CaptivePortal with freeradius + mysql: Max-Daily-Session
-
Are you sure, that the operator must be "==" and not better ":=" ?
Ok, Nachtfalke
I try to change to (:=) and test it again.
I limited bandwidth to "radreply"and "radgroupreply" in MySql database and next, at Captive Portal I enabled option "Enable per-user bandwidth restriction". After that at Captive Portal login page I use my username "student1" from MySql database to login but I could not access to internet at all. But if I do not enable this option "Enable per-user bandwidth restriction" in Captive Portal I can surfing to internet. It look like MySql and Captive Portal and FreeRadius2 does not work together with bandwidth limit per user and group. Do you have some idea what I have done something wrong?
Thank you
![Enable per-user bandwidth restriction.png](/public/imported_attachments/1/Enable per-user bandwidth restriction.png)
![Enable per-user bandwidth restriction.png_thumb](/public/imported_attachments/1/Enable per-user bandwidth restriction.png_thumb) -
set 1000 as bandwidth limit. If the description is correct then it will be overwritten by RADIUS. Perhaps an emty value causes a problem.
Further I know it is working on pfsense 2.0.1 CP + freeradius2 + bandwidth-limit in users file. I do not see any reason why it should not work with MySQL.
You can run radiusd -X from console in debug mode.
This will show you the attributes which are sent to CP. -
set 1000 as bandwidth limit. If the description is correct then it will be overwritten by RADIUS. Perhaps an emty value causes a problem.
Further I know it is working on pfsense 2.0.1 CP + freeradius2 + bandwidth-limit in users file. I do not see any reason why it should not work with MySQL.
You can run radiusd -X from console in debug mode.
This will show you the attributes which are sent to CP.Hello Nachtfalke
I set 1000 bandwidth limit that you recommended and it is working. I think that there have some bugs between pfSense 2.1, Captive Portal, FreeRadius2 and MySql. Today I just updated pfSense 2.1 Beta0 and Captive Portal, FreeRadius2 and MySql as bandwidth limit does not work again. I think, I am going back to use pfSense 2.0.1 again. I will try to test Captive Portal, FreeRadius2 and MySql from there. To be honest I do not have too much experiences how phpMyAdmin and MySql work together. I am appreciate if someone can explain and make some screenshot. This is a links: http://forum.pfsense.org/index.php/topic,43675.msg235475.html#msg235475 that I read it.Thank you
-
Why do you use MxSQL ?
It can be done without MySQL.
How many users do you have on CP ?
If there are not mor ethan 500 users it will be probably ok with some "up to date" hardware and without mysql. -
Why do you use MxSQL ?
It can be done without MySQL.
How many users do you have on CP ?
If there are not mor ethan 500 users it will be probably ok with some "up to date" hardware and without mysql.Hello Nachtfalke
I just repeat your question."Why do you use MxSQL ?"
Ans: Because at school, there are more than 800 students."It can be done without MySQL"
Could you explain how could be done without MySql, if the school has more than 800 students ?
You mean that I have to type all 100-450 users name at FreeRadius users tab and then using them together with FreeRadius and Captive Portal.Also, How can you limit bandwidth per "Group" if your school has more than 800 students?
"If there are not mor ethan 500 users it will be probably ok with some "up to date" hardware and without mysql"
You mean that I have to buy a new hardware if I have around 500 users.I hope that I don't ask you too much.
Thank you
Donny -
@Donny
I am so sorry. I forget about the fact that you would like to use group limits. This is not working without any database. So sorry for that.Hardware:
No need to buy new hardware if you are running MySQL on an external server. Most load will be on the MySQL database for the authentication and accounting. This can be done with lots more than your 800 users.Sorry that I cannot help you with the MySQL part. Perhaps ask user Rampage in a personal messag how he created the sql tables.
-
@Donny
I am so sorry. I forget about the fact that you would like to use group limits. This is not working without any database. So sorry for that.Hardware:
No need to buy new hardware if you are running MySQL on an external server. Most load will be on the MySQL database for the authentication and accounting. This can be done with lots more than your 800 users.Sorry that I cannot help you with the MySQL part. Perhaps ask user Rampage in a personal messag how he created the sql tables.
Thank you, Nachtfalke
I will try to contact him/her soon. I still keep testing it by my self first before I am asking some one to help. To be honest I have tested almost one week now but bandwidth limits for group is not successed. To use MySql users on database with Captive portal and MySql to authentication, I do not have any problem. Now time to get rest.
Anyway, thank you again
Donny
-
Just to make sure - you have enabled accounting on mysql and captiveportal, right ?
-
Just to make sure - you have enabled accounting on mysql and captiveportal, right ?
Thank you Nachtfalke
I will try it again soon. Hë, tired.
-
it's not enaugh to set the limit on the radius server, you also need to enable the feature on the NAS (captive portal setup) leaving fields empty.
Then the captive portal will refer to the values specified in radcheck or radgroupcheck in your mysql database.
the operator is :=
sorry if i took that long to reply, but it's been a while since i last visited the forum :)
-
in sorry if im asking something silly ..
it is possible to set an 'airtime' for every voucher? using CP or maybe thru freeradius?
for example user will able using 30minutes for surfing and download within 2 days.scenario example, user using 5 minutes and then log out. login again for 10 minutes more.
user keep going login and logout for 2 days until his time limit reach 30 minutes as i set.
in this case user will have 2 days 'airtime' and 30 minutes quota of time (time limit)sorry for my bad english ..thanks in advance to everyone
-
You need a radius server of sorts for that.
-
im installed freeradius2. after looked around for a few hours inside freeradius2.
kill some of my times google around but i found nothing similar to what i needi managed to create username and password. set a limit and quota for each of them.
but what i need is user only able to access using generate voucher without a username.
for example:
voucher package 1 : 30 minutes quota within 1 day (24hours) time limit(airtime)
voucher package 2 : 1440 minutes quota within 3 days (72hours) time limit(airtime)im sorry if im asking to much, im very new with pfsense but im willing to learn more.
i still do not have any idea what to do and where to start ..pls link me to any tutorial
thanks -
-
i already read that and still i cant find the way to solve my problem..
anyway thanks for ur kind reply -
i already read that and still i cant find the way to solve my problem..
anyway thanks for ur kind replyThe quota and limit functions only work with username/password.
The problem is that username/password is stored on freeradius2 users file and the vouchers are stored on the CP itself.And if you enable RADIUS authentication and CP with vouchers there is a bug in CP that if you enable "re-aithenticate every minute" on CP the CP sends the voucher code as username to the RADIUS server and the RADIUS server of course does not know this "user".
I described this here:
http://redmine.pfsense.org/issues/2155So I would say it is only possible to use voucher which has time limit or you use username/password which could have time limit and/or quota.
-
u mean there is no way for voucher on CP to work together with freeradius?
after time limit reached. My costumer need to get new ticket/voucher to relogin via CP.
i think it is impossible to create hotspot for making money using freeradius ;D -
(…)
i think it is impossible to create hotspot for making money using freeradius ;DThis statement is right if you focus on the freeradius2 package offered for pfsense.
but it is wrong if you use CaptivePortal from pfsense with another radius solution like daloradius or something else which focus on such things like "making money" and do accounting in this way.the freeradius2 package on pfsense is more a security tool within a company or at home to secure your wireless network, your company LAN or VPN with One-Time-Password.
You have to find the best solution for your needs :-)
-
the freeradius2 package on pfsense is more a security tool within a company or at home to secure your wireless network, your company LAN or VPN with One-Time-Password.
You have to find the best solution for your needs :-)
thankss ..i have noticed that.
mayb i need to put it on try and see how its gonna be. ;) -
Yeah, or just improve the freeradius2 code and put in some more features ;)