[SOLVED] Captive Portal + FreeRadius + LDAP + Bandwidth



  • Hello.

    I have a PFSense 2.3.2-RELEASE-p1 (amd64) using Captive Portal integrated with FreeRadius and LDAP. It's working fine, but I need to control Bandwidth from each user bringing the attribute information from LDAP.

    Is it possible?

    Thanks



  • *** SOLVED ***

    1- LDAP Server:

    _**attributetype
      ( 1.3.6.1.4.1.3317.4.3.1.61
          NAME 'radiusMaxBandwidthDown'
          DESC ''
          EQUALITY caseIgnoreIA5Match
          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
          SINGLE-VALUE
      )

    attributetype
      ( 1.3.6.1.4.1.3317.4.3.1.62
          NAME 'radiusMaxBandwidthUp'
          DESC ''
          EQUALITY caseIgnoreIA5Match
          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
          SINGLE-VALUE
      )**

    objectclass
      ( 1.3.6.1.4.1.3317.4.3.2.1
          NAME 'radiusprofile'
          SUP top AUXILIARY
          DESC ''
          MUST cn
          MAY ( radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $
                radiusAuthType $ radiusCallbackId $ radiusCallbackNumber $
                radiusCalledStationId $ radiusCallingStationId $ radiusClass $
                radiusClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $
                radiusFramedAppleTalkNetwork $ radiusFramedAppleTalkZone $
                radiusFramedCompression $ radiusFramedIPAddress $
                radiusFramedIPNetmask $ radiusFramedIPXNetwork $
                radiusFramedMTU $ radiusFramedProtocol $
                radiusCheckItem $ radiusReplyItem $
                radiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $
                radiusGroupName $ radiusHint $ radiusHuntgroupName $
                radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $
                radiusLoginLATPort $ radiusLoginLATService $ radiusLoginService $
                radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetry $
                radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $
                radiusRealm $ radiusReplicateToRealm $ radiusServiceType $
                radiusSessionTimeout $ radiusStripUserName $
                radiusTerminationAction $ radiusTunnelClientEndpoint $ radiusProfileDn $
                radiusSimultaneousUse $ radiusTunnelAssignmentId $
                radiusTunnelMediumType $ radiusTunnelPassword $ radiusTunnelPreference $
                radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $
                radiusTunnelType $ radiusUserCategory $ radiusVSA $
                radiusExpiration $ dialupAccess $ radiusMaxBandwidthDown $
                radiusMaxBandwidthUp
    )
      )_

    • Restart slapd service
    • Add radiusprofile ObjectClass to LDAP user
    • Set the attributes radiusMaxBandwidthDown and radiusMaxBandwidthUp with limitations in bytes

    2- PFSense FreeRadius Server:

    • Add lines above in file /usr/local/etc/raddb/ldap.attrmap

    replyItem WISPr-Bandwidth-Max-Down radiusMaxBandwidthDown
    replyItem WISPr-Bandwidth-Max-Up radiusMaxBandwidthUp

    • Restart radiusd Service at menu Status -> Services

    3- Run for Hug  ;D ;D ;D 8)



  • krashneo
    Could not do Captive Portal integrated with FreeRadius and LDAP

    how did you do it ?



  • @COFroot:

    krashneo
    Could not do Captive Portal integrated with FreeRadius and LDAP

    how did you do it ?

    Hello COFroot, your CP + FreeRadius are working fine? Only missing LDAP?



  • Hello krashneo

    I can't find the file /usr/local/etc/raddb/ldap.attrmap
    Can you help me?


Log in to reply