[ previous ] [ next ] [ threads ]
 From:  David Orman <david dot orman at orblivion dot com>
 To:  "Mitch (WebCob)" <mitch at webcob dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] some radius questions
 Date:  Wed, 20 Oct 2004 10:53:08 -1000
I am also interested in your setup, as well as responses to your 
questions. We want to allow free trials so this would be necessary 
functionality. :) Also some sort of solution that would allow us to 
identify a client that has already used a free trial, and disallow 
granting them another. However, I don't have any issues with using the 
customer's mac address, as the people who would take the time to alter 
their MAC address in order to continuously get free service probably 
wouldn't pay anyways, and all of my bandwidth is unmetered so the cost 
is negligible. :)


On Oct 20, 2004, at 10:18, Mitch (WebCob) wrote:

> The person probably best able to address your questions is Dinesh... 
> he's
> done a lot of work on the captive portal code since Manuel first put 
> it in.
> I've seen a few questions on the list about if and how session 
> timeouts and
> accounting are handled on mono, but many usrs here are not Radius 
> experts
> (or sometimes even firewall experts ;-) so I think that many radius 
> configs
> to this point have been pretty basic.
> I for one would appreciate some details on how you set up your radius 
> to
> work this way - there are existing notes on the list and I think there 
> may
> be some in the wiki - perhaps you could help us all out by providing 
> some
> input here?
> The MAC issue has been requested by a few people - and a few others 
> (myself
> included) are looking for options to avoid use of the mac altogether...
> Your contributions appreciated.
> m/
>> -----Original Message-----
>> From: Jason Brunk [mailto:jbrunk at wthosting dot com]
>> Sent: Wednesday, October 20, 2004 12:16 PM
>> To: m0n0wall at lists dot m0n0 dot ch
>> Subject: [m0n0wall] some radius questions
>> Hi, I am new to the group.  I have an existing radius server set up 
>> that I
>> used for a hotspot router that seems to be working great.  The system
>> currently works like this.
>> Data Stored in MySQL DB (w/accounting)
>> 1.  When the users authenticates, the sql statement takes an attribute
>> "Max-All-Session"  This value is the grand total number of
>> seconds the user
>> can use on our system.  Durring the authentication process, our radius
>> server queries the accounting table to see how much was used,
>> then subtracts
>> the used from "Max-All-Session".  Remainder - how much they can still 
>> use.
>> When sending back the Access-Accept (i think that is what the OK 
>> response
>> is).  It also sends back a "Session-Timeout".  This session timeout 
>> tells
>> the box "this is how much time they have".   So what I would like to 
>> do is
>> do the same thing, i would like to have the m0n0wall time the
>> user out after
>> Session-Timeout seconds have passed.   I would also like to be
>> able to have
>> the popup logout window display how much time they have with a
>> stupid little
>> javascrpt countdown or something.
>> 2.  During the authentication, i would like to have the accounting 
>> packet
>> also pass in the attribute "CalledStationID"  this would be nothing 
>> more
>> than the mac address of the wan port on the m0n0wall.  I would think 
>> this
>> would be fairly simple.
>> If anyone can give me any help or guidance that would be great.
>> Jason
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch