From owner-freebsd-isp Tue Jun 12 5:21:10 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.drkshdw.org (user4.net011.fl.sprint-hsd.net [207.30.203.4]) by hub.freebsd.org (Postfix) with ESMTP id 194D437B403 for ; Tue, 12 Jun 2001 05:21:06 -0700 (PDT) (envelope-from scorpio@drkshdw.org) Received: (qmail 21161 invoked from network); 12 Jun 2001 12:21:03 -0000 Received: from h3u1-a2c897.elp.rr.com (HELO oemcomputer.drkshdw.org) (24.162.200.151) by user4.net011.fl.sprint-hsd.net with SMTP; 12 Jun 2001 12:21:03 -0000 Message-Id: <5.1.0.14.0.20010612061343.00a9c230@jeff.isni.net> X-Sender: scorpio@jeff.isni.net X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Tue, 12 Jun 2001 06:15:40 -0600 To: freebsd-isp@freebsd.org From: Jeff Palmer Subject: Re: Expiring User accounts In-Reply-To: References: <000001c09c6c$88337a90$577afea9@vghk> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Cistron-radiusd (in ports) has this feature built in. (actually as a script it calls IIRC) also, Cistron radiusd has a feture to limit, or restrict multiple logins from same username. It's been a while since I set it up, but if you need any help, feel free to contact me. Jeff Palmer scorpio@drkshdw.org At 11:44 PM 2/21/01 -0600, you wrote: >We use RADIUS here, and I have my connections logged off after 8 hours >on-line, and also after one hour of idle time. > >I found my clues in the RADIUS program dorectory. Theres a dictionary file >that gives you a lot of options. The key is figuring out what your NAS >equipment uses for RADIUS commands. > >We are using Nortel CVX1800 platform connected to our Cisco 3662 router. I >had to slightly customize the RADIUS dictionary, but the options I use in >my users file are as follows.... > >user Password = "UNIX" > User-Service = Framed-User, > Framed-Protocol = PPP, > Idle-Timeout = 2400, > Session-Timeout = 28800, > Framed-Routing = None > >The idle timeout is in seconds as are the session timeout. When the limits >are reached, it kicks the user from the system and in the RADIUS log, it >says the user was disconned as reason "Session Timeout" > >I don't know exactly how it kicks the user, I assume it is some way the >Cisco router works with RADIUS. I can manually kick the users if I telnet >into the router, so either the router remembers that users RADIUS session >limits and kicks them as necessary, or something else does it. > >I had to modify the RADIUS dictionary because it Ascend RADIUS, and the >Cisco router had some of it's own RADIUs phrases it recognizes. I had to >pull teeth on the Cisco open forum to get that information though. > >Chuck Rock >EPC > > >On Wed, 21 Feb 2001, david rhodus wrote: > > > I wish I could have something that would turn my users off after 200 hours > > of being online. I'm using radius to acut. them. Yet I don't know of > > anything yet that could do it. > > Is this kinda what your talking about? Does anyone else know how to do > this? > > > > ----- Original Message ----- > > From: "Odhiambo Washington" > > To: "Lowell Gilbert" > > Cc: "FBSD-ISP" > > Sent: Tuesday, February 20, 2001 11:59 PM > > Subject: Re: Expiring User accounts > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message