Re: [Radiusplugin-users] Disconnect when counter limit reached?

[Ralf Lübben]

Hi,

the plugin itself can't disconnect a user, but OpenVPN re-authenticates a user 
during a connection periodically.
So the user will be disconnected after some time, even he is connected.

You can configure the re-authentication interval with the OpenVPN options

[ --reneg-bytes n ] [ --reneg-pkts n ] [ --reneg-sec n ]

For example if you use "--reneg-sec 60", in the worst case the user will be 
connected 60 seconds after the time limit was reached.

I hope, this solves your problem.

Ralf



Am Donnerstag 12 März 2009 08:21:58 schrieb Joan Llopart:
> I've been testing radiusplugin (2.0c) for some days, great job, thank you!
> I'm quite new with freeradius and had to learn lots of things, not easy to
> set it up for first time.
>
> It works fine, but there's something that doesn't works properly with
> counters (http://wiki.freeradius.org/Rlm_sqlcounter), been on it for some
> hours and can't make it work. When I configure a timelimit counter, user
> doesn't disconnects when timelimit is reached. When timelimit is reached
> and user disconnects and connects again, works fine, he is not authorized
> by freeradius. But not disconnected while connection is established and
> timelimit is reached.
>
> It looks like radiusplugin only cheks user's authorization to freeradius
> when connection between OpenVPN client and server is established. Once
> established, messages between radiusplugin and freeradius for that user are
> just accouting.
>
> Is this a TODO feature for radiusplugin or it should work and I have
> something missing in my freeradius config?
>
> J