:
2012-06-09 AuthSQLYUBIKEY.pm AuthYUBIKEYGENERIC yubikey.cfg yubikey.txt
yubik
On 06/07/2012 06:16 PM, Heikki Vatiainen wrote:
> On 06/07/2012 04:00 PM, Fredrik Pettai wrote:
>
>> Has OSC thought about implementing the EAP-PWD method (anytime soon)?
>> http://tools.ietf.org/html/draft-harkins-emu-eap-pwd-14
>
> Hmm, I'll ask around.
It appear
the error. The attached
configuration file works fine with Radmin and I did not see any problems
with User-Name check item. The default Radmin configuration does not use
User-Name as a check item.
Note: Radiator 4.2 is very old. You should consider upgrading.
Thanks!
Heikki
--
Heikki Va
roxies (especially roots in federated roaming) and authenticating
servers while the authentication would be faster too.
Thanks for the input.
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, E
k Items for the user and Service Profile
possibly assigned for the user. The answer is in Radmin configuration
for the user or user's service profile.
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, pass
with the hotel's Opera admins to see if that information can be
made available with Opera.
Thanks!
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+
gt; 21:24:01: Radius::AuthSQL ACCEPT:: 1234567890 [1234567890]
> 21:24:01: Access accepted for 1234567890
>
> The user was by the time correctly inserted into the DB, so I'm not sure
> what could be happening here. The password is entered on the captive
> portal automatical
#
>
> #
>
>
>
> # This is where the inner EAP-MSCHAPV2 request appears, after being
> converted to
>
> # a conventional Radius-MSCHAPV2 request. You can proxy or handle locally.
>
> # Since its an odinary Radius request, it can be proxied to non-EAP
> capabl
separate log for passwords.
Using the hook makes it easier to do debugging since the passwords go
into logfile, but for other cases PasswordLogFileName can be better if
the passwords should not into normal log.
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS
a local pseudo-attribute. You can
name it as you want, but the main thing is it will never come from the
NAS and has a fixed value you can compare against value returned from
MySQL function.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS serve
;> Tunnel-Server-Endpoint = 172.16.1.2
>>> Tunnel-Password = "tunnelpass2"
>>>
>>> I had hoped to just add a 2nd row to the table, but the handler just
>>> returns the values from the 1st row of the result. I'd like to be able
>>>
ate,2,)':
>
> Wed Jun 27 16:20:03 2012: DEBUG: Handling with Radius::AuthSQL
>
> Wed Jun 27 16:20:03 2012: DEBUG: Handling accounting with Radius::AuthSQL
>
> Wed Jun 27 16:20:03 2012: DEBUG: do query is: 'insert into
> VOIPACCOUNTING2
> (ACCESS_DEVICE,ACCT_DELAY_TIME,ACCT_SESSION_I
eanup for the old entries, so you
would need e.g., a cron job for this. Column key_expires is set to
time() + KeyLifetime so you could consider cleaning up old rows based on
this column.
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM,
ce 4 to see what time stamps are generated
and updated/inserted into the database.
Heikki
> -Original Message-
> From: radiator-boun...@open.com.au [mailto:radiator-boun...@open.com.au] On
> Behalf Of Heikki Vatiainen
> Sent: Friday, 29 June 2012 11:00 PM
> To: radiator@
owsers too, with some saving the file as .tar.gz
and others doing something else.
This will be looked at later this week.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emeral
.
> Is this a bug? We have a fairly complex config file with several
> multi-line handlers and upgrading to 4.10 isn't going to be possible
> without having some seriously long Handler statements.
If you can wait a little with upgrading I will get back to this later
this week.
tAuthSelectHook, but this is executed before Radiator performs the
> authentication operations. This force me to understand if the user is
> blocked twice, one time in the Hook and another time by Radiator and
> this does not make very sense I think. Maybe there is a better way to
>
On 07/03/2012 12:22 AM, Heikki Vatiainen wrote:
> If you can wait a little with upgrading I will get back to this later
> this week.
Patches for 4.10 now restore the functionality while keeping the
originally planned multiline change working. Please let us know if there
are still pr
> Below my radius.cfg file:
>
>
>
> Fork
> Synchronous
Forking may be causing problems with EAP state when a new radiusd
instance is created.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIU
017945.html
and also see Microsoft requirements for their clients:
http://technet.microsoft.com/en-us/library/cc731363.aspx
For example with OpenSSL you need to have this configuration file option
when creating certificates:
extendedKeyUsage = serverAuth
Please let us know how it goes.
T
bit later. Some code changes are likely to be
needed, but even if there are no patches or patch candidates yet, I
thought I'd at least break the silence :)
Thanks,
Heikki
> -Dave
>
>
>
> On 5/11/12 4:55 PM, "Heikki Vatiainen" wrote:
>
>> On 05/11/2012 09:
lt;3><212>iv<240><128><243>BO<188><234><174>
>
> Attributes:
>
> NAS-Port-Id = "AP183/1"
>
> Calling-Station-Id = "00-18-DE-94-3E-36"
>
> Called-Station-Id = "00-0B-0E-2A-16-82:eduroam
urrently considering options that make
reloading less problematic.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Di
m is with the attribute having different name in dictionary
than you are expecting. The names are just for us human, they can vary
between dictionaries, and often do, but the important part is the vendir
id and type.
The best thing to get the names right is to see Trace 4 output and get
the attribute na
bases, plans and other details.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, W
ick test using 32bit Ubuntu 12.04 and 10.04 as
platforms for Radiator 4.10, and the authentication seems to work fine.
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Frees
gt;> Can you assist with this issue?
>
>
>
> ___
> radiator mailing list
> radiator@open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
>
--
Heikki Vatiainen
Radiator: the most portable, flexible and configur
ent and then use Handler
Client-Identifier= to serve IOS and IOS-XR with their specific
AuthorizeGroup options.
Unfortunately this might mean duplicating a lot of existing configuration.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
a
e server
can not do this, the client refuses to continue the authentication process.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM,
tended recipient, please do
> not use or disseminate the information, notify the sender and delete it
> from your system.
>
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Pl
ByDYNADDRESS. AuthBYDYNADDRESS allocate IP address with
> AddressAllocate DHCP.
See goodies/hooks.txt for an example of how to do this. Look for keyword
DYNADDRESS. It's close to line 290, about 1/4 down the file.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and config
o see goodies/ldap.cfg in the Radiator distribution for
more LDAP examples too.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external,
{CentsPerSecond};
An alternative is to define ComputeCostHook which will replace the
default cost calculation with the hook you specify. See the reference
manual and goodies/fidelio.cfg for more about this hook.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable R
/,
Client-Identifier=/^(?!4ProxyServer$)/
Try this instead:
I added the double quotes to surround the Realm value since the value
contains a comma.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP
lect select password from subscriber where username=? and
group=1
# Your current AuthBy DYNADDRESS
AuthSelect select password from subscriber where username=? and
group=0
# Possibly pull the address with select too
Thanks,
Heikki
--
Heikki Vatiainen
Radi
= $p->code;
>
> if ($code eq 'Access-Accept')
> {
>$sp->delete_attr('RB-Context-Name');
> }
>
> return;
> }
>
>
>
>
> ___
> radiator mailing list
> radiator@open.com.au
ass GO-6 is
> supported, as this seems to be the version of the single button token
> that Vasco are pushing these days.
GO-6 works for Digipass authentication. I noticed GO-6 has also HOTP and
TOTP functionality. Radiator supports the both but we have not tested
these methods.
Thanks,
H
ass authentication.
Maybe the best option is to verify the mode when ordering.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, externa
at had hook code in them. However, the patch and
the discussion was useful for considering if there was still room for
minor improvements.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, passwo
s a requirement.
The default settings allow for 30 second clock drift (DelayWindow 1,
TimeStep 30). I am not aware of reports with clock drift being a
problem, so it would be interesting to hear how well the HW tokens keep
the time.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most porta
orms. See section "6.0 radiusd" in the reference
manual and look for radiusd options -servicename for how to run multiple
Radiator (radiusd) instances as Windows services.
What is not supported on Windows are fork based settings. So FarmSize
and Fork options will not work with Windows.
On 08/21/2012 10:36 PM, Heikki Vatiainen wrote:
> Radiator is not multi-threaded but you can run multiple processes on
> Windows and other platforms. See section "6.0 radiusd" in the reference
> manual and look for radiusd options -servicename for how to run multiple
#x27; if
you have up-to-date database for files in your system.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directo
your comments. Tracking drift is certainly needed if the
drift can be minutes. Thinking of it more, it does not sound that bad
with a token with a long lifetime and reasonable price.
We will take a look at adding support for drift tracking.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the mos
osts
you have. If one Host fails, the other(s) can be used instead.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active D
Port 1812
AcctPort 1813
Identifier authby2
Secret mysecret2
Host 127.0.0.2
AuthPort 1812
AcctPort 1813
AuthBy authby1
AuthBy authby2
AuthBy authby1
AuthBy authby2
Thanks,
Ḧeikki
--
Heikki Vatiainen
Radiator: the most portable, fle
ng should be just fine with Vasco and Radiator. I'll check
the latest status and get back to you soon.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Free
com/>
> This e-mail and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they are
> addressed. If you are not the intended recipient you are hereby notified
> that any dissemination, copying or use of the information is prohibited.
> The opinio
401 - 500 of 1068 matches
Mail list logo
