pfSense Support Subscription

Author Topic: [SOLVED] Captive Portal + FreeRadius + LDAP + Bandwidth  (Read 682 times)

0 Members and 1 Guest are viewing this topic.

Offline krashneo

  • Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
[SOLVED] Captive Portal + FreeRadius + LDAP + Bandwidth
« on: March 14, 2017, 11:57:13 am »
Hello.

I have a PFSense 2.3.2-RELEASE-p1 (amd64) using Captive Portal integrated with FreeRadius and LDAP. It's working fine, but I need to control Bandwidth from each user bringing the attribute information from LDAP.

Is it possible?

Thanks
« Last Edit: March 17, 2017, 09:41:38 am by krashneo »

Offline krashneo

  • Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: Captive Portal + FreeRadius + LDAP + Bandwidth
« Reply #1 on: March 17, 2017, 09:39:29 am »
*** SOLVED ***

1- LDAP Server:

- Include the Radius LDAP Schema (http://open.rhx.it/phamm/schema/radius.schema) with attributes above:

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.61
      NAME 'radiusMaxBandwidthDown'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.62
      NAME 'radiusMaxBandwidthUp'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )


objectclass
   ( 1.3.6.1.4.1.3317.4.3.2.1
      NAME 'radiusprofile'
      SUP top AUXILIARY
      DESC ''
      MUST cn
      MAY ( radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $
            radiusAuthType $ radiusCallbackId $ radiusCallbackNumber $
            radiusCalledStationId $ radiusCallingStationId $ radiusClass $
            radiusClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $
            radiusFramedAppleTalkNetwork $ radiusFramedAppleTalkZone $
            radiusFramedCompression $ radiusFramedIPAddress $
            radiusFramedIPNetmask $ radiusFramedIPXNetwork $
            radiusFramedMTU $ radiusFramedProtocol $
            radiusCheckItem $ radiusReplyItem $
            radiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $
            radiusGroupName $ radiusHint $ radiusHuntgroupName $
            radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $
            radiusLoginLATPort $ radiusLoginLATService $ radiusLoginService $
            radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetry $
            radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $
            radiusRealm $ radiusReplicateToRealm $ radiusServiceType $
            radiusSessionTimeout $ radiusStripUserName $
            radiusTerminationAction $ radiusTunnelClientEndpoint $ radiusProfileDn $
            radiusSimultaneousUse $ radiusTunnelAssignmentId $
            radiusTunnelMediumType $ radiusTunnelPassword $ radiusTunnelPreference $
            radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $
            radiusTunnelType $ radiusUserCategory $ radiusVSA $
            radiusExpiration $ dialupAccess $ radiusMaxBandwidthDown $
            radiusMaxBandwidthUp
)
   )


- Restart slapd service
- Add radiusprofile ObjectClass to LDAP user
- Set the attributes radiusMaxBandwidthDown and radiusMaxBandwidthUp with limitations in bytes

2- PFSense FreeRadius Server:

- Add lines above in file /usr/local/etc/raddb/ldap.attrmap

replyItem   WISPr-Bandwidth-Max-Down      radiusMaxBandwidthDown
replyItem   WISPr-Bandwidth-Max-Up      radiusMaxBandwidthUp


- Restart radiusd Service at menu Status -> Services

3- Run for Hug  ;D ;D ;D 8)

Offline COFroot

  • Newbie
  • *
  • Posts: 15
  • Karma: +1/-0
    • View Profile
Re: [SOLVED] Captive Portal + FreeRadius + LDAP + Bandwidth
« Reply #2 on: March 27, 2017, 12:07:19 pm »
krashneo
Could not do Captive Portal integrated with FreeRadius and LDAP

how did you do it ?

Offline krashneo

  • Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: [SOLVED] Captive Portal + FreeRadius + LDAP + Bandwidth
« Reply #3 on: March 27, 2017, 05:14:26 pm »
krashneo
Could not do Captive Portal integrated with FreeRadius and LDAP

how did you do it ?

Hello COFroot, your CP + FreeRadius are working fine? Only missing LDAP?

Offline vucuong

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: [SOLVED] Captive Portal + FreeRadius + LDAP + Bandwidth
« Reply #4 on: December 06, 2017, 09:31:16 am »
Hello krashneo

I can't find the file /usr/local/etc/raddb/ldap.attrmap
Can you help me?