Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Account connections to 'walled garden' hosts

    Captive Portal
    3
    6
    4970
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dennis last edited by

      I have CP working properly on my pfsense box, with some hosts declared in walled garden. I'm using radius authorization/accounting for CP clients. Now the question: how to exclude radius accounting when client connects to some hosts (or, how to account this traffic with another way on radius server)? And, is it possible to do NOT ACCOUNT all traffic from clients to walled garden's hosts? E.g. if I have local servers in DMZ behind of pfsense, all client's traffic to this hosts don't cost anything and I don't want account it.

      Thanks.

      1 Reply Last reply Reply Quote 0
      • D
        dennis last edited by

        Anyone?

        1 Reply Last reply Reply Quote 0
        • GruensFroeschli
          GruensFroeschli last edited by

          I'm not sure if i understand what you want, but it sounds as if you just want to allow traffic for anyone to a certain server.
          You can do that if you put the server IP on the "allowed IP" list.

          But i dont know how radius accounting works so dont quote me ^^"

          We do what we must, because we can.

          Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

          1 Reply Last reply Reply Quote 0
          • D
            dennis last edited by

            "Allowed IP" is "walled garden" equivalent. In other words, I want to limit client's traffic (e.g. 1Gb per month) with radius accounting, but I don't want to account all traffic going from clients to hosts in "allowed ip". Now all client's traffic accounted (from/to "allowed ip" and internet both, without difference). How to exclude radius accounting of traffic that going from/to "allowed ip" hosts?

            1 Reply Last reply Reply Quote 0
            • Gertjan
              Gertjan last edited by

              Well, the trafic that uses the permitted IP's is just passed, because the firewall is intructed to do so. I tend to say that no volume accounting is done fort this traffic - it isn't seen by Radius at all.

              That's what you want, right ?

              As GruensFroeschli, I can't say if the Radius actually 'counts'  ;) - I never tried it.

              No "help me" PM's please. Use the forum.

              1 Reply Last reply Reply Quote 0
              • D
                dennis last edited by

                Yes, you're right, it's all what I want. But, I would like to be assured in it, that the traffic from/to "ip list" hosts doesn't accounts with Radius at all.

                p.s. as I know, for example, mikrotik radius clients always counts "walled garden" traffic.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post