FreeRadius LDAP Simultaneous-Use more than 1

Reilly, Paul preilly at eastpennsd.org
Fri Feb 20 20:16:19 CET 2015 

I been using debug and trying to thin it out using grep so I can only see the acct_unique and radutmp sections.  I logged into three devices and got the follow debug.  It appears they do have different acct-unique-session-IDS

root at radius:/etc/freeradius# freeradius -X |egrep "acct_unique|radutmp"
including configuration file /etc/freeradius/modules/acct_unique
including configuration file /etc/freeradius/modules/radutmp
including configuration file /etc/freeradius/modules/sradutmp
 Module: Linked to module rlm_acct_unique
 Module: Instantiating module "acct_unique" from file /etc/freeradius/modules/acct_unique
  acct_unique {
 Module: Linked to module rlm_radutmp
 Module: Instantiating module "radutmp" from file /etc/freeradius/modules/radutmp
  radutmp {
        filename = "/var/log/freeradius/radutmp"
[radutmp]       expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
[radutmp]       expand: %{User-Name} -> preilly
++[radutmp] returns ok
[acct_unique] Hashing 'NAS-Port = 13,Client-IP-Address = 172.23.160.4,NAS-IP-Address = 172.23.160.4,Acct-Session-Id = "54e785c9/58:b0:35:67:b6:ed/784384",User-Name = "preilly"'
[acct_unique] Acct-Unique-Session-ID = "093989dd19d7eb62".
++[acct_unique] returns ok
[radutmp]       expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
[radutmp]       expand: %{User-Name} -> preilly
++[radutmp] returns ok
[radutmp]       expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
[radutmp]       expand: %{User-Name} -> preilly
++[radutmp] returns ok
[acct_unique] Hashing 'NAS-Port = 13,Client-IP-Address = 172.23.160.4,NAS-IP-Address = 172.23.160.4,Acct-Session-Id = "54e7837a/60:33:4b:0a:35:7b/784066",User-Name = "preilly"'
[acct_unique] Acct-Unique-Session-ID = "058942f27f35207f".
++[acct_unique] returns ok
[radutmp]       expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
[radutmp]       expand: %{User-Name} -> preilly
++[radutmp] returns ok
[radutmp]       expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
[radutmp]       expand: %{User-Name} -> preilly
++[radutmp] returns ok
[acct_unique] Hashing 'NAS-Port = 13,Client-IP-Address = 172.23.160.4,NAS-IP-Address = 172.23.160.4,Acct-Session-Id = "54e783bd/24:a2:e1:d4:66:07/784107",User-Name = "preilly"'
[acct_unique] Acct-Unique-Session-ID = "5fef811d321af9b8".
++[acct_unique] returns ok
[radutmp]       expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
[radutmp]       expand: %{User-Name} -> preilly
++[radutmp] returns ok


Currently have it set to Simultaneous-Use := 2

From
Paul Reilly




-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+preilly=eastpennsd.org at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: Friday, February 20, 2015 1:16 PM
To: FreeRadius users mailing list
Subject: Re: FreeRadius LDAP Simultaneous-Use more than 1

On Feb 20, 2015, at 1:01 PM, Reilly, Paul <preilly at eastpennsd.org> wrote:
> I been debugging it and I think it has to do with my client.conf settings nastype set to other not cisco.

  No.  That doesn’t matter.

>  When I set it to cisco I am getting snmp errors which makes be believe checkrad isnt working properly. 

  That doesn’t matter.

  I *said* you should ensure that the accounting packets have UNIQUE identifiers for each user.  And run it in debugging mode.

  Do that.

> No I am getting accounting information in /var/log/freeradius/radacct/…..

 Which doesn’t matter.

> but I guess that doesn’t mean checkrad is working properly.

  It has nothing to do with checkrad.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list