I did  and rebooted  things sort of started to work.
I had to disable Cp for now.
I'm trying to use freeradius2 with mac auth on a lan with 20 clients.
It's a small wisp. All the clients have a wireless radio , some have the router in the radio enabled some radios are bridged and they use their own router.
Seems I'm having issues with witch device's mac address is actually sent in the packets to the Pfsense box. 

I upgraded a 20 box to 2.0.3  went fine
Then I uploaded my config from a different box with Captive portal and freeradius2 all configured .
I had to hook up a screen and change the interfaces.
When it booted and since I see all the services running but everyone is allowed through the portal?
Is this because of something not re written in the CP config?

Found it !!
Under settings on the logs page I had show raw filter logs checked.

I used this feature in 2.0.2  click the x in the log and that ip /port is blocked and click the blue I and that rule is auto added.
In my instal of 2.0.3 I don't see either option.
Is there a setting to enable this?

I have reauth every minute set .
I lowered the idle timeout and that seems to solve the constantly connected issue.

Is there a command to either restart CP or simply kick all the users.

I've got a 2.0.3 system  testing CP with free radius2 running behind my lan  I'm using Mac auth with FR2 and have usage setup and it seems to work fine.

I ran the command to remove the used octets files and noticed that the user who was still connected at the time was not counting traffic . User has 0 of x MB . Only after forcing that user to disconnect and reconnect did the counter start to work again.

My best idea would be to have cron kick all the users 2 minutes after resetting the usage octets files.

I've tried all I can find and can't get the command to work for showing the entrystats.
Open to suggestions.
Thanks

Can you show me the counters through
 ipfw table 1 $ip entrystats

for difference of 1 download?

I'm going to need help with getting that data. I tried

/root(9): ipfw table 1 entrystats 192.168.1.23                              " Ip of laptop"
ipfw: Context is mandatory: No such file or directory

Did some google searching and can't quite figure out how to get these entry stats.
Thanks Allan

After watching the logs for a few days now. 1 Laptop with ubuntu ,authed with radius2 the logs show 1 MB increase every minute and the laptop is idle with the browser closed.

I would like a way to monitor traffic all on the same box.  Can NFSen be installed with pfsense?

BandwidthD this morning  Daily

Code:

192.168.1.23 7.7M

 

Pf system log

Code:

Mar 23 08:27:06 root: FreeRADIUS: Used amount of daily traffic by 00:1b:38:b0:e1:51 is 710 MB of 10448 MB! The user was accepted!!

No , not through the static route.
You would have to add/ modify the hosts file on the computers that need to use windows file sharing.

Maybe you could set up the MAC address filter in the dhcp server.
Mobile devices that work on both sides would need a mac entry on both routers.

Desktops would only get an IP address if their mac is entered in the correct router.

You could try in each pf box /dhcp server mac address filter. Fill in all the mac's you want to get an address on each box and it will ignore the rest.
But this may still cause problems for mobile devices that roam between lans.

The way I outlined above is the only full proof way I know of. Once it's setup you never have to mess with again. 

Are the PF box's a computer? can you stick in another lan card in each box?

This is how I have the exact same setup working.

3 nics in each PF box.
different subnet on the MAIN lan each box ( you need to change one)
The new added 3rd nic is the same subnet both box's But still different from either LAN's This Opt1 new interface is NOT a gateway. Don't change any settings there.

 On the new interface OPT1 .Create a static route on each PF box pointing to the LAN subnet on the other pf box.
Change your Ubiquiti radios lan ip's so they are in this 3rd subnet. Plug them in the new nics.
You can make a pass all firewall rule on both sides or limit the traffic the way you want, but this will let you have access to any server from either side of the network.
File sharing samba and the like will not work unless you modify hosts files. 

Code:

Mar 20 09:45:21 root: FreeRADIUS: Used amount of daily traffic by 00:1b:38:b0:e1:51 is 0 MB of 2048 MB! The user was accepted!!!
Mar 20 09:45:52 root: FreeRADIUS: Used amount of daily traffic by 00:1b:38:b0:e1:51 is 126 MB of 2048 MB! The user was accepted!!!
Mar 20 09:46:59 root: FreeRADIUS: Used amount of daily traffic by 00:1b:38:b0:e1:51 is 682 MB of 2048 MB! The user was accepted!!!
Mar 20 09:48:01 root: FreeRADIUS: Used amount of daily traffic by 00:1b:38:b0:e1:51 is 1414 MB of 2048 MB! The user was accepted!!!

That was after resetting the used octets to zero and downloading a 700MB file through the interfaces.

I remember it did seem to be working back in July 2012.
I was waiting for the final release and decided to try the last few snaps again. Same bug is back.

Code:

Mar 20 10:00:18 root: FreeRADIUS: Used amount of daily traffic by 00:1b:38:b0:e1:51 is 0 MB of 2048 MB! The user was accepted!!!
Mar 20 10:01:26 root: FreeRADIUS: Used amount of daily traffic by 00:1b:38:b0:e1:51 is 271 MB of 2048 MB! The user was accepted!!!
Mar 20 10:02:35 root: FreeRADIUS: Used amount of daily traffic by 00:1b:38:b0:e1:51 is 977 MB of 2048 MB! The user was accepted!!!
Mar 20 10:03:43 root: FreeRADIUS: Credentials are probably correct but the user 00:1b:38:b0:e1:51 has reached the daily Amount of Upload and Download Traffic which is 2116 MB of 2048 MB! The user was rejected!!!

This was trying to Download 1.5 gb through, it got to 1.1GB and was booted.