Thank you Alan :) , it works. I addedd the line: 'authentication timer reauthenticate server' to the FastEthernet port on the cisco switch.That is, it will receive reauthentication time as defined on the radius server. Now i want to add users into mysql database and apply similar attributes defined in the users file. Reading the documentation in radiusd.conf, it says attributes can be added to radcheck or radgroupcheck table in mysql, but Max-Daily Session attribute is not recognized. it says "Could not find Check item value pair" in debug mode. I have tried to add attributes in radreply and radgroupreply, and that didn't work either. Please how can I achieve this.
##############Debug log########### rlm_sql (sql): Released sql socket id: 0 modcall[authorize]: module "sql" returns ok for request 60 rlm_counter: Entering module authorize code rlm_counter: Could not find Check item value pair modcall[authorize]: module "daily" returns noop for request 60 modcall: leaving group authorize (returns updated) for request 60 rad_check_password: Found Auth-Type EAP #########mysql ############ +----+-----------+-------------------+----+-----------------+ | id | GroupName | Attribute | op | Value | +----+-----------+-------------------+----+-----------------+ | 1 | student | Service-Type | == | Login-User | | 2 | student | Framed-MTU | == | 576 | | 3 | student | Max-Daily-Session | == | 240 | | 4 | student | Framed-If-Address | == | 255.255.255.254 | | 5 | student | Max-Daily-Session | == | 240 | +----+-----------+-------------------+----+-----------------+ 5 rows in set (0.00 sec) mysql> select * from radgroupreply; +----+-----------+-------------------+----+-----------------+ | id | GroupName | Attribute | op | Value | +----+-----------+-------------------+----+-----------------+ | 1 | student | Service-Type | == | Login-User | | 2 | student | Framed-MTU | == | 576 | | 3 | student | Max-Daily-Session | == | 240 | | 4 | student | Framed-IP-Address | == | 255.255.255.254 | +----+-----------+-------------------+----+-----------------+ mysql> select * from radcheck where username="student"; +-----------+----------+-------------------+----+----------+ | id | UserName | Attribute | op | Value | +-----------+----------+-------------------+----+----------+ | 10 | student | User-Password | == | password | | 11 | student | Max-Daily-Session | == | 240 | +-----------+----------+-------------------+----+----------+ 2 rows in set (0.00 sec) mysql> select * from radreply where username="student"; +----+----------+-------------------+----+-------+ | id | UserName | Attribute | op | Value | +----+----------+-------------------+----+-------+ | 8 | student | Max-Daily-Session | := | 240 | +----+----------+-------------------+----+-------+ 1 row in set (0.00 sec) ############# radiusd.conf ############# accounting { detail daily radutmp sql } authorize { preprocess mschap suffix eap files sql daily } instantiate { exec expr daily } Set session timer to one hour. Or adjust reauth times on the Cisco > > alan > > >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html