Re: wrong user name is stored in mysql radacct table
Message: 2 Date: Wed, 07 Mar 2007 14:28:07 +0100 From: Alan DeKok <aland@deployingradius.com> Subject: Re: wrong user name is stored in mysql radacct table To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <45EEBDE7.7010509@deployingradius.com> Content-Type: text/plain; charset=ISO-8859-1
Zeli Kartzman wrote:
so what you're saying is that effectively a user can get around the simultaneous user limit and login as many times as they want -- all they have to do is type a new outside identity each time and as long as the tunneled PEAP identity is correct they will be allowed to login?
If you configure it that way, yes.
The server *can* be configured to enforce simultaneous login limits no matter what the users type into the outer session. The docs don't describe how to do this, but they DO describe how to tie the inner & outer sessions together, and also how to enforce simultaneous login.
can you give me a pointer to which docs to look at? thanks bz
seems all i have to do is set: use_tunneled_reply = yes in eap.conf for ttls and peap modules. is that correct? bz On Wed, 2007-03-07 at 16:23 -0500, Zeli Kartzman wrote:
Message: 2 Date: Wed, 07 Mar 2007 14:28:07 +0100 From: Alan DeKok <aland@deployingradius.com> Subject: Re: wrong user name is stored in mysql radacct table To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <45EEBDE7.7010509@deployingradius.com> Content-Type: text/plain; charset=ISO-8859-1
Zeli Kartzman wrote:
so what you're saying is that effectively a user can get around the simultaneous user limit and login as many times as they want -- all they have to do is type a new outside identity each time and as long as the tunneled PEAP identity is correct they will be allowed to login?
If you configure it that way, yes.
The server *can* be configured to enforce simultaneous login limits no matter what the users type into the outer session. The docs don't describe how to do this, but they DO describe how to tie the inner & outer sessions together, and also how to enforce simultaneous login.
can you give me a pointer to which docs to look at? thanks
bz
participants (1)
-
Zeli Kartzman