simultaneous use - 1 chassis, two ARC's
I am using ICRadius with my TC1000. All reply items have Simultaneous-use = 1. I also use SNMP to ask the ARC if a user is on or not. What seems to be happening is that a user can dial in and get his first session from one ARC. A second dialer can then hit the second ARC and also be allowed in. The RADIUS server checks the ARC via SNMP and verifies that the user isn't on. Of course the user is on, just not on that ARC. Has anyone seen this and if so what did you do about this? I have double checked and all works as expected when the duplicate user hits the same ARC. -- Lewis Bergman Texas Communications 4309 Maple St. Abilene, TX 79602-8044 915-695-6962 ext 301 800-299-6962
I'm not sure about ICRadius but with Radiator we needed to set the Port-Limit to 2 the default is 1. This maybe your issue. Here is an example: joeuser NAS-Port-Type = Async,Simultaneous-Use=2 Service-Type = Framed-User, Port-Limit = 2, Idle-Timeout = 0, Session-Timeout = 0, Framed-Protocol = PPP, Framed-IP-Address = 206.xxx.xxx.xxx, Framed-Routing = None, Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP Hope that helps. -Brent -----Original Message----- From: usr-tc-bounces+brentc=netnet.net@mailman.xmission.com [mailto:usr-tc-bounces+brentc=netnet.net@mailman.xmission.com] On Behalf Of Lewis Bergman Sent: Monday, May 24, 2004 1:54 PM To: usr-tc@mailman.xmission.com Subject: [USR-TC] simultaneous use - 1 chassis, two ARC's I am using ICRadius with my TC1000. All reply items have Simultaneous-use = 1. I also use SNMP to ask the ARC if a user is on or not. What seems to be happening is that a user can dial in and get his first session from one ARC. A second dialer can then hit the second ARC and also be allowed in. The RADIUS server checks the ARC via SNMP and verifies that the user isn't on. Of course the user is on, just not on that ARC. Has anyone seen this and if so what did you do about this? I have double checked and all works as expected when the duplicate user hits the same ARC. -- Lewis Bergman Texas Communications 4309 Maple St. Abilene, TX 79602-8044 915-695-6962 ext 301 800-299-6962 _______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc
On Thursday 27 May 2004 11:18 am, Brent Crier wrote:
I'm not sure about ICRadius but with Radiator we needed to set the Port-Limit to 2 the default is 1. This maybe your issue. Here is an example: joeuser NAS-Port-Type = Async,Simultaneous-Use=2 Service-Type = Framed-User, Port-Limit = 2, Idle-Timeout = 0, Session-Timeout = 0, Framed-Protocol = PPP, Framed-IP-Address = 206.xxx.xxx.xxx, Framed-Routing = None, Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP
Hope that helps. The problem isn't that it *won't* let them on. The problem is that is *does* let him on. I only want him to have the ability to log in once. -- Lewis Bergman Texas Communications 4309 Maple St. Abilene, TX 79602-8044 915-695-6962 ext 301 800-299-6962
hey....i implemented a perl script for this problem to watch multiple boxes and to kick off duplicate logins....let me know if you would be interested in this solution. adam Adam Olson Humboldt Internet On Thu, 27 May 2004, Lewis Bergman wrote:
On Thursday 27 May 2004 11:18 am, Brent Crier wrote:
I'm not sure about ICRadius but with Radiator we needed to set the Port-Limit to 2 the default is 1. This maybe your issue. Here is an example: joeuser NAS-Port-Type = Async,Simultaneous-Use=2 Service-Type = Framed-User, Port-Limit = 2, Idle-Timeout = 0, Session-Timeout = 0, Framed-Protocol = PPP, Framed-IP-Address = 206.xxx.xxx.xxx, Framed-Routing = None, Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP
Hope that helps. The problem isn't that it *won't* let them on. The problem is that is *does* let him on. I only want him to have the ability to log in once. -- Lewis Bergman Texas Communications 4309 Maple St. Abilene, TX 79602-8044 915-695-6962 ext 301 800-299-6962
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc
I´m interested in your perl script, could you post it? ----- Original Message ----- From: "Adam Olson" <adamo@humboldt1.com> To: "Discussion relating to the 3Com/US Robotics Total Control modem systems." <usr-tc@mailman.xmission.com> Sent: Thursday, May 27, 2004 2:28 PM Subject: Re: [USR-TC] simultaneous use - 1 chassis, two ARC's
hey....i implemented a perl script for this problem to watch multiple boxes and to kick off duplicate logins....let me know if you would be interested in this solution. adam
Adam Olson Humboldt Internet
On Thu, 27 May 2004, Lewis Bergman wrote:
On Thursday 27 May 2004 11:18 am, Brent Crier wrote:
I'm not sure about ICRadius but with Radiator we needed to set the Port-Limit to 2 the default is 1. This maybe your issue. Here is an example: joeuser NAS-Port-Type = Async,Simultaneous-Use=2 Service-Type = Framed-User, Port-Limit = 2, Idle-Timeout = 0, Session-Timeout = 0, Framed-Protocol = PPP, Framed-IP-Address = 206.xxx.xxx.xxx, Framed-Routing = None, Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP
Hope that helps. The problem isn't that it *won't* let them on. The problem is that is
*does*
let him on. I only want him to have the ability to log in once. -- Lewis Bergman Texas Communications 4309 Maple St. Abilene, TX 79602-8044 915-695-6962 ext 301 800-299-6962
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc
i found this link to the source on the old programmers website who worked here for a short bit.....http://www.blackangel.net/stigmata/programs/..... the rastab modules are needed...all really straightforward and simple to tweak... hope it helps...adam
I´m interested in your perl script, could you post it? ----- Original Message ----- From: "Adam Olson" <adamo@humboldt1.com> To: "Discussion relating to the 3Com/US Robotics Total Control modem systems." <usr-tc@mailman.xmission.com> Sent: Thursday, May 27, 2004 2:28 PM Subject: Re: [USR-TC] simultaneous use - 1 chassis, two ARC's
hey....i implemented a perl script for this problem to watch multiple boxes and to kick off duplicate logins....let me know if you would be interested in this solution. adam
Adam Olson Humboldt Internet
On Thu, 27 May 2004, Lewis Bergman wrote:
On Thursday 27 May 2004 11:18 am, Brent Crier wrote:
I'm not sure about ICRadius but with Radiator we needed to set the Port-Limit to 2 the default is 1. This maybe your issue. Here is an example: joeuser NAS-Port-Type = Async,Simultaneous-Use=2 Service-Type = Framed-User, Port-Limit = 2, Idle-Timeout = 0, Session-Timeout = 0, Framed-Protocol = PPP, Framed-IP-Address = 206.xxx.xxx.xxx, Framed-Routing = None, Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP
Hope that helps. The problem isn't that it *won't* let them on. The problem is that is
*does*
let him on. I only want him to have the ability to log in once. -- Lewis Bergman Texas Communications 4309 Maple St. Abilene, TX 79602-8044 915-695-6962 ext 301 800-299-6962
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc
participants (4)
-
Adam Olson -
Brent Crier -
Gastón -
Lewis Bergman