Is it possible to change a session's or account's lifetime
Alan DeKok
aland at deployingradius.com
Mon Mar 26 13:34:37 CEST 2018
On Mar 26, 2018, at 2:16 AM, 张强 <zhangqiang at meizu.com> wrote:
> What I want to do is temporarily allowing a user's access for a short
> time, say 2 minutes, and if the user takes further authentication
> process, the user's access can be allowed without limit.
Most NASes will ignore session times smaller than 5-10 minutes.
> I tried to use the Expiration attribute in radcheck, set the value
> to be 2 minutes later in the beginning, and set it to be 1 day later
> after the required authentication process is completed. But it seems the
> NAS only reads the initial value. It expires the user in 2 minutes and
> never reads the new value.
i.e. it kicks the user off, and the user never re-tries authentication.
That isn't a problem you can solve on the RADIUS server. Only the user can re-start authentication.
So... what is the user doing for authentication?
> So the question is how to limit and change the lifetime of a session or
> of an account?
For Wifi, people use captive portals, which avoid this problem.
Alan DeKok.
More information about the Freeradius-Users
mailing list