force logout user on nas at accounting
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Wed Aug 17 14:16:45 CEST 2011
Thats not how the RADIUS protocol works. Accounting packets cannot be used to terminate a session, they're used exclusively for accounting.
Refer to your NAS's manual to see if it supports CoA (Change of Authorisation) or DM (Disconnect Message). If it doesn't your best bet is using SNMP via perl or a script called when the Accounting-Request is processed.
-Arran
On 17 Aug 2011, at 13:41, Christoph Thielecke wrote:
> Hello,
>
> I want to know how I can tell the nas to logout a user on Accounting packet.
>
> What i have to return at my module to let the nas disable the user?
>
> I have a request like this:
> Service-Type=Call-Check
> NAS-Identifier="rad100"
> NAS-Port=1
> NAS-Port-Id="Controlled"
> NAS-Port-Type=Wireless-802.11
> NAS-IP-Address=xx.xx.xx.xx
> User-Name="user1"
> Acct-Status-Type=Interim-Update
> Acct-Session-Id="1313155182"
> Acct-Session-Time=63
> Acct-Delay-Time=0
> Acct-Authentic=RADIUS
> Called-Station-Id="00-1F-D4-xx-xx-xx"
> Calling-Station-Id="00-1C-4A-xx-xx-xx"
> Framed-IP-Address=192.168.xx.xx
> Acct-Input-Packets=20
> Acct-Input-Octets=7004
> Acct-Output-Packets=24
> Acct-Output-Octets=4153
> Acct-Unique-Session-Id="16028485e4b3f41e"
>
>
> With best regards
>
> Christoph
> --
> Linux User Group Wernigerode
> http://www.lug-wr.de/
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Arran Cudbard-Bell
a.cudbardb at freeradius.org
RADIUS - Half the complexity of Diameter
More information about the Freeradius-Users
mailing list