[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: problem with NAS AND simultaneous restrictions
From: Tacio Santos <tacio_santos () yahoo ! de>
Date: 2004-07-30 13:55:44
Message-ID: 200407301555.45023.tacio_santos () yahoo ! de
[Download RAW message or body]
I don't know whether this would be the best practice. It solved my problem
though.
attr_rewrite addnasport{
attribute = NAS-Port
searchfor = ""
replacewith= 1
searchin = packet
new_attribute = yes
append = yes
}
preacct {
preprocess
addnasport
acct_unique
files
}
Tacio
On Friday 30 July 2004 09:51, Tacio Santos wrote:
> Hi,
> i was looking for a solution to my problem and found this thread. I have
> the same problem. In the access request my access point sends the NAS Port
> (it seems to be always 1), but in the accounting request it doesn't. Is
> there a way to tell freeradius to consider the NAS Port from this NAS to be
> always 1? Any help is appreciated.
> Thanks,
> Tacio
>
> Radius Protocol
> Code: Access Request (1)
> Packet identifier: 0x5 (5)
> Length: 211
> Authenticator: 0x1E6F1E6F1E6F1E6F1E6F1E6F1E6F1E6F
> Attribute value pairs
> t:NAS IP Address(4) l:6, Value:192.168.3.10
> t:NAS Port Type(61) l:6, Value:Wireless IEEE 802.11(19)
> t:NAS Port(5) l:6, Value:1
> t:Framed MTU(12) l:6, Value:1400
> t:User Name(1) l:11, Value:"anonymous"
> t:Calling Station Id(31) l:14, Value:"0004e2aa4ac4"
> t:Called Station Id(30) l:14, Value:"000a5e08cc43"
> t:NAS identifier(32) l:19, Value:"3Com Access Point"
> t:State(24) l:18, Value:1196993835395516E8DBE47E298F6806
> t:EAP Message(79) l:73
> t:Message Authenticator(80) l:18,
> Value:708DC656578C67A8781E1AD364816043
>
> Radius Protocol
> Code: Accounting Request (4)
> Packet identifier: 0x0 (0)
> Length: 175
> Authenticator: 0x4BFB47C7B80FEC3400B854077F2F12FA
> Attribute value pairs
> t:Acct Status Type(40) l:6, Value:Start(1)
> t:Acct Session Id(44) l:32, Value:"0004e2aa4ac4-000a5e08cc43-0397"
> t:NAS IP Address(4) l:6, Value:192.168.3.16
> t:Acct Input Octets(42) l:6, Value:1467
> t:Acct Output Octets(43) l:6, Value:7918
> t:Acct Input Packets(47) l:6, Value:8
> t:Acct Output Packets(48) l:6, Value:54
> t:Vendor Specific(26) l:28, Vendor:Undefined(1161908256)
> t:Unknown Type(85) l:115, Value:Unknown Value Type
> t:Vendor Specific(26) l:15, Vendor:Undefined(1447838030)
> t:Unknown Type(32) l:73, Value:Unknown Value Type
> t:Vendor Specific(26) l:15, Vendor:Undefined(1163088713)
> t:Unknown Type(68) l:32, Value:Unknown Value Type
> t:Vendor Specific(26) l:23, Vendor:Undefined(1161908256)
> t:Unknown Type(84) l:121, Value:Unknown Value Type
> t:Acct Session Time(46) l:6, Value:32
>
> On Thursday 29 July 2004 16:21, Alan DeKok wrote:
> > Karina <kgs@acabtu.com.mx> wrote:
> > > Hi, i want to restrict users to just one session, but i have this
> > > problem..
> > >
> > > When i debug the requests of the NAS to the radius server i find this:
> > >
> > > rlm_radutmp: No NAS-Port seen. Cannot do anything.
> > > rlm_radutmp: WARNING: checkrad will probably not work!
> >
> > Your NAS has to send that port information. If it doesn't, the
> > server has no way of enforcing simultaneous use.
> >
> > I would suggest posting the Access-Request packets here. They may
> > contain information which would explain *why* there's no port.
> >
> > Alan DeKok.
> >
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic