FreeRadius LDAP Simultaneous-Use more than 1

Reilly, Paul preilly at eastpennsd.org
Fri Feb 20 19:01:05 CET 2015 

I been debugging it and I think it has to do with my client.conf settings nastype set to other not cisco.  When I set it to cisco I am getting snmp errors which makes be believe checkrad isnt working properly. 

SNMP Error:
Received SNMP response with error code
  error status: noSuchName
  index 1 (OID: 1.3.6.1.4.1.9.2.9.2.1.18.13)
SNMPv1_Session (remote host: "172.23.160.4" [172.23.160.4].161)
                  community: "radius_public"
                 request ID: -515873683
                PDU bufsize: 8000 bytes
                    timeout: 2s
                    retries: 5
                    backoff: 1)
 at /usr/sbin/checkrad line 227.
checkrad: No SNMP answer from cisco.
checkrad:  not found!

No I am getting accounting information in /var/log/freeradius/radacct/..... but I guess that doesn’t mean checkrad is working properly.


From

Paul Reilly
Network Manager
Technology Department
East Penn School District


-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+preilly=eastpennsd.org at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: Friday, February 20, 2015 12:55 PM
To: FreeRadius users mailing list
Subject: Re: FreeRadius LDAP Simultaneous-Use more than 1

On Feb 20, 2015, at 10:21 AM, Reilly, Paul <preilly at eastpennsd.org> wrote:
> So after some configuration I was to make Freeradius work with MS AD using groups to modify vlan-id and everything seemed to be working great.  I tested Simultaneous-Use with the following configuration and it was working but when I switch it to  ":= 2" it fails to stop users after the second login.

  It should work, unless….

> I can see the user logins using radwho but it only ever shows 1 login.

  That explains why.

>  Do I have to use Mysql to use Simultaneous-Use if the value is greater than 1?

  No.

  It might help in this case, because the SQL schema is a bit more flexible than radutmp.

  Ensure that the accounting packets have UNIQUE identifiers for each user.

  And… run in debugging mode to see what’s going on.  Really.  I can’t recommend that enough.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list