How to get current datetime in freeradius?
Alan DeKok
aland at deployingradius.com
Tue Oct 15 16:32:57 CEST 2019
On Oct 15, 2019, at 10:08 AM, Houman <houmie at gmail.com> wrote:
> Thank you very much for all your help on this. I got in touch with the NAS
> makers (StrongSwan) and did some analysis together. Essentially the NAS
> only needs the User-Name for the disconnect request, which I'm already
> providing. The reason why it sends a NAK is that no IKE_SA was found with a
> matching remote identity. This is what happens on the NAS side in the log
> file:
Ok.
> It's a bit of a dilemma. I have a reason to disconnect the user based on a
> condition. But the user can still reconnect and I won't be able to
> disconnect him straight away.
You should be able to save the condition in a DB, and then *reject* the next connection attempt by the user.
> I have to wait until the next
> Acct-Interim-Interval kicks in before I can actually disconnect him again.
> Since the authentication happens through Freeradius, is there a way to
> reject the user immediately during authentication other than sending
> disconnect requests?
Return Access-Reject.
Alan DeKok.
More information about the Freeradius-Users
mailing list