how to logout user
Arran Cudbard-Bell
A.Cudbard-Bell at sussex.ac.uk
Sun Aug 19 23:57:17 CEST 2007
Alex French wrote:
> On 19/08/07, Arran Cudbard-Bell <A.Cudbard-Bell at sussex.ac.uk> wrote:
>
>> Alex French wrote:
>>
>>> This has nothing to do the the radius server. The AP logs out the
>>> user, not the radius server.
>>>
>>>
>
>
>> Not entirely true.
>>
>
> Yes it is.
>
No it's not.
In terms of the RFCs the RADIUS server can have a lot to do with
disassociating someone from an access point.
To quote the introductory paragraph of RFC 3576
"The RADIUS protocol, defined in [RFC2865], does not support
unsolicited messages sent from the RADIUS server to the Network
Access Server (NAS).
However, there are many instances in which it is desirable for
changes to be made to session characteristics...
... several vendors have implemented
additional RADIUS commands in order to be able to support unsolicited
messages sent from the RADIUS server to the NAS. These extended
commands provide support for Disconnect and Change-of-Authorization
(CoA) messages."
>
>> See http://wiki.freeradius.org/Disconnect_Messages.
>>
>
> Which says "FreeRADIUS server (radiusd) does not currently have
> internal Disconnect-Request support."
>
Correct the FreeRADIUS server does not support this internally. However
radclient, which ships with the FreeRADIUS source, does support sending
POD and CoA packets. It is also possible for FreeRADIUS to execute
radclient arbitrarily , using it to send a POD to a target NAS.
> Thanks,
>
> Alex
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
---
Arran
More information about the Freeradius-Users
mailing list