Limit Login Attempt
Michael Mitchell
mitchell.michael at bigpond.com
Wed Aug 30 00:19:16 CEST 2006
fvt3 wrote:
> How do you prevent a user from authenticating after
> three unsucessful attempts in freeradius. I am
In short, you can't. There is very little (nothing?) you can do to prevent someone from attempting to authenticate. Is this behaviour causing you particular problems though? Load issues on your RADIUS server or other infrastructure?
Our ISP has a system that attempts to control this behaviour though. It tracks the login attempts from each Calling-Station-Id. If the rate of failed attempts goes over a certain threshold then the user will actually be accepted for a 15 minute session, but restricted to a captive portal which presents a web page with troubleshooting tips. This may help remove some of the load from your RADIUS servers at the expense of tying up ports on your NAS. There's still nothing you can do though if the modem just disconnects and tries to reconnect again.
> currently having this issue where a mac adress is
> constantly trying to authenticate after getting login
> incorrect. Any help is appreciated.. Thanks in
> advance ...
>
More information about the Freeradius-Users
mailing list