Radius Throttelling on Captive Portal
-
Hi everyone !
(sorry for poor English)
Im looking for help regarding bandwidth throttle on clients connected to the captive portal and authenticated by a freeradius server.
What we tried:
1/ Enable "per User Bandw.. restriction"
- Specify rates
It works
But : We want dynamic throtlling
And : It seems to cause an issue, if the radius account has already a limiting rate in itself.No data exchange for the client in this case.
2/ Enable "per user Bandw …"
- No rates specified
It doesnt work
On accounts with radius specified limit rate, and on radius accounts with unlimited rate..Strange
So I have no solution, to limit bandwidth with radius
Only everyone limiting through captive portal conf
thats bad. :)
How can we throttle non paying clients to 128K ? :))(ironic)
I assume, we missed something,
so thank you in advance for helping meBest regards
FlorianPs: Here running PF 2
-
Hi,
did this help you?
http://doc.pfsense.org/index.php/FreeRADIUS_2.x_package#HOW-TO_-FreeRADIUS.2B_Captive_Portal_configuration
Are you using the freeradius2 package or another RADIUS server ?
-
HI nachtfalke !
thanks for replying me..
I will look your link, some infos are interesting inside, to adjust our conf.
but I forget to mention :
Our freeradius (v2) is outside the pfsense box
(outside … our WANS)
When an access accept is sent, i can see the into the freeradius log the bw limit (over radiusd -X command)
if I understand,
We have to put "Enable per user bw limit" and then leave the values empty or to zéro ?
this doesnt work
Login completes, but then no traffic is allowed through the pf CP
b
-
Is your RADIUS sending the correct attributes:
WISPr-Bandwidth-Max-Down WISPr-Bandwidth-Max-UpThese attributes are Reply-attributes and must to be sent from RADIUS to CP.
As far as I know it works this way:
If you put any value on CP page then CP will use this value UNTIL there is another value sent from RADIUS.
-
HI thank you again for replying me :)
so did I unterstood it too.
would you know where I can check this into freeradius?
Best regards
-
HI thank you again for replying me :)
so did I unterstood it too.
would you know where I can check this into freeradius?
Best regards
That depends on where you store the users. If you store them in the "users" file in ../raddb/ folder then it would look like this:
"Testuser" Cleartext-Password := "testpassword" WISPr-Bandwidth-Max-Up := 524288, WISPr-Bandwidth-Max-Down := 2097152If you store it in a MySQL database - I do not use any database - this would be probably stored in any "radreply" table.
If you are running freeradius in debug mode "radiusd -X" then you can check this if a user connects then the radius server must answer with the two attributes from above. If the server does not send these attributes you must configure your freeradius server.