Hello, I'm working with Freeradius 2.1.8 I'm using session (sql) to control simultaneous use. I would like to return a special value if an user try to access with credentials in use. Group session {...} always resturns ok, so I don't know what can I do in post-auth to distinguish between all reject. I test this configuration in my default server: session { if ("%{Realm}" == "xxx.es") { sql } } post-auth { if (fail) { update reply { Codigo-Reject := Imposible-Contactar-Backend } reject } sql Post-Auth-Type REJECT { if (simulcount) { update reply { Codigo-Reject = Sesion-Abierta } } update reply { Codigo-Reject = Credenciales-Erroneas } sql attr_filter.access_reject } } But don't work. Here is part of the debug info for an accept request: [pap] User authenticated successfully ++[pap] returns ok +- entering group session {...} ++? if ("%{Realm}" == "xxx.es") expand: %{Realm} -> xxx.es ?? Evaluating ("%{Realm}" == "xxx.es") -> TRUE ++? if ("%{Realm}" == "xxx.es") -> TRUE ++- entering if ("%{Realm}" == "xxx.es") {...} . . . rlm_sql (sql): Reserving sql socket id: 4 rlm_sql (sql): Released sql socket id: 4 +++[sql] returns ok ++- if ("%{Realm}" == "xxx.es") returns ok +- entering group post-auth {...} And here is part of the debug info for an reject request for simultaneous use: [pap] User authenticated successfully ++[pap] returns ok +- entering group session {...} ++? if ("%{Realm}" == "xxx.es") expand: %{Realm} -> xxx.es ?? Evaluating ("%{Realm}" == "xxx.es") -> TRUE ++? if ("%{Realm}" == "xxx.es") -> TRUE ++- entering if ("%{Realm}" == "xxx.es") {...} . . . rlm_sql (sql): Reserving sql socket id: 3 rlm_sql (sql): Released sql socket id: 3 +++[sql] returns ok ++- if ("%{Realm}" == "xxx.es") returns ok } # server rinuex Using Post-Auth-Type Reject +- entering group REJECT {...} ++? if (simulcount) ? Evaluating (simulcount) -> TRUE ++? if (simulcount) -> TRUE I need help. Thank you very much and sorry for my english. -- ____________________ Ana Gallardo Gómez ____________________