Simultaneous-Use check not working

DAve dave.list at pixelhammer.com
Mon Oct 27 17:46:10 CET 2008 

Good afternoon,

I have inherited an aged ICRadius install and I am in process of
converting to FreeRadius 1.1.7. Currently I have a master DB on our
Management server replicating to two radius servers. Each radius server
has a unique sql instance to send accounting data to the master DB.
Everything is working, the DB conversion from ICRadius to FreeRadius
went fine.

In testing the only issue I have found is I am unable to stop
Simultaneous use. I read the docs carefully, checked the Wiki, and I
believe I have everything configured properly. Using RadiusTest 2.4.3
and radwho I see the following. I check for a login using radwho and I
see I have a session, I then attempt both a new auth and start
accounting again and still radwho shows only one login.

[root at radius1 /usr/local/etc/raddb]# radwho
Login      Name              What  TTY  When      From      Location
yellowhous yellowhousejake   shell S1   Mon 11:35 192.168.4 192.168.0.1

--------------------10/27/2008 11:55:13 AM Test started  [check
newrad1]-------------------------
Info:Sending Access-Request of id 0 to 10.0.241.95:1645
	Password = "marlin"
	User-Name = "yellowhousejake"
	Framed-IP-Address = 192.168.0.1
	Acct-Session-Id = "201"
Info: Access-Accept packet from host 10.0.241.95:1645, id=0, length=89
	Service-Type = Framed-User
	Framed-Protocol = PPP
	Framed-IP-Address = 255.255.255.254
	Framed-IP-Netmask = 255.255.255.255
	Framed-Routing = None
	Framed-Compression = Van-Jacobson-TCP-IP
	Filter-Id = "std.ppp"
	Framed-MTU = 1500
	Port-Limit = 1
	Idle-Timeout = 600
	Session-Timeout = 28800

	   Total approved auths:  1
	     Total denied auths:  0
	       Total lost auths:  0
	       Total time(secs):  0
--------------------10/27/2008 11:55:13 AM Test finished [check
newrad1]-------------------------


--------------------10/27/2008 11:55:40 AM Test started  [start
acct]-------------------------
Info:Sending Accounting-Request of id 0 to 10.0.241.95:1646
	User-Name = "yellowhousejake"
	Acct-Session-Id = "201"
	Acct-Status-Type = Start
	NAS-Port = 1
	Framed-IP-Address = 192.168.0.1
Info: Accounting-Response packet from host 10.0.241.95:1646, id=0, length=20
Info:Sending Accounting-Request of id 1 to 10.0.241.95:1646
	User-Name = "yellowhousejake"
	Acct-Session-Id = "201"
	Acct-Status-Type = Alive
	NAS-Port = 1
	Framed-IP-Address = 192.168.0.1
Info: Accounting-Response packet from host 10.0.241.95:1646, id=1, length=20

	   Total approved auths:  2
	     Total denied auths:  0
	       Total lost auths:  0
	       Total time(secs):  0
--------------------10/27/2008 11:55:40 AM Test finished [start
acct]-------------------------

--------------------10/27/2008 11:55:40 AM Test started  [start
acct]-------------------------
Info:Sending Accounting-Request of id 0 to 10.0.241.95:1646
	User-Name = "yellowhousejake"
	Acct-Session-Id = "201"
	Acct-Status-Type = Start
	NAS-Port = 1
	Framed-IP-Address = 192.168.0.1
Info: Accounting-Response packet from host 10.0.241.95:1646, id=0, length=20
Info:Sending Accounting-Request of id 1 to 10.0.241.95:1646
	User-Name = "yellowhousejake"
	Acct-Session-Id = "201"
	Acct-Status-Type = Alive
	NAS-Port = 1
	Framed-IP-Address = 192.168.0.1
Info: Accounting-Response packet from host 10.0.241.95:1646, id=1, length=20

	   Total approved auths:  2
	     Total denied auths:  0
	       Total lost auths:  0
	       Total time(secs):  0
--------------------10/27/2008 11:55:40 AM Test finished [start
acct]-------------------------

[root at radius1 /usr/local/etc/raddb]# radwho
Login      Name              What  TTY  When      From      Location
yellowhous yellowhousejake   shell S1   Mon 11:55 192.168.4 192.168.0.1

Here are the parts of my conf I believe I need to check for simultaneous
use.

## radiusd.conf
radutmp {
     filename = ${logdir}/radutmp
     username = %{User-Name}
     case_sensitive = yes
     check_with_nas = no
     callerid = "yes"
}


accounting {
     radutmp
##  sradutmp
     sql_acct
}

session {
     radutmp
     sql_acct
}

## sql.conf
# Uncomment simul_count_query to enable simultaneous use checking
simul_count_query = "SELECT COUNT(*) \
  FROM ${acct_table1} \
  WHERE UserName='%{SQL-User-Name}' \
  AND AcctStopTime = 0"


Note I enabled radutmp after sql was failing to stop the second login. I
am certain I have missed something simple but I am unable to find it.
Any help, cluesmacks, etc are appreciated.

DAve


-- 
I am watching the debate and I am very disappointed. The rules are
simple, "answer the question". I would vote right now, and I can
in Indiana, for the man who answered the question directly, in
less than a minute, and then sat down before the green light was out.

More information about the Freeradius-Users mailing list