Freeradius push attribute to wireless connection
Hi,
I'm using Freeradius 2.0, I configurated it with an sql database and the
principal job of the radius server is to authorize and authenticate my
wireless user over my network. What I want to do is to give some
attribute to the user when is connected. Like Session-Timeout, bandwith
and some other stuff. Here some entry in my database
usergroup
1,guillaume,dynamic
2,jacques,dynamic
Radcheck
1,guillaume,Cleartext-Password,xx,:=
2,jacques,Cleartext-Password,x,:=
Radreply
3,guillaume,Session-Timeout,30,:=
It's an Mssql database
Here the debug info with radiusd -X
rlm_sql (sql): sql_set_user escaped user -- 'guillaume'
rlm_sql (sql): Reserving sql socket id: 2
expand: SELECT id,UserName,Attribute,Value,op FROM radcheck
WHERE Username = '%{SQL-User-Name}' ORDER BY id - SELECT
id,UserName,Attribute,Value,op FROM radcheck WHERE Username =
'guillaume' ORDER BY id
query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = 'guillaume' ORDER BY id
rlm_sql (sql): User found in radcheck table
expand: SELECT id,UserName,Attribute,Value,op FROM radreply
WHERE Username = '%{SQL-User-Name}' ORDER BY id - SELECT
id,UserName,Attribute,Value,op FROM radreply WHERE Username =
'guillaume' ORDER BY id
query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE
Username = 'guillaume' ORDER BY id
rlm_sql (sql): Released sql socket id: 2
++[sql] returns ok
I have access but my session didn't disconnect after 30 sec. So can I do
that with wireless configuration? My goal is to give some guest user
a limited time and an expiration date.
Thanks
Guillaume Chartrand
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius push attribute to wireless connection
What is in the Access-Accept packet?
Ivan Kalik
Kalik Informatika ISP
Dana 2/4/2008, Guillaume Chartrand
[EMAIL PROTECTED] piše:
Hi,
I'm using Freeradius 2.0, I configurated it with an sql database and the
principal job of the radius server is to authorize and authenticate my
wireless user over my network. What I want to do is to give some
attribute to the user when is connected. Like Session-Timeout, bandwith
and some other stuff. Here some entry in my database
usergroup
1,guillaume,dynamic
2,jacques,dynamic
Radcheck
1,guillaume,Cleartext-Password,xx,:=
2,jacques,Cleartext-Password,x,:=
Radreply
3,guillaume,Session-Timeout,30,:=
It's an Mssql database
Here the debug info with radiusd -X
rlm_sql (sql): sql_set_user escaped user -- 'guillaume'
rlm_sql (sql): Reserving sql socket id: 2
expand: SELECT id,UserName,Attribute,Value,op FROM radcheck
WHERE Username = '%{SQL-User-Name}' ORDER BY id - SELECT
id,UserName,Attribute,Value,op FROM radcheck WHERE Username =
'guillaume' ORDER BY id
query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = 'guillaume' ORDER BY id
rlm_sql (sql): User found in radcheck table
expand: SELECT id,UserName,Attribute,Value,op FROM radreply
WHERE Username = '%{SQL-User-Name}' ORDER BY id - SELECT
id,UserName,Attribute,Value,op FROM radreply WHERE Username =
'guillaume' ORDER BY id
query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE
Username = 'guillaume' ORDER BY id
rlm_sql (sql): Released sql socket id: 2
++[sql] returns ok
I have access but my session didn't disconnect after 30 sec. So can I do
that with wireless configuration? My goal is to give some guest user
a limited time and an expiration date.
Thanks
Guillaume Chartrand
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius push attribute to wireless connection
Guillaume Chartrand wrote: ... I have access but my session didn’t disconnect after 30 sec. So can I do that with wireless configuration? My goal is to give some « guest user » a limited time and an expiration date. Many systems won't support a Session-Timeout less than 10 minutes. Some NAS equipment doesn't even support Session-Timeout at all. If the NAS doesn't do what the RADIUS server says, then fix the NAS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Freeradius push attribute to wireless connection
What is in the Access-Accept packet?
Ivan Kalik
Kalik Informatika ISP
Sending Access-Accept of id 98 to 172.20.50.202 port 1037
Session-Timeout := 30
MS-MPPE-Recv-Key =
0x7a1997f1239667f0efeb3c4461711ac3467845bad3fc11db5ceaaae6b4161ec7
MS-MPPE-Send-Key =
0x23e0e4835b830081fe1b624d8f10fc7afa1459a87b814479a83f5fbcbab949ef
EAP-Message = 0x03620004
Message-Authenticator = 0x
User-Name = guillaume
Finished request 9.
Here the access-accept, the ip address shown below is the Access Point IP, is
it possible that the AP cannot send this kind of attribute?
Dana 2/4/2008, Guillaume Chartrand
[EMAIL PROTECTED] piše:
Hi,
I'm using Freeradius 2.0, I configurated it with an sql database and the
principal job of the radius server is to authorize and authenticate my
wireless user over my network. What I want to do is to give some
attribute to the user when is connected. Like Session-Timeout, bandwith
and some other stuff. Here some entry in my database
usergroup
1,guillaume,dynamic
2,jacques,dynamic
Radcheck
1,guillaume,Cleartext-Password,xx,:=
2,jacques,Cleartext-Password,x,:=
Radreply
3,guillaume,Session-Timeout,30,:=
It's an Mssql database
Here the debug info with radiusd -X
rlm_sql (sql): sql_set_user escaped user -- 'guillaume'
rlm_sql (sql): Reserving sql socket id: 2
expand: SELECT id,UserName,Attribute,Value,op FROM radcheck
WHERE Username = '%{SQL-User-Name}' ORDER BY id - SELECT
id,UserName,Attribute,Value,op FROM radcheck WHERE Username =
'guillaume' ORDER BY id
query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = 'guillaume' ORDER BY id
rlm_sql (sql): User found in radcheck table
expand: SELECT id,UserName,Attribute,Value,op FROM radreply
WHERE Username = '%{SQL-User-Name}' ORDER BY id - SELECT
id,UserName,Attribute,Value,op FROM radreply WHERE Username =
'guillaume' ORDER BY id
query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE
Username = 'guillaume' ORDER BY id
rlm_sql (sql): Released sql socket id: 2
++[sql] returns ok
I have access but my session didn't disconnect after 30 sec. So can I do
that with wireless configuration? My goal is to give some guest user
a limited time and an expiration date.
Thanks
Guillaume Chartrand
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
