Hello David -

On Sat, 14 Aug 1999, David Booth wrote:
> Everything is working. But,
> 
> I want to enforce MaxSessions 1 for all users
> 
> Can someone run a critical eye over it?
> 
> Where does MaxSessions 1 go?
> 
> I have two NAS - Ascend and Bay4000. How do I get them both checked - with
> NasType?
> 
> Is DupInterval 0 for Client DEFAULT right?
> 
> David Booth
> Goulburn Internet
> 
> Here is my radius.cfg:
> 
> Foreground
> LogStdout
> LogDir          /var/log/radius
> DbDir           .
> Trace   4
> 
> <Client DEFAULT>
>         Secret  XXXXX
>         DupInterval 0
> </Client>
> 
> <Realm DEFAULT>
>         AcctLogFileName /var/log/radius/detail
>         PasswordLogFileName /var/log/radius/passwords
>         AuthByPolicy    ContinueWhileAccept
>         <AuthBy FILE>
>                 Filename /var/log/radius/users
>         </AuthBy>
>         <AuthBy SQL>
>                 DBSource dbi:mysql:host=XXXXX;database=XXXXX
>                 DBUsername XXXXX
>                 DBAuth XXXXX
>                 AuthSelect SELECT password FROM RealNames WHERE username =
> '%n'
>                 EncryptedPassword
> 
>                 AccountingTable logdata
>                 AccountingStopsOnly
> 
>                 AcctColumnDef status,Acct-Status-Type
>                 AcctColumnDef nas_ip,NAS-IP-Address
>                 AcctColumnDef username,User-Name
>                 AcctColumnDef tstamp,Timestamp,formatted-date,'%Y-%m-%e
> %H:%M:%S'
>                 AcctColumnDef bytes_in,Acct-Input-Octets,integer
>                 AcctColumnDef bytes_out,Acct-Output-Octets,integer
>                 AcctColumnDef sessionlength,Acct-Session-Time,integer
>                 AcctColumnDef ipaddr,Framed-IP-Address
> 
>         </AuthBy>
> </Realm>

You will want to add a "MaxSession 1" to your <Realm DEFAULT> and also
configure a <SessionDatabase SQL> to go with it. And to enable strict checking
you should probably define each Client seperately and set the NasType
accordingly. 

The default for DupInterval is 2 seconds - 0 seconds is usually
only used for testing. See Section 6.4.4 in the reference manual.

hth

Hugh

--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to