Date: Wed, 21 Feb 2001 23:44:29 -0600 (CST) From: Chuck Rock <carock@kira.epconline.net> To: david rhodus <sdrhodus@wildcatblue.com> Cc: Odhiambo Washington <wash@iconnect.co.ke>, freebsd-isp@FreeBSD.ORG Subject: Re: Expiring User accounts Message-ID: <Pine.BSF.4.21.0102212337110.56090-100000@kira.epconline.net> In-Reply-To: <000001c09c6c$88337a90$577afea9@vghk>
next in thread | previous in thread | raw e-mail | index | archive | help
We use RADIUS here, and I have my connections logged off after 8 hours on-line, and also after one hour of idle time. I found my clues in the RADIUS program dorectory. Theres a dictionary file that gives you a lot of options. The key is figuring out what your NAS equipment uses for RADIUS commands. We are using Nortel CVX1800 platform connected to our Cisco 3662 router. I had to slightly customize the RADIUS dictionary, but the options I use in my users file are as follows.... user Password = "UNIX" User-Service = Framed-User, Framed-Protocol = PPP, Idle-Timeout = 2400, Session-Timeout = 28800, Framed-Routing = None The idle timeout is in seconds as are the session timeout. When the limits are reached, it kicks the user from the system and in the RADIUS log, it says the user was disconned as reason "Session Timeout" I don't know exactly how it kicks the user, I assume it is some way the Cisco router works with RADIUS. I can manually kick the users if I telnet into the router, so either the router remembers that users RADIUS session limits and kicks them as necessary, or something else does it. I had to modify the RADIUS dictionary because it Ascend RADIUS, and the Cisco router had some of it's own RADIUs phrases it recognizes. I had to pull teeth on the Cisco open forum to get that information though. Chuck Rock EPC On Wed, 21 Feb 2001, david rhodus wrote: > I wish I could have something that would turn my users off after 200 hours > of being online. I'm using radius to acut. them. Yet I don't know of > anything yet that could do it. > Is this kinda what your talking about? Does anyone else know how to do this? > > ----- Original Message ----- > From: "Odhiambo Washington" <wash@iconnect.co.ke> > To: "Lowell Gilbert" <lowell@world.std.com> > Cc: "FBSD-ISP" <freebsd-isp@freebsd.org> > Sent: Tuesday, February 20, 2001 11:59 PM > Subject: Re: Expiring User accounts > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0102212337110.56090-100000>