<div dir="ltr">Any ideas on this...</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Apr 22, 2014 at 12:14 PM, Muhammad Usman <span dir="ltr"><<a href="mailto:muhd.usman87@gmail.com" target="_blank">muhd.usman87@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class=""><span style="font-family:arial,sans-serif;font-size:13px">Dear Alan,</span><div style="font-family:arial,sans-serif;font-size:13px">
Thanks for your reply.. I have uncommented "sql" in session section of "/etc/raddb/sites-enabled/default"</div>
</div><div style="font-family:arial,sans-serif;font-size:13px">Problem I am facing is that radius is not calling the simultaneous use queries during auth time.</div><div class=""><div style="font-family:arial,sans-serif;font-size:13px">
<br>
</div><div style="font-family:arial,sans-serif;font-size:13px">When I start radius process, it displays the queries in logs as well,</div><div style="font-family:arial,sans-serif;font-size:13px">
<br></div></div><div><div><font face="arial, sans-serif">connect_failure_retry_delay = 60</font></div><div><font face="arial, sans-serif"> simul_count_query = "SELECT COUNT(*) FROM radacct WHERE UserName='%{SQL-User-Name}' AND AcctStopTime IS NULL"</font></div>
<div><font face="arial, sans-serif"> simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName, NASIPAddress, NASPortId, FramedIPAddress, CallingStationId, FramedProtocol FROM radacct WHERE UserName='%{SQL-User-Name}' AND AcctStopTime IS NULL"</font></div>
<div><font face="arial, sans-serif"><br></font></div><div><font face="arial, sans-serif"><br></font></div><div><font face="arial, sans-serif">I have also executed this statement</font></div><div><span style="color:rgb(51,51,51);font-family:Consolas,'Liberation Mono',Courier,monospace;font-size:12px;line-height:18px;white-space:pre-wrap">INSERT INTO radgroupcheck (GroupName, Attribute, op, Value) values("dialup", "Simultaneous-Use", ":=", "1");</span><font face="arial, sans-serif"><br>
</font></div><div><span style="color:rgb(51,51,51);font-family:Consolas,'Liberation Mono',Courier,monospace;font-size:12px;line-height:18px;white-space:pre-wrap"><br></span></div><div><span style="color:rgb(51,51,51);font-family:Consolas,'Liberation Mono',Courier,monospace;font-size:12px;line-height:18px;white-space:pre-wrap">I have also set </span><font color="#333333" face="Consolas, Liberation Mono, Courier, monospace"><span style="font-size:12px;line-height:18px;white-space:pre-wrap">nastype = other in clients.conf.. but its not calling the simultaneous check query while the customer tries to authenticate. Please suggest</span></font></div>
<div><font color="#333333" face="Consolas, Liberation Mono, Courier, monospace"><span style="font-size:12px;line-height:18px;white-space:pre-wrap"><br></span></font></div><div><font color="#333333" face="Consolas, Liberation Mono, Courier, monospace"><span style="font-size:12px;line-height:18px;white-space:pre-wrap"><br>
</span></font></div><div><font color="#333333" face="Consolas, Liberation Mono, Courier, monospace"><span style="font-size:12px;line-height:18px;white-space:pre-wrap"><br></span></font></div><div><font color="#333333" face="Consolas, Liberation Mono, Courier, monospace"><span style="font-size:12px;line-height:18px;white-space:pre-wrap"><div>
# Executing section preacct from file /etc/raddb/sites-enabled/default</div><div>+- entering group preacct {...}</div><div>++[preprocess] returns ok</div><div>[acct_unique] Hashing 'NAS-Port = 1,Client-IP-Address = 192.168.6.144,NAS-IP-Address = 10.233.184.1,Acct-Session-Id = "5356150300000001",User-Name = "<a href="mailto:muhd.usman@hotmail.com" target="_blank">muhd.usman@hotmail.com</a>"'</div>
<div>[acct_unique] Acct-Unique-Session-ID = "6660f7aa52e1b7a4".</div><div>++[acct_unique] returns ok</div><div>[suffix] Looking up realm "<a href="http://hotmail.com" target="_blank">hotmail.com</a>" for User-Name = "<a href="mailto:muhd.usman@hotmail.com" target="_blank">muhd.usman@hotmail.com</a>"</div>
<div>[suffix] No such realm "<a href="http://hotmail.com" target="_blank">hotmail.com</a>"</div><div>++[suffix] returns noop</div><div>++[files] returns noop</div><div># Executing section accounting from file /etc/raddb/sites-enabled/default</div>
<div>+- entering group accounting {...}</div><div>[detail] expand: %{Packet-Src-IP-Address} -> 192.168.6.144</div><div>[detail] expand: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d -> /var/log/radius/radacct/<a href="http://192.168.6.144/detail-20140422" target="_blank">192.168.6.144/detail-20140422</a></div>
<div>[detail] /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/radius/radacct/<a href="http://192.168.6.144/detail-20140422" target="_blank">192.168.6.144/detail-20140422</a></div>
<div>[detail] expand: %t -> Tue Apr 22 12:09:27 2014</div><div>++[detail] returns ok</div><div>++[unix] returns ok</div><div>[radutmp] expand: /var/log/radius/radutmp -> /var/log/radius/radutmp</div>
<div>[radutmp] expand: %{User-Name} -> <a href="mailto:muhd.usman@hotmail.com" target="_blank">muhd.usman@hotmail.com</a></div><div>++[radutmp] returns ok</div><div>[sql] expand: %{User-Name} -> <a href="mailto:muhd.usman@hotmail.com" target="_blank">muhd.usman@hotmail.com</a></div>
<div>[sql] sql_set_user escaped user --> '<a href="mailto:muhd.usman@hotmail.com" target="_blank">muhd.usman@hotmail.com</a>'</div><div>[sql] expand: INSERT into radacct (AcctStatusType, UserName, AcctInputOctets, AcctOutputOctets, AcctInputPackets, AcctOutputPackets, AcctSessionTime, AcctTerminateCause, AcctSessionId, FramedIPAddress, CallingStationId, CalledStationId, NASIPAddress, NASIDENTIFIER, WISPrLocationID, WISPrLocationName) VALUES('%{Acct-Status-Type}', '%{User-Name}',0, 0, 0, 0 ,0, '%{Acct-Terminate-Cause}', '%{Acct-Session-Id}', '%{Framed-IP-Address}','%{Calling-Station-Id}', '%{Called-Station-Id}', '%{NAS-IP-Address}', '%{NAS-Identifier}', '%{WISPr-Location-ID}', '%{WISPr-Location-Name}') -> INSERT into radacct (AcctStatusType, UserName, AcctInputOctets, AcctOutputOctets, AcctInputPackets, AcctOutputPackets, AcctSessionTime, AcctTerminateCause, AcctSessionId, FramedIPAddress, CallingStationId, CalledStationId, NASIPAddress, NASIDENTIFIER, WISPrLocationID, WISPrLocationName) VALUES('Start', '<a href="mailto:muhd.usman@hotmail.com" target="_blank">muhd.usman@hotmail.com</a>',0, 0, 0, 0 ,0, '', '5356150300000001', '10.233.184.2','00-21-6A-1E-C2-A2', '70-72-CF-25-D8-9E', '10.233.184.1',</div>
<div>rlm_sql (sql): Reserving sql socket id: 3</div><div>rlm_sql_postgresql: Status: PGRES_COMMAND_OK</div><div>rlm_sql_postgresql: query affected rows = 1</div><div>rlm_sql (sql): Released sql socket id: 3</div>
<div>++[sql] returns ok</div><div><br></div><div><br></div><div><br></div><div>Thanks</div></span></font></div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote"><div class="">On Sat, Apr 19, 2014 at 5:37 PM, Alan DeKok <span dir="ltr"><<a href="mailto:aland@deployingradius.com" target="_blank">aland@deployingradius.com</a>></span> wrote:<br>
</div><div><div class="h5"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>Muhammad Usman wrote:<br>
> I want to enable check that multiple sessions of same users donnot exist<br>
> at parallel, I have enabled the two simultaneous check queries in<br>
> dialup.conf.<br>
<br>
</div> That's useful, but not enough. See doc/Simultaneous-Use.<br>
<div><br>
> Can some body suggest me what changes are required to bring that<br>
> configuration in practise, as currently multiple users can login with<br>
> same credentials, radius is not calling simultaneous check queries while<br>
> authenticating user.<br>
<br>
</div> You need to be sure that the NAS is sending accounting packets, that<br>
they're being stored in SQL, and that you have the "session" section<br>
configured correctly in raddb/sites-enabled/default<br>
<span><font color="#888888"><br>
Alan DeKok.<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</font></span></blockquote></div></div></div><br></div>
</blockquote></div><br></div>