configuration freeradius for no simultaneous use

tolik_shavlovsky at tolik_shavlovsky at
Fri Dec 2 11:35:58 CET 2011


according to doc:

  The server keeps a list of logged-in users in the /var/log/radutmp file.
  This is also called "the session database". When you execute "radwho",
  all that radwho really does is list the entries in this file in a pretty
  format. Only when someone tries to login who _already_ has an active
  session according to the radutmp file, the server executes the perl
  script /usr/local/sbin/checkrad (or /usr/sbin/checkrad, it checks for
  the presence of both and in that order). This script queries the terminal
  server to see if the user indeed already has an active session.

  The script uses SNMP for Livingston Portmasters and Ciscos, finger for
  Portslave, Computone and Ascend, and Net::Telnet for USR/3Com TC.

  Since the script has been witten in perl, it's easy to adjust for
  any type of terminal server. There are implementations in the script for
  checks using SNMP, finger, and telnet, so it should be easy to add
  your own check routine if your terminal server is not supported yet.

  You can find the script in the file src/

  You need to set the correct type in the file /etc/raddb/naslist so that
  checkrad KNOWS how it should interrogate the terminal server. At this
  time you can define the following types:

my  /usr/local/etc/raddb doesn't has naslist ans naspassword files.

If i configure them manually, so freeradius will connect to NAS (we use cisco) via snmp and check user session? So, in such way i don't need script?


02 декабря 2011, 13:53 от "Fajar A. Nugraha-2 [via FreeRadius]" <ml-node+s1045715n5041277h78 at>:
 2011/12/2 Толик Шавловский <[hidden email]>:
> Dear Alan,

I assume you want help from anyone, not just Alan, so I'll add some
comments here.

> i am not good acquainted with freeradius. So, from doc/Simultaneous-use i understood that freeradius requres script, which will connect to NAS and check user session. Am i right?

That's one way to do that (and possibly the most accurate way). But
not the ONLY way.

You can make it work without the script, if you store accounting data
in sql. See (for example) raddb/sql/mysql/dialup.conf, look for
"simul_count_query" and "simul_verify_query". But again, you need to
store accounting data for it to work.


> 02 декабря 2011, 12:43 от "Fajar A. Nugraha" <[hidden email]>:
>> On Fri, Dec 2, 2011 at 3:37 PM, [hidden email]
>> <[hidden email]> wrote:
>> > Dear Alan,
>> >
>> > i added  Simultaneous-Use = 1 to user profile in users file.
>> Did you read the doc? Or the reply I sent earlier?
>> It requires MORE than just that.

List info/subscribe/unsubscribe? See
If you reply to this email, your message will be added to the discussion below:  
 To unsubscribe from configuration freeradius for no simultaneous use, click here.


View this message in context:
Sent from the FreeRadius - User mailing list archive at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list