Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Session Timeout not working

    Captive Portal
    2
    3
    378
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Rafael.Silva
      last edited by

      Hello.

      I implemented a Captive Portal, authenticating in MySQL with FreeRadius, it is working perfectly.

      But how do I configure session_timeout in SQL accounts?
      Because if I configure it in "Hard timeout (Minutes)" in Captive Portal properties, apparently, it is only for local users.

      And if you configure it in FreeRadius, it is only for FreeRadius users and not SQL.

      When I query active users on Captive Portal I get the following result:

      (
    [0] => 1598285704
    [allow_time] => 1598285704
    [1] => 2088
    [pipeno] => 2088
    [2] => 192.168.97.8
    [ip] => 192.168.97.8
    [3] => MAC
    [mac] => MAC
    [4] => USERNAME
    [username] => USERNAME
    [5] => 2e19c3a1ebb3a6f9
    [sessionid] => 2e19c3a1ebb3a6f9
    [6] => 
    [bpassword] => 
    [7] => 
    [session_timeout] => 
    [8] => 
    [idle_timeout] => 
    [9] => 
    [session_terminate_time] => 
    [10] => 
    [interim_interval] => 
    [11] => 
    [traffic_quota] => 
    [12] => radius
    [authmethod] => radius
    [13] => first
    [context] => first
)

      And as we can see, the session_timeout property is empty, even configuring directly in Captive Portal and FreeRadius.

      Thank you!

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @Rafael.Silva
        last edited by

        @Rafael-Silva said in Session Timeout not working:

        And if you configure it in FreeRadius, it is only for FreeRadius users and not SQL.

        It's not FreeRadius and MySQL.
        It's FreeRadius that does all the work.
        The thing is, FreeRadius needs initial settings like user names, password, speed, connection type, etc. It also needs to store temporary data, which can be updated as frequent as possible.
        MySQL is just a scratch pad, like a file system withplain flat (although binary) files, it could also be, if you're willing to write one, a set of Excel sheets, some other obscure database system.
        MySQL is just the storage support here.

        Note that the pfSense's way of surfacing FreeRadius settings using MySQL is somewhat hard coded and (very) limited in the GUI : not all the options and possibilities exist / are possible.
        For example, when you create users using the FreeRadius / pfSense GUI, these are still stored in a flat file, not MYSQL (see the MySQL tables yourself in the Radius database).

        @Rafael-Silva said in Session Timeout not working:

        [session_timeout] => 
[8] => 
[idle_timeout] => 
[9] =>

        If you're able to see that info, then go to /etc/inc/captiveportal.inc, check the "prune" function.
        That function is called every minute by cron, and parses every connected user and checks if idle or hard time out should be applied.
        If this info isn't set, the default global Services > captive portal time out will apply ? (didn't check : could you ? )

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • R
          Rafael.Silva
          last edited by

          Hello.

          Thanks for the feedback.

          I managed to solve by creating a record in the radcheck table, with the information of Session-Timeout and Idle-Timeout.
          Only then does pfSense disconnect expired users.

          Gracias.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.