Delete a authenticated users from radius



  • Hello,

    Im having some problems in my configuration and i was hoping someone could help me out or point me in the right direction.
    Here's my idea:

    I have a CP+FreeRADIUS for authentication and accounting. The accounting is used since i want a user to be able to use 2-3 devices per username (example: phone tablet laptop). All of this is working perfect.

    Now lets say for some reason i want to kick one of those 3 sessions a user can simultaneously have. How do i do this? I already tried to simply delete the session from radacct table. Or enter a idle timeout in the session but this doenst work. I guess this is correct since the CP should kick the user and send a stop attribute to the FreeRADIUS and not the otherway around.

    So now the question is: How do i do this?

    Is it possible to use the MAC passtrough table in the CP along with FreeRADIUS for accounting and counting the sessions? So wen i delete a MAC address from the MAC passtrough table this session is ended in the CP and a stop is send to FreeRADIUS?

    Hope someone can help me on this.

    PS. i do not want to sent the stop attributes with other NAS like switches or AP's. It has to be the CP.



  • If you disconnect the user via the CP Status (or Widget), your pfSense will handle it for you.
    The Radius will get a disconnect and it will store it on your SQL Backend.

    Just delete the accounting Table has no effect (works as designed). The DB can't send a Access Stop to the radius, it has to be the other way around :)


Log in to reply