Dear guys
I have solve the problem of checkrad for simultenous login i have
face many problem first time but finaly i got solution and i have modifiy my
script for my nas
i have freeradius-1.1.0 with MSSQL2000 with cisco 3700 NAS
i want to share my solution with all freeradius guys those are faceing this
problem
I am useing checkrad with SNMP and i have change some thing in my script.
checkrad script take input from radius when user try for login like
suse:/ # checkrad
Usage: checkrad nas_type nas_ip nas_port login session_id
suse:/ #
checkrad get input nas_type from client.conf nas_type and nas_ip
then user name and port take from login time whn user try for login ...
but i dont user port and id_session caz my cisco nas MIB not support port and
session thats why i am useing only login name first check manualy through this
method
#checkrad -d cisco 71.5.250.199 43 satish 0004F09
return 0 ( Login OK )
this script just run snmpwalk command and fetch user all user name and gerp
specific name which is store in login name veriable in per script ( checkrad )
and compare against of snmpwalk out put if user match then give u error code 1
( dobule 1 Login ) this is the login of script
***** Just change in this line of perl script and test your login
Note :- i am useing cisco nas type so the perl excute cisco_snmp subrutine so
please find this code in cisco_snmp subrutine
this is testing perpose after testing replave $login = satish; with this line
my $login = $ARGV[3];
________________my change in checkrad.pl________________
$login = satish;
if($login eq $ARGV[3]) {
return 1;
}else{
$out=snmpwalk($ARGV[1],$pass,"1.3.6.1.4.1.9.10.24.1.3.2.1.2.3.45");
if($out=~/\"$ARGV[3]\"/){
return 1;
}else{
return 0;
you can see the login here $login store satish veriable then this script check
$ARGV[3] veriable this veriable we can get on login time whn will try to
satish login then snmpwalk run this command with MIB now point is you have
to find MIB for online users u can find mib through the software or something
else i have also find MIB and put it there with snmpwalk command then second
if($out=~/\"$ARGV[3]\"/){ this will check user if it get in snmpwalk out
put then u got doble login error if not match the u got single login means no
one login this time with user name satish ......
and put Simultenouse-use := 1 attributes in user file
my entry is
satish Auth-Type := Local, User-Password == "testing", Simultaneous-Use := 1
Service-Type = Framed-user,
Framed-Protocal = PPP,
Fall-Through = Yes
Contact : -
me if you have any problem regarding Simultenouse login problem
.
$ cat ~/satish/url.txt
System administrator ( Data Center )
please visit this site
http://linux.tulipit.com
---------------------------------
Heres a new way to find what you're looking for - Yahoo! Answers -
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
