Simultaneous-Use oddness.
Matthew Schumacher
matt.s at aptalaska.net
Fri Jul 19 20:59:23 CEST 2013
List,
I'm bumping this odd issue with Simultaneous-Use:
When I have a session that didn't get expired in a SQL database, and the
user tries to connect then freeradius correctly checks the nas using the
checkrad script *UNLESS* the nas is no longer defined in the clients.
If the nas is missing, radius doesn't bother to call checkrad, and
rejects the login as a multiple login.
Perhaps this has something to do with the fact that my clients are
defined in SQL using the nas_query option.
So if I deprecate a nas, remove it from the db, then restart freeradius,
the next request comes in, free radius finds the session to be open, but
then neither checks checkrad or accepts the user. The user is now
unable to authenticate until I close the session in the SQL database.
Shouldn't freeradius call checkrad anyway and pass it the
ip/session/user/port for the non-existent nas and let the checkrad
script return 0, then let the user on? That's what I would have though
should have happened.
Thanks,
schu
More information about the Freeradius-Users
mailing list