One Voucher Per Device
-
@wazim4u dear can you provide the two files links to download.
-
The links are present above.
See them as guidelines to change the "concurrent behavior" of vouchers.
For me it was just a 'proof of concept', I'm not using vouchers myself. -
@ishtiaqaj Files are same as given above. Test them if they are not working let me know.
I am currently doing testing with FreeRADIUS server & Daloradius which is working perfectly with one voucher per device & Accounting. once my testing is over will move all built-in pfSense voucher system to Radius Based Voucher. -
@Gertjan is there any update to the php script for one voucher for one device? when i use your code for one voucher a device, it allows every code to connect multiple devices, even if u select first login... kindly help review the code for 2.4.4 p3
-
@colleytech I have no issue with Pfsense 2.5-Dev. 1200 Users 800 plus concurrent
recent log from 24-April-2020 given below. if someone tries to use same voucher, not allowed.Apr 24 09:03:16 logportalauth 22958 Zone: Camp - CONCURRENT VOUCHER LOGIN - NOT ALLOWED KEEPING OLD SESSION : 1688815233, 94:14:7a:55:b5:0e, 10.20.25.154 -
@wazim4u you using the same files shared im this post??
-
@ishtiaqaj please find attached files from production system.
-
@wazim4u Hmm. That seems like it should log the voucher code that was attempted. Is it just on another line?
-
@Derelict I just copied one line to show as example given below more detailed log.
Zone: Camp - The SQL array (WHERE ip = '10.20.25.153' OR (username != 'unauthenticated' AND lower(username) = '1688815233')) : Array Apr 24 09:03:16 logportalauth 22958 Zone: Camp - Enteringh portal_allow(): , , Apr 24 09:02:59 logportalauth 40266 Zone: Camp - CONCURRENT VOUCHER LOGIN - NOT ALLOWED KEEPING OLD SESSION : 1688815233, 94:14:7a:55:b5:0e, 10.20.25.154 Apr 24 09:02:59 logportalauth 40266 Zone: Camp - Found NOT last: 1688815233, 94:14:7a:55:b5:0e, 10.20.25.154 Apr 24 09:02:59 logportalauth 40266 Zone: Camp - config['captiveportal'][Camp]['noconcurrentlogins'] 2 exists = set: 1688815233, 94:14:7a:55:b5:0e, 10.20.25.154 Apr 24 09:02:59 logportalauth 40266 Zone: Camp - Voucher + ! unauthenticated + (cpentry == user): 1688815233, 94:14:7a:55:b5:0e, 10.20.25.154 Apr 24 09:02:59 logportalauth 40266 Zone: Camp - config['captiveportal'][Camp]['noconcurrentlogins'] exists = set: 1688815233, 94:14:7a:55:b5:0e, 10.20.25.154 Apr 24 09:02:59 logportalauth 40266 Zone: Camp - Entering for each loop 1688815233 = 1688815233: 1688815233, 94:14:7a:55:b5:0e, 10.20.25.154 -
Ah I was looking at 1688815233 and incorrectly assuming it was an epoch seconds time or something. Thanks.
-
@wazim4u what happen when i connect same voucher to two devices is that
1, both devices connects, even after applying the patch and selecting first login.
2. logged in vouchers usually appear at status>captive portal> active users,,,
now nothing like that, even under service>captive portal, logged in users usually show the number of people logged into the cp,,,,
but now nothing like that,, which means, i cannot delete active vouchers,,,
i have setup this system for a friend and it works fine, coming to mine nw, not working -
@colleytech Your friend is lucky if it works for him. I may test it with 2.4.4-p3 and let you know. I tried before with 2.4.4-p3 it was showing no active users & more issues so i switched to 2.5 ( that time there was no 2.4.5 )
once voucher is active second device cannot use it he will get error reuse of authentication not allowed "
-
@wazim4u do u have the 2.5 dev??
-
@colleytech thats what i said, yes I’ve 2 Production systems of pfSense 2.5 dev
-
@wazim4u i mean the iso for the 2.5 dev version
-
@colleytech download from given below link
https://www.pfsense.org/snapshots/
-
@wazim4u thanks for the link
-
hi sir! you are using 2.5.0 and this patch (1V1D Patch.zip)? One voucher per device is really working?
thanks!
-
@Gertjan is there any chance pfsense management consider this function in official release,???
-
Please check https://redmine.pfsense.org/issues/9432#note-6
