• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Captive Portal + FreeRadius + Database

Scheduled Pinned Locked Moved Captive Portal
6 Posts 4 Posters 5.1k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    j4nus
    last edited by Apr 30, 2008, 9:29 AM

    Dear,

    I'm interested in the creation of a captive portal with radius authentication.

    The goal is to create 2 types of account: user and admin accounts

    An user account is limited to x minutes and the account must be disabled or deleted when the time expires.
    Ideally the user account should also be limited in the upload/download. When the quota is reached, the account must also be disabled or delted.

    An admin account is not limited (in transfer quota or time quota).

    I know that for this kind of rules I need a database.

    Is it possible to easily install a database coupled with the freeradius on the same machine (everything on the pfsense machine).

    Thanks to share your experience.

    J4nus

    1 Reply Last reply Reply Quote 0
    • G
      GruensFroeschli
      last edited by Apr 30, 2008, 9:43 AM

      It's for obvious reasons not such a good idea to install a database on a firewall.

      Search the forum on this.
      There are quite a few threads about this exact topic.

      We do what we must, because we can.

      Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

      1 Reply Last reply Reply Quote 0
      • J
        j4nus
        last edited by Apr 30, 2008, 11:32 AM

        Yes I know it's certainly not the best solution but I don't have any another choice following the requirements.

        1 Reply Last reply Reply Quote 0
        • J
          j4nus
          last edited by May 3, 2008, 4:10 PM

          Ok mysql and freeradius are now up and running.

          I created some account in the database, the idle time-out (Idle-Timeout radius argument) seems to work well but the Session-Timeout (the other radius argument that should disconnect the client when he reaches its time limits) doesn't work.

          I tried the "hard time out" in the pfsense gui, that works well but it's not what I need. I only need a session timeout for the "users" account.

          Does somebody tried before ?

          I'm also looking for a solution to disconnect an user when his upload/download limit is exceeded.

          1 Reply Last reply Reply Quote 0
          • H
            hoba
            last edited by May 3, 2008, 7:49 PM

            You can use the reauthenticate every minute option with accounting to the radius server. The radius server can then reject the reauthentication if the user's quota is used up. This however will not work for really huge deployments (more than 50-60 concurrent wireless users will start to become tricky).

            1 Reply Last reply Reply Quote 0
            • C
              craibo
              last edited by May 15, 2008, 8:44 AM May 15, 2008, 8:29 AM

              Did you manage to achieve an upload/download quota? I have been trying to do it for a while now with no success.

              If you did achieve it please could you let me know how.

              Many thanks

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                [[user:consent.lead]]
                [[user:consent.not_received]]