Hi,
we upgraded a freeradius setup from 1.x to 2.1.10+dfsg-2+squeeze1 on Debian
Squeeze.
Within the old version, we used a database config for groups with an attribute
Session-Timeout and the value `%{expr:06:00}`
With new version freeradius send an error while looking in debug mode like:
Tue
Volker Lieder wrote:
Within the old version, we used a database config for groups with an
attribute Session-Timeout and the value `%{expr:06:00}`
Which never worked. 06:00 isn't a number. You can't just invent
syntax and use i.
With new version freeradius send an error while looking
On 2013-04-27 02:46, David Peterson wrote:
Sorry about that, they say its 16 bit.
I have seen this once with a HUAWEI nas. The max value for 16bit
unsigned integer is 65535. it's about 18 hours.
BR,
--
George Chelidze
-
List info/subscribe/unsubscribe? See
is the largest integer that can be used for the Session-Timeout
attribute?
** **
| *David Peterson* | Senior Engineer | Wireless Connections |
| Office: 419.660.6100 ext 2287 | Cell: 419.706.7355| Fax: 419.668.4077 |
*www.*wirelessconnections.net http://www.wirelessconnections.net/* *|
| 166 Milan
=wirelessconnections@lists.freeradius.org
[mailto:freeradius-users-bounces+davidp=wirelessconnections.net@lists.freera
dius.org] On Behalf Of Peter Lambrechtsen
Sent: Friday, April 26, 2013 6:30 PM
To: FreeRadius users mailing list
Subject: Re: Session-Timeout
It would depend on your NAS. What does
To: FreeRadius users mailing list
Subject: Re: Session-Timeout
It would depend on your NAS. What does the manual of the NAS say? The
maximum number is the unsigned 32bit integer max of 4billion which is just a
few years ;) so I don't really expect you want that.
On Apr 27, 2013 10:06 AM, David Peterson dav
Hello All,
We are using EAP-MSCHAPV2 for authentication with LDAP and using version
2.2.0. So actually who control the session validity for how long the client
will be authenticate after connecting to the wireless AP? So for example i
key in my username / password in Windows popup, then how long
Controlled by the NAS and/or the RADIUS server depending on NAS settings. ie
you should be able to set session-timeout on the NAS and then override/update
the value on the RADIUS server depending on your chosen policies...eg for
particular users/clients etc...and if proxying you may have
Hi Alan,
In which config files do i need to look / edit / add the session timeout in
freeradius?
Thanks
Danny
On Tue, Apr 23, 2013 at 3:11 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote:
Controlled by the NAS and/or the RADIUS server depending on NAS settings.
ie you should be able to set
Hi,
In which config files do i need to look / edit / add the session timeout
in freeradius?
that would depend on how your configuration is done and what options and methods
you are using. 'users' file is basic way, SQL tables are another, unlang is yet
another way...eg
update reply
Thanks Alan, let me try that. So i can apply this only if the Wireless AP
is sending packet with Session-Timeout too right? I don't see this setting
in Meraki Wireless AP.
I'm using ldap and all the authentication just simple username / password
from ldap. Is the the exact syntax to apply
Hi,
Thanks Alan, let me try that. So i can apply this only if the Wireless AP
is sending packet with Session-Timeout too right? I don't see this setting
in Meraki Wireless AP.
as i said, depends on your settings and what the NAS is willing to take from
the
RADIUS server - you'll
Thanks again Alex, i will try your syntax.
Thanks
Danny
On Tue, Apr 23, 2013 at 9:25 PM, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
Thanks Alan, let me try that. So i can apply this only if the
Wireless AP
is sending packet with Session-Timeout too right? I don't see this
setting
Hi,
Thanks again Alex, i will try your syntax.
do you deliberately change words?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
What you mean? Sorry i think you might mis-understand my previous 2
message. I mean 2 ask what is the correct syntax for update reply
Is it exactly like what you said in previous email or else :
update reply {
Session-Timeout : = 7200
}
I will search the documentation again
Hi,
What you mean?
see bottom of email
Is it exactly like what you said in previous email or else :
update reply {
Session-Timeout : = 7200
}
no, its exactly liek I typed. if you add spaces like you have then the server
wont like it
alan
-
List info
{
Session-Timeout : = 7200
}
It should be:
post-auth {
update reply {
Session-Timeout := 7200
}
}
(e.g. no space between : and =)
HTH,
Matthew
--
Matthew Newton, Ph.D. m...@le.ac.uk
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester
for update reply
Is it exactly like what you said in previous email or else :
update reply {
Session-Timeout : = 7200
}
It should be:
post-auth {
update reply {
Session-Timeout := 7200
}
}
(e.g. no space between : and =)
HTH,
Matthew
--
Matthew
Bill Isaacs wrote:
Being a moderator does NOT give you moral license to treat people like
children.
The only moral issue here is you admitting you came here with the
intention of trolling.
The only purpose of this list is to help people solve problems. If
that means reminding them to read
these results
for those who are impatient. The Session-Timeout number is way too
large. As I stated previously, this is a 30 day account. It was counting
down with no problems until a few days ago. It then mysteriously began
reporting in the popup window which I was working on that it had 29.9
days
Ok so the question then is: where the hell is radclient getting the
notion that the account has 2366393 seconds left?
That is *entirely* the wrong question. It's why you haven't solved
the problem yet.
Look at the *radius server* debug output. It's the one sending the
Session-Timeout
-Accept. Each with a value for Session-Timeout. That lets
you track *what* the value is, and *where* in the config the value is
coming from.
Then once you know it's a particular module, you can figure out how to
fix that module.
Right now, you're staring at the radclient output, wondering why
, C, etc. You should see 10-20 Reply-Messages
in the Access-Accept. Each with a value for Session-Timeout. That lets
you track *what* the value is, and *where* in the config the value is
coming from.
Then once you know it's a particular module, you can figure out how to
fix that module.
Now
Bill Isaacs wrote:
Alan, you're so much more fun when you're not being myopic. lol Of
course it's getting the answer from the radius server. You really think
I don't know that?
I can only read what you write. You asked *twice* why radclient had
that Session-Timeout. The second time
: Authorized user cgitest, check_item=2592000, counter=231238
rlm_sqlcounter: Sent Reply-Item for user cgitest, Type=*Session-Timeout,
value=2360762*
++[accessperiod] returns ok
So, there's something fishy with the rlm_sqlcounter module. Looks like
the place to start.
Stay tuned, film at 11
is greater than query result
rlm_sqlcounter: Authorized user cgitest, check_item=2592000, counter=231238
rlm_sqlcounter: Sent Reply-Item for user cgitest, Type=*Session-Timeout,
value=2360762*
++[accessperiod] returns ok
So, there's something fishy with the rlm_sqlcounter module. Looks like
radacct WHERE UserName
= 'cgitest' AND AcctSessionTime = 1 ORDER BY AcctStartTime LIMIT 1} -
231238
rlm_sqlcounter: Check item is greater than query result
rlm_sqlcounter: Authorized user cgitest, check_item=2592000, counter=231238
rlm_sqlcounter: Sent Reply-Item for user cgitest, Type=*Session
Alan,
Being a moderator does NOT give you moral license to treat people like
children. You're a rude man. Please ban me.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
We want to force Session-Timeout for all our users. Authorization and
authentication are made by LDAP.
Is it possible to add Session-Timeout in a file or config file to apply
it to all our users ?
BR,
--
Emmanuel BILLOT
CATEL - Dpt. Système et Réseaux
Rectorat - Académie d'Orléans-Tours
Yes. You could do it simply with users file, use unlang in post-auth or add it
to LDAP as 3 places to start with (just one way is enough!) And you'll need to
ensure tour NAS kit follow/honours the value you provide. If you are proxying a
la eduroam then the remote site providing the service
Le 18/01/2013 12:26, Emmanuel BILLOT a écrit :
Hi,
We want to force Session-Timeout for all our users. Authorization
and authentication are made by LDAP.
Is it possible to add Session-Timeout in a file or config file to
apply it to all our users ?
BR,
More question about it :
I saw
On 18.01.2013 12:26, Emmanuel BILLOT wrote:
Hi,
We want to force Session-Timeout for all our users. Authorization and
authentication are made by LDAP.
Is it possible to add Session-Timeout in a file or config file to apply
it to all our users ?
Add the following at the begining of the users
Am 26.07.2012 17:20, schrieb Klaus Klein:
Am 26.07.2012 16:16, schrieb Matthew Newton:
On Thu, Jul 26, 2012 at 04:08:04PM +0200, Klaus Klein wrote:
While everything works so far, I just can't get the Session-Timeout
to work.
If FreeRADIUS is sending the AVP back to the NAS (which you state
Hi Folks,
I'm in the process to setup a WPA(2)-Enterprise (IEEE 802.1X) protected WLAN.
I choose FreeRADIUS (2.1.10) with a EAP-TLS to authenticate and control the
access to the network.
While everything works so far, I just can't get the Session-Timeout to work.
If I start 'freeradius -X
On Thu, Jul 26, 2012 at 04:08:04PM +0200, Klaus Klein wrote:
While everything works so far, I just can't get the Session-Timeout to work.
...
Any idea how I could pinpoint the problem either from the FreeRADIUS or the
client side?
If FreeRADIUS is sending the AVP back to the NAS (which you
Then AP probably doesn't understand Session-Timeout attribute... (not
implemented for example)
It would be helpful to tell us what are you using as AP
On 26.7.2012 16:08, Klaus Klein wrote:
Hi Folks,
I'm in the process to setup a WPA(2)-Enterprise (IEEE 802.1X)
protected WLAN.
I
Am 26.07.2012 16:29, schrieb Marinko Tarlać:
Then AP probably doesn't understand Session-Timeout attribute... (not
implemented for example)
It would be helpful to tell us what are you using as AP
AP No.1
Netgear WG602v3 with dd-wrt v24_micro_generic.bin
AP No.2
Siemens Gigaset SE515dsl
Am 26.07.2012 16:16, schrieb Matthew Newton:
On Thu, Jul 26, 2012 at 04:08:04PM +0200, Klaus Klein wrote:
While everything works so far, I just can't get the Session-Timeout to work.
If FreeRADIUS is sending the AVP back to the NAS (which you state
it is), it's the job of the NAS (the AP
yagizozen wrote:
All the information of the users that connect and dc, is stored in the
db.daily file I suppose. But I can not open the file with notepad and see
which user had how many seconds of active sessions.
That's not how computers work. Do you open MP3s in Notepad to play them?
I
.1045715.n5.nabble.com/Session-Timeout-Monitoring-from-db-daily-tp5693089p5696811.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, May 9, 2012 at 3:54 PM, yagizozen yagizo...@yahoo.com wrote:
Thank you Alan,
I couldnt find that perl file in my machine. Is there any way to see the
content of db.daily with the use of any program in the windows environment
so that I can copy the file to my windows and use that tool
On Wed, May 9, 2012 at 3:54 PM, yagizozen yagizo...@yahoo.com wrote:
Thank you Alan,
I couldnt find that perl file in my machine.
It's available on FR source code, as mentioned already by Alan:
http://freeradius.org/download.html
Or read the latest development version directly from github:
yagizozen wrote:
I couldnt find that perl file in my machine.
That's not a good response.
The file is distributed with FreeRADIUS. Go look in the FreeRADIUS
distribution archive for it.
Is there any way to see the
content of db.daily with the use of any program in the windows
You are right Sir,
I could not find it in my server because it didnt installed I guess when I
install FR with yum install freeradius2 freeradius2-utils
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Session-Timeout-Monitoring-from-db-daily-tp5693089p5697104.html
Sent
I do not have the modules folder under /usr/src. How can I install the
modules folder to my machine but do not change any other file contents under
/etc or /var/log/radius
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Session-Timeout-Monitoring-from-db-daily
yagizozen wrote:
I do not have the modules folder under /usr/src. How can I install the
modules folder to my machine but do not change any other file contents under
/etc or /var/log/radius
Download the tar file from our FTP site. See http://www.freeradius.org/
Or, read the link that
On 05/09/2012 07:17 AM, yagizozen wrote:
You are right Sir,
I could not find it in my server because it didnt installed I guess when I
install FR with yum install freeradius2 freeradius2-utils
The reason the rad_counter.pl is only in a source distribution is
because it's not installed via
John Dennis wrote:
The reason the rad_counter.pl is only in a source distribution is
because it's not installed via the install target in the Makefile. If
rad_counter.pl is meant to be a user utility it should be installed as
part of make install.
That's probably a good idea.
I'll go add
helloo everyone,
I manage to do it finally :)
THANK YOU Very much
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Session-Timeout-Monitoring-from-db-daily-tp5693089p5697405.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe
reply-name = Session-Timeout
cache-size = 5000
}
All the information of the users that connect and dc, is stored in the
db.daily file I suppose. But I can not open the file with notepad and see
which user had how many seconds of active sessions. I configured a user to
use 1 hour per day
=
@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /
}
rlm_sqlcounter: Reply attribute Session-Timeout is number 27
rlm_sqlcounter: Counter attribute One-All-Session-Time is number 11273
rlm_sqlcounter: Check attribute One-All-Session is number 11274
rlm_sqlcounter: Current Time: 1328269705 [2012-02-03 12:48:25], Next reset 0
[2012-02
tonimanel wrote:
I'm having problems configuring authentication attributes which were send to
the NAS. I don't know why FreeRADIUS doesn't check attributes that NAS sends
- only check called-stattion-id (maybe I should to complete the
configuration... I don't know how).
Learn how to ask
Hi,
I'm having problems configuring authentication attributes which were send to
the NAS. I don't know why FreeRADIUS doesn't check attributes that NAS sends
- only check called-stattion-id (maybe I should to complete the
configuration... I don't know how).
FreeRADIUS will check whatever you
that in radgroupcheck is WISPr-Location-Name, why these values were not
compared? And another problem that I'm having is that when user login seems
that NAS (Mikrotik in my case) does nor receive session time left
(Session-Timeout). Why? Have I to configure something? I have added
dictionary. Any
left
(Session-Timeout). Why? Have I to configure something? I have added
dictionary. Any idea?
Back up a bit.
I'm going to be blunt here. At this point I HIGHLY suggest you try to
implement a BASIC freeradius installation, from a FRESH installation
(either source or package is fine). Don't
have configured in Mikrotik a location name
that in radgroupcheck is WISPr-Location-Name, why these values were not
compared? And another problem that I'm having is that when user login seems
that NAS (Mikrotik in my case) does nor receive session time left
(Session-Timeout). Why? Have I
:
http://freeradius.1045715.n5.nabble.com/Problems-sending-session-timeout-tp5433107p5453949.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
(Session-Timeout). Why? Have I to configure something? I have added
radiusd -X
and watch what is happening.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi again,
I don't know why my FreeRADIUS server doesn't send session-timeout and
another attributes like radius-location-name or radius-location-id (all in
Mikrotik NAS). In FreeRADIUS older versions, I think that this attributes
were sent automatically with the dictionary activation.
Anybody
tonimanel wrote:
I don't know why my FreeRADIUS server doesn't send session-timeout and
another attributes like radius-location-name or radius-location-id (all in
Mikrotik NAS). In FreeRADIUS older versions, I think that this attributes
were sent automatically with the dictionary activation
, ¿that's correct?
Thanks for your attention.
Best regards,
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Problems-sending-session-timeout-tp5433107p5450548.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See
tonimanel wrote:
I wanted to say counter.conf.
Which one?
In that file we can define counters that
theorically sends attributes to the NAS, in my case Mikrotik. I have enabled
Mikrotik's dictionary. So, I should to add all attributes inside of
counter.conf file in all directives defined ,
). NAS, in my case, should receives session timeout,
radius-id-location... If I must to configure freeradius to replies with
these attributes, I should to add it inside of sql/mysql/counter.conf (a
file that contains noresetcounter, monthly or daily directives), that's
correct?
If I'm wrong or I have
session timeout,
radius-id-location... If I must to configure freeradius to replies with
these attributes, I should to add it inside of sql/mysql/counter.conf (a
file that contains noresetcounter, monthly or daily directives), that's
correct?
No. Modules are configured in the raddb/modules
Hi Alan,
Thanks again for your reply. I will check later.
I will report news here ...
Regards,
Toni.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Problems-sending-session-timeout-tp5433107p5451438.html
Sent from the FreeRadius - User mailing list archive
Thanks for your answer.
Sorry if my question was a lot of basic ... I have solved this adding
reply-name (reply-name = Session-Timeout) in all modules defined in
counter.sql.
Thank you very much.
Best regards,
Toni.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com
Hi guys,
I have a problem with my freeradius service. I would like to get that
freeradius sends to my NAS the session-timeout attribute. Can you tell my
how could I get it?
This is the output result:
FreeRADIUS Version 2.1.10, for host i486-pc-linux-gnu, built on Nov 14 2010
at 20:41:03
On Thu, Jan 26, 2012 at 10:14 PM, tonimanel
antoniofernan...@fabergames.com wrote:
Hi guys,
I have a problem with my freeradius service. I would like to get that
freeradius sends to my NAS the session-timeout attribute. Can you tell my
how could I get it?
Just put it it radreply :)
I think
Have you tried setting the proper timeout from the auth section?
Session-Timeout :=
`/script/that/returns/minimum/of/1-hour/or/remaining-time` ?
On 9/12/2011 20:52, denzx wrote:
Hi, I am new in this mailing list.
I have similar situation too, I need counting something before decide to
send
On Tue, Sep 13, 2011 at 10:52 AM, denzx dennyzulfi...@gmail.com wrote:
My question is, is it possible to send reply Session-Timeout in accounting
section?
From http://www.ietf.org/rfc/rfc2865.txt
5.27. Session-Timeout
Description
This Attribute sets the maximum number of seconds
Hi All again,
thanks a lot for your answers. it's now clear to me that I must try other
ways to perform disconnection of users.
BR//Denny
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Custom-function-to-update-Session-Timeout-tp4779813p4797640.html
Sent from
of users.
BR//Denny
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Custom-function-to-update-Session-Timeout-tp4779813p4797640.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http
Hi, I am new in this mailing list.
I have similar situation too, I need counting something before decide to
send session-timeout to NAS in accounting section. The purpose is disconnect
online-user by updating his current Session-Timeout with lower value.
Unfortunately, its still not working.
My
Hi All,
I am new to developing for Freeradius and i was hoping one of you can direct me
into the right direction. I would like to have a program update the
Session-Timeout on authentication request or on disconnect so that when the
user receives the access accept it receives the updated
On 7 Sep 2011, at 21:28, Ivaylo Petkov wrote:
Hi All,
I am new to developing for Freeradius and i was hoping one of you can direct
me into the right direction. I would like to have a program update the
Session-Timeout on authentication request or on disconnect so that when the
user
I'm using freeradius with coova-chilli. Works fine and dandy, but
I'm trying to enforce some policy which I can do with some scripts,
but it would be much cleaner to do with radius (IMHO).
What I want to happen is when user session timeout or bandwidth restriction
has been hit, update
timeout or bandwidth restriction
has been hit, update a database field. right now on session timeout
accounting_update_query appears to be run. I would like to run an additional
query as well, to disable the account (I've added a disabled field to the
radcheck and updated my auth query to check
Why not define a trigger in the database to run the additional query or
a function that can perform the necessary checks and the execute a
query.
I'll take a look at some triggers and stored procedures to go along
with it. Would be useful for cleaning up stuff anyway (running
radius and
Fazal Ahmed Malik wrote:
I have installed Freeradius 2.0 along with mysql 5 and dialup_admin. I
am having trouble with session-timeout ,expiration. On dialup_admin i
have correct information for both attributes like user can login for 0
seconds and similarly for expiration like account expired
Hi,
I have installed Freeradius 2.0 along with mysql 5 and dialup_admin. I am
having trouble with session-timeout ,expiration. On dialup_admin i have correct
information for both attributes like user can login for 0 seconds and similarly
for expiration like account expired. But users can still
You need sqlcounter (counter.conf) for that.
Found. but no UPDATE query in it.
Oddly enough, counter doesn't update anything - it COUNTS. It counts how
much time has been used in current period (on previous logins) and deducts
that from the limit. You can choose the reset period (daily counter
dailycounter
{
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
reply-name = Session-Timeout
sqlmod-inst = sql
key = User-Name
reset = daily
query = SELECT SUM(AcctSessionTime - \
GREATER((%b - AcctStartTime::ABSTIME::INT4), ...
}
What is wrong
sqlcounter dailycounter
{
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
reply-name = Session-Timeout
sqlmod-inst = sql
key = User-Name
reset = daily
query = SELECT SUM(AcctSessionTime - \
GREATER((%b - AcctStartTime
09/18/2009 05:41 PM, Ivan Kalik::
sqlcounter dailycounter
{
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
reply-name = Session-Timeout
sqlmod-inst = sql
key = User-Name
reset = daily
query = SELECT SUM(AcctSessionTime
09/18/2009 05:41 PM, Ivan Kalik::
sqlcounter dailycounter
{
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
reply-name = Session-Timeout
sqlmod-inst = sql
key = User-Name
reset = daily
query = SELECT SUM(AcctSessionTime
Hi,
(Using freeRadius v2)
We have prepaid users, where the freeradius server should answer with some
non null integer Session-Timeout.
We have also postpaid users, where the session should be unlimited.
What is the Session-Timeout value corresponding to unlimited?
Thank you
Hi,
We have prepaid users, where the freeradius server should answer with
some
non null integer Session-Timeout.
We have also postpaid users, where the session should be unlimited.
What is the Session-Timeout value corresponding to unlimited?
If you don't send Session-Timeout at all
as an FYI, I do see commercial NAS code that implements this.
Alan DeKok-2 wrote:
Gong Cheng wrote:
Hi,
I wonder if there is a way
- not to include Session-Timeout value intended for Access-
Accept in
Access-Challenge messages?
In 2.1.7, see raddb/sites-available/default. Look for
Access
Gong Cheng wrote:
Hi,
I wonder if there is a way
- not to include Session-Timeout value intended for Access-Accept in
Access-Challenge messages?
In 2.1.7, see raddb/sites-available/default. Look for
Access-Challenge. There is sample configuration.
- or to configure a different
Alan,
They most certainly do!
I just debugged a case where the Cisco 1200 takes the 30s Session-Timeout
that the Microsoft IAS server sends and treats it as a response timeout. (It
then aborts the authentication, which I believe is wrong, but that's another
story)
When doing
-Timeout value intended for Access-Accept in
Access-Challenge messages?
In 2.1.7, see raddb/sites-available/default. Look for
Access-Challenge. There is sample configuration.
- or to configure a different Session-Timeout value for Access-Challenges
(which contain EAP-Message
:
Gong Cheng wrote:
Hi,
I wonder if there is a way
- not to include Session-Timeout value intended for Access-Accept in
Access-Challenge messages?
In 2.1.7, see raddb/sites-available/default. Look for
Access-Challenge. There is sample configuration.
- or to configure a different
Hi,
I wonder if there is a way
- not to include Session-Timeout value intended for Access-Accept in
Access-Challenge messages?
- or to configure a different Session-Timeout value for Access-Challenges
(which contain EAP-Message)?
This is about the following section in RFC3579 where Session
Yes I need all of them.
Is it a problem?
Le 09-06-29 à 16:31, Guillaume Brenaut a écrit :
Hello,
after looking for a solution in different forums and on this mailing
list without any success I decide to post my problem here.
I'm having trouble to get the good Session-Timeout at the first
Hello,
after looking for a solution in different forums and on this mailing
list without any success I decide to post my problem here.
I'm having trouble to get the good Session-Timeout at the first request.
Example: one user with Max-All-Session:=900 try to connect:
r...@server:~# radtest
after looking for a solution in different forums and on this mailing
list without any success I decide to post my problem here.
I'm having trouble to get the good Session-Timeout at the first request.
Example: one user with Max-All-Session:=900 try to connect:
r...@server:~# radtest jalmjdm
Hello list,
This might be interesting for users in germany, since there is a
disconnect each 24h if you are working with products from Deutsche
Telekom (DTAG). The disconnect will be forced, if the session is up for
more than 24h. So the job was to set the session-timeout so that logout
will ocur
the job was to set the session-timeout so that logout
will ocur each day at the same time.
I solved it with freeradius/postgres with an internal sql-function. Its
a quick hack and there might be 100 better ways to solve. Here we go:
(...)
hi,
thanks for the posting. Good to know the technics
the number of seconds left in the time span,
and sets the Session-Timeout to that number of seconds. How can i include
Session-Timeout in the Access-Accept packet?
Best Regards,
Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
of seconds left in the time span,
and sets the Session-Timeout to that number of seconds.
Is this in inner'tunnel (debug would help)?
How can i include
Session-Timeout in the Access-Accept packet?
If logintime works in inner-tunnel you need to enable use_tunneled_reply
in (peap and/or ttls section
1 - 100 of 260 matches
Mail list logo