I have a chunk of points for you to check! but before that, what
exactly happens when you set up a Simultaneous-Use restriction?
if nobody could authenticate after that point? or he can, but
radius doesn't respect your restriction?
if it doesn't respect your restriction, at first check that radius
runs checkrad.pl script. in order to do that, first turn on debuging
in this script and then try to make a double login (assuming
Simultaneous-Use = 1) on your nas. then refer to the file that
the checkrad.pl defined for debugging outputs. if checkrad.pl has
recorded anything in this file that means half of the way !
at this point a quick and rather dirty solution is to setup your
nastype as "other" in both clients.conf and naslist files.
everything should work at this point. if you instit to define your
nastype as "cisco" you need to check out that your snmp works, you
can verify it by this command:
$ snmpget "your-nas-ip" public system.sysDescr.0
system.sysDescr.0 = Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-I-M), Version 12.0(10), RELEASE SOFTWARE
(fc1)
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Mon 20-Mar-00 23:30 by phanguye
if you dont get the output of this command that means you need to
configur your snmp;
Regards,
Mohsen Moeeni,
[EMAIL PROTECTED]
SAF org.
ps : if your nastype is "cisco" or "other" there is NO need to setup
naspassword, becuase the checkrad.pl script doesnt use passwords
for these kinds of nas'es.
On Sun, 12 Aug 2001, BJ Mayhan wrote:
> I am having the same problem limiting users. I am using freeradius 0.1
> also. I am running it on a linux box. I have tried some of the same
> combinations you have with no sucess. I was told at one time that I had to
> check the naspasswd file to allow athincation back to the server. But this
> did not work either. If anyone has any suggestions on how to prevent
> simultaneous use please let me know.
>
> Thanks
> BJ
> Systems Admin.
> ----- Original Message -----
> From: "Mohsen Moeeni" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Sunday, August 12, 2001 8:03 AM
> Subject: Simultaneous-Use again!
>
>
> >
> > I'm a new member of this list. actually my end for subscription was to
> > see if somebody else has the same problem that I have on limiting the
> > number of simultaneous logins, and probably get his or her help.
> >
> > but now that i solved my probelm, i decided to share my expreince with
> > other members. i don't know, maybe most of you are aware of it. but
> > i couldn't find any document addressing this.
> >
> > before switching to freeradius i was using cistron and the
> > simultaneous-use was fucntional. now i am using freeradius 0.1
> > -----------------------------------------
> > [root@sharif httpd]# /usr/local/freeradius/sbin/radiusd -v
> > radiusd: FreeRADIUS Version 0.1, for host i686-pc-linux-gnu, built on Aug
> > 4 2001 at 21:03:33
> > Compilation flags: WITH_DICT_NOCASE WITH_SNMP
> > ----------------------------------------
> >
> > I setup every thing requried for simultaneous-use functioning. i
> > defined my nastype in both naslist and clientes.conf. my snmp
> > works right on both client and server but the
> > problem is that with compat = no in radiusd.conf and some lines
> > like below in users, the server won't authenticate anybody. the "files"
> > module returns "notfound":
> > ------------------Users--------------
> > DEFAULT Auth-Type := System, Simultaneous-Use == 1
> > Reply-Message = "Welcome To me !" ^^
> > -------------------------------------
> >
> > in order to have it functional, I had to first turn compat to cistron
> > and then use these lines instead:
> >
> > ------------------Users--------------
> > DEFAULT Auth-Type := System, Simultaneous-Use = 1
> > Reply-Message = "Welcome To me !" ^
> > -------------------------------------
> >
> > none of the combinations of compat and ='s worked for me.
> > and it got so long for me to find out the problem.
> >
> > I would like to have your comments as well. maybe there exists
> > something that I haven't seen and it has been my fault.
> >
> > Mohsen Moeeni
> > Network Consultant
> > SAF organization
> > http://www.schoolnet.ir
> >
> >
> >
> >
> >
> >
> > -
> > List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
