Simultaneous-Use with EAP
Matthew
mdg583 at gmail.com
Wed Mar 18 09:51:57 UTC 2026
I'm very new to using FreeRadius and apologize I don't have a lot of
technical knowledge about it. I am setting up FreeRadius with a
WAP2-Enterprise wifi network, with the FreeRadius server configured from my
Ubiquiti access points.
I set up the sql module, and made sure "sql" was listed under the
"authorize" and "session" sections of by site's (default) configuration. I
also enabled accounting and everything seemed to be working. I added users
to the radcheck table with cleartext passwords. I added a Simultaneous-Use
line for my user, but it always seemed to be ignored.
After a lot of searching, I've discovered that my 'default' config was
being used for the 'outer' authentication (eap), and then the
"inner-tunnel" config was being used for actual authentication. This
already has the sql option under "authorize", but not in "session". Adding
"sql" to the "session" section of
/etc/freeradius/sites-enabled/inner-tunnel is what finally allowed
Simultaneous-Use checking.
I'm posting this because this didn't seem to be documented (here:
https://www.freeradius.org/documentation/freeradius-server/3.2.9/howto/simultaneous_use.html).
It would have been helpful to have a hint about the inner-tunnel
configuration when using eap authentication.
I'm not looking for more help at the moment, other than that I am wondering
if there is a way to constrain simultaneous connections for all users at
once. The Simultaneous-Use query doesn't look for a DEFAULT line in the
mysql database.
Matthew
More information about the Freeradius-Users
mailing list