[SOLVED] Captive Portal + FreeRadius + LDAP + Bandwidth

krashneo

Hello.

I have a PFSense 2.3.2-RELEASE-p1 (amd64) using Captive Portal integrated with FreeRadius and LDAP. It's working fine, but I need to control Bandwidth from each user bringing the attribute information from LDAP.

Is it possible?

Thanks

krashneo

*** SOLVED ***

1- LDAP Server:

• Include the Radius LDAP Schema (http://open.rhx.it/phamm/schema/radius.schema) with attributes above:

_**attributetype
  ( 1.3.6.1.4.1.3317.4.3.1.61
      NAME 'radiusMaxBandwidthDown'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
  )

attributetype
  ( 1.3.6.1.4.1.3317.4.3.1.62
      NAME 'radiusMaxBandwidthUp'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
  )**

objectclass
  ( 1.3.6.1.4.1.3317.4.3.2.1
      NAME 'radiusprofile'
      SUP top AUXILIARY
      DESC ''
      MUST cn
      MAY ( radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $
            radiusAuthType $ radiusCallbackId $ radiusCallbackNumber $
            radiusCalledStationId $ radiusCallingStationId $ radiusClass $
            radiusClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $
            radiusFramedAppleTalkNetwork $ radiusFramedAppleTalkZone $
            radiusFramedCompression $ radiusFramedIPAddress $
            radiusFramedIPNetmask $ radiusFramedIPXNetwork $
            radiusFramedMTU $ radiusFramedProtocol $
            radiusCheckItem $ radiusReplyItem $
            radiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $
            radiusGroupName $ radiusHint $ radiusHuntgroupName $
            radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $
            radiusLoginLATPort $ radiusLoginLATService $ radiusLoginService $
            radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetry $
            radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $
            radiusRealm $ radiusReplicateToRealm $ radiusServiceType $
            radiusSessionTimeout $ radiusStripUserName $
            radiusTerminationAction $ radiusTunnelClientEndpoint $ radiusProfileDn $
            radiusSimultaneousUse $ radiusTunnelAssignmentId $
            radiusTunnelMediumType $ radiusTunnelPassword $ radiusTunnelPreference $
            radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $
            radiusTunnelType $ radiusUserCategory $ radiusVSA $
            radiusExpiration $ dialupAccess $ radiusMaxBandwidthDown $
            radiusMaxBandwidthUp )
  )_

• Restart slapd service
• Add radiusprofile ObjectClass to LDAP user
• Set the attributes radiusMaxBandwidthDown and radiusMaxBandwidthUp with limitations in bytes

2- PFSense FreeRadius Server:

• Add lines above in file /usr/local/etc/raddb/ldap.attrmap

replyItem WISPr-Bandwidth-Max-Down radiusMaxBandwidthDown
replyItem WISPr-Bandwidth-Max-Up radiusMaxBandwidthUp

• Restart radiusd Service at menu Status -> Services

3- Run for Hug  ;D ;D ;D 8)

COFroot

krashneo
Could not do Captive Portal integrated with FreeRadius and LDAP

how did you do it ?

krashneo

@COFroot:

krashneo
Could not do Captive Portal integrated with FreeRadius and LDAP

how did you do it ?

Hello COFroot, your CP + FreeRadius are working fine? Only missing LDAP?

vucuong

Hello krashneo

I can't find the file /usr/local/etc/raddb/ldap.attrmap
Can you help me?