Re: Problem with rml_sqlcounter with GigaByte datavolume
Thanks for your reply but I can't find any version 3.x.x of freeRADIUS. Where can I find it ? Nicolas -- View this message in context: http://freeradius.1045715.n5.nabble.com/Problem-with-rml-sqlcounter-with-GigaByte-datavolume-tp4455164p4793455.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problem with rml_sqlcounter with GigaByte datavolume
On 12 Sep 2011, at 10:20, nfourel wrote: > Thanks for your reply but I can't find any version 3.x.x of freeRADIUS. Where > can I find it ? > http://git.freeradius.org/ 3.x.x is currently in development on the master branch. -Arran Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Waging war on ignorance and apathy one Access-Challenge at a time. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
NAS IP Address
Hello, I'm using free radius server 2.1.11 on Linux Enterprise Server 6.1. OS: Linux Enterprise Server 6.1 Radius: free radius server 2.1.11 Database: Mysql The WIFI routers we're using are in diffirent private networks, behind the internet gateways. The WIFI router has private IP address, such as 192.168.1.1. For some reason, we need know which Internet IP address, the WIFI router is using to do the authention with the FreeRadius server. The FreeRadius server is on internet. As the business needs, we need save the IP addres(Internet gateway IP address) to MySql database. Can anyone advise how to do so? Thanks! Tom- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: NAS IP Address
On 12 Sep 2011, at 13:58, 2394263740 wrote: > Hello, > I'm using free radius server 2.1.11 on Linux Enterprise Server 6.1. > OS: Linux Enterprise Server 6.1 > Radius: free radius server 2.1.11 > Database: Mysql > > The WIFI routers we're using are in diffirent private networks, behind the > internet gateways. The WIFI router has private IP address, such as > 192.168.1.1. > > For some reason, we need know which Internet IP address, the WIFI router is > using to do the authention with the FreeRadius server. The FreeRadius server > is on internet. > > As the business needs, we need save the IP addres(Internet gateway IP > address) to MySql database. edit the queries in raddb/sql/mysql/dialup.conf and add the additional columns to the SQL database. The original IP address of the NAS may be sent in the NAS-IP-Address attribute, in which case use the expansion %{NAS-IP-Address} for the value of the new column. Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Waging war on ignorance and apathy one Access-Challenge at a time. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Best Practices - maximum NAS entries in clients.conf
@ everyone We have about 100 NAS entries in our clients.conf file, it makes the file a bear to deal with but the server seems to handle it fine. We will be expanding our infrastructure soon and the number of NAS entries will increase significantly. At what point should we think about putting them into a database for FR to use? Also, I have seen some chatter on the list about dynamic NASs. Am I correct in assuming that if we are using a DB instead of the clients.conf file we can add or remove clients simply by making changes to the correct table, all without having to restart FR? Jake Sallee Godfather of Bandwidth Network Engineer University of Mary Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Best Practices - maximum NAS entries in clients.conf
Sallee, Stephen (Jake) wrote: > We have about 100 NAS entries in our clients.conf file, it makes the file a > bear to deal with but the server seems to handle it fine. We will be > expanding our infrastructure soon and the number of NAS entries will increase > significantly. At what point should we think about putting them into a > database for FR to use? Whenever you get tired of managing them in clients.conf. The server has been tested with 500K clients in clients.conf. It takes a few seconds to start, and a gig or so of RAM, but it works. > Also, I have seen some chatter on the list about dynamic NASs. Am I correct > in assuming that if we are using a DB instead of the clients.conf file we can > add or remove clients simply by making changes to the correct table, all > without having to restart FR? Yes. You can also do this with files. See raddb/dynamic_clients in 2.1.12. (When it comes out) Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Best Practices - maximum NAS entries in clients.conf
On 12 Sep 2011, at 16:04, Sallee, Stephen (Jake) wrote: > @ everyone > > We have about 100 NAS entries in our clients.conf file, it makes the file a > bear to deal with but the server seems to handle it fine. We will be > expanding our infrastructure soon and the number of NAS entries will increase > significantly. At what point should we think about putting them into a > database for FR to use? When it becomes a bear to deal with the clients.conf file :) - I guess memory might be a concern? But i'm sure there are sites out there with client.conf files holding thousands of entries... It's a hash table in C, it's going to be fast. > > Also, I have seen some chatter on the list about dynamic NASs. Am I correct > in assuming that if we are using a DB instead of the clients.conf file we can > add or remove clients simply by making changes to the correct table, all > without having to restart FR? Indeed. You can also set them to expire as well, to clean up old unused entries. -Arran Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Waging war on ignorance and apathy one Access-Challenge at a time. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Best Practices - maximum NAS entries in clients.conf
> Fone: 254-295-4658 > Phax: 254-295-4221 Nice :) Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Waging war on ignorance and apathy one Access-Challenge at a time. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Best Practices - maximum NAS entries in clients.conf
If the network your APs are on is physically secure, and you don't need accounting for individual APs, you can use netmasks to define clients in the clients.conf file. - Original Message - From: "Sallee, Stephen (Jake)" To: freeradius-users Cc: Sent: Monday, September 12, 2011 9:04 AM Subject: Best Practices - maximum NAS entries in clients.conf @ everyone We have about 100 NAS entries in our clients.conf file, it makes the file a bear to deal with but the server seems to handle it fine. We will be expanding our infrastructure soon and the number of NAS entries will increase significantly. At what point should we think about putting them into a database for FR to use? Also, I have seen some chatter on the list about dynamic NASs. Am I correct in assuming that if we are using a DB instead of the clients.conf file we can add or remove clients simply by making changes to the correct table, all without having to restart FR? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Unable to Authenticate with SHA Password
Hi All, I am unable to authenticate the When I send SHA password to the FreeRADIUS. I have configured SHA-Password := "admin123" in the users file. My Password is admin123 and after SHA messagedigest its -50-2710713-59-76-1105593-48-89-126-957495-4-108-29-81-48 RADIUS is getting the request but its rejecting it. Please find the following radius logs, rad_recv: Access-Request packet from host 172.17.148.152 port 50459, id=0, length=111 User-Name = "emsadmin" User-Password = "-50-2710713-59-76-1105593-48-89-126-957495-4-108-29-81-48" NAS-Identifier = "sunems8-zone2" # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop ++[digest] returns noop [suffix] No '@' in User-Name = "emsadmin", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop [files] users: Matched entry emsadmin at line 204 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns updated Found Auth-Type = PAP # Executing group from file /usr/local/etc/raddb/sites-enabled/default +- entering group PAP {...} [pap] login attempt with password "-50-2710713-59-76-1105593-48-89-126-957495-4-108-29-81-48" [pap] Using SHA1 encryption. [pap] Configured SHA1 password has incorrect length [pap] Passwords don't match ++[pap] returns reject Failed to authenticate the user. Using Post-Auth-Type Reject # Executing group from file /usr/local/etc/raddb/sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> emsadmin attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 1 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 1 Sending Access-Reject of id 0 to 172.17.148.152 port 50459 Waking up in 4.9 seconds. Cleaning up request 1 ID 0 with timestamp +6002 Ready to process requests. -- View this message in context: http://freeradius.1045715.n5.nabble.com/Unable-to-Authenticate-with-SHA-Password-tp4794449p4794449.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Best Practices - maximum NAS entries in clients.conf
Yup. One could create a management / auth VLAN of sorts. Set the source port for RADIUS/Auth/etc. to be said VLAN. In theory then you would need only a single network entry in clients conf, and if you wish, reject traffic from any other "unauthorized" nets / IP's. We do something similar as we also have a large number of switches and other NAS type devices. G -Original Message- From: freeradius-users-bounces+ggatten=waddell@lists.freeradius.org [mailto:freeradius-users-bounces+ggatten=waddell@lists.freeradius.org] On Behalf Of Bruce Nunn Sent: Monday, September 12, 2011 9:41 AM To: FreeRadius users mailing list Subject: Re: Best Practices - maximum NAS entries in clients.conf If the network your APs are on is physically secure, and you don't need accounting for individual APs, you can use netmasks to define clients in the clients.conf file. - Original Message - From: "Sallee, Stephen (Jake)" To: freeradius-users Cc: Sent: Monday, September 12, 2011 9:04 AM Subject: Best Practices - maximum NAS entries in clients.conf @ everyone We have about 100 NAS entries in our clients.conf file, it makes the file a bear to deal with but the server seems to handle it fine. We will be expanding our infrastructure soon and the number of NAS entries will increase significantly. At what point should we think about putting them into a database for FR to use? Also, I have seen some chatter on the list about dynamic NASs. Am I correct in assuming that if we are using a DB instead of the clients.conf file we can add or remove clients simply by making changes to the correct table, all without having to restart FR? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html "This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system." - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problem with rml_sqlcounter with GigaByte datavolume
Many thanks, I am going to try it ! Nicolas -- View this message in context: http://freeradius.1045715.n5.nabble.com/Problem-with-rml-sqlcounter-with-GigaByte-datavolume-tp4455164p4794470.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Best Practices - maximum NAS entries in clients.conf
On 12 Sep 2011, at 16:41, Bruce Nunn wrote: > If the network your APs are on is physically secure, and you don't need > accounting for individual APs, you can use netmasks to define clients in the > clients.conf file. > Why would using a shared, shared secrets or netmasks mess with accounting? But yes, honestly, MD5 has been broken for some time, the only reason to use individual shared secrets is if you're still running something like PAP for Terminal login to the Access Point itself. Using a shared, shared secret does reduce the security of the protocol and increase the probability that the secret could be obtained... and of course if you've got one you've got them all. But if you're just running EAP with a TLS layer, then the only thing it buys you is DDOS protection, and request/response Integrity and thats only useful if the attacker is in a position to play MITM, or flood your server with requests... -Arran Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Waging war on ignorance and apathy one Access-Challenge at a time. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Unable to Authenticate with SHA Password
Rajkumar balaji wrote: > Hi All, > > I am unable to authenticate the When I send SHA password to the FreeRADIUS. > > I have configured SHA-Password := "admin123" in the users file. That's not a SHA password. It's a clear-text password. > My Password is admin123 and after SHA messagedigest its > -50-2710713-59-76-1105593-48-89-126-957495-4-108-29-81-48 I have no idea what that is. SHA returns a hex string. > RADIUS is getting the request but its rejecting it. > > Please find the following radius logs, > > rad_recv: Access-Request packet from host 172.17.148.152 port 50459, id=0, > length=111 > User-Name = "emsadmin" > User-Password = > "-50-2710713-59-76-1105593-48-89-126-957495-4-108-29-81-48" Huh? You have this all completely backwards. Give the clear-text password to "radclient". It should show up in the debug output as User-Password = "admin123". Put the hex version of the SHA has into the "users" file, as: emsadminSHA-Password := 0x123456789abcdef It WILL work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: LDAP Authentication bind as user issue
Ive already set Auth-Type := LDAP by putting it in the users file. As for the rest, I have what you suggest... authenticate { Auth-Type LDAP { ldap.netid } Dave -- View this message in context: http://freeradius.1045715.n5.nabble.com/LDAP-Authentication-bind-as-user-issue-tp4786621p4794846.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Troubleshooting FreeRadius +LDAP
Greetings list users, I'm trying setup FreeRadius to work with LDAP in a deployment of ClearOS and have followed this How-To http://www.clearfoundation.com/docs/howtos/setting_up_freeradius2_to_use_ldap and this How-To http://deployingradius.com/documents/configuration/pap.html with success, up to the part of the inital radtest with credentials inserted in the users file. But when trying to use credentials from the LDAP directory, the Radius server returns an Access-Reject packet. Below is the output from the debug mode. *** login as: root root@192.168.3.5's password: Last login: Mon Sep 12 13:31:45 2011 from 192.168.3.2 [root@system ~]# service radiusd stop Stopping RADIUS server:[ OK ] [root@system ~]# radiusd -X FreeRADIUS Version 2.1.7, for host i686-redhat-linux-gnu, built on May 19 2010 at 13:10:59 Copyright (C) 1999-2009 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License v2. Starting - reading configuration files ... including configuration file /etc/raddb/radiusd.conf including configuration file /etc/raddb/proxy.conf including configuration file /etc/raddb/clearos-clients.conf including files in directory /etc/raddb/modules/ including configuration file /etc/raddb/modules/radutmp including configuration file /etc/raddb/modules/smbpasswd including configuration file /etc/raddb/modules/realm including configuration file /etc/raddb/modules/etc_group including configuration file /etc/raddb/modules/attr_rewrite including configuration file /etc/raddb/modules/wimax including configuration file /etc/raddb/modules/detail including configuration file /etc/raddb/modules/logintime including configuration file /etc/raddb/modules/detail.example.com including configuration file /etc/raddb/modules/files including configuration file /etc/raddb/modules/counter including configuration file /etc/raddb/modules/acct_unique including configuration file /etc/raddb/modules/ippool including configuration file /etc/raddb/modules/exec including configuration file /etc/raddb/modules/inner-eap including configuration file /etc/raddb/modules/always including configuration file /etc/raddb/modules/passwd including configuration file /etc/raddb/modules/expiration including configuration file /etc/raddb/modules/checkval including configuration file /etc/raddb/modules/linelog including configuration file /etc/raddb/modules/sqlcounter_expire_on_login including configuration file /etc/raddb/modules/digest including configuration file /etc/raddb/modules/mschap including configuration file /etc/raddb/modules/detail.log including configuration file /etc/raddb/modules/echo including configuration file /etc/raddb/modules/sradutmp including configuration file /etc/raddb/modules/mac2ip including configuration file /etc/raddb/modules/mac2vlan including configuration file /etc/raddb/modules/pam including configuration file /etc/raddb/modules/smsotp including configuration file /etc/raddb/modules/ldap including configuration file /etc/raddb/modules/unix including configuration file /etc/raddb/modules/pap including configuration file /etc/raddb/modules/sql_log including configuration file /etc/raddb/modules/policy including configuration file /etc/raddb/modules/expr including configuration file /etc/raddb/modules/attr_filter including configuration file /etc/raddb/modules/perl including configuration file /etc/raddb/modules/cui including configuration file /etc/raddb/modules/preprocess including configuration file /etc/raddb/modules/otp including configuration file /etc/raddb/modules/chap including configuration file /etc/raddb/clearos-eap.conf including configuration file /etc/raddb/policy.conf including files in directory /etc/raddb/sites-enabled/ including configuration file /etc/raddb/sites-enabled/control-socket including configuration file /etc/raddb/sites-enabled/inner-tunnel including configuration file /etc/raddb/sites-enabled/default including configuration file /etc/raddb/sites-enabled/clearos-inner-tunnel group = radiusd user = radiusd including dictionary file /etc/raddb/dictionary main { prefix = "/usr" localstatedir = "/var" logdir = "/var/log/radius" libdir = "/usr/lib/freeradius" radacctdir = "/var/log/radius/radacct" hostname_lookups = no max_request_time = 30 cleanup_delay = 5 max_requests = 1024 allow_core_dumps = no pidfile = "/var/run/radiusd/radiusd.pid" checkrad = "/usr/sbin/checkrad" debug_level = 0 proxy_requests = yes log { stripped_names = no auth = no auth_badpass = no auth_goodpass = no } security { max_attributes = 200 reject_delay = 1 status_server = yes } } radiusd: Loa
Re: Best Practices - maximum NAS entries in clients.conf
On 9/12/2011 07:21, Arran Cudbard-Bell wrote: On 12 Sep 2011, at 16:04, Sallee, Stephen (Jake) wrote: @ everyone We have about 100 NAS entries in our clients.conf file, it makes the file a bear to deal with but the server seems to handle it fine. We will be expanding our infrastructure soon and the number of NAS entries will increase significantly. At what point should we think about putting them into a database for FR to use? When it becomes a bear to deal with the clients.conf file :) - I guess memory might be a concern? But i'm sure there are sites out there with client.conf files holding thousands of entries... It's a hash table in C, it's going to be fast. Also, I have seen some chatter on the list about dynamic NASs. Am I correct in assuming that if we are using a DB instead of the clients.conf file we can add or remove clients simply by making changes to the correct table, all without having to restart FR? Indeed. You can also set them to expire as well, to clean up old unused entries. -Arran Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Waging war on ignorance and apathy one Access-Challenge at a time. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Last I heard, you could NOT dynamically add NASs without restarting clients.conf as NAS entries are only read once on startup. Has this changed? Even if this has not changed, the advantages of storing NASs in a table is pretty significant. make changes, call quick restart script, done. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Best Practices - maximum NAS entries in clients.conf
> Last I heard, you could NOT dynamically add NASs without restarting > clients.conf as NAS entries are only read once on startup. Has this changed? Yes, FreeRADIUS will now load clients dynamically from clients or from a database, or an LDAP directory, or off a 5 1/4 floppy, a usb key shaped like a humping dog, or just about any other storage medium. > Even if this has not changed, the advantages of storing NASs in a table is > pretty significant. make changes, call quick restart script, done. Well it has changed. In fact it changed in 08/09. It's now, add client to SQL database, wait client to send packet, wooo client automagically added. You can even remove them using the radiusd control socket without restarting the server. -Arran Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Waging war on ignorance and apathy one Access-Challenge at a time. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Best Practices - maximum NAS entries in clients.conf
Christ Schlacta wrote: > Last I heard, you could NOT dynamically add NASs without restarting > clients.conf as NAS entries are only read once on startup. Has this > changed? I *did* respond to your message. Please read the messages on this list. > Even if this has not changed, the advantages of storing NASs in a table > is pretty significant. make changes, call quick restart script, done. Uh... no. My message (again) talked about adding clients dynamically. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Best Practices - maximum NAS entries in clients.conf
On Tue, Sep 13, 2011 at 2:42 AM, Alan DeKok wrote: > Christ Schlacta wrote: >> Even if this has not changed, the advantages of storing NASs in a table >> is pretty significant. make changes, call quick restart script, done. > > Uh... no. My message (again) talked about adding clients dynamically. If I understand raddb/sites-available/dynamic-clients correctly, the only way to store (well, to retrieve actualy) dynamic clients definition in SQL is to use "%{sql:" expansion. Is there a way to make it have some level of redundancy? Last time I check, "%{sql:" can't be used on "virtual" modules (from instantiate or policy section) which groups multiple sql instance together using "redundant". -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Best Practices - maximum NAS entries in clients.conf
On 9/12/2011 12:41, Arran Cudbard-Bell wrote: Last I heard, you could NOT dynamically add NASs without restarting clients.conf as NAS entries are only read once on startup. Has this changed? Yes, FreeRADIUS will now load clients dynamically from clients or from a database, or an LDAP directory, or off a 5 1/4 floppy, a usb key shaped like a humping dog, or just about any other storage medium. Even if this has not changed, the advantages of storing NASs in a table is pretty significant. make changes, call quick restart script, done. Well it has changed. In fact it changed in 08/09. It's now, add client to SQL database, wait client to send packet, wooo client automagically added. You can even remove them using the radiusd control socket without restarting the server. -Arran Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Waging war on ignorance and apathy one Access-Challenge at a time. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html I'm very glad to hear about these changes, and may be implementing them in the near future (note to alan DeKok: I'm not the OP. I only responded to this recently.) Also, I own the USB key shaped like a humping dog. It doesn't have any storage space and is just a decorative humping dog for your computer. Unless they've made a new version since I purchased mine. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Custom function to update Session-Timeout
Hi, I am new in this mailing list. I have similar situation too, I need counting "something" before decide to send session-timeout to NAS in accounting section. The purpose is disconnect online-user by updating his current Session-Timeout with lower value. Unfortunately, its still not working. My question is, is it possible to send reply Session-Timeout in "accounting section"? I put same in accounting section: update reply { Session-Timeout := `/path/to/my/super/awesome/sessiontimeout/script -myarguments` } -- View this message in context: http://freeradius.1045715.n5.nabble.com/Custom-function-to-update-Session-Timeout-tp4779813p4796996.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Custom function to update Session-Timeout
Have you tried setting the proper timeout from the auth section? Session-Timeout := `/script/that/returns/minimum/of/1-hour/or/remaining-time` ? On 9/12/2011 20:52, denzx wrote: Hi, I am new in this mailing list. I have similar situation too, I need counting "something" before decide to send session-timeout to NAS in accounting section. The purpose is disconnect online-user by updating his current Session-Timeout with lower value. Unfortunately, its still not working. My question is, is it possible to send reply Session-Timeout in "accounting section"? I put same in accounting section: update reply { Session-Timeout := `/path/to/my/super/awesome/sessiontimeout/script -myarguments` } -- View this message in context: http://freeradius.1045715.n5.nabble.com/Custom-function-to-update-Session-Timeout-tp4779813p4796996.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Custom function to update Session-Timeout
On Tue, Sep 13, 2011 at 10:52 AM, denzx wrote: > My question is, is it possible to send reply Session-Timeout in "accounting > section"? >From http://www.ietf.org/rfc/rfc2865.txt " 5.27. Session-Timeout Description This Attribute sets the maximum number of seconds of service to be provided to the user before termination of the session or prompt. This Attribute is available to be sent by the server to the client in an Access-Accept or Access-Challenge. " So no, you shouldn't be able to "send reply Session-Timeout in accounting section" -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html