limiting sessions
Andrew Long
along at escapewire.com
Thu Nov 9 17:00:49 CET 2006
>> Andrew Long <along at escapewire.com> wrote:
>>> I tried Session-Timeout but it doesn't seem to do the job.
>> So... is it being sent back to the NAS? If it is, then the NAS is
>> ignoring it. Go ask your NAS manufacturer for a refund, or for a
>> firmware upgrade that implements RADIUS.
>> Alan DeKok.
> How would you suggest I verify the session-timeout is actually being
> sent/received?
> Andrew
> radiusd -X
> in the debug mode you can see attributes that are being send back to you
> NAS. If you want to see what comes to NAS - please consult the documentation
> of your NAS !
> Regards,
> E:S
Here is the output from radiusd -X regarding the answer to an
auth-request from one of the properties where I changed
session-timeout to 1800. It does not look to me like the
session-timeout attribute is being sent... any suggestions?
========= sample 1 (main street) ==========
rad_recv: Access-Request packet from host 141.149.128.xx:1024, id=88, length=191
Acct-Session-Id = "54a4b76f"
NAS-Port = 3
NAS-Port-Type = Wireless-802.11
User-Name = "4aroma70370"
Calling-Station-Id = "00-14-A5-71-1A-61"
Called-Station-Id = "00-03-52-02-8C-F9"
Framed-IP-Address = 192.168.110.101
CHAP-Password = [removed]
CHAP-Challenge = [removed]
NAS-Identifier = "R035-00371"
NAS-IP-Address = 141.149.128.58
Framed-MTU = 1496
Connect-Info = "HTTPS"
Service-Type = Framed-User
Message-Authenticator = 0xacd61ed325c0d7c91980dbf8bcf6ccdd
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
rlm_chap: Setting 'Auth-Type := CHAP'
modcall[authorize]: module "chap" returns ok for request 1
modcall[authorize]: module "eap" returns noop for request 1
rlm_realm: No '@' in User-Name = "4aroma70370", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
users: Matched DEFAULT at 177
modcall[authorize]: module "files" returns ok for request 1
modcall[authorize]: module "mschap" returns noop for request 1
radius_xlat: '4aroma70370'
rlm_sql (sql): sql_set_user escaped user --> '4aroma70370'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '4aroma70370' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 3
radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '4aroma70370' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = '4aroma70370' ORDER BY id'
radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '4aroma70370' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): Released sql socket id: 3
modcall[authorize]: module "sql" returns ok for request 1
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
modcall[authorize]: module "noresetcounter" returns noop for request 1
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
modcall[authorize]: module "dailycounter" returns noop for request 1
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
modcall[authorize]: module "monthlycounter" returns noop for request 1
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
modcall[authorize]: module "daypasscounter" returns noop for request 1
modcall: group authorize returns ok for request 1
rad_check_password: Found Auth-Type CHAP
auth: type "CHAP"
modcall: entering group Auth-Type for request 1
rlm_chap: login attempt by "4aroma70370" with CHAP password
rlm_chap: Using clear text password [removed] for user 4aroma70370 authentication.
rlm_chap: chap user 4aroma70370 authenticated succesfully
modcall[authenticate]: module "chap" returns ok for request 1
modcall: group Auth-Type returns ok for request 1
Sending Access-Accept of id 88 to 141.149.128.xx:1024
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
Finished request 1
Going to the next request
================= end ===============
Andrew
More information about the Freeradius-Users
mailing list