Re[2]: semulteneius-use with cisco nas

Толик Шавловский tolik_shavlovsky at mail.ru
Mon Dec 12 10:19:55 CET 2011 

Hi,

this is my radwho output for 1st user (last string for 12-12-2011):

freebsd# radwho
Login Name What TTY When From Location
user user shell >999 Thu 14:38 10.169.33.11 
user user shell >999 Thu 15:03 10.169.33.11 
user user shell >999 Thu 17:25 10.169.33.11 
user user shell >999 Thu 17:26 10.169.33.11 
user user shell >999 Mon 10:45 10.169.33.11 

this is seen from NAS, i cannot add file with prntscrs, but use session is active in NAS.

then, i connect 2nd user via same NAS:
freebsd# radwho
Login Name What TTY When From Location
user user shell >999 Thu 14:38 10.169.33.11 
user user shell >999 Thu 15:03 10.169.33.11 
user user shell >999 Thu 17:25 10.169.33.11 
user user shell >999 Thu 17:26 10.169.33.11 
user user shell >999 Mon 10:45 10.169.33.11 
user user shell >999 Mon 10:50 10.169.33.11 

this is seen from NAS, also.
so, first user is recorded.

I also wanted to add configuration files, but it is not allowed by maillist policy.

part of clients.conf:
freebsd# cat clients.conf
client 10.169.33.11/24 {
#        require_message_authenticator = no
       secret = "12345"
        nastype = "cisco"
        login       = snmp 
        password    = public 
}

freeradius server connects via snmp to NAs, i checked with snmpget.

so, what can be wrong in my configuration?


BR,
Anatolii


10 декабря 2011, 05:52 от Alan DeKok <aland at deployingradius.com>:
> tolik_shavlovsky at mail.ru wrote:
> > i am really not experienced with freeradius and mysql. I made everything
> > with your website.
> > I kindly ask you for help.
> >
> > i made test in the following manner:
> > 1. connect 1st laptop via Ap (NAS) with user/user
> > 2. connect second laptop
> >
> > simult-use feature should block second one, as i understood.
> 
>   IF CERTAIN CONDITIONS ARE MET.
> 
> > from your previuos emailing i understood that acounting is send if we
> > use database, so I configured authentication from mysql.
> >
> > in the debug i see Accounting-Request packet and Accounting-Response.
> >
> > can you describe what is not met??
> 
>   Read doc/Simultaneous-Use, Section 3.  It documents what happens for
> Simultaneous-Use to work.
> 
>   Go check it against the debug output.  Run "radwho" after the first
> login to see if FreeRADIUS has recorded that the user has logged in.
> 
>   If that information isn't recorded, Simultaneous-Use won't work.
> Don't blame FreeRADIUS.  Blame the NAS which is sending useless data.
> 
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list