[ previous ] [ next ] [ threads ]
 
 From:  "Bernie O'Connor" <Bernie dot OConnor at sas dot com>
 To:  "Lee Sharp" <leesharp at hal dash pc dot org>, "m0n0wall" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Captive Portal RADIUS authentication missing fields
 Date:  Fri, 7 Oct 2005 09:54:23 -0400
Sounds like you might be dealing with a Cisco Radius server.  I created a patch to allow 1.2b10 to
work with Cisco Radius  (calling-station-id, and client ip-address), Jonathan is considering adding
the attributes for 1.3.  If you're comfortable with building a custom image of m0n0wall I can send
you the patch; otherwise you'll have to wait for 1.3.

bernie 

-----Original Message-----
From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be] 
Sent: Thursday, October 06, 2005 4:54 PM
To: Lee Sharp; m0n0wall
Subject: RE: [m0n0wall] Captive Portal RADIUS authentication missing fields

The attributes you are saying you require aren't in 1.11 and never will be.

They where added later in 1.2b7 indeed....

As the Radius RFC's states only Nas-Ip || Nas-Identifier are required fields. (you can use both of
them in a request or only one of them)

If you want to use Captive Portal with Radius authentication working you CAN use 1.2b10. It seems to
be 'very stable'. At least if you only use Captive Portal and radius... There are some caveats with
Openvpn and Ipsec with it but as long you aren't using that you can use this one.

Or you can wait until 1.2 comes out (it shouldn't be a long time anymore, I think)

1.3b will have a complete rewritten radius authentication code to support things users have been
asking for (multiple radius server support with failover, round-robin etc..., Radius url-redirection
etc.)

Software has always been distributed 'AS IS' without any warranties.

J.


--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
Jonathan dot de dot graeve at imelda dot be

-----Oorspronkelijk bericht-----
Van: Lee Sharp [mailto:leesharp at hal dash pc dot org]
Verzonden: donderdag 6 oktober 2005 22:44
Aan: m0n0wall
Onderwerp: [m0n0wall] Captive Portal RADIUS authentication missing fields

I am trying to use m0n0 1.11 (this client does not like "beta" software)

with captive portal to authenticate against a RADIUS server owned by a third party.  I have no
control over, or access to, the RADIUS server.  I am failing in authentication.  The "tech" at the
third party stated, "In the auth request you are missing the following attributes; NAS IP, Framed
IP, Calling-Station-ID, Called-Station-ID, and Acct-Session-ID"  I have seen

people getting these attributes, but only in 1.2b7+  Will 1.11 provide this, or do I need to
convince the client that 1.2b10 is very stable "beta" 
software? :-)

Lee


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch