pfSense config with daloRadius (freeRadius) to setup download quota limitation

xsmael

I have pfsense and daloRadius(running freeRadius inside) up and running, I successfully configured radius parameters on pfSense and the NAS on daloRadius and they can talk to each other.

I am able to create users from daloRadius and authenticate them from pfSense. But when I add some attributes for bandwidth limitation or download quota limitation, authentication fails from pfSense.

Plus in spite of all the search i did, am' not able to understand clearly how radius attributes function: - Difference between check and reply and when to use either - also the operators being used.

Since i didn't understand clearly i tried all combinations that made sense to me but it never worked, I always get access-reject.

I added to daloRadius the pfSense radius attribute dictionary which i got from here:

VENDOR      pfSense             13644

BEGIN-VENDOR    pfSense

ATTRIBUTE   pfSense-Bandwidth-Max-Up        1   integer
ATTRIBUTE   pfSense-Bandwidth-Max-Down      2   integer
ATTRIBUTE   pfSense-Max-Total-Octets        3   integer

END-VENDOR pfSense

but whenever I create a user and try using one of these attributes in either reply or check attribute, the user is not authorised when logging in, just getting access-reject with no explanations.

What am I doing wrong ?

free4

I might say obvious things, but did you have a look to the documentation ? It has been updated recently

https://docs.netgate.com/pfsense/en/latest/captiveportal/captive-portal-configuration.html