Hi.
The Port-Limit=1 attribute is not honored by the radius client on 5beta6 and newer.
It works for locally defined PPP secrets only. Tested with PPTP and OpenVPN clients.
Any ideas why this is not working correctly?
Is this an known issue?
This is an example of how the users groups are defined in my MySQL radius database:
mysql> select * from radgroupreply where GroupName="Dynamic-IP";
+----+------------+---------------------+----+-------------------------------------------+
| id | GroupName | Attribute | op | Value |
+----+------------+---------------------+----+-------------------------------------------+
| 1 | Dynamic-IP | Framed-Pool | := | VPN-Pool-Dynamic |
| 2 | Dynamic-IP | Port-Limit | = | 1 |
| 3 | Dynamic-IP | Mikrotik-Rate-Limit | := | 2048k/2048k 6144k/6144k 4096k/4096k 10/10 |
+----+------------+---------------------+----+-------------------------------------------+
mysql> select * from usergroup where GroupName="Dynamic-IP" LIMIT 1;
+------------+------------+----------+
| UserName | GroupName | priority |
+------------+------------+----------+
| someuser | Dynamic-IP | 1 |
+------------+------------+----------+
1 row in set (0.00 sec)
This is the SQL query defined in the sql.conf of freeradius:
authorize_group_reply_query = "SELECT ${groupreply_table}.id,${groupreply_table}.GroupName,${groupreply_table}.Attribute,${groupreply_table}.Value,${groupreply_table}.op
FROM ${groupreply_table},${usergroup_table} WHERE ${usergroup_table}.Username
= '%{SQL-User-Name}' AND ${usergroup_table}.GroupName = ${groupreply_table}.GroupName ORDER BY ${groupreply_table}.id"