Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 12 Jun 2001 06:15:40 -0600
From:      Jeff Palmer <scorpio@drkshdw.org>
To:        freebsd-isp@freebsd.org
Subject:   Re: Expiring User accounts
Message-ID:  <5.1.0.14.0.20010612061343.00a9c230@jeff.isni.net>
In-Reply-To: <Pine.BSF.4.21.0102212337110.56090-100000@kira.epconline.ne t>
References:  <000001c09c6c$88337a90$577afea9@vghk>

next in thread | previous in thread | raw e-mail | index | archive | help
Cistron-radiusd (in ports)  has this feature built in. (actually as a 
script it calls IIRC)
also,  Cistron radiusd has a feture to limit, or restrict multiple logins 
from same username.


It's been a while since I set it up,  but if you need any help,  feel free 
to contact me.

Jeff Palmer
scorpio@drkshdw.org



At 11:44 PM 2/21/01 -0600, you wrote:
>We use RADIUS here, and I have my connections logged off after 8 hours
>on-line, and also after one hour of idle time.
>
>I found my clues in the RADIUS program dorectory. Theres a dictionary file
>that gives you a lot of options. The key is figuring out what your NAS
>equipment uses for RADIUS commands.
>
>We are using Nortel CVX1800 platform connected to our Cisco 3662 router. I
>had to slightly customize the RADIUS dictionary, but the options I use in
>my users file are as follows....
>
>user    Password = "UNIX"
>         User-Service = Framed-User,
>         Framed-Protocol = PPP,
>         Idle-Timeout = 2400,
>         Session-Timeout = 28800,
>         Framed-Routing = None
>
>The idle timeout is in seconds as are the session timeout. When the limits
>are reached, it kicks the user from the system and in the RADIUS log, it
>says the user was disconned as reason "Session Timeout"
>
>I don't know exactly how it kicks the user, I assume it is some way the
>Cisco router works with RADIUS. I can manually kick the users if I telnet
>into the router, so either the router remembers that users RADIUS session
>limits and kicks them as necessary, or something else does it.
>
>I had to modify the RADIUS dictionary because it Ascend RADIUS, and the
>Cisco router had some of it's own RADIUs phrases it recognizes. I had to
>pull teeth on the Cisco open forum to get that information though.
>
>Chuck Rock
>EPC
>
>
>On Wed, 21 Feb 2001, david rhodus wrote:
>
> > I wish I could have something that would turn my users off after 200 hours
> > of being online. I'm using radius to acut. them. Yet I don't know of
> > anything yet that could do it.
> > Is this kinda what your talking about? Does anyone else know how to do 
> this?
> >
> > ----- Original Message -----
> > From: "Odhiambo Washington" <wash@iconnect.co.ke>
> > To: "Lowell Gilbert" <lowell@world.std.com>
> > Cc: "FBSD-ISP" <freebsd-isp@freebsd.org>
> > Sent: Tuesday, February 20, 2001 11:59 PM
> > Subject: Re: Expiring User accounts
> >
> >
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-isp" in the body of the message
> >
>
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-isp" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20010612061343.00a9c230>