Good afternoon, I have inherited an aged ICRadius install and I am in process of converting to FreeRadius 1.1.7. Currently I have a master DB on our Management server replicating to two radius servers. Each radius server has a unique sql instance to send accounting data to the master DB. Everything is working, the DB conversion from ICRadius to FreeRadius went fine.
In testing the only issue I have found is I am unable to stop Simultaneous use. I read the docs carefully, checked the Wiki, and I believe I have everything configured properly. Using RadiusTest 2.4.3 and radwho I see the following. I check for a login using radwho and I see I have a session, I then attempt both a new auth and start accounting again and still radwho shows only one login. [EMAIL PROTECTED] /usr/local/etc/raddb]# radwho Login Name What TTY When From Location yellowhous yellowhousejake shell S1 Mon 11:35 192.168.4 192.168.0.1 --------------------10/27/2008 11:55:13 AM Test started [check newrad1]------------------------- Info:Sending Access-Request of id 0 to 10.0.241.95:1645 Password = "marlin" User-Name = "yellowhousejake" Framed-IP-Address = 192.168.0.1 Acct-Session-Id = "201" Info: Access-Accept packet from host 10.0.241.95:1645, id=0, length=89 Service-Type = Framed-User Framed-Protocol = PPP Framed-IP-Address = 255.255.255.254 Framed-IP-Netmask = 255.255.255.255 Framed-Routing = None Framed-Compression = Van-Jacobson-TCP-IP Filter-Id = "std.ppp" Framed-MTU = 1500 Port-Limit = 1 Idle-Timeout = 600 Session-Timeout = 28800 Total approved auths: 1 Total denied auths: 0 Total lost auths: 0 Total time(secs): 0 --------------------10/27/2008 11:55:13 AM Test finished [check newrad1]------------------------- --------------------10/27/2008 11:55:40 AM Test started [start acct]------------------------- Info:Sending Accounting-Request of id 0 to 10.0.241.95:1646 User-Name = "yellowhousejake" Acct-Session-Id = "201" Acct-Status-Type = Start NAS-Port = 1 Framed-IP-Address = 192.168.0.1 Info: Accounting-Response packet from host 10.0.241.95:1646, id=0, length=20 Info:Sending Accounting-Request of id 1 to 10.0.241.95:1646 User-Name = "yellowhousejake" Acct-Session-Id = "201" Acct-Status-Type = Alive NAS-Port = 1 Framed-IP-Address = 192.168.0.1 Info: Accounting-Response packet from host 10.0.241.95:1646, id=1, length=20 Total approved auths: 2 Total denied auths: 0 Total lost auths: 0 Total time(secs): 0 --------------------10/27/2008 11:55:40 AM Test finished [start acct]------------------------- --------------------10/27/2008 11:55:40 AM Test started [start acct]------------------------- Info:Sending Accounting-Request of id 0 to 10.0.241.95:1646 User-Name = "yellowhousejake" Acct-Session-Id = "201" Acct-Status-Type = Start NAS-Port = 1 Framed-IP-Address = 192.168.0.1 Info: Accounting-Response packet from host 10.0.241.95:1646, id=0, length=20 Info:Sending Accounting-Request of id 1 to 10.0.241.95:1646 User-Name = "yellowhousejake" Acct-Session-Id = "201" Acct-Status-Type = Alive NAS-Port = 1 Framed-IP-Address = 192.168.0.1 Info: Accounting-Response packet from host 10.0.241.95:1646, id=1, length=20 Total approved auths: 2 Total denied auths: 0 Total lost auths: 0 Total time(secs): 0 --------------------10/27/2008 11:55:40 AM Test finished [start acct]------------------------- [EMAIL PROTECTED] /usr/local/etc/raddb]# radwho Login Name What TTY When From Location yellowhous yellowhousejake shell S1 Mon 11:55 192.168.4 192.168.0.1 Here are the parts of my conf I believe I need to check for simultaneous use. ## radiusd.conf radutmp { filename = ${logdir}/radutmp username = %{User-Name} case_sensitive = yes check_with_nas = no callerid = "yes" } accounting { radutmp ## sradutmp sql_acct } session { radutmp sql_acct } ## sql.conf # Uncomment simul_count_query to enable simultaneous use checking simul_count_query = "SELECT COUNT(*) \ FROM ${acct_table1} \ WHERE UserName='%{SQL-User-Name}' \ AND AcctStopTime = 0" Note I enabled radutmp after sql was failing to stop the second login. I am certain I have missed something simple but I am unable to find it. Any help, cluesmacks, etc are appreciated. DAve -- I am watching the debate and I am very disappointed. The rules are simple, "answer the question". I would vote right now, and I can in Indiana, for the man who answered the question directly, in less than a minute, and then sat down before the green light was out. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html