Alex French wrote: > On 19/08/07, Arran Cudbard-Bell <[EMAIL PROTECTED]> wrote: > >> Alex French wrote: >> >>> This has nothing to do the the radius server. The AP logs out the >>> user, not the radius server. >>> >>> > > >> Not entirely true. >> > > Yes it is. > No it's not.
In terms of the RFCs the RADIUS server can have a lot to do with disassociating someone from an access point. To quote the introductory paragraph of RFC 3576 "The RADIUS protocol, defined in [RFC2865], does not support unsolicited messages sent from the RADIUS server to the Network Access Server (NAS). However, there are many instances in which it is desirable for changes to be made to session characteristics... ... several vendors have implemented additional RADIUS commands in order to be able to support unsolicited messages sent from the RADIUS server to the NAS. These extended commands provide support for Disconnect and Change-of-Authorization (CoA) messages." > >> See http://wiki.freeradius.org/Disconnect_Messages. >> > > Which says "FreeRADIUS server (radiusd) does not currently have > internal Disconnect-Request support." > Correct the FreeRADIUS server does not support this internally. However radclient, which ships with the FreeRADIUS source, does support sending POD and CoA packets. It is also possible for FreeRADIUS to execute radclient arbitrarily , using it to send a POD to a target NAS. > Thanks, > > Alex > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > --- Arran - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
