[ previous ] [ next ] [ threads ]
 
 From:  "Mitch \(WebCob\)" <mitch at webcob dot com>
 To:  "Jason Brunk" <jbrunk at wthosting dot com>, m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] some radius questions
 Date:  Wed, 20 Oct 2004 13:18:06 -0700 
The person probably best able to address your questions is Dinesh... he's
done a lot of work on the captive portal code since Manuel first put it in.

I've seen a few questions on the list about if and how session timeouts and
accounting are handled on mono, but many usrs here are not Radius experts
(or sometimes even firewall experts ;-) so I think that many radius configs
to this point have been pretty basic.

I for one would appreciate some details on how you set up your radius to
work this way - there are existing notes on the list and I think there may
be some in the wiki - perhaps you could help us all out by providing some
input here?

The MAC issue has been requested by a few people - and a few others (myself
included) are looking for options to avoid use of the mac altogether...

Your contributions appreciated.

m/

> -----Original Message-----
> From: Jason Brunk [mailto:jbrunk at wthosting dot com]
> Sent: Wednesday, October 20, 2004 12:16 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] some radius questions
>
>
> Hi, I am new to the group.  I have an existing radius server set up that I
> used for a hotspot router that seems to be working great.  The system
> currently works like this.
>
>
> Data Stored in MySQL DB (w/accounting)
>
> 1.  When the users authenticates, the sql statement takes an attribute
> "Max-All-Session"  This value is the grand total number of
> seconds the user
> can use on our system.  Durring the authentication process, our radius
> server queries the accounting table to see how much was used,
> then subtracts
> the used from "Max-All-Session".  Remainder - how much they can still use.
> When sending back the Access-Accept (i think that is what the OK response
> is).  It also sends back a "Session-Timeout".  This session timeout tells
> the box "this is how much time they have".   So what I would like to do is
> do the same thing, i would like to have the m0n0wall time the
> user out after
> Session-Timeout seconds have passed.   I would also like to be
> able to have
> the popup logout window display how much time they have with a
> stupid little
> javascrpt countdown or something.
>
> 2.  During the authentication, i would like to have the accounting packet
> also pass in the attribute "CalledStationID"  this would be nothing more
> than the mac address of the wan port on the m0n0wall.  I would think this
> would be fairly simple.
>
> If anyone can give me any help or guidance that would be great.
>
> Jason
>