Re: (RADIATOR) Simultaneous Access
Hello Mike - On Tue, 24 Aug 1999, Michael Gatti wrote: Sounds Cool Hugh ... But if I limit my Realm to "MaxSessions 1" all my users will have a limit to 1 access per time, I don't know if you taked a look at my config file I have three other types of authentication that can't be limited to "MaxSessions 1", I did have a look at your examples, however my suggestion regarding MaxSessions was incorrect (misunderstanding on my part). You should still set up a SessionDatabase and declare the NasType for each client and configure the appropriate strict checking via SNMP or whatever. cheers Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Simultaneous Access
Hello Everyone ([EMAIL PROTECTED]) I'm having some problems with Radiator regarding Silmultaneous Access. We have three NAS servers authenticating and accounting on radiator, I have three types of authentications (as shown bellow on my config file), but I still have Simultaneous connections and that's what I'm trying to limit, any ideia or help is thankful: -=-=-=-=-=-=-=-=-=-=-=-=-=-=- - Config File - # MAX.cfg Foreground LogStdout Trace 4 LogDir c:\radiator\malbanet\log LogFile %L\%Y%m%d.log DbDir c:\radiator DictionaryFile %D\dictionary.nt Client localhost Secret mysecretkey /Client Client xxx.xxx.xxx.xxx Secret mysecretkey /Client Client xxx.xxx.xxx.xxx Secret mysecretkey /Client Client xxx.xxx.xxx.xxx Secret mysecretkey /Client Realm DEFAULT RewriteUsername tr/[A-Z]/[a-z]/ AuthByPolicy ContinueUntilAccept AuthBy SQL AuthSelect DBSource dbi:ODBC:myodbc AccountingTable mytable AcctColumnDef SessionID,Acct-Session-Id AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef StatusType,Acct-Status-Type AcctColumnDef UserName,User-Name AcctColumnDef SessionTime,Acct-Session-Time,integer AcctColumnDef InPackets,Acct-Input-Packets AcctColumnDef OutPackets,Acct-Output-Packets AcctColumnDef FoneID,Calling-Station-Id AcctColumnDef IpAddress,Framed-IP-Address AcctColumnDef TIME_STAMP,Timestamp,formatted-date,('%e %m %Y %H:%M:%S') /AuthBy AuthBy FILE # This file is for users that can have more then 1 access per time \ # see file bellow DefaultSimultaneousUse 5 Filename %D/userx /AuthBy AuthBy FILE # This File is for users that can only connect on certain times \ # see file bellow DefaultSimultaneousUse 1 Filename %D/userz /AuthBy AuthBy FILE # This file sends all DEFAULT to authenticate against NT user database \ # see file bellow DefaultSimultaneousUse 1 Filename %D/usery /AuthBy # 1 Log accounting to the detail file in LogDir AcctLogFileName %L\%Y%m.act # 2 Log accounting to the detail file in LogDir AcctLogFileName %L\%Y%m%d.act /Realm AuthBy NT DefaultSimultaneousUse 1 Identifier nt /AuthBy # End of Config File -=-=-=-=-=-=-=-=-=-=-=-=-=-=- - "Userx" file - # User-File - Limits users access to max. of 5 simultaneous sessions username1 User-Password = "password", Framed-Protocol = PPP username2 User-Password = "password", Framed-Protocol = PPP # End of User File -=-=-=-=-=-=-=-=-=-=-=-=-=-=- - "Userz" file - # User File - limits access hours beltrame Auth-Type=nt Framed-Protocol = PPP Time = Wk2100-2200,Sa1500-2400,Su-2400 # End of User File -=-=-=-=-=-=-=-=-=-=-=-=-=-=- - "Usery" file - # User-File - Limits user access to max. of 1 simultaneous session # Sends authentication to hit against NT user Database DEFAULT Auth-Type=nt # End of User File -=-=-=-=-=-=-=-=-=-=-=-=-=-=- Best Regards Michael Gatti Malbanet Serviços On-Line Caxias do Sul - RS - Brazil === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Simultaneous Access
Hello Mike - On Sat, 21 Aug 1999, Michael Gatti wrote: Hello Everyone ([EMAIL PROTECTED]) I'm having some problems with Radiator regarding Silmultaneous Access. We have three NAS servers authenticating and accounting on radiator, I have three types of authentications (as shown bellow on my config file), but I still have Simultaneous connections and that's what I'm trying to limit, any ideia or help is thankful: There are several things you can do: 1. Set up a SessionDatabase SessionDatabase SQL DBSource ... DBUsername ... DBAuth ... /SessionDatabase 2. Set NasType for your Clients Client ... NasType = whatever /Client The above will enforce strict session limit checking. 3. Set MaxSessions in your Realm DEFAULT Realm DEFAULT MaxSessions 1 /Realm This will set a limit of 1 for your Realm. hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.