Reauthenticate Every minute
Alan DeKok
aland at deployingradius.com
Wed Mar 21 13:52:14 CET 2012
Mutheu wrote:
> I am a bit new to freeradius and I am trying to create a setup where an active session is
> re-authenticated everyminute and a user is kicked if no enough credit.
That's usually not a good idea. The timeframe for reauthentications
should be 10 minutes at least.
> More Details:
> Using 'norestcounter' with mysql works very well without the above.
> Now I would like to implement this idea : http://computing-tips.net/M0n0wall_Captive_Portal_Logout_URL/#onlinestore).
>
> NAS supports a feature for "reauthentication every minute".
That's good.
> The problem is that, if I turn it on, freeradius responds:
>
> Sending delayed reject for request 2
> Sending Access-Reject of id 234 to 10.250.78.200 port 64881
> Reply-Message := "\r\nYou are already logged in - access denied\r\n\n"
>
> Activated the option for ensuring no 'simoultenious use' via mysql.
Which means you activated one feature which prevents the other one
from working.
Don't do that.
> What am I missing in the freeradius config?
Probably nothing. Your NAS isn't sending the same session information
the second time around. So FreeRADIUS thinks that the user is now
logging in twice, and is rejecting it.
As always, look at the debug output to see what's going on.
Alan DeKok.
More information about the Freeradius-Users
mailing list