[RADIATOR] AuthBy INTERNAL- DefaultSimultaneousUse

Hugh Irvine hugh at open.com.au
Wed Jan 28 01:26:02 CST 2009 

Hello Kadir -

In that case I suggest you use a DEFAULT entry in your AuthBy FILE,  
rather than an AuthBy INTERNAL.

In addition to the other entries your users file should contain an  
entry something like this:


.....

# users file

DEFAULT	Auth-Type = Accept, Simultaneous-Use = 2
	cisco-avpair = "ip:addr-pool=xxx",
	cisco-avpair = "ip:l4redirect=redirect list 199 to group yyyy"

.....


We have discussed the AuthBy INTERNAL clause approach, but we prefer  
to keep it as it is.

hope that helps

regards

Hugh


On 27 Jan 2009, at 23:25, Kadir Saruhan wrote:

> Hello Hugh,
>
> But it doesn't cover what i deserve. If i use MaxSessions that  
> overrides
> DefaultSimultaneousUse parameter and Simultaneous-Use check item. I  
> need
> to the following requirements as configuration
>
> - All users has to be session limit which authenmticated by AuthBy SQL
> and AuthBy INTERNAL
> - Some special users has not to be session limit which authenticated  
> by
> AuthBy FILE
>
> My problem comes from AuthBy INTERNAL clause that doesn't take a
> DefaultSimultaneous parameter properly.
>
> There is part of Realm of my config at below.
>
> <Realm DEFAULT>
>
>        SessionDatabase SDB1
>        AuthByPolicy ContinueAlways
>        AuthLog authlog1
>
>        <AuthBy GROUP>
>
>                AuthByPolicy ContinueUntilAccept
>                AuthBy Sql_auth
>                AuthBy File
>                AuthBy All_accept
>
>        </AuthBy>
>
> </Realm>
>
>
>
>
>
> Regards
>
> -----Original Message-----
> From: Hugh Irvine [mailto:hugh at open.com.au]
> Sent: Tuesday, January 27, 2009 12:46 PM
> To: Kadir Saruhan
> Cc: radius-support at open.com.au; radiator at open.com.au
> Subject: Re: AuthBy INTERNAL- DefaultSimultaneousUse
>
>
> Hello Kadir -
>
> I suggest you use MaxSessions in the Realm or Handler.
>
> See section 5.17.3 in the Radiator 4.3.1 reference manual ("doc/
> ref.pdf").
>
> regards
>
> Hugh
>
>
> On 27 Jan 2009, at 21:27, Kadir Saruhan wrote:
>
>> Hello Again Hugh,
>>
>> Does <AuthBy INTERNAL> clause support DefaultSimultaneousUse
>> parameter?
>> I have many AuthBy (AuthBy SQL, AuthBy FILE, AuthBy INTERNAL)
>> clauses in
>> my configuration and one of them the following clause. I want to  
>> limit
>> session with DefaultSimultaneousUse parameter but it doesn't work
>> properly. How can i restrict session limit in that clause?
>>
>> <AuthBy INTERNAL>
>>
>>       Identifier All_accept
>>       DefaultSimultaneousUse 2
>>       AuthResult ACCEPT
>>       AddToReply cisco-avpair = "ip:addr-pool=xxx", \
>>       cisco-avpair = "ip:l4redirect=redirect list 199 to group yyyy"
>>
>> </AuthBy>
>>
>> Best Regards
>> Kadir Saruhan
>
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive
> (www.open.com.au/archives/radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
> Have you checked the RadiusExpert wiki:
> http://www.open.com.au/wiki/index.php/Main_Page
>
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> Includes support for reliable RADIUS transport (RadSec),
> and DIAMETER translation agent.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

More information about the radiator mailing list