Re: freeradius simultenoues-use error

[satish patel]

Thnaks for suggestion 

 i have create one script with is login in to cisco router through telnet and 
run desired command not i am getting your point u told me i kick off user from 
cisco nas thruogh the script but okie i will create it but i dont know 
wheather i put this script so that this script check login user info and i 
think this script repace checkrad right ???  plz u give me your suggestion 
wheather i put this script to check login user on NAS 



Dennis Skinner [EMAIL PROTECTED] wrote: satish patel wrote:
 I am not getting u how do i query from shell script to NAS ??

See your NAS docs.  SNMP may be an option if the NAS supports it (and FR
may be able to handle the query itself as another poster suggested), but
there may be other ways

For instance, we have a couple scripts we use when we want to boot a
particular user.  They are simple bash scripts that use expect to
handle logging into our cisco modems and look for the tty that the user
is on and then clear that tty.  It has limitations as the cisco show
users command only shows so many characters of the username, but it is
used rarely and only by me.  This option may work for you depending on
your situation.

  and what
 is FR packet??

I said that FR (FreeRADIUS) may not hear the stop packet (the stop
accounting record) from the NAS.

 if u have any script example script can u send me i
 am in problem :(

Have a look at bash scripting and expect.  It is fairly simple and you
may be able to get away with it.

-- 
Dennis Skinner
Systems Administrator
BlueFrog Internet
http://www.bluefrog.com
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



$ cat ~/satish/url.txt

System administrator ( Data Center )

please visit this site

http://linux.tulipit.com   

-
 Here’s a new way to find what you're looking for - Yahoo! Answers - 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: freeradius simultenoues-use error

[satish patel]

I am not getting u how do i query from shell script to NAS ?? and what is FR 
packet?? if u have any script example script can u send me i am in problem 
:(



Dennis Skinner [EMAIL PROTECTED] wrote: satish patel wrote:

 User  AcctStartTimeAcctStopTime
 abc   08/03/2007:01:30  1/1/1900
 
 
 Now user can access internet and anything everything going fine but
 after when i stop radiusd proccess  and start it my user disconnected
 and he/she try for login in to cisco VPDN he/she got error access deny
 and i got some log  multiple user login
 
 
 Thu Mar  8 20:12:05 2007 : Auth: Multiple logins (max 1) :

Looks like the problem isn't FreeRADIUS.  The problem is that your NAS
is not sending (or FR is not hearing) the stop packets for various reasons.

You may need to write a cronjob that runs every minute that looks at
your DB to find open connections and then polls your NAS to verify
that info and update the DB with stop times if the session is gone.

FreeRADIUS is doing exactly what you told it to do.  Now go make the
rest of your system behave or fudge it as I have described.

-- 
Dennis Skinner
Systems Administrator
BlueFrog Internet
http://www.bluefrog.com
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



$ cat ~/satish/url.txt

System administrator ( Data Center )

please visit this site

http://linux.tulipit.com   

-
 Here’s a new way to find what you're looking for - Yahoo! Answers - 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: freeradius simultenoues-use error

[tnt]

You already have a pearl script that does such ckecking. It's called
checkrad.pl and it comes with freeradius.

Ivan Kalik
Kalik Informatika ISP


Dana 9/3/2007, satish patel [EMAIL PROTECTED] piše:

I am not getting u how do i query from shell script to NAS ?? and what is FR 
packet?? if u have any script example script can u send me i am in problem 
:(



Dennis Skinner [EMAIL PROTECTED] wrote: satish patel wrote:

 User  AcctStartTimeAcctStopTime
 abc   08/03/2007:01:30  1/1/1900


 Now user can access internet and anything everything going fine but
 after when i stop radiusd proccess  and start it my user disconnected
 and he/she try for login in to cisco VPDN he/she got error access deny
 and i got some log  multiple user login


 Thu Mar  8 20:12:05 2007 : Auth: Multiple logins (max 1) :

Looks like the problem isn't FreeRADIUS.  The problem is that your NAS
is not sending (or FR is not hearing) the stop packets for various reasons.

You may need to write a cronjob that runs every minute that looks at
your DB to find open connections and then polls your NAS to verify
that info and update the DB with stop times if the session is gone.

FreeRADIUS is doing exactly what you told it to do.  Now go make the
rest of your system behave or fudge it as I have described.

--
Dennis Skinner
Systems Administrator
BlueFrog Internet
http://www.bluefrog.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



$ cat ~/satish/url.txt

System administrator ( Data Center )

please visit this site

http://linux.tulipit.com

-
 Here’s a new way to find what you're looking for - Yahoo! Answers


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: freeradius simultenoues-use error

[satish patel]

i have checkrad.pl but this is not working my setup is 

freeradius-1.1.4 with MSSQL ( windows 2000 SQL )  and i have useing 
simulteneous-use with /etc/raddb/mssql.conf  file and in raddb/radiusd.conf i 
have enable 

{
session
sql
}

when i run radwho i didnt get any online users how can i check checkrad perl 
script is there any option i have set NAS type other  when i set it cisco my 
simuletenouse not working  

and this day my radiusd server automaticaly die i dont know why i am useing 
radwatch but it is still die and die 

which radius version is best for RHEL 4.0 redhat linux


[EMAIL PROTECTED] wrote: You already have a pearl script that does such 
ckecking. It's called
checkrad.pl and it comes with freeradius.

Ivan Kalik
Kalik Informatika ISP


Dana 9/3/2007, satish patel 
 pi¹e:

I am not getting u how do i query from shell script to NAS ?? and what is FR 
packet?? if u have any script example script can u send me i am in problem 
:(



Dennis Skinner  wrote: satish patel wrote:

 User  AcctStartTimeAcctStopTime
 abc   08/03/2007:01:30  1/1/1900


 Now user can access internet and anything everything going fine but
 after when i stop radiusd proccess  and start it my user disconnected
 and he/she try for login in to cisco VPDN he/she got error access deny
 and i got some log  multiple user login


 Thu Mar  8 20:12:05 2007 : Auth: Multiple logins (max 1) :

Looks like the problem isn't FreeRADIUS.  The problem is that your NAS
is not sending (or FR is not hearing) the stop packets for various reasons.

You may need to write a cronjob that runs every minute that looks at
your DB to find open connections and then polls your NAS to verify
that info and update the DB with stop times if the session is gone.

FreeRADIUS is doing exactly what you told it to do.  Now go make the
rest of your system behave or fudge it as I have described.

--
Dennis Skinner
Systems Administrator
BlueFrog Internet
http://www.bluefrog.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



$ cat ~/satish/url.txt

System administrator ( Data Center )

please visit this site

http://linux.tulipit.com

-
 Here’s a new way to find what you're looking for - Yahoo! Answers


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



$ cat ~/satish/url.txt

System administrator ( Data Center )

please visit this site

http://linux.tulipit.com   

-
 Here’s a new way to find what you're looking for - Yahoo! Answers - 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: freeradius simultenoues-use error

[satish patel]

Thank dear 

 tell me one thing 
1) in freeradius two type of method to check simultenous login checking one is 
sql base query and second is checkrad perl script now i am useing 
simultenous-use attributes through SQL i have done some change in 
raddb/mssql.conf file simu_count and simu_very users this is working fine but 
know i want to check this thing not from sql i want to use checkrad perl script 
so what is the configuration for this 

  I have read document on net but it is bit confusing me some author 
told put entry in naslist naspasswd and client.conf  so i dont know where i put 
right entry ro start this thing and i have read one more thing checkrad script 
support cisco NAS and i have cisco router also i have enable snmp but i dont 
know how to check this checkrad script is it working or not can u explain me 
this thing caz i m suffer this thing. 

One more problem my radiusd server die again and again and i got this erro

1 *** glibc detected *** malloc()

what is thus how can i resolve this one 



[EMAIL PROTECTED] wrote: # SNMP CONFIGURATION
#
#  Snmp configuration is only valid if SNMP support was enabled
#  at compile time.
#
#  To enable SNMP querying of the server, set the value of the
#  'snmp' attribute to 'yes'
#
snmp= no
$INCLUDE  ${confdir}/snmp.conf

This is in radius.conf. Change snmp = yes and checkrad should work with
nastype set to cisco.

If you want to get rid of all stale sessions delete them with SQL
oneliner like:

delete from radacct where AcctStopTime=0  AcctStartTime  '2007-3-8'

(this is MySQL - MSSQL syntax might be slightly different)

This will delete all open sessions up to today.

Ivan Kalik
Kalik Informatika ISP


Dana 8/3/2007, satish patel 
 pi¹e:

Dear all

i fedup from this problem i dont know how to resolve it no one 
 help me out from this problem i have freradius-1.1.4 + MSSQL setup user 
 databases and accouting done by mssql and my NAS is cisco router with VPDN 
 configuration but i have faceing some problem since last week suposse one 
 user login in to cisco router and he/she accouting start on MSSQL server
i am useting simultenouse-use feature in SQL

example
radacct tables

User  AcctStartTimeAcctStopTime
abc   08/03/2007:01:30  1/1/1900


Now user can access internet and anything everything going fine but after when 
i stop radiusd proccess  and start it my user disconnected and he/she try for 
login in to cisco VPDN he/she got error access deny and i got some log  
multiple user login


Thu Mar  8 20:12:05 2007 : Auth: Multiple logins (max 1) : [mlpm484/] (from 
client cisco port 974)
Thu Mar  8 20:12:08 2007 : Auth: Multiple logins (max 1) : [mlpm629/] (from 
client cisco port )
Thu Mar  8 20:12:10 2007 : Auth: Multiple logins (max 1) : [mlpm484/] (from 
client cisco port 460)
Thu Mar  8 20:12:14 2007 : Auth: Multiple logins (max 1) :

SomeThing like this it means in MSSQL AcctStopTime there is i still user login 
means that entry is not still clear thats why i got error 'Multiple logins 
(max 1)'
in my client.conf file NAStype is other caz  when i  user cisco nastype my 
Simulteneous-use not working ?? so i thing this detail enough for help plz 
tell me right suggesstion if i am wrong 


$ cat ~/satish/url.txt

System administrator ( Data Center )

please visit this site

http://linux.tulipit.com

-
 Here#65533;s a new way to find what you're looking for - Yahoo! Answers


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



$ cat ~/satish/url.txt

System administrator ( Data Center )

please visit this site

http://linux.tulipit.com   

-
 Here’s a new way to find what you're looking for - Yahoo! Answers - 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: freeradius simultenoues-use error

[Dennis Skinner]

satish patel wrote:
 I am not getting u how do i query from shell script to NAS ??

See your NAS docs.  SNMP may be an option if the NAS supports it (and FR
may be able to handle the query itself as another poster suggested), but
there may be other ways

For instance, we have a couple scripts we use when we want to boot a
particular user.  They are simple bash scripts that use expect to
handle logging into our cisco modems and look for the tty that the user
is on and then clear that tty.  It has limitations as the cisco show
users command only shows so many characters of the username, but it is
used rarely and only by me.  This option may work for you depending on
your situation.

  and what
 is FR packet??

I said that FR (FreeRADIUS) may not hear the stop packet (the stop
accounting record) from the NAS.

 if u have any script example script can u send me i
 am in problem :(

Have a look at bash scripting and expect.  It is fairly simple and you
may be able to get away with it.

-- 
Dennis Skinner
Systems Administrator
BlueFrog Internet
http://www.bluefrog.com
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: freeradius simultenoues-use error

[Ivan Kalik]

You have a document Simultaneous-Use in 
/usr/local/share/doc/freeradius-version. See if that is helpful. Best thing to 
do is to have a look at the script and see if you can switch on logging or 
debugging somewhere. Then try running it manually and see what happens. It 
might not be pulling NAS information properly.
 
No radwho output? How about radlast - does it have recent entries or from some 
days ago (or none at all)?
 
Can you paste the part od radiusd -X output when that error occurs?
 
Ivan Kalik
Kalik Informatika ISP
 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of satish patel
Sent: 09 March 2007 14:06
To: FreeRadius users mailing list
Subject: Re: freeradius simultenoues-use error


Thank dear 

 tell me one thing 
1) in freeradius two type of method to check simultenous login checking one is 
sql base query and second is checkrad perl script now i am useing 
simultenous-use attributes through SQL i have done some change in 
raddb/mssql.conf file simu_count and simu_very users this is working fine but 
know i want to check this thing not from sql i want to use checkrad perl script 
so what is the configuration for this 

  I have read document on net but it is bit confusing me some author 
told put entry in naslist naspasswd and client.conf  so i dont know where i put 
right entry ro start this thing and i have read one more thing checkrad script 
support cisco NAS and i have cisco router also i have enable snmp but i dont 
know how to check this checkrad script is it working or not can u explain me 
this thing caz i m suffer this thing. 

One more problem my radiusd server die again and again and i got this erro

1 *** glibc detected *** malloc()

what is thus how can i resolve this one 



[EMAIL PROTECTED] wrote: 

# SNMP CONFIGURATION
#
# Snmp configuration is only valid if SNMP support was enabled
# at compile time.
#
# To enable SNMP querying of the server, set the value of the
# 'snmp' attribute to 'yes'
#
snmp = no
$INCLUDE ${confdir}/snmp.conf

This is in radius.conf. Change snmp = yes and checkrad should work with
nastype set to cisco.

If you want to get rid of all stale sessions delete them with SQL
oneliner like:

delete from radacct where AcctStopTime=0  AcctStartTime  '2007-3-8'

(this is MySQL - MSSQL syntax might be slightly different)

This will delete all open sessions up to today.

Ivan Kalik
Kalik Informatika ISP


Dana 8/3/2007, satish patel pi¹e:

Dear all

 i fedup from this problem i dont know how to resolve it no one help me out 
 from this problem i have freradius-1.1.4 + MSSQL setup user databases and 
 accouting done by mssql and my NAS is cisco router with VPDN configuration 
 but i have faceing some problem since last week suposse one user login in to 
 cisco router and he/she accouting start on MSSQL server
i am useting simultenouse-use feature in SQL

example
radacct tables

User AcctStartTime AcctStopTime
abc 08/03/2007:01:30 1/1/1900


Now user can access internet and anything everything going fine but after when 
i stop radiusd proccess and start it my user disconnected and he/she try for 
login in to cisco VPDN he/she got error access deny and i got some log 
multiple user login


Thu Mar 8 20:12:05 2007 : Auth: Multiple logins (max 1) : [mlpm484/] (from 
client cisco port 974)
Thu Mar 8 20:12:08 2007 : Auth: Multiple logins (max 1) : [mlpm629/] (from 
client cisco port )
Thu Mar 8 20:12:10 2007 : Auth: Multiple logins (max 1) : [mlpm484/] (from 
client cisco port 460)
Thu Mar 8 20:12:14 2007 : Auth: Multiple logins (max 1) :

SomeThing like this it means in MSSQL AcctStopTime there is i still user login 
means that entry is not still clear thats why i got error 'Multiple logins 
(max 1)'
in my client.conf file NAStype is other caz when i user cisco nastype my 
Simulteneous-use not working ?? so i thing this detail enough for help plz 
tell me right suggesstion if i am wrong 


$ cat ~/satish/url.txt

System administrator ( Data Center )

please visit this site

http://linux.tulipit.com

-
 Here�s a new way to find what you're looking for - Yahoo! Answers


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





$ cat ~/satish/url.txt

System administrator ( Data Center )

please visit this site

http://linux.tulipit.com



  _  

Here’s a new way to find what you're looking for - Yahoo!  
http://us.rd.yahoo.com/mail/in/yanswers/*http://in.answers.yahoo.com/ Answers 

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

freeradius simultenoues-use error

[satish patel]

Dear all

i fedup from this problem i dont know how to resolve it no one help 
me out from this problem i have freradius-1.1.4 + MSSQL setup user databases 
and accouting done by mssql and my NAS is cisco router with VPDN configuration 
but i have faceing some problem since last week suposse one user login in to 
cisco router and he/she accouting start on MSSQL server 
i am useting simultenouse-use feature in SQL

example 
radacct tables 

User  AcctStartTimeAcctStopTime
abc   08/03/2007:01:30  1/1/1900


Now user can access internet and anything everything going fine but after when 
i stop radiusd proccess  and start it my user disconnected and he/she try for 
login in to cisco VPDN he/she got error access deny and i got some log  
multiple user login 


Thu Mar  8 20:12:05 2007 : Auth: Multiple logins (max 1) : 
[mlpm484/CHAP-Password] (from client cisco port 974)
Thu Mar  8 20:12:08 2007 : Auth: Multiple logins (max 1) : 
[mlpm629/CHAP-Password] (from client cisco port )
Thu Mar  8 20:12:10 2007 : Auth: Multiple logins (max 1) : 
[mlpm484/CHAP-Password] (from client cisco port 460)
Thu Mar  8 20:12:14 2007 : Auth: Multiple logins (max 1) : 

SomeThing like this it means in MSSQL AcctStopTime there is i still user login 
means that entry is not still clear thats why i got error 'Multiple logins (max 
1)' 
in my client.conf file NAStype is other caz  when i  user cisco nastype my 
Simulteneous-use not working ?? so i thing this detail enough for help plz tell 
me right suggesstion if i am wrong 
 

$ cat ~/satish/url.txt

System administrator ( Data Center )

please visit this site

http://linux.tulipit.com   

-
 Here’s a new way to find what you're looking for - Yahoo! Answers - 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: freeradius simultenoues-use error

[tnt]

# SNMP CONFIGURATION
#
#  Snmp configuration is only valid if SNMP support was enabled
#  at compile time.
#
#  To enable SNMP querying of the server, set the value of the
#  'snmp' attribute to 'yes'
#
snmp= no
$INCLUDE  ${confdir}/snmp.conf

This is in radius.conf. Change snmp = yes and checkrad should work with
nastype set to cisco.

If you want to get rid of all stale sessions delete them with SQL
oneliner like:

delete from radacct where AcctStopTime=0  AcctStartTime  '2007-3-8'

(this is MySQL - MSSQL syntax might be slightly different)

This will delete all open sessions up to today.

Ivan Kalik
Kalik Informatika ISP


Dana 8/3/2007, satish patel [EMAIL PROTECTED] piše:

Dear all

i fedup from this problem i dont know how to resolve it no one 
 help me out from this problem i have freradius-1.1.4 + MSSQL setup user 
 databases and accouting done by mssql and my NAS is cisco router with VPDN 
 configuration but i have faceing some problem since last week suposse one 
 user login in to cisco router and he/she accouting start on MSSQL server
i am useting simultenouse-use feature in SQL

example
radacct tables

User  AcctStartTimeAcctStopTime
abc   08/03/2007:01:30  1/1/1900


Now user can access internet and anything everything going fine but after when 
i stop radiusd proccess  and start it my user disconnected and he/she try for 
login in to cisco VPDN he/she got error access deny and i got some log  
multiple user login


Thu Mar  8 20:12:05 2007 : Auth: Multiple logins (max 1) : 
[mlpm484/CHAP-Password] (from client cisco port 974)
Thu Mar  8 20:12:08 2007 : Auth: Multiple logins (max 1) : 
[mlpm629/CHAP-Password] (from client cisco port )
Thu Mar  8 20:12:10 2007 : Auth: Multiple logins (max 1) : 
[mlpm484/CHAP-Password] (from client cisco port 460)
Thu Mar  8 20:12:14 2007 : Auth: Multiple logins (max 1) :

SomeThing like this it means in MSSQL AcctStopTime there is i still user login 
means that entry is not still clear thats why i got error 'Multiple logins 
(max 1)'
in my client.conf file NAStype is other caz  when i  user cisco nastype my 
Simulteneous-use not working ?? so i thing this detail enough for help plz 
tell me right suggesstion if i am wrong 


$ cat ~/satish/url.txt

System administrator ( Data Center )

please visit this site

http://linux.tulipit.com

-
 Here#65533;s a new way to find what you're looking for - Yahoo! Answers


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: freeradius simultenoues-use error

[Dennis Skinner]

satish patel wrote:

 User  AcctStartTimeAcctStopTime
 abc   08/03/2007:01:30  1/1/1900
 
 
 Now user can access internet and anything everything going fine but
 after when i stop radiusd proccess  and start it my user disconnected
 and he/she try for login in to cisco VPDN he/she got error access deny
 and i got some log  multiple user login
 
 
 Thu Mar  8 20:12:05 2007 : Auth: Multiple logins (max 1) :

Looks like the problem isn't FreeRADIUS.  The problem is that your NAS
is not sending (or FR is not hearing) the stop packets for various reasons.

You may need to write a cronjob that runs every minute that looks at
your DB to find open connections and then polls your NAS to verify
that info and update the DB with stop times if the session is gone.

FreeRADIUS is doing exactly what you told it to do.  Now go make the
rest of your system behave or fudge it as I have described.

-- 
Dennis Skinner
Systems Administrator
BlueFrog Internet
http://www.bluefrog.com
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html