Differences

This shows you the differences between two versions of the page.

--- user_guide:simultaneous_limit [2021/10/06 20:27] – [Why implement it] admin
+++ user_guide:simultaneous_limit [2021/10/06 20:51] (current) – [Check if enabled] admin
@@ Line 10: / Line 10: @@
   * The back-end still thinks he is connected.
   * If the person then tries to connect again and there is a limit on the sessions to e.g. 1, he will not be able to connect again.
-  * Usually there is a reply attribute called **Idle-Timeout** which you can set to a low value to auto-disconnect the user from the Captive Portal's side.
+  * Usually there is a reply attribute called **Idle-Timeout** which you can set to a low value to auto-disconnect the user from the Captive Portal's side when there is no data flow.
   * Another option is to let the Back-end auto close stale sessions by editing the Dynamic Client under **RADIUS** menu and go to **Dynamic Client** -> **Enhancements** and select **Auto Close Stale Sessions** with a time.
   * These items are just a heads-up before you implement this limit.
@@ Line 17: / Line 17: @@
   * Check if it is enabled in FreeRADIUS
 <code bash>
-vi /etc/freeradius/mods-config/sql/main/mysql/queries.conf
+vi /etc/freeradius/3.0/mods-config/sql/main/mysql/queries.conf
 </code>
-  * The following section needs to be active
+  * Look for this section
+<code bash>
+#######################################################################
+# Simultaneous Use Checking Queries
+#######################################################################
+# simul_count_query     - query for the number of current connections
+#                       - If this is not defined, no simultaneous use checking
+#                       - will be performed by this module instance
+# simul_verify_query    - query to return details of current connections
+#                               for verification
+#                       - Leave blank or commented out to disable verification step
+#                       - Note that the returned field order should not be changed.
+#######################################################################
+</code>
+  * Lets do a bit of explanation of these two items.
+        * In the FreeRADIUS config is a dedicated **session** section.
+        * If this section has **sql** specified, FreeRADIUS will initiate these queries (one or both) to try and determine the amount of active sessions a user has.
+        * We are **NOT** using  **simul_verify_query** and thus it needs to be commented out.
+        * If **simul_verify_query** is specified the FreeRADIUS program will try and contact the nas if possible to inquire directly from it the current session count for a user. For this it uses the **checkrad** program.
+        * We will thus comment **simul_verify_query** out to NOT use it.
 <code bash>
-#
-#  Uncomment simul_count_query to enable simultaneous use checking
-#
 simul_count_query = "\
         SELECT COUNT(*) \
@@ Line 31: / Line 48: @@
         AND acctstoptime IS NULL"
-simul_verify_query = "\
+#simul_verify_query = "\
-        SELECT \
+#       SELECT \
-                radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, \
+#               radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, \
-                callingstationid, framedprotocol \
+#               callingstationid, framedprotocol \
-        FROM ${acct_table1} \
+#       FROM ${acct_table1} \
-        WHERE username = '%{SQL-User-Name}' \
+#       WHERE username = '%{SQL-User-Name}' \
-        AND acctstoptime IS NULL"
+#       AND acctstoptime IS NULL"
 </code>
   * Restart if you made changes
 <code bash>
-#14.04
+#20.04
 service freeradius stop
 service freeradius start
-#16.04
-sudo systemctl restart freeradius.service
 </code>

RADIUSdesk

Page Tools

Site Tools

User Tools

Differences