I'm doing some tests from localhost to restrict simultaneous-use. * I have a user defined in the users file with Simultaneous-Use := 1. * I have the following file which I feed to radclient to initiate an accounting session for this user: Packet-Type=4 Packet-Dst-Port=1813 Acct-Session-Id = "4D2BB8AC-00000098" Acct-Status-Type = Start Acct-Authentic = RADIUS User-Name = "spackle" NAS-Port = 0 Connect-Info = "CONNECT 48Mbps 802.11b" * In sites-enabled/default I have uncommented "radutmp" and "sradumtp" in accounting{} and I have uncommented radutmp in session{} (yes I know sql is faster but this is just for testing) After running radclient, I see the following with "radwho": Login Name What TTY When From Location spackle spackle shell S0 Sat 08:08 127.0.0.1 All good so far. Now i try to simulate logging in again: radtest spartan password 127.0.0.1 101 hello I am expecting this to be Rejected, but it gets Accepted instead: Received Access-Accept Id 212 from 127.0.0.1:1812 to 0.0.0.0:0 length 35 The debug file shows: (2) # Executing section session from file /usr/local/freeradius/etc/raddb/sites-enabled/default (2) session { (2) radutmp: EXPAND /usr/local/freeradius/var/log/radius/radutmp (2) radutmp: --> /usr/local/freeradius/var/log/radius/radutmp (2) radutmp: EXPAND %{User-Name} (2) radutmp: --> spackle checkrad: No NAS type, or type "other" not checking (2) [radutmp] = fail (2) } # session = fail radutmp is failing but it still sends an Access-Accept. Any thoughts? -- --- Michael Martinez http://www.michael--martinez.com