I want to use the feature simultaneous-use with RADIUSdesk. But it works never. I had it installed about 15 times. Sometimes with ubuntu 20.04 and also 22.04 and also downloaded the ova image. It is always the same. It never works with the same following behavior:
I create a new realm with suffix like wombats.don
I create a permanent user bernie@wombats.donbernie@wombats.don.
I create a profile WOMBATS an set in the profile Check simultaneous-use := 1
Accessv points are Unifi U6Lite with Unifi Controller. For tests I have also changed the access point against Lancom L-822acn dual (german vendor). Both types of access points work with TekRADIUS and simultaneous-use. I can rule out the hardware as a source of error.
I have found this link https://radiusdesk.com/docuwiki/user_guide/simultaneous_limit
So I comment out in /etc/freeradius/3.0/mods-config/sql/main/mysql/queries.conf
#simul_verify_query = "\
# SELECT \
# radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, \
# callingstationid, framedprotocol \
# FROM ${acct_table1} \
# WHERE username = '%{SQL-User-Name}' \
AND acctstoptime IS NULL"
...and doing sudo systemctl restart freeradius. I can use WLAN with more than one device at on time with both types of access point.
================================================================================================================
Why I think there is a bug?
There are two reasons for this:
In /etc/freeradius/3.0/mods-config/sql/main/mysql/queries.conf I commented out also
#simul_count_query = "\
# SELECT COUNT(*) \
# FROM ${acct_table1} \
# WHERE username = '%{SQL-User-Name}' \
AND acctstoptime IS NULL"
..and I also changed this query in
simul_count_query = "\
SELECT COUNT(*) \
FROM XXX \
WHERE username = '%{SQL-User-Name}' \
AND acctstoptime IS NULL"
There is no error or anything else. I can always use WLAN with more than one device at on time with both types of access point.
Sudo -i
Mysql -u root
Use rd;
SELECT COUNT(*) FROM radacct WHERE username = 'bernie@wombats.don' AND acctstoptime IS NULL;
MariaDB [rd]> SELECT COUNT() FROM radacct WHERE username = 'bernie@wombats.don' AND acctstoptime IS NULL;
+----------+
| COUNT() |
+----------+
| 1 |
+----------+
1 row in set (0.001 sec)
That always brings the right result like you see here for one device. After connecting a 2nd device the result oft he query is 2, after connecting a 3th device the result of query is 3 and so on...
Next I have enabled SQL Query logging in file: /ect/freeradius/3.0/mods-available/sql
logfile = ${logdir}/sqllog.sql
And did a freeradius restart. Now I can see which queries are done against database:
NO MATTER what is in the file /etc/freeradius/3.0/mods-config/sql/main/mysql/queries.conf enabled or disabled:
The query for simultaneous use is ALWAYS:
SELECT count(radcheck.username) FROM radcheck WHERE radcheck.username='bernie@wombats.don' and attribute='Rd-Not-Track-Acct' and value=1;
If I do a "TEST Radius" in webfrontend the query is:
SELECT count(username) FROM radcheck WHERE radcheck.username='bernie@wombats.don';
SELECT count(username) FROM radcheck WHERE radcheck.username='AA-AA-AA-AA-AA-AA';
You can see the the simultaneous query do always ask the table radcheck. IT ASKS NEVER THE TABLE RADACCT!!!
If I do a manuelly query over console like
Sudo -i
Mysql -u root
Use rd;
SELECT count(radcheck.username) FROM radcheck WHERE radcheck.username='bernie@wombats.don' and attribute='Rd-Not-Track-Acct' and value=1;
Brings
MariaDB [rd]> SELECT count(radcheck.username) FROM radcheck WHERE radcheck.username='bernie@wombats.don' and attribute='Rd-Not-Track-Acct' and value=1;
+--------------------------+
| count(radcheck.username) |
+--------------------------+
| 0 |
+--------------------------+
1 row in set (0.001 sec)
I can manually change the query in
SELECT count(radcheck.username) FROM radcheck WHERE radcheck.username='bernie@wombats.don';
This only tells you the number of attributes
From wich file comes the queries like
SELECT count(radcheck.username) FROM radcheck WHERE radcheck.username='bernie@wombats.don' and attribute='Rd-Not-Track-Acct' and value=1;
I think this is a bug.
First: I assumed in my first post that the SQL queries I see are wrong.
I don't understand why I am not seeing the Simultaneous-Use SQL queries in sqllog.sql file after I had it enabled in file: /ect/freeradius/3.0/mods-available/sql
logfile = ${logdir}/sqllog.sql
But the Simultaneous-Use queries are simply not logged.
The secret was in the files /etc/freeradius/3.0/sites-available/default and /etc/freeradius/3.0/sites-available/inner-tunnel.
In both files there is a section "session".
session
radutmp
#
# See "Simultaneous Use Checking Queries" in mods-available/sql
#sql
}
I changed it in an did a freeradius restart.
session
# radutmp
#
# See "Simultaneous Use Checking Queries" in mods-available/sql
sql
}
Now it works.
Best Regards,
Bernie
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello,
I want to use the feature simultaneous-use with RADIUSdesk. But it works never. I had it installed about 15 times. Sometimes with ubuntu 20.04 and also 22.04 and also downloaded the ova image. It is always the same. It never works with the same following behavior:
I create a new realm with suffix like wombats.don
I create a permanent user bernie@wombats.donbernie@wombats.don.
I create a profile WOMBATS an set in the profile Check simultaneous-use := 1
Accessv points are Unifi U6Lite with Unifi Controller. For tests I have also changed the access point against Lancom L-822acn dual (german vendor). Both types of access points work with TekRADIUS and simultaneous-use. I can rule out the hardware as a source of error.
I have found this link https://radiusdesk.com/docuwiki/user_guide/simultaneous_limit
So I comment out in /etc/freeradius/3.0/mods-config/sql/main/mysql/queries.conf
#simul_verify_query = "\
# SELECT \
# radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, \
# callingstationid, framedprotocol \
# FROM ${acct_table1} \
# WHERE username = '%{SQL-User-Name}' \
AND acctstoptime IS NULL"
...and doing sudo systemctl restart freeradius. I can use WLAN with more than one device at on time with both types of access point.
================================================================================================================
Why I think there is a bug?
There are two reasons for this:
#simul_count_query = "\
# SELECT COUNT(*) \
# FROM ${acct_table1} \
# WHERE username = '%{SQL-User-Name}' \
AND acctstoptime IS NULL"
..and I also changed this query in
simul_count_query = "\
SELECT COUNT(*) \
FROM XXX \
WHERE username = '%{SQL-User-Name}' \
AND acctstoptime IS NULL"
There is no error or anything else. I can always use WLAN with more than one device at on time with both types of access point.
=================================================================================================================
Sudo -i
Mysql -u root
Use rd;
SELECT COUNT(*) FROM radacct WHERE username = 'bernie@wombats.don' AND acctstoptime IS NULL;
MariaDB [rd]> SELECT COUNT() FROM radacct WHERE username = 'bernie@wombats.don' AND acctstoptime IS NULL;
+----------+
| COUNT() |
+----------+
| 1 |
+----------+
1 row in set (0.001 sec)
That always brings the right result like you see here for one device. After connecting a 2nd device the result oft he query is 2, after connecting a 3th device the result of query is 3 and so on...
Next I have enabled SQL Query logging in file: /ect/freeradius/3.0/mods-available/sql
logfile = ${logdir}/sqllog.sql
And did a freeradius restart. Now I can see which queries are done against database:
===============================================================================================================================
NO MATTER what is in the file /etc/freeradius/3.0/mods-config/sql/main/mysql/queries.conf enabled or disabled:
The query for simultaneous use is ALWAYS:
SELECT count(radcheck.username) FROM radcheck WHERE radcheck.username='bernie@wombats.don' and attribute='Rd-Not-Track-Acct' and value=1;
If I do a "TEST Radius" in webfrontend the query is:
SELECT count(username) FROM radcheck WHERE radcheck.username='bernie@wombats.don';
SELECT count(username) FROM radcheck WHERE radcheck.username='AA-AA-AA-AA-AA-AA';
You can see the the simultaneous query do always ask the table radcheck. IT ASKS NEVER THE TABLE RADACCT!!!
If I do a manuelly query over console like
Sudo -i
Mysql -u root
Use rd;
SELECT count(radcheck.username) FROM radcheck WHERE radcheck.username='bernie@wombats.don' and attribute='Rd-Not-Track-Acct' and value=1;
Brings
MariaDB [rd]> SELECT count(radcheck.username) FROM radcheck WHERE radcheck.username='bernie@wombats.don' and attribute='Rd-Not-Track-Acct' and value=1;
+--------------------------+
| count(radcheck.username) |
+--------------------------+
| 0 |
+--------------------------+
1 row in set (0.001 sec)
I can manually change the query in
SELECT count(radcheck.username) FROM radcheck WHERE radcheck.username='bernie@wombats.don';
This only tells you the number of attributes
From wich file comes the queries like
SELECT count(radcheck.username) FROM radcheck WHERE radcheck.username='bernie@wombats.don' and attribute='Rd-Not-Track-Acct' and value=1;
I think this is a bug.
Best Regards,
Bernie
Hi,
in the meantime I have found a solution.
First: I assumed in my first post that the SQL queries I see are wrong.
I don't understand why I am not seeing the Simultaneous-Use SQL queries in sqllog.sql file after I had it enabled in file: /ect/freeradius/3.0/mods-available/sql
logfile = ${logdir}/sqllog.sql
But the Simultaneous-Use queries are simply not logged.
Solution:
After many days I found this posting: https://serverfault.com/questions/1121541/simultaneous-use-in-freeradius-3-0.
The secret was in the files /etc/freeradius/3.0/sites-available/default and /etc/freeradius/3.0/sites-available/inner-tunnel.
In both files there is a section "session".
I changed it in an did a freeradius restart.
Now it works.
Best Regards,
Bernie