Setting different IDLE-TIMEOUTS based on IP Address

[John Giordano]

More pieces to the puzzle... so I have been staring at the output from radiusd -X.

I don't see the huntgroups config file being loaded... is this, perhaps, part of the problem?  The permissions on the disk look good to me.  



[root at gofish raddb]# radiusd -X
FreeRADIUS Version 2.1.12, for host x86_64-unknown-linux-gnu, built on Jul 18 2012 at 16:53:37
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.conf
including files in directory /usr/local/etc/raddb/modules/
including configuration file /usr/local/etc/raddb/modules/mac2ip
including configuration file /usr/local/etc/raddb/modules/chap
including configuration file /usr/local/etc/raddb/modules/etc_group
including configuration file /usr/local/etc/raddb/modules/policy
including configuration file /usr/local/etc/raddb/modules/rediswho
including configuration file /usr/local/etc/raddb/modules/files
including configuration file /usr/local/etc/raddb/modules/detail.log
including configuration file /usr/local/etc/raddb/modules/linelog
including configuration file /usr/local/etc/raddb/modules/digest
including configuration file /usr/local/etc/raddb/modules/soh
including configuration file /usr/local/etc/raddb/modules/mac2vlan
including configuration file /usr/local/etc/raddb/modules/expiration
including configuration file /usr/local/etc/raddb/modules/dynamic_clients
including configuration file /usr/local/etc/raddb/modules/sql_log
including configuration file /usr/local/etc/raddb/modules/krb5
including configuration file /usr/local/etc/raddb/modules/perl
including configuration file /usr/local/etc/raddb/modules/mschap
including configuration file /usr/local/etc/raddb/modules/smbpasswd
including configuration file /usr/local/etc/raddb/modules/exec
including configuration file /usr/local/etc/raddb/modules/counter
including configuration file /usr/local/etc/raddb/modules/always
including configuration file /usr/local/etc/raddb/modules/ldap
including configuration file /usr/local/etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /usr/local/etc/raddb/modules/sradutmp
including configuration file /usr/local/etc/raddb/modules/ntlm_auth
including configuration file /usr/local/etc/raddb/modules/wimax
including configuration file /usr/local/etc/raddb/modules/expr
including configuration file /usr/local/etc/raddb/modules/cui
including configuration file /usr/local/etc/raddb/modules/replicate
including configuration file /usr/local/etc/raddb/modules/radutmp
including configuration file /usr/local/etc/raddb/modules/pap
including configuration file /usr/local/etc/raddb/modules/inner-eap
including configuration file /usr/local/etc/raddb/modules/detail
including configuration file /usr/local/etc/raddb/modules/redis
including configuration file /usr/local/etc/raddb/modules/echo
including configuration file /usr/local/etc/raddb/modules/logintime
including configuration file /usr/local/etc/raddb/modules/checkval
including configuration file /usr/local/etc/raddb/modules/attr_filter
including configuration file /usr/local/etc/raddb/modules/preprocess
including configuration file /usr/local/etc/raddb/modules/attr_rewrite
including configuration file /usr/local/etc/raddb/modules/opendirectory
including configuration file /usr/local/etc/raddb/modules/realm
including configuration file /usr/local/etc/raddb/modules/detail.example.com
including configuration file /usr/local/etc/raddb/modules/unix
including configuration file /usr/local/etc/raddb/modules/pam
including configuration file /usr/local/etc/raddb/modules/acct_unique
including configuration file /usr/local/etc/raddb/modules/otp
including configuration file /usr/local/etc/raddb/modules/passwd
including configuration file /usr/local/etc/raddb/modules/smsotp
including configuration file /usr/local/etc/raddb/modules/ippool
including configuration file /usr/local/etc/raddb/eap.conf
including configuration file /usr/local/etc/raddb/policy.conf
including files in directory /usr/local/etc/raddb/sites-enabled/
including configuration file /usr/local/etc/raddb/sites-enabled/default
including configuration file /usr/local/etc/raddb/sites-enabled/control-socket
including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
main {

-----Original Message-----
From: freeradius-users-bounces+john.giordano=ttmi.us at lists.freeradius.org [mailto:freeradius-users-bounces+john.giordano=ttmi.us at lists.freeradius.org] On Behalf Of John Giordano
Sent: Wednesday, April 17, 2013 11:02 AM
To: 'FreeRadius users mailing list'
Subject: RE: Setting different IDLE-TIMEOUTS based on IP Address

Ok... I feel as though I am trying to solve a riddle here.

I thought that may be the case but!  

I removed the IDLE-TIMEOUT entry from my user stanza and the NAS then rejected me.... I think that was because no IDLE-TIMEOUT was being sent at all from the server to the client....

?!

-----Original Message-----
From: freeradius-users-bounces+john.giordano=ttmi.us at lists.freeradius.org [mailto:freeradius-users-bounces+john.giordano=ttmi.us at lists.freeradius.org] On Behalf Of A.L.M.Buxey at lboro.ac.uk
Sent: Wednesday, April 17, 2013 10:49 AM
To: FreeRadius users mailing list
Subject: Re: Setting different IDLE-TIMEOUTS based on IP Address

Hi,

> STDOUT shows that I am being handed the IDLE-TIMEOUT of 1800 even 
> though I am coming from the LAB Node with IP of 192.168.0.15 The user (me) does have an IDLE-TIMEOUT set in my user section of 1800 but I thought the above lines would set it and because the IDLE-TIMEOUT in my user section is using the = operator.

yes...AFTER the huntgroup stuff you've added..as you say, you added that new stuff at the top of the users file... what comes later overrides

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html