checking authorization in the duration of connection
bbahar3 at gmail.com
Sun May 3 12:09:11 CEST 2009
NAS sends accounting update packets in periodic times. I want
freeradius use this updates and
check my online users periodically and send Disconnect packet if
user's traffic is above my
How can it do this?
any document about config ?
My radius server use ldap server for authorize and authentication.I set an
attribute in ldap server that is the check-name in sqlcounter to limit users
Input traffic. I want when user traffic reaches to this amount the user
become stop but radius checks ldap attributes only at the first of
connection not in the middle. How can I set radius server check users
traffic with the amount of this attribute in ldap server in the duration of
The radius server steps out of the way once authentication and authorization
is complete, nor does it have the ability to disconnect a user from a NAS.
You need to have the NAS disconnect the user itself when a threshold is
reached. This is accomplished by returning a vendor specific attribute
specifying the limit for the session which the NAS then maintains. Once the
limit on the NAS is reached the NAS terminates the session. You'll have to
check your NAS documentation for a traffic limiting parameter. In the other
common case of disconnect after a time duration it's handled by computing
the session length during authorization and returning attribute 194 with the
maximum number of seconds for the connection. This attribute is understood
by comon NAS devices and is known variously as Ascend-Maximum-Time,
or Lucent-Maximum-Time. You'll need to apply the same logic for data volume.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Freeradius-Users