Doesnt seem to work… Also set “Only One” in the default profile for SSTP and it is still allowing duplicate connections. Any ideas?
5.0b4 on RB1000
“only one” affects only local authorization, AFAIR
RADIUS should check for simultaneous access
I got simultaneous access working after this, my problem is, if a client gets disconnected from the SSTP server due to a sudden loss of internet access, then reconnects, the old session hangs around for a LOOOOONG time, upwards of 10 minutes. Ive tried idle timeout as low as 1 minute, but traffic is always trying to be routed through the interface, so there is TX traffic even though the client isnt connected. Keepalive timeout doesnt seem to have any effect on SSTP where it did on OpenVPN. So simultaneous access does me no good as the client drops and cant reconnect until after their old session finally times out/disconnects. If I dont have simultaneous access turned on, Ill end up with 3-4 duplicate connections, but traffic is still trying to be routed through the first connection (static IPs via RADIUS), so the REAL active connection is UP, but does no good. Traffic doesnt get to the client until the old session goes bye bye or I manually disconnect it.
Its really a pain…
I posted a thread in general… Ill modify the checkrad script to drop any connections on a new authentication, I just dont know if, or how to disconnect a client via SNMP…
not via SNMP, but using RADIUS PoD (Packet of Disconnect)
Got it, hacked up checkrad. For each duplicate, it sends a POD. Seems to be working so far…