Hello Rodolfo -
If you specify "Simultaneous-Use" as a check item that Radiator is
configured to use, it will give the sort of error you see if the number
of sessions is exceeded according to the Radiator session database.
You haven't included your configuration file so I can't say for sure,
b
Hi there.
I have the following case:
I'm using a SQL server stored procedure in order to
check the max sessions for users.
Every user have a profile radius defined in my DB.
In this profile I define the attribue "Simultaneous-Use".
Each time that the user try to log on, I verify, using
so
Hello Andrea -
Yes this is always a problem if you don't get proper accounting stop
records.
Radiator is written so that the session database is maintained firstly
by the accounting starts (insert) and accounting stops (delete), but
also by the initial access request which causes a delete on t
Actually I'm using the MaxSession statement to avoid duplicate login to
the network. Unfortunately that means that if a client hangs (so he
doesn't logoff) he cannot re-login until I manually delete the session
from the RadOnline table.
Is it possible to configure Radiator so that the second c
ED] [mailto:[EMAIL PROTECTED]]
Enviado el: miércoles 20 de noviembre de 2002 10:23
Para: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Asunto: RE: (RADIATOR) MaxSessions per user and per domain
Nice! All this is aproaching to what we want to do!
Another question: how could I set a dynamic 'Session
: "Prada López, Julio"
Cc: [EMAIL PROTECTED]
Asunto: Re: (RADIATOR) MaxSessions per user and per domain
Hello Julio -
Rather than two session databases, you would use the AuthBy
PORTLIMITCHECK clause.
See section 6.41 in the Radiator 3.3.1 reference manual
("doc/ref.html"
34 91 270 6152
fax: +34 91 270 6161
mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
-Mensaje original-
De: Hugh Irvine [mailto:[EMAIL PROTECTED]]
Enviado el: lunes 18 de noviembre de 2002 22:41
Para: "Prada López, Julio"
Cc: [EMAIL PROTECTED]
Asunto: Re: (RADIATOR) MaxS
AIN
telf: +34 91 270 6152
fax: +34 91 270 6161
mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
-Mensaje original-
De: Hugh Irvine [mailto:[EMAIL PROTECTED]]
Enviado el: lunes 18 de noviembre de 2002 22:41
Para: "Prada López, Julio"
Cc: [EMAIL PROTECTED]
Asunto: Re: (RA
Hello Julio -
The simplest way to do this is to define two AuthBy LDAP* clauses, one
for each check.
regards
Hugh
On Monday, Nov 18, 2002, at 22:30 Australia/Melbourne, Prada López,
Julio wrote:
Hi all,
I am trying to configure a Radiator instance to allow controlling both
the
maximum se
Hi all,
I am trying to configure a Radiator instance to allow controlling both the
maximum sessions per user and per domain.
Nowadays I have implemented the 'Simultaneous-Use' check with a LDAP
atribute and the default query in CountQuery (default query uses [...]where
USERNAME=%"u"). That works
Hello Robert -
Both the NAS and Radiator consider case differences as different usernames,
so the answer to your question is no - the RewriteUsername has no bearing. As
mentioned previously, the only way to deal with the problem is with a session
database that stores both the original and the
Hugh,
I assume that it won't allow the uppercase to log in if I don't use the
rewrite username also?
Thanks,
Robert
Hugh Irvine wrote:
>
> Hello Robert -
>
> Radiator maintains the session database with the username as entered on the
> NAS. If you want to do login limits based on the rewritte
Hello Robert -
Radiator maintains the session database with the username as entered on the
NAS. If you want to do login limits based on the rewritten username, you
should use an SQL session database and redefine the queries to use the
rewritten username.
regards
Hugh
On Sat, 2 Feb 2002 17:
Hello,
I've recently started using the MaxSession clause in my default realm
and see something strange. It would appear that it's working properly
and only allowing the user to login once unless the user uses a capital
letter in their username (ie bert and Bert are being treated as
different use
Hello Alejandro -
You have to be careful when using radpwtst to test simultaneous use because
radpwtst uses the same NAS-Port and NAS-IP-Address by default for each
request. This will cause the first session to be deleted before the second
session is tested. Also note that radpwtst also sends
I am trying to avoid any user to have more than one simultaneous session. I do it with:
...
MaxSessions 1
...
but it doesn't seem to work. It even does not work when I test it with radpwtst
(sending an Access-Request and a Start Accounting-Request and then sending them again).
We u
Hello Todd -
On Saturday 06 October 2001 02:32, Todd Dokey wrote:
> Is there a way to enforce MaxSessions across different Clients?
>
> I have a problem with people using the same login in San Francisco and Los
> Angeles.
>
> By and large, they both are dealt with by the Default Client and Defau
Is there a way to enforce MaxSessions across different Clients?
I have a problem with people using the same login in San Francisco and Los
Angeles.
By and large, they both are dealt with by the Default Client and Default
handler.. so I thought it would keep a database of this okay.
Does Radiato
Hello Todd -
On Saturday 15 September 2001 03:04, Todd Dokey wrote:
> MaxSessions won't work under text right?
>
> Don't I need a master online calls table of somekind?
>
Radiator always uses an Internal session database in any case, even if an
external session database is not specified.
> Ca
MaxSessions won't work under text right?
Don't I need a master online calls table of somekind?
Can I use authby radius and authby text, but check accounting on Emerald's
calls table?
-
"We sleep safe in our beds because rough men stand ready in the night to
visit violence on those who would
Hello Harrison -
What version of Radiator are you running?
This problem was fixed in Radiator 2.18.1:
>Fixed a problem with Handlers where a MaxSessions denial
would still permit AuthBys to run and perhaps 2 replies to be
returned. Reported by Frederic Gargula
regards
Hugh
On Thur
Title: MaxSessions
Hello,
Is it possible to prevent executing AuthBy clauses when MaxSessions exceeds (within a Handler).
When radiator receives Access-Request, it determine an appropriate handler to process request.
Then it checks whether the user has reach MaxSessions.
In this case user
Hello Dave, Hello Dmitry -
The problem is that Radiator does a delete on reception of an access request
as well as when it gets an accounting stop. This in addition to the fact that
by default, Radiator always uses the username string received from the NAS
(which it must do if it is to do str
Hello,
I didn't read the entire thread, but couldn't you just do this:
# strip off realm:
RewriteUsername s/^([^@]+).*/$1/
? If I neglected to read something, I apologize in advance.
Dave
> On Friday 13 July 2001 20:58, Dmitry Kopylov wrote:
> > Hello,
> >
> > and the
quot;. The question here is if it's possible to rewrite the User-Name
> in Accounting request? Or maybe there is another solution?
>
> regards,
> Dmitry Kopylov
>
> -Original Message-
> From: Hugh Irvine [mailto:[EMAIL PROTECTED]]
> Sent: Friday, July 13, 2001 8:
-
From: Hugh Irvine [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 13, 2001 8:43 AM
To: Vangelis Kyriakakis; [EMAIL PROTECTED]
Subject: Re: (RADIATOR) MaxSessions issue, still a problem
Hello Vangelis -
Actually, an internal session database is exactly that - a session database
held entirely in m
Hello Dmitry -
Here is what I get with this configuration file (copied from your mail):
Foreground
Trace 4
Secret mysecret
RewriteUsername s/^([^@]+).*/$1/
MaxSessions 1
Filename ./bbeyond.users
AcctLogFileName %L/bbeyond/details
PasswordLogFileName %L/bbeyo
Hello Vangelis -
Actually, an internal session database is exactly that - a session database
held entirely in memory. The username in each request is what is used, as
follows: Access-Request - check current sessions and reject if limit
exceeded, Accounting Start - add new record, Accounting S
I think the problem when you use the Internal session database is that it
uses the username from the Accounting file to count the number of sessions. When
a new user logs in it checks the rewritten username against the session
database. So it checks with the name uunoc and not with the [EMAIL P
Hi,
I upgraded to the 18.2.2 but the problem with MaxSession still exists. Here
is part of config and trace 4 output:
RewriteUsername s/^([^@]+).*/$1/
MaxSessions 1
AcctLogFileName %L/bbeyond/details
PasswordLogFileName %L/bbeyond/uunet-password
Hello Chris -
On Sun, 13 Aug 2000, Chris M wrote:
> username Auth-Type = System
> Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Framed-IP-Address = 255.255.255.254,
> Simultaneous-Use = 2,
> P
username Auth-Type = System
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Simultaneous-Use = 2,
Port-Limit = 2,
Framed-MTU = 1500
With this use
Hello Jesus -
On Thu, 08 Jun 2000, Jesus M Diaz wrote:
> Hi all,
>
> at last, i think i now why maxsessions seems wrong:
>
> .iso.org.dod.internet.private.enterprises.9.2.9.2.1.18.X does NOT respond with vpdn
>sessions.
>
> that 'mib' says the user connected at line x, but, if the users are
Hi all,
at last, i think i now why maxsessions seems wrong:
.iso.org.dod.internet.private.enterprises.9.2.9.2.1.18.X does NOT respond with vpdn
sessions.
that 'mib' says the user connected at line x, but, if the users are l2tp (or l2f)
sessions, that 'mib'
says us "", so, the user 'has gone'
Hi all,
I have a 3Com TotalCotrol (TCH), and a Cisco 7500. The calls are sent against the TCH,
ask Radiator and
then it must establish a L2TP tunnel against the cisco. Then the cisco ask again
Radiator (anthores
proccess of Radius Server), who determines if the user can access or it can not.
Hello David -
On Sat, 14 Aug 1999, David Booth wrote:
> Everything is working. But,
>
> I want to enforce MaxSessions 1 for all users
>
> Can someone run a critical eye over it?
>
> Where does MaxSessions 1 go?
>
> I have two NAS - Ascend and Bay4000. How do I get them both checked - with
>
Everything is working. But,
I want to enforce MaxSessions 1 for all users
Can someone run a critical eye over it?
Where does MaxSessions 1 go?
I have two NAS - Ascend and Bay4000. How do I get them both checked - with
NasType?
Is DupInterval 0 for Client DEFAULT right?
David Booth
Goulburn I
Hi James.
On Jun 10, 10:00pm, James H. Thompson wrote:
> Subject: (RADIATOR) MaxSessions override
> If you specify:
> MaxSessions 1
> for a realm, does a
> Simultaneous-Use
> item for a particular user override this?
No. Of those 2, the _most_restrictive_ one app
If you specify:
MaxSessions 1
for a realm, does a
Simultaneous-Use
item for a particular user override this?
Jim
[EMAIL PROTECTED]
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the messa
39 matches
Mail list logo
