pfSense with daloRadius to configure the limitation of quota
I have pfsense and daloRadius (running freeRadius inside)
I can create users from daloRadius and authenticate them from pfSense. But when I add certain attributes for limiting bandwidth or limiting download quotas, authentication fails from pfSense, always access-refuse.
I added to daloRadius the pfSense radius attribute dictionary that I got from here:
VENDOR pfSense 13644 BEGIN-VENDOR pfSense ATTRIBUTE pfSense-Bandwidth-Max-Up 1 integer ATTRIBUTE pfSense-Bandwidth-Max-Down 2 integer ATTRIBUTE pfSense-Max-Total-Octets 3 integer END-VENDOR pfSense
but every time I create a user and try to use one of these attributes the user is not allowed to log in, getting access-reject no explanation.
Please give me your opinion!
Gertjan last edited by
This is the (exactly ?!) same question https://forum.netgate.com/topic/146351/pfsense-config-with-daloradius-freeradius-to-setup-download-quota-limitation and the answer wasn't known back then.
The same question was asked a couple of days ago, and deleted since.
I don't know anything about "daloRadius", but maybe you can debug it the same way as the FreeRadius pfSEnse package :
You'll be needing console or SSH access.
Stop the Radius.
Start it with
This will spit out all the details out to the console.
If there are any errors, you will see lines that bring you to the reason.
Why not use the pfSense FreeRadius package, at least the time to discover how it works ? Be ware that this 'standard' FreeBSD package has been adapted for pfSense.
As you might have found out, a "radius" server has many setup files, and has huge possibilities.
Btw : this is the English forum section. There is a French section. Nearly no one 'reads' french is this part of the forum.
@Gertjan thank you for your answer
Can you please specify the location where you added this dictionary attribute. It might be the problem that you are using wrong "check" and "reply" or their combination with different "op"s.
@Gertjan Daloradius has interactive interface in which we can find out details of accounting in forms of graph and accounting tables , so it's easy to get the user details rather than pfsense freeradius package.
Please can you specify any package which can help to view the details of user (accounting, reporting) of pfsense-freeradius package.
the location where I added the dictionary is :
As "op" and "target" i used this :
!!!! the authentication of user with this attributes fails from daloradius and pfSense !!!! access-reject.
I have a another probleme with " Acct-Interim-Interval "
I think that freeradius not configured to accept accounting data,
i don't know how enabling this feature?
@marwa are you using pppoe server in pfsense ?