Simultaneous-Use problem with Mikrotik NAS clients

Fojtán Balázs István balazs at fojtan.hu
Thu Feb 11 16:14:32 CET 2010 

Hello all!


I have problem with the Simultaneous-Use on Freeradius + Mikrotik
environment.
I'm using freeradius 2.1.8 on Debian lenny with mysql support.
I've found a checklist in the wiki
(http://wiki.freeradius.org/index.php/FAQ#Simultaneous-Use_doesn.27t_work).
The second line of this is:

"2. Run radiusd -X and see if it parses the Simultaneous-Use line."

But if I run
radiusd -x | grep simul
I've got only these lines:

        simul_count_query = "SELECT COUNT(*)                             
FROM radacct                              WHERE username =
'%{SQL-User-Name}'                              AND acctstoptime
IS NULL"
        simul_verify_query = "SELECT radacctid, acctsessionid, username,  
                             nasipaddress, nasportid,
framedipaddress,                                callingstationid,
framedprotocol                                FROM radacct        
                       WHERE username = '%{SQL-User-Name}'        
                       AND acctstoptime IS NULL"

I haven't got any output line which contents the "Simultaneous-Use"
text-pattern. One of my question is: Could you describe me what can I see
exactly in the output when the Simultaneous-Use function is on? I've
uncommented in the /etc/freeradius/sql/mysql/dialup.conf the following
lines:

simul_count_query = "SELECT COUNT(*) \
FROM ${acct_table1} \
WHERE username = '%{SQL-User-Name}' \
AND acctstoptime IS NULL"

and also uncommented in the /etc/freeradius/sites-enabled/default, the
"sql" line in the session section. The radwho command regularly lists the
online users. But if I try to login through another Mikrotik NAS client in
the name of a user who is listed by the radwho, the freeradius send
access-accept to the NAS client. My radius database's tables are look like
this:

mysql> select * from radcheck;
+----+----------+---------------+----+------------+
| id | UserName | Attribute     | op | Value      |
+----+----------+---------------+----+------------+
|  1 | hz00001  | user-password | == | Tfregep5uy |
|  3 | hz00002  | user-password | == | 29riaejofu |
|  4 | hz00003  | user-password | == | Razsgepiui |
|  5 | hz00004  | user-password | == | 64Vifuzuxo |
|  6 | hz00005  | user-password | == | 39Bygonony |
|  7 | hz00006  | user-password | == | Zozyhomo25 |
|  8 | hz00007  | user-password | == | awdeokihaY |
|  9 | hz00008  | user-password | == | 33Vifakhde |
+----+----------+---------------+----+------------+

mysql> select * from radusergroup;
+----------+-----------+----------+
| username | groupname | priority |
+----------+-----------+----------+
| hz00001  | HZ	       |        1 |
| hz00002  | HZ        |        1 |
| hz00003  | HZ	       |        1 |
| hz00004  | HZ        |        1 |
| hz00005  | HZ	       |        1 |
| hz00006  | HZ        |        1 |
| hz00007  | HZ	       |        1 |
| hz00008  | HZ        |        1 |
+----------+-----------+----------+

mysql> select * from radgroupreply;
+----+-----------+------------------+----+-------+
| id | GroupName | Attribute        | op | Value |
+----+-----------+------------------+----+-------+
|  1 | HZ        | Simultaneous-Use | := | 1     |
+----+-----------+------------------+----+-------+

Please suggest me what causes the problem!

Regards,
fbi

More information about the Freeradius-Users mailing list