Date: Tue, 12 Jun 2001 06:15:40 -0600 From: Jeff Palmer <scorpio@drkshdw.org> To: freebsd-isp@freebsd.org Subject: Re: Expiring User accounts Message-ID: <5.1.0.14.0.20010612061343.00a9c230@jeff.isni.net> In-Reply-To: <Pine.BSF.4.21.0102212337110.56090-100000@kira.epconline.ne t> References: <000001c09c6c$88337a90$577afea9@vghk>
next in thread | previous in thread | raw e-mail | index | archive | help
Cistron-radiusd (in ports) has this feature built in. (actually as a script it calls IIRC) also, Cistron radiusd has a feture to limit, or restrict multiple logins from same username. It's been a while since I set it up, but if you need any help, feel free to contact me. Jeff Palmer scorpio@drkshdw.org At 11:44 PM 2/21/01 -0600, you wrote: >We use RADIUS here, and I have my connections logged off after 8 hours >on-line, and also after one hour of idle time. > >I found my clues in the RADIUS program dorectory. Theres a dictionary file >that gives you a lot of options. The key is figuring out what your NAS >equipment uses for RADIUS commands. > >We are using Nortel CVX1800 platform connected to our Cisco 3662 router. I >had to slightly customize the RADIUS dictionary, but the options I use in >my users file are as follows.... > >user Password = "UNIX" > User-Service = Framed-User, > Framed-Protocol = PPP, > Idle-Timeout = 2400, > Session-Timeout = 28800, > Framed-Routing = None > >The idle timeout is in seconds as are the session timeout. When the limits >are reached, it kicks the user from the system and in the RADIUS log, it >says the user was disconned as reason "Session Timeout" > >I don't know exactly how it kicks the user, I assume it is some way the >Cisco router works with RADIUS. I can manually kick the users if I telnet >into the router, so either the router remembers that users RADIUS session >limits and kicks them as necessary, or something else does it. > >I had to modify the RADIUS dictionary because it Ascend RADIUS, and the >Cisco router had some of it's own RADIUs phrases it recognizes. I had to >pull teeth on the Cisco open forum to get that information though. > >Chuck Rock >EPC > > >On Wed, 21 Feb 2001, david rhodus wrote: > > > I wish I could have something that would turn my users off after 200 hours > > of being online. I'm using radius to acut. them. Yet I don't know of > > anything yet that could do it. > > Is this kinda what your talking about? Does anyone else know how to do > this? > > > > ----- Original Message ----- > > From: "Odhiambo Washington" <wash@iconnect.co.ke> > > To: "Lowell Gilbert" <lowell@world.std.com> > > Cc: "FBSD-ISP" <freebsd-isp@freebsd.org> > > Sent: Tuesday, February 20, 2001 11:59 PM > > Subject: Re: Expiring User accounts > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20010612061343.00a9c230>