[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Radiusplugin-users] Disconnect when counter limit reached?
From: |
Ralf Lübben |
Subject: |
Re: [Radiusplugin-users] Disconnect when counter limit reached? |
Date: |
Thu, 12 Mar 2009 09:03:43 +0100 |
User-agent: |
KMail/1.10.3 (Linux/2.6.27-11-generic; KDE/4.1.3; i686; ; ) |
Hi,
the plugin itself can't disconnect a user, but OpenVPN re-authenticates a user
during a connection periodically.
So the user will be disconnected after some time, even he is connected.
You can configure the re-authentication interval with the OpenVPN options
[ --reneg-bytes n ] [ --reneg-pkts n ] [ --reneg-sec n ]
For example if you use "--reneg-sec 60", in the worst case the user will be
connected 60 seconds after the time limit was reached.
I hope, this solves your problem.
Ralf
Am Donnerstag 12 März 2009 08:21:58 schrieb Joan Llopart:
> I've been testing radiusplugin (2.0c) for some days, great job, thank you!
> I'm quite new with freeradius and had to learn lots of things, not easy to
> set it up for first time.
>
> It works fine, but there's something that doesn't works properly with
> counters (http://wiki.freeradius.org/Rlm_sqlcounter), been on it for some
> hours and can't make it work. When I configure a timelimit counter, user
> doesn't disconnects when timelimit is reached. When timelimit is reached
> and user disconnects and connects again, works fine, he is not authorized
> by freeradius. But not disconnected while connection is established and
> timelimit is reached.
>
> It looks like radiusplugin only cheks user's authorization to freeradius
> when connection between OpenVPN client and server is established. Once
> established, messages between radiusplugin and freeradius for that user are
> just accouting.
>
> Is this a TODO feature for radiusplugin or it should work and I have
> something missing in my freeradius config?
>
> J