Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Radius Throttelling on Captive Portal

    Scheduled Pinned Locked Moved Traffic Shaping
    6 Posts 2 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Bonline
      last edited by

      Hi everyone !

      (sorry for poor English)

      Im looking for help regarding bandwidth throttle on clients connected to the captive portal and authenticated by a freeradius server.

      What we tried:

      1/ Enable "per User Bandw.. restriction"

      • Specify rates

      It works
      But : We want dynamic throtlling
      And : It seems to cause an issue, if the radius account has already a limiting rate in itself.

      No data exchange for the client in this case.

      2/  Enable "per user Bandw …"

      • No rates specified

      It doesnt work
      On accounts with radius specified limit rate, and on radius accounts with unlimited rate..

      Strange

      So I have no solution, to limit bandwidth with radius

      Only everyone limiting through captive portal conf

      thats bad. :)
      How can we throttle non paying clients to 128K ?  :))

      (ironic)

      I assume, we missed something,
      so thank you in advance for helping me

      Best regards
      Florian

      Ps: Here running PF 2

      1 Reply Last reply Reply Quote 0
      • N
        Nachtfalke
        last edited by

        Hi,

        did this help you?
        http://doc.pfsense.org/index.php/FreeRADIUS_2.x_package#HOW-TO_-FreeRADIUS.2B_Captive_Portal_configuration
        Are you using the freeradius2 package or another RADIUS server ?

        1 Reply Last reply Reply Quote 0
        • B
          Bonline
          last edited by

          HI nachtfalke !

          thanks for replying me..

          I will look your link, some infos are interesting inside, to adjust our conf.

          but I forget to mention :

          Our freeradius (v2) is outside the pfsense box

          (outside … our WANS)

          When an access accept is sent, i can see the into the freeradius log the bw limit  (over radiusd -X command)

          if I understand,

          We have to put "Enable per user bw limit"  and then leave the values empty or to zéro ?

          this doesnt work

          Login completes, but then no traffic is allowed through the pf CP

          b

          1 Reply Last reply Reply Quote 0
          • N
            Nachtfalke
            last edited by

            Is your RADIUS sending the correct attributes:

            
            WISPr-Bandwidth-Max-Down
            WISPr-Bandwidth-Max-Up 
            
            

            These attributes are Reply-attributes and must to be sent from RADIUS to CP.

            As far as I know it works this way:
            If you put any value on CP page then CP will use this value UNTIL there is another value sent from RADIUS.

            1 Reply Last reply Reply Quote 0
            • B
              Bonline
              last edited by

              HI thank you again for replying me :)

              so did I unterstood it too.

              would you know where I can check this into freeradius?

              Best regards

              1 Reply Last reply Reply Quote 0
              • N
                Nachtfalke
                last edited by

                @Bonline:

                HI thank you again for replying me :)

                so did I unterstood it too.

                would you know where I can check this into freeradius?

                Best regards

                That depends on where you store the users. If you store them in the "users" file in ../raddb/ folder then it would look like this:

                
                "Testuser" Cleartext-Password := "testpassword"
                	WISPr-Bandwidth-Max-Up := 524288,
                	WISPr-Bandwidth-Max-Down := 2097152
                
                

                If you store it in a MySQL database - I do not use any database - this would be probably stored in any "radreply" table.

                If you are running freeradius in debug mode "radiusd -X" then you can check this if a user connects then the radius server must answer with the two attributes from above. If the server does not send these attributes you must configure your freeradius server.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.