Freeradius push attribute to wireless connection
Hi, I'm using Freeradius 2.0, I configurated it with an sql database and the principal job of the radius server is to authorize and authenticate my wireless user over my network. What I want to do is to give some attribute to the user when is connected. Like Session-Timeout, bandwith and some other stuff. Here some entry in my database usergroup 1,guillaume,dynamic 2,jacques,dynamic Radcheck 1,guillaume,Cleartext-Password,xx,:= 2,jacques,Cleartext-Password,x,:= Radreply 3,guillaume,Session-Timeout,30,:= It's an Mssql database Here the debug info with radiusd -X rlm_sql (sql): sql_set_user escaped user -- 'guillaume' rlm_sql (sql): Reserving sql socket id: 2 expand: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id - SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'guillaume' ORDER BY id query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'guillaume' ORDER BY id rlm_sql (sql): User found in radcheck table expand: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id - SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'guillaume' ORDER BY id query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'guillaume' ORDER BY id rlm_sql (sql): Released sql socket id: 2 ++[sql] returns ok I have access but my session didn't disconnect after 30 sec. So can I do that with wireless configuration? My goal is to give some guest user a limited time and an expiration date. Thanks Guillaume Chartrand - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius push attribute to wireless connection
What is in the Access-Accept packet? Ivan Kalik Kalik Informatika ISP Dana 2/4/2008, Guillaume Chartrand [EMAIL PROTECTED] piše: Hi, I'm using Freeradius 2.0, I configurated it with an sql database and the principal job of the radius server is to authorize and authenticate my wireless user over my network. What I want to do is to give some attribute to the user when is connected. Like Session-Timeout, bandwith and some other stuff. Here some entry in my database usergroup 1,guillaume,dynamic 2,jacques,dynamic Radcheck 1,guillaume,Cleartext-Password,xx,:= 2,jacques,Cleartext-Password,x,:= Radreply 3,guillaume,Session-Timeout,30,:= It's an Mssql database Here the debug info with radiusd -X rlm_sql (sql): sql_set_user escaped user -- 'guillaume' rlm_sql (sql): Reserving sql socket id: 2 expand: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id - SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'guillaume' ORDER BY id query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'guillaume' ORDER BY id rlm_sql (sql): User found in radcheck table expand: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id - SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'guillaume' ORDER BY id query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'guillaume' ORDER BY id rlm_sql (sql): Released sql socket id: 2 ++[sql] returns ok I have access but my session didn't disconnect after 30 sec. So can I do that with wireless configuration? My goal is to give some guest user a limited time and an expiration date. Thanks Guillaume Chartrand - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius push attribute to wireless connection
Guillaume Chartrand wrote: ... I have access but my session didn’t disconnect after 30 sec. So can I do that with wireless configuration? My goal is to give some « guest user » a limited time and an expiration date. Many systems won't support a Session-Timeout less than 10 minutes. Some NAS equipment doesn't even support Session-Timeout at all. If the NAS doesn't do what the RADIUS server says, then fix the NAS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Freeradius push attribute to wireless connection
What is in the Access-Accept packet? Ivan Kalik Kalik Informatika ISP Sending Access-Accept of id 98 to 172.20.50.202 port 1037 Session-Timeout := 30 MS-MPPE-Recv-Key = 0x7a1997f1239667f0efeb3c4461711ac3467845bad3fc11db5ceaaae6b4161ec7 MS-MPPE-Send-Key = 0x23e0e4835b830081fe1b624d8f10fc7afa1459a87b814479a83f5fbcbab949ef EAP-Message = 0x03620004 Message-Authenticator = 0x User-Name = guillaume Finished request 9. Here the access-accept, the ip address shown below is the Access Point IP, is it possible that the AP cannot send this kind of attribute? Dana 2/4/2008, Guillaume Chartrand [EMAIL PROTECTED] piše: Hi, I'm using Freeradius 2.0, I configurated it with an sql database and the principal job of the radius server is to authorize and authenticate my wireless user over my network. What I want to do is to give some attribute to the user when is connected. Like Session-Timeout, bandwith and some other stuff. Here some entry in my database usergroup 1,guillaume,dynamic 2,jacques,dynamic Radcheck 1,guillaume,Cleartext-Password,xx,:= 2,jacques,Cleartext-Password,x,:= Radreply 3,guillaume,Session-Timeout,30,:= It's an Mssql database Here the debug info with radiusd -X rlm_sql (sql): sql_set_user escaped user -- 'guillaume' rlm_sql (sql): Reserving sql socket id: 2 expand: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id - SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'guillaume' ORDER BY id query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'guillaume' ORDER BY id rlm_sql (sql): User found in radcheck table expand: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id - SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'guillaume' ORDER BY id query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'guillaume' ORDER BY id rlm_sql (sql): Released sql socket id: 2 ++[sql] returns ok I have access but my session didn't disconnect after 30 sec. So can I do that with wireless configuration? My goal is to give some guest user a limited time and an expiration date. Thanks Guillaume Chartrand - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html