Scenario: I have Mikrotik 6.39 / 6.40 Hotspot Server. Freeradius 2.2.0 on Ubuntu is installed. Problem: Users can login to hotspot from multiple devices simultaneously. Requirement: There should be no simultaneous logins per single account/username.
Already did the following but to no avail.
Created an account on ‘radcheck’ table at radius db with the following values:
test Cleartext-Password := 12345
test Simultaneous-Use := 1
Included the ‘sql’ parameter on ‘session’ handle at: /etc/freeradius/sites-enabled/default used for checking Simultaneous use.
session {
sql
}
Un-commented the ‘Simutaneous Use Checking Queries’ on:
/etc/freeradius/sql/mysql/dialup.conf
Using the settings above, I can still login simultaneously on my laptop and smartphone.
Only 1 login should be accepted. Any help or tested solution is greatly appreciated.
You need to read this, to understand how it works. It’s not just a matter of slapping a few attributes into a radius request. Pay attention especially to section 3 in the documentation, IMPLEMENTATION, and 4. IF IT DOESN’T WORK
.
the guide saying more about radutmp/checkrad. In my opinion checking the NAS will be slow in heavy production Mikrotik NAS.
All should be done at Radius level.I m using SQL.
You can not use simultaneous use without checkrad.
If the radius server misses an accounting stop it’s not going to close the session. The only way to know whether the session is active or not is to query he nas.
These things aren’t out of the box configurations. It requires a lot of work and customization to get working.
