@argilla
How do the portal user login ?
=> to log in, user have to be collected. To do this, users are redirected to the portal's web server, so a login page shows up. These credntials are posted against the portal server, who sends it to the Radius server for checking.
When the user is authorized, a firewall rule make the users device (IP and MAC) totally transparent.
This means it's not 'easy' for a user to get back to the login page of the portal at this moment.
Question : does the portal user actually logged in multiple times ?
Years ago, I detected in the "radacct" Freeradius table entries that seem be be abandone, there as a start time, but no interval updates neither a stop time.
A newer entry for the same logged in user existed.
This might be what you are seeing now.
I created this :
ac259eab-4b33-4908-89b0-d75c88395040-image.png
<?php
try {
$link = new PDO('mysql:host=radius.local.net;port=3307;dbname=radius', 'radius', 'verysecretpassword');
// Check connection
if($link === false)
{
die("ERROR: Could not connect.");
}
// Attempt delete query execution
$sql = "DELETE FROM `radacct` WHERE `acctstoptime` IS NULL and `acctstarttime` < (NOW() - INTERVAL 610 MINUTE)";
$stmt = $link->prepare($sql);
$stmt->execute();
unset($stmt);
}
catch (PDOException $e)
{
print "Error!: " . $e->getMessage() . "<br/>";
die();
}
?>
When there are entries with an empty STOP time "acctstoptime" and a acctstarttime that more then 610 minutes in the past, that entry gets deleted.
Now, these 'stray' entries get removed.
I has no more issues.
Actually, don't recall what the issue really was.
(I should stop this cron task, see what happens)
pfSense shows the correct number f logged in users ?
edit :
Can you 'debug' the radius process , like the FreeRadius3 package of pfSense ?
You have to stop the radius process, and then launch it by hand :
radius -X