August 3, 2008 at 12:13 pm #41119
I tried connecting several hosts with one user/pass.
They work all at the same time.
Is there option to limit the number of users with one user/pass?
Whats the use of the user/pass thing at the Radius if someone can tell his user/pass to everyone?August 3, 2008 at 4:49 pm #46694
The captive portal manages this option, but the radius server is not configured to set the Simultaneous-Use parameter to 1.
FulvioAugust 4, 2008 at 2:13 am #46695
I want just a clean Radius server and smooth and unattended connecting of the clients that have their user/pass recorded in their client software. I see Captive Portal has the option for Simultaneous Connections with enable/disable. I haven’t used it so far I don’t quite like captive portal and all those logging things with web browsers. Is there option to configure the radius server to accept only one connection per user/pass?August 4, 2008 at 7:14 am #46696
You should look at the FreeRadius documentation. You just have to change the /etc/raddb/users file to add the
Simultaneous-Use = 0
I will try to make this option configurable via web interface.
FulvioAugust 6, 2008 at 8:29 pm #46697
I was reading this…
I tried this…
but it seems it’s not working…August 6, 2008 at 9:22 pm #46698
Try to uncomment the first to lines of the file /etc/raddb/users and put there the new RADIUS attributes.
DEFAULT Auth-Type = LDAP
Fall-Through = Yes
Simultaneous-Use = 0August 7, 2008 at 12:20 am #46699
I made the changes…
Still no luck. I connected 2 computers with same user/pass.
🙁August 7, 2008 at 8:24 am #46700
You can try to debug by using the command
radtest user password 127.0.0.1 1 ZeroShell
FulvioAugust 8, 2008 at 12:20 pm #46701
I tried it and getting denials for wrong user/pass,
and approval for correct user/pass.
But still… the issue about Simultaneous-Use remains.
I better wait for that web change,
since I’m not good at programming.
I had the luck to live in country where
those that know are few and wouldn’t help learning.
🙁August 8, 2008 at 8:53 pm #46702
Let me find a solution and I will post it here.
FulvioOctober 5, 2008 at 12:52 pm #46703
Did you find a solution for this?
Have you fixed it in v.11?October 5, 2008 at 1:51 pm #46704
No,I have not yet.
FulvioOctober 21, 2008 at 2:07 pm #46705
Can you please try finding the solution for this? I really had a hard time trying to find a solution, but none of it works. 🙁 I don’t see the point of having a radius server if everyone can connect to it with one user/pass. It’s the same as if I have set WPA-PSK on the wireless router. One pass and everyone connects. 🙁October 22, 2008 at 3:17 pm #46706
I do see what you want to do. But just to clearify the radius serser’s responibility it to authenticate users saying good or no good. it’s the nas client that desides if one user should be able to connect one or many times simul… the radius server doesn’t know if the client to the nas client is still connected or not.
For that the nas client has to provide accounting but that is another story.
The sollution in radius only senarios is OTP…October 23, 2008 at 11:32 am #46707
Well… I tried to read some articles about this, but it was too difficult for me to understand. The radius server has to be configured somehow everytime it gets a request for authorization to check (i guess at the nas client) if the user is already connected and get a result. If the result is negative (meaning that no one is connected with that user/pass), it should grant the access… if the result is positive (meaning that someone is already connected with that user/pass) it should deny access.
I was reading several articles at freeradius, tried to change something, but I ended messing up something and had to rebuild my zeroshell server once again in VMware. 🙁
You must be logged in to reply to this topic.