Need a little help



  • Hi Guys, my first post so be gentle. I'd also like to say that this is an awesome piece of software and has made my life a lot easier.

    I am experiencing a few small problems that I really need to get sorted out though.

    1. I am wanting to do user accounting, so I can see how much data a user has used. I am using Squid to auth the client, so that I can get an username, then user lightsquid to view the data usage. Then I also have CP running so that I can use FreeRadius to limit the clients bandwidth and data/time allowed. I'm sure there is an easier way of doing this, something like just using CP and FreeRadius, but when I tried the post radius accoutning to external sql database under the FreeRadius -> sql tab, I cannot get it to post to an external sql database. Any attempts to login after I've ticked the use sql database throws up a FreeRadius Auth error when trying to login to the CP. If I could post the accounting records to an external database I could use daloRadius to see the usage. Otherwise, is there a way to connect daloRadius to the database that FreeRadius is using inside pfSense? Because it must be using a database somewhere.

    2. I cannot get our network printer to work after running the switch through pfSense. As soon as I run the switch through the router everything works fine again. This is our layout

    Clients–-----------
                               
    Printer------------ Switch ------PfSense -------Router ------Internet
                                /
    Server-------------

    The weird thing is that clients that are on the same switch cannot connect to the printer. I cannot ping the printer from the pfsense box, nothing.

    3. Going by the above layout, our server is a ESXi server with a few virtual os on it that our customers login to using dyndns. i.e. ourname.dyndns.com:port Each customer has their own port that they use to access their virtual desktop. When I put pfsense up noone can remote in to their virtual desktop anymore.

    4 Lastly, I'm wanting to block all streaming content. ie Youtube videos etc. The problem is everytime I edit /usr/local/squid/squid.conf using the edit file in the dropdown I click save, it saves file saved. But if I reopen the file my changes haven't been saved. I'm sure this has something to do with write permissions, but I haven't got a clue how to allow pfsense to overwrite the squid.conf.

    So basically, I'm looking for a way to handle accounting better, how to get my network printer to work, how to allow clients to remote in to our server and how to write a modified squid.conf

    Thanks in advance



  • Hi,

    1. For your case you should check out link http://doc.pfsense.org/index.php/FreeRADIUS_2.x_package#Accounting_with_Captive_Portal
    2. You might be put your printer different VLAN. You should check your switch conf. or port.
    3. Have you done nat rules for your clients ports? What is your nat rules?
    4. You can use traffic shapping for this.

    SGTR



  • @SGTR:

    Hi,

    1. For your case you should check out link http://doc.pfsense.org/index.php/FreeRADIUS_2.x_package#Accounting_with_Captive_Portal
    2. You might be put your printer different VLAN. You should check your switch conf. or port.
    3. Have you done nat rules for your clients ports? What is your nat rules?
    4. You can use traffic shapping for this.

    SGTR

    Hi SGTR,

    I fixed everything by just changing my setup a little. It now looks like this:

    Clients –-- switch ---- pfsense ---- switch ---- router ---- internet
                                                        |
                                                      server
                                                        |
                                                      printer

    This setup also allows me to apply stronger security on our clients.

    Now the only thing is trying to get daloRadius to read the FreeRadius sql hidden somewhere in pfsense, hope your link can help with that.


Locked