Community discussions

MUM Europe 2020
 
JimHeck
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 76
Joined: Thu Jun 16, 2005 7:27 pm

Hotspot Radius auto-logoff

Tue Jan 09, 2007 9:40 am

Hi Folks,

We are using our MT box with Hotspot activated. We use a radius server to authenticate users. We store the users time limit (ie date and time) that they have bought in the radius database, and use a simple sql statement to test if their accounts are valid when they login.

Our problem is, then when they are logged in (say for several days) and the remain logged in during the time that their account expires, they remain logged in. Is there a way we can automatically log them off when they run out of time?

Thanks for any advice
Jim Heck
Jim Heck
 
User avatar
tneumann
Member
Member
Posts: 394
Joined: Sat Apr 16, 2005 6:38 pm
Location: Germany

Tue Jan 09, 2007 11:21 am

You need to send a Session-Timeout radius reply item from the radius server to the MikroTik router when the user connects. The Session-Timeout reply item holds the number of seconds that the session will be allowed to last in total; after that number of seconds the session will be disconnected by the router, no matter what the user does. You need to calculate the value for Session-Timeout from the total amount of time the user has payed for minus the time that they used in previous sessions, which means you need to update your database with the remaining time available when you handle the Accounting-Stop events (substract Acct-Session-Time from the available remaining time for the user).

--Tom
 
JimHeck
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 76
Joined: Thu Jun 16, 2005 7:27 pm

Wed Jan 10, 2007 10:02 am

Thanks Tom,

Yes, Session Time out would fit the bill. Now I must figure out how the radius server can generate it correctly!

Thank a lot

rgds
Jim
Jim Heck
 
y-internet
just joined
Posts: 6
Joined: Fri Jan 26, 2007 10:00 am

hi jimHeck

Tue Feb 06, 2007 3:39 pm

Jimheck i am new to radius and mikrotik, could you explain how you went about doing the below qoute. mostly, the interaction between mikrotik and the sql statement you use.
We use a radius server to authenticate users. We store the users time limit (ie date and time) that they have bought in the radius database, and use a simple sql statement to test if their accounts are valid when they login.
TIA
 
JimHeck
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 76
Joined: Thu Jun 16, 2005 7:27 pm

Tue Feb 06, 2007 5:49 pm

Hi Y-internet.

The statement we us is

Select Password FROM Users WHERE Name='$u' AND ValidTill>Now()

We are using an MS Acess database with a ClearBox Radius server
(http://www.xperiencetech.com/)
which we have found works extremely well and stable. (Although not free, not too expensive!)

If you are using a different type of radius/database, then no doubt the statement will be different! Hope this helps/is of interest

rgds
Jim Heck
Jim Heck
 
virtualmystic
Frequent Visitor
Frequent Visitor
Posts: 80
Joined: Fri Jan 19, 2007 7:09 pm
Location: Lahore, pakistan

Tue Feb 06, 2007 6:31 pm

y-internet

you can do the same using any radius..for freeradius you can modify the radauth query accordingly.

regds,
Asad
 
User avatar
bjohns
Member Candidate
Member Candidate
Posts: 272
Joined: Sat May 29, 2004 4:11 am
Location: Sippy Downs, Australia
Contact:

Wed Feb 07, 2007 1:32 am

With FreeRADIUS you tweak the sql.conf file.
 
ravin
Member Candidate
Member Candidate
Posts: 173
Joined: Mon Jan 29, 2007 3:59 pm
Location: mym

time limit in radius server

Fri Mar 09, 2007 10:16 am

Hi JimHeck

You mentioned that you are using MT box with hotspot and Radius server to authenticate users. How can you specify time limit (date and time) in radius server (which tables, attribute, op, value etc.) for users. Also what is that sql statement which you use to test valid accounts.

we are using MT 2.9 with hostpot -> radius server -> mysql db

Awaiting you reply.

thanks for your advice
 
JimHeck
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 76
Joined: Thu Jun 16, 2005 7:27 pm

Fri Mar 09, 2007 10:23 am

Ravin,

We use ClearBox radius server (on Windows) which uses a MicroSoft Access database.

The SQL statement we use is

Select Password FROM Users WHERE Name='$u' AND ValidTill>Now()

where $u is the username and ValidTill is a field in the database which stores the date/time when the user will run out of credit. The database is populated by some asp pages, on which the user signs up (with his credit card; he can buy a day, a week, or a month).

I suspect that all this is very ClearBox/Windows specific, and if you are using FreeRadius/Linux, this will not be very relevant. But anyway, I hope it helps.

rgds
Jim Heck
MilNet UK
Jim Heck
 
User avatar
tneumann
Member
Member
Posts: 394
Joined: Sat Apr 16, 2005 6:38 pm
Location: Germany

Sat Mar 10, 2007 11:30 am

I've uploaded parts of the setup that I'm using with the Radiator radius server and a PostgreSQL database. See the following URL

http://www.gosingen.net/mt/radius/

It's probably very specific to my local setup and mostly useless for everybody else given its lack of documentation, but anyway, maybe you can derive some ideas from that configuration, in particular from the SQL table definitions and the SQL statements in radius.conf

--Tom
 
ravin
Member Candidate
Member Candidate
Posts: 173
Joined: Mon Jan 29, 2007 3:59 pm
Location: mym

Sat May 05, 2007 1:05 pm

tneumann:

how you calculate the time remaining for a user and how mikrotik can handle that ??

awaiting your reply.

thanks
 
User avatar
tneumann
Member
Member
Posts: 394
Joined: Sat Apr 16, 2005 6:38 pm
Location: Germany

Sat May 05, 2007 2:46 pm

ravin,

the remaining time is calculated in the function time_left_for_user() that you can find in the file func.sql on the URL I posted previously. In the file radius.conf you can see how time_left_for_user() is used to map its result to a Radius Session-Timeout reply item.

--Tom
 
ravin
Member Candidate
Member Candidate
Posts: 173
Joined: Mon Jan 29, 2007 3:59 pm
Location: mym

Sat May 05, 2007 3:13 pm

tneumann:

thanks for your prompt reply. Now I need to figure out how i can incorporate this script in freeradius.
 
ravin
Member Candidate
Member Candidate
Posts: 173
Joined: Mon Jan 29, 2007 3:59 pm
Location: mym

Wed May 23, 2007 2:43 pm

I found the solution to this issue. I used rlm_sqlcounter in radius which does the job of limiting users to their alloted time. Now I want to know how can I limit users to their alloted data limit.

If you have come across this issue please let me know.

Who is online

Users browsing this forum: Alexandepz, PROXCON and 97 guests