(RADIATOR) AuthBy RADIUS and Session Database

[Hugh Irvine]

Hello Tom -

Could you please send me a copy of your configurtation file (no secrets), 
together with a trace 4 debug showing the two logins and a copy of the 
relevant record from the session database.

BTW - the latest version is Radiator 3.1 and you should check the history file 
to see if there have been any fixes in this area.

regards

Hugh


> Hi,
> I am running Radiator-2.18.4 on two boxes that are talking to a centrally
> located mySQL server that contains our Session Database. We are using
> ClientType TotalControlSNMP and AscendSNMP to query our NAS boxes.
>
> We are using these radius boxes as proxy servers for our Wholesales Dialup
> service offering, so we have many realms communicating back to many
> <AuthBy RADIUS> clauses. We are enforcing a DefaultSimultaneous 1 in the
> <AuthBy RADIUS> clause. Responses coming back from the Proxied Radius
> Servers do not include a Simultaneous-Use=1 statement. There is a
> Port-Limit=4 statement.
>
> Having said that, it is my belief that a user that is logged in, and shown
> in the session database, should not be permitted to log in. This is not
> the case here. The user recieves an access accept.
>
> A level 4 trace showed me that we do not do a SELECT against the Session
> Database or a SNMPGET to the NASes to see if the user is online. Is this
> the behavior of <AuthBy RADIUS>?
>
> Is there a way to fix this so simultaneous use will be enforced?
> Suggestions?
>
> Thanks,
> Tom Daly

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.