checking authorization in the duration of connection
Ivan Kalik
tnt at kalik.net
Sat May 9 16:29:29 CEST 2009
> I mean if there is a windows vpn server as a NAS for radius server, could
> I
> set the session limit at the start of the session (at authentication)
> and use methods explained in netexpertise article ?
>
No. Microsoft has no traffic limiting VSAs. And it doesn't support
CoA/PoD. In Windows speak CoA stands for Certificate of Authenticity
(that's where their priorities are - in licencing). It supports only time
limited sessions (Session-Timeout).
Mikrotik can do this. I think that they have also implemented CoA in the
latest RouterOS release.
Ivan Kalik
Kalik Informatika ISP
>
>> How about vpn windows as NAS?
>>
>
> Is that a joke? Windows server would be useless. It can't terminate adsl,
> at least not much more than one line. So, someone else is going to
> terminate adsl and send you what via VPN? Accounting? You don't need
> Windows at all then - just a freeradius server. Or traffic via L2TP
> tunnels? Your Windows server is going to die with any significant ammount
> of traffic. Using Windows server as a router is insane. It can work like
> that - but very, very badly. Even a cheap dumb $50-$100 router like
> Mikrotik will outperform it by miles.
>
> Ivan Kalik
> Kalik Informatika ISP
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list