I was able to test your suggestion, and ubiquiti does honor the session-timeout attribute.
However, the problem with this technique is that all CPEs will be kicked when the session timeout occurs; the reconnect time is anywhere from 5 to 10 seconds. Granted that outage window is very small, but I’ll have to find a better solution. I’m pretty sure UBNT doesn’t support SNMP write access in airOS v5.5.x I have not tested airOS v5.6 or newer. Does anyone know if newer firmware support SNMP write? I do have a solution that would involve scripting PHP and accessing via SSH. Thanks, Duane From: Scott Lambert [mailto:[email protected]] Sent: Thursday, February 02, 2017 4:45 PM To: Ubiquiti Users Group; Duane Cox; [email protected] Subject: Re: [Ubnt_users] auto disconnect Are you returning a session-timeout attribute from radius? That should tell the access server to check with RADIUS again after they have been connected that long. I am not sure that I am remembering the attribute name correctly. We set it up years ago. Disclaimer, I don't use radius for the radio link AAA. I just do it for PPPoE, DHCP, and hotspot. DHCP would never re-check AAA without a time limit. I don't know how Ubiquiti's implemention works. On February 2, 2017 2:30:52 PM CST, Duane Cox <[email protected]<mailto:[email protected]>> wrote: Hello. Is anyone running a script or batch process to auto disconnect your ubiquiti subscribers for non-pay? I assume another a better way to do this would be through a payment portal; we aren't setup for that yet. We authenticate the CPE via RADIUS at the AP, but if the user fails to pay, they will not fail the RADIUS authentication unless the CPE becomes dis-associated in some way. Is there an authentication refresh interval or encryption key expiration/renewal feature that would force a refresh of the RADIUS attributes and then kick the CPE for failure? Generally, I would use SNMP to write to the CPE to either reboot it or down an interface. My understanding is that UBNT doesn't support SNMP write, or am I incorrect? Thanks, Duane Cox Cox Wireless -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
_______________________________________________ Ubnt_users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/ubnt_users
