What are the consequences of a low Acct-Interim-Interval?
Houman
houmie at gmail.com
Wed Oct 16 22:54:24 CEST 2019
Hi Alan,
That's a fair point, but I don't think this works with my NAS. I have set
it to 10 seconds for testing purposes. I was expecting it to retry the auth
after the session runs out. But it remains entirely disconnected instead.
post-auth {
update reply {
Acct-Interim-Interval = 300
Session-Timeout = 10
}
}
Cheers,
Houman
On Wed, 16 Oct 2019 at 23:35, Alan DeKok <aland at deployingradius.com> wrote:
> On Oct 16, 2019, at 3:28 PM, Houman <houmie at gmail.com> wrote:
> >
> > The benefit for 15s would be to identify users that have overstayed their
> > welcome and kick them out sooner.
>
> That's what Session-Timeout is for. You can set a timeout to 3600s (or
> to anything else you want). You then know that people are allowed to be in
> for 3600s, and that they will be kicked off the network after that. They
> can then re-authenticate, at which time you can determine if they are
> allowed back on the network.
>
> Playing games with Acct-Interim-Interval is just a hack. Use the
> standard RADIUS solutions instead of fragile hacks.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list