[ previous ] [ next ] [ threads ]
 From:  "=?ISO-8859-1?Q?Jan=E5ke_R=F6nnblom?=" <j dot ronnblom at gmail dot com>
 To:  "Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] captive portal and radius
 Date:  Tue, 16 May 2006 14:10:05 +0200
2006/5/16, Jonathan De Graeve <Jonathan dot De dot Graeve at imelda dot be>:
> Hi yourself

Hi again ;)

> Currently not (sorry) this behaviour maybe changed in a future version

Looking forward to it. As of now I add all hosts to the XML file and upload
a new version. Not really a big problem.

> Only way todo this is with javascript doing everything. Otherwise its not
> possible. The user will have to authenticate with userid@domain (untested
> situation for m0n0wall)

Okay. I thought of this way to do it and will try with a simple javascript
that adds the realm when login is pressed.

> RADIUS accounting should work on IAS too.

And it does. I did my homework and on the eventlog on the Win2003 server
only errors, rejected and successful authentication requests are recorded.
However if one does tell IAS to log to a textfil you get the all data and
one can see that accounting stop/start and interim messages are sent. You
have to decode them yourself but the helpfile for IAS is rather good.

> > If I use the Session-Timeout attribute to disconnect users who can
> connect
> > for only 1 hour per day would it be possible to show the user how much
> > time
> > they have left when they login?
> This isn't possible. You can develop a 'ISP' webapplication where the user
> can login to see its current status (download/upload traffic remaining
> session time). We currently use such an application.

I think if I use the Redirection-Url and send them to a webserver I get
their ip-number and from that I should be able to find their username in the
radius logfile. Or perhaps an javascript could also add the username to the
redirurl before submitting the login form. However I'm not sure its worth
the time doing it, atleast for now.

Currently this isn't possible. But I already tried to add a javascript box
> into the logout popup window which tells the user how many time there's left
> but I'm not a javascript geek. If somebody could help me with the script I
> certainly can add it to the m0n0wall

It wouldn't be possible to add some variables that could be sent to the
Redirection-Url? Think of it as an form of feature-request for 2.x ;)

So in the logout box you have access to the Session-Timeout variable or how
do you do this?

If you want to get it working on windows too you will need spent time for
> debugging the issue with me. You can't expect somebody will mysteriously
> solve it for you without knowing your situation.

It does work! I was confused by the Windows EventLog, see above.