>> Thanks. I did what you said but it seems that there must be a NAS to >> get the packet on port 3799 and disconnect the user for me. I have >> everything on a single machine and there is not any standalone hardware >> or something to act as a NAS. PPTP and L2TP/IPSec processes serve dialin >> users and freeRADIUS is used to authenticate them. >> Is there any lightweight software that I can use as a NAS to solve this?
> $ man l2tp > It should have the ability to close connections via a command-line > tool. Then, run a script on FreeRADIUS to use that command-line tool. > Why are you working hard to find a complicated solution? If it's all > on one machine, the solutions are simple. > Alan DeKok. Thanks Alan, that looks pretty easy. For a single machine and a single dialin service that must work very well but I have some other services like PPTP and OpenVPN and will have to run RADIUS and VPN services on different machines when the number of users grow. > Not to my knowledge. CoA and DM extensions are relatively recent > (in RADIUS terms) so not that many vendors or projects have implemented > them. If your VPN daemon doesn't support DM, then your best bet is SNMP, > just fire off a script with the exec module. The only reason why you'd absolutely > need to use DM is if the packets had to navigate a network of RADIUS proxy > servers, otherwise SNMP works just as well. > If your VPN daemon doesn't support SNMP, see if it has a control socket, then > write something in perl/python/ruby to translate SNMP requests, or just requests > on another INET socket. > Good luck :) > -Arran Thanks Arran. Honestly, I don't have any idea about CoA and DM but I know that I can use SNMP on the server which runs Debian 6.0. This might be out of the RADIUS scope but I need a little bit more information on this to work it out. How should I send the PoD to SNMP? Will SNMP handle such request by default or I have to set it up for this? Even a useful URL would be a great help cause I couldn't find anything by googling the keywords came to my mind. Thanks, Moby
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html