Re[3]: semulteneius-use with cisco nas
Толик Шавловский
tolik_shavlovsky at mail.ru
Mon Dec 12 10:31:03 CET 2011
Also, I can add that i checked with sniffter and didn't see that freeradius connects to NAS via snmp.
12 декабря 2011, 13:25 от Толик Шавловский<tolik_shavlovsky at mail.ru>:
> Hi,
>
> this is my radwho output for 1st user (last string for 12-12-2011):
> eradius
> freebsd# radwho
> Login Name What TTY When From Location
> user user shell >999 Thu 14:38 10.169.33.11
> user user shell >999 Thu 15:03 10.169.33.11
> user user shell >999 Thu 17:25 10.169.33.11
> user user shell >999 Thu 17:26 10.169.33.11
> user user shell >999 Mon 10:45 10.169.33.11
>
> this is seen from NAS, i cannot add file with prntscrs, but use session is active in NAS.
>
> then, i connect 2nd user via same NAS:
> freebsd# radwho
> Login Name What TTY When From Location
> user user shell >999 Thu 14:38 10.169.33.11
> user user shell >999 Thu 15:03 10.169.33.11
> user user shell >999 Thu 17:25 10.169.33.11
> user user shell >999 Thu 17:26 10.169.33.11
> user user shell >999 Mon 10:45 10.169.33.11
> user user shell >999 Mon 10:50 10.169.33.11
>
> this is seen from NAS, also.
> so, first user is recorded.
>
> I also wanted to add configuration files, but it is not allowed by maillist policy.
>
> part of clients.conf:
> freebsd# cat clients.conf
> client 10.169.33.11/24 {
> # require_message_authenticator = no
> secret = "12345"
> nastype = "cisco"
> login = snmp
> password = public
> }
>
> freeradius server connects via snmp to NAs, i checked with snmpget.
>
> so, what can be wrong in my configuration?
>
> BR,
> Anatolii
>
> 10 декабря 2011, 05:52 от Alan DeKok <aland at deployingradius.com>:
> > tolik_shavlovsky at mail.ru wrote:
> > > i am really not experienced with freeradius and mysql. I made everything
> > > with your website.
> > > I kindly ask you for help.
> > >
> > > i made test in the following manner:
> > > 1. connect 1st laptop via Ap (NAS) with user/user
> > > 2. connect second laptop
> > >
> > > simult-use feature should block second one, as i understood.
> >
> > IF CERTAIN CONDITIONS ARE MET.
> >
> > > from your previuos emailing i understood that acounting is send if we
> > > use database, so I configured authentication from mysql.
> > >
> > > in the debug i see Accounting-Request packet and Accounting-Response.
> > >
> > > can you describe what is not met??
> >
> > Read doc/Simultaneous-Use, Section 3. It documents what happens for
> > Simultaneous-Use to work.
> >
> > Go check it against the debug output. Run "radwho" after the first
> > login to see if FreeRADIUS has recorded that the user has logged in.
> >
> > If that information isn't recorded, Simultaneous-Use won't work.
> > Don't blame FreeRADIUS. Blame the NAS which is sending useless data.
> >
> > Alan DeKok.
> > -
> > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> >
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list