Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Limit Simultaneous Connections using freeRADIUS3 and captive portal

    Scheduled Pinned Locked Moved Captive Portal
    17 Posts 7 Posters 7.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gadgetguy
      last edited by

      Thank you for replying jimp,

      I'll start by explaining my goal for the Captive portal.

      1. I want to allow certain users onto my LAN network automatically by registering their MAC addresses in Captive portal. This works without a problem so far.

      2. For some users, I want to give them a user ID and password and limit their number of concurrent connections, let's say some clients 2 devices and some 3.

      For now, I don't want to limit bandwidth or daily usage, just concurrent connections.

      I downloaded and installed freeRADIUS3 and set it up.

      Here's my settings configuration:

      Services>FreeRADIUS> interfaces

      192.168.20.254 as LAN interface/Port 1812/authentication
      192.168.20.254 as LAN interface/Port 1813/accounting
      192.168.20.254 as LAN interface/Port 1816/status

      For NAS/Clients, I entered my LAN IP for the client IP and a shared secret.

      I then created a new entry in captive portal and enabled it.

      Interfaces: LAN

      Authentication method: RADIUS Authentication
      RADIUS protocol: PAP
      Primary RADIUS server: 192.168.20.254 / Port 1812 / shared secret

      I enabled "Send RADIUS accounting packets to the primary RADIUS server"
      Accounting port: 1813
      Accounting updates: no updates

      RADIUS NAS IP attribute: LAN-192.168.20.254

      Should I attach my radius.conf file?

      Thank you very much… I really appreciate your time and I hope you'll be able to help me figure out what I'm doing wrong....

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        In the captive portal settings, change Accounting Updates to "Start/Stop (FreeRADIUS)"

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • G
          gadgetguy
          last edited by

          Ok, I'll try that. Thank you!

          1 Reply Last reply Reply Quote 0
          • G
            gadgetguy
            last edited by

            @jimp:

            In the captive portal settings, change Accounting Updates to "Start/Stop (FreeRADIUS)"

            I tried this and I still can connect unlimited devices per user name. Any more suggestions?

            Thank you for helping with my problem….

            1 Reply Last reply Reply Quote 0
            • G
              gadgetguy
              last edited by

              I have squid running on my pfSense box but is there any chance that it is interfering?

              1 Reply Last reply Reply Quote 0
              • G
                gadgetguy
                last edited by

                One more thing, when installing FreeRADIUS3 it says an EAP certificate is needed. I haven't configured any certificates. Is that necessary?

                Thanks again…

                1 Reply Last reply Reply Quote 0
                • jimpJ
                  jimp Rebel Alliance Developer Netgate
                  last edited by

                  @gadgetguy:

                  I have squid running on my pfSense box but is there any chance that it is interfering?

                  If they still get prompted for a portal login, then maybe not, but it's squid so it usually does find ways of interfering.

                  @gadgetguy:

                  One more thing, when installing FreeRADIUS3 it says an EAP certificate is needed. I haven't configured any certificates. Is that necessary?

                  Where is it saying that? The FreeRADIUS 3.x package automatically makes EAP certs if you don't configure any, it doesn't print an error like that. The old 2.x package will print an error like that, though. If you aren't using EAP it's not much to worry about but you could make a CA and Server cert, set them on the EAP tab, and that would stop any errors.

                  Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                  Need help fast? Netgate Global Support!

                  Do not Chat/PM for help!

                  1 Reply Last reply Reply Quote 0
                  • G
                    gadgetguy
                    last edited by

                    Where is it saying that? The FreeRADIUS 3.x package automatically makes EAP certs if you don't configure any, it doesn't print an error like that. The old 2.x package will print an error like that, though. If you aren't using EAP it's not much to worry about but you could make a CA and Server cert, set them on the EAP tab, and that would stop any errors

                    When installing the FreeRADIUS package, at the end when it says 'Success' when the package finishes installing is where I saw that message. It wasn't an error message.

                    I got my test machine running again and did a clean install of pfSense and tried Captive Portal with FreeRADIUS and didn't install or setup anything else but it still doesn't limit simultaneous connections so I'm guessing that it isn't Squid causing the problems.

                    I know I'm asking a lot, but would it be possible for you to post the instructions for configuring FreeRADIUS and Captive Portal to limit a user to 3 concurrent connections? I've been trying for a week now spending every afternoon trying to find what the problem is and doing a lot of researching and reading on the internet but haven't been successful.

                    I appreciate your advice and want to thank you for helping me out this far.

                    1 Reply Last reply Reply Quote 0
                    • G
                      gadgetguy
                      last edited by

                      Is there anybody out there that is successfully using Captive Portal with FreeRADIUS3 and able to successfully allow a user to use a limited amount of devices concurrently?

                      Thank you in advance!

                      1 Reply Last reply Reply Quote 0
                      • J
                        jmguerrero
                        last edited by

                        try to edit the Number of Simultaneous Connections of the acct in freeRadius

                        1 Reply Last reply Reply Quote 0
                        • G
                          gadgetguy
                          last edited by

                          @jmguerrero:

                          try to edit the Number of Simultaneous Connections of the acct in freeRadius

                          I have this set to 2 or 3 depending on each user. Any other suggestions?

                          1 Reply Last reply Reply Quote 0
                          • E
                            Edo-IT
                            last edited by

                            Hello I'm new on this forum.
                            I have been reading some captive portal threads and I have the same issue with limiting the users by freeRadius 3.
                            Any suggestion?

                            Thx

                            1 Reply Last reply Reply Quote 0
                            • A
                              AYSMAN
                              last edited by

                              Hi Guys,

                              has anyone found a solution to this problem yet?

                              D 1 Reply Last reply Reply Quote 0
                              • M
                                mke
                                last edited by

                                I can't make it and would love to find out how to do user limitation. I was working great in ver 2

                                1 Reply Last reply Reply Quote 0
                                • D
                                  Dmc @AYSMAN
                                  last edited by

                                  Hi @AYSMAN

                                  Did you happen to find the solution to this by anychance??

                                  I am stumped as well after spending weeks on this... i know my accounting is working fine since its all logged but FreeRadius will not stop the connection after the limit is reached.

                                  Ive setup identical to the OP except my IP is on 127.0.0.1 and listening ports *

                                  Also added the Simultaneous-Connection := 1 to the user profile which didn't appear to do anything.

                                  1 Reply Last reply Reply Quote 0
                                  • First post
                                    Last post
                                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.