FreeRadius LDAP Simultaneous-Use more than 1
preilly at eastpennsd.org
Fri Feb 20 19:01:05 CET 2015
I been debugging it and I think it has to do with my client.conf settings nastype set to other not cisco. When I set it to cisco I am getting snmp errors which makes be believe checkrad isnt working properly.
Received SNMP response with error code
error status: noSuchName
index 1 (OID: 220.127.116.11.18.104.22.168.22.214.171.124.13)
SNMPv1_Session (remote host: "172.23.160.4" [172.23.160.4].161)
request ID: -515873683
PDU bufsize: 8000 bytes
at /usr/sbin/checkrad line 227.
checkrad: No SNMP answer from cisco.
checkrad: not found!
No I am getting accounting information in /var/log/freeradius/radacct/..... but I guess that doesn’t mean checkrad is working properly.
East Penn School District
From: Freeradius-Users [mailto:freeradius-users-bounces+preilly=eastpennsd.org at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: Friday, February 20, 2015 12:55 PM
To: FreeRadius users mailing list
Subject: Re: FreeRadius LDAP Simultaneous-Use more than 1
On Feb 20, 2015, at 10:21 AM, Reilly, Paul <preilly at eastpennsd.org> wrote:
> So after some configuration I was to make Freeradius work with MS AD using groups to modify vlan-id and everything seemed to be working great. I tested Simultaneous-Use with the following configuration and it was working but when I switch it to ":= 2" it fails to stop users after the second login.
It should work, unless….
> I can see the user logins using radwho but it only ever shows 1 login.
That explains why.
> Do I have to use Mysql to use Simultaneous-Use if the value is greater than 1?
It might help in this case, because the SQL schema is a bit more flexible than radutmp.
Ensure that the accounting packets have UNIQUE identifiers for each user.
And… run in debugging mode to see what’s going on. Really. I can’t recommend that enough.
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users