From owner-freebsd-isp Tue Jun 12 5:25:17 2001 Delivered-To: freebsd-isp@freebsd.org Received: from alligator.wananchi.com (alligator.wananchi.com [62.8.64.108]) by hub.freebsd.org (Postfix) with ESMTP id 93EFF37B401 for ; Tue, 12 Jun 2001 05:25:02 -0700 (PDT) (envelope-from carock@kira.epconline.net) Received: from root by alligator.wananchi.com with local (Exim 3.22 #1) id 159n9G-00012a-00; Tue, 12 Jun 2001 15:19:54 +0300 Received: from [209.198.248.2] (helo=siafu.iconnect.co.ke) by poeza.iconnect.co.ke with esmtp (Exim 3.20 #1) id 14Voa2-000Bpx-00 for wash@poeza.iconnect.co.ke; Thu, 22 Feb 2001 08:46:18 +0300 Received: from [212.22.161.3] (helo=ns2.iconnect.co.ke) by siafu.iconnect.co.ke with esmtp (Exim 2.12 #1) id 14VoWn-0000g3-00 for wash@iconnect.co.ke; Thu, 22 Feb 2001 08:42:57 +0300 Received: from amavis by ns2.iconnect.co.ke with scanned-ok (Exim 3.12 #1) id 14VoYX-000JUs-00 for wash@iconnect.co.ke; Thu, 22 Feb 2001 08:44:45 +0300 Received: from [209.83.132.2] (helo=kira.epconline.net) by ns2.iconnect.co.ke with esmtp (Exim 3.12 #1) id 14VoYU-000JTP-00 for wash@iconnect.co.ke; Thu, 22 Feb 2001 08:44:43 +0300 Received: from localhost (carock@localhost) by kira.epconline.net (8.11.2/8.11.2) with ESMTP id f1M5iY856308; Wed, 21 Feb 2001 23:44:34 -0600 (CST) Date: Wed, 21 Feb 2001 23:44:29 -0600 (CST) From: Chuck Rock To: david rhodus Cc: Odhiambo Washington , freebsd-isp@FreeBSD.ORG In-Reply-To: <000001c09c6c$88337a90$577afea9@vghk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: Expiring User accounts Status: RO Lines: 57 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org We use RADIUS here, and I have my connections logged off after 8 hours on-line, and also after one hour of idle time. I found my clues in the RADIUS program dorectory. Theres a dictionary file that gives you a lot of options. The key is figuring out what your NAS equipment uses for RADIUS commands. We are using Nortel CVX1800 platform connected to our Cisco 3662 router. I had to slightly customize the RADIUS dictionary, but the options I use in my users file are as follows.... user Password = "UNIX" User-Service = Framed-User, Framed-Protocol = PPP, Idle-Timeout = 2400, Session-Timeout = 28800, Framed-Routing = None The idle timeout is in seconds as are the session timeout. When the limits are reached, it kicks the user from the system and in the RADIUS log, it says the user was disconned as reason "Session Timeout" I don't know exactly how it kicks the user, I assume it is some way the Cisco router works with RADIUS. I can manually kick the users if I telnet into the router, so either the router remembers that users RADIUS session limits and kicks them as necessary, or something else does it. I had to modify the RADIUS dictionary because it Ascend RADIUS, and the Cisco router had some of it's own RADIUs phrases it recognizes. I had to pull teeth on the Cisco open forum to get that information though. Chuck Rock EPC On Wed, 21 Feb 2001, david rhodus wrote: > I wish I could have something that would turn my users off after 200 hours > of being online. I'm using radius to acut. them. Yet I don't know of > anything yet that could do it. > Is this kinda what your talking about? Does anyone else know how to do this? > > ----- Original Message ----- > From: "Odhiambo Washington" > To: "Lowell Gilbert" > Cc: "FBSD-ISP" > Sent: Tuesday, February 20, 2001 11:59 PM > Subject: Re: Expiring User accounts > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message