Pfsense 2.0.1 - users not disconnected after hard timeout - RADIUS auth
-
Hello,
since some weeks I am using pfsense 2.0.1 CP with RADIUS auth. Authentication works but it seems like Hard timeout is not working.
I set the hard timeout to 180min and the idle timeout to 60min.When I go to:
Diagnostics –> CaptivePortal
the last activity of some users is 12h or more in the past but they are still "online". In
Diagnostics --> System Logs --> Portal Auth
there is no disconnect or timeout for these users. The Dashboard Widget also shows these users.So I am not 100% sure if hard timeout is not working or if the GUI is just telling me something wrong.
I am using pfsense 2.0.1 AMD64
squid2 (transparent)
squidguard
freeradius2 (username/password auth)Thank you for your help!
-
The first thing I would do is see if "Reauthenticate connected users every minute" is checked under the main "Captive Portal" page. You'll find it in the Authentication section, about halfway down the page.
-
@nachtfalke: update to 2.0.3 - lots of CP fixes in it, most likely will solve your problem.
-
pfsense CP NAS doesn't support RADIUS POD (Packet of Disconnect), you'd have to enable "re-auth every min", check http://redmine.pfsense.org/issues/2573 for more.
-
Hi,
thank oyu for your feedback.
I will of course update to 2.0.3 if it is released. I know that there were many fixes.
@dhatz
I thought that Hard Timeout is an independent CP feature. Re-authenticate users every minute will spam my RADIUS even if its possible that it will work. What do you think - could Session-Timeout enabled on CP and set on RADIUS solve this problem ?Thanks