pfSense English Support > Captive Portal

[SOLVED] Captive Portal + FreeRadius + LDAP + Bandwidth

(1/1)

krashneo:
Hello.

I have a PFSense 2.3.2-RELEASE-p1 (amd64) using Captive Portal integrated with FreeRadius and LDAP. It's working fine, but I need to control Bandwidth from each user bringing the attribute information from LDAP.

Is it possible?

Thanks

krashneo:
*** SOLVED ***

1- LDAP Server:

- Include the Radius LDAP Schema (http://open.rhx.it/phamm/schema/radius.schema) with attributes above:

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.61
      NAME 'radiusMaxBandwidthDown'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.62
      NAME 'radiusMaxBandwidthUp'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

objectclass
   ( 1.3.6.1.4.1.3317.4.3.2.1
      NAME 'radiusprofile'
      SUP top AUXILIARY
      DESC ''
      MUST cn
      MAY ( radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $
            radiusAuthType $ radiusCallbackId $ radiusCallbackNumber $
            radiusCalledStationId $ radiusCallingStationId $ radiusClass $
            radiusClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $
            radiusFramedAppleTalkNetwork $ radiusFramedAppleTalkZone $
            radiusFramedCompression $ radiusFramedIPAddress $
            radiusFramedIPNetmask $ radiusFramedIPXNetwork $
            radiusFramedMTU $ radiusFramedProtocol $
            radiusCheckItem $ radiusReplyItem $
            radiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $
            radiusGroupName $ radiusHint $ radiusHuntgroupName $
            radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $
            radiusLoginLATPort $ radiusLoginLATService $ radiusLoginService $
            radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetry $
            radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $
            radiusRealm $ radiusReplicateToRealm $ radiusServiceType $
            radiusSessionTimeout $ radiusStripUserName $
            radiusTerminationAction $ radiusTunnelClientEndpoint $ radiusProfileDn $
            radiusSimultaneousUse $ radiusTunnelAssignmentId $
            radiusTunnelMediumType $ radiusTunnelPassword $ radiusTunnelPreference $
            radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $
            radiusTunnelType $ radiusUserCategory $ radiusVSA $
            radiusExpiration $ dialupAccess $ radiusMaxBandwidthDown $
            radiusMaxBandwidthUp )
   )


- Restart slapd service
- Add radiusprofile ObjectClass to LDAP user
- Set the attributes radiusMaxBandwidthDown and radiusMaxBandwidthUp with limitations in bytes

2- PFSense FreeRadius Server:

- Add lines above in file /usr/local/etc/raddb/ldap.attrmap

replyItem   WISPr-Bandwidth-Max-Down      radiusMaxBandwidthDown
replyItem   WISPr-Bandwidth-Max-Up      radiusMaxBandwidthUp


- Restart radiusd Service at menu Status -> Services

3- Run for Hug  ;D ;D ;D 8)

COFroot:
krashneo
Could not do Captive Portal integrated with FreeRadius and LDAP

how did you do it ?

krashneo:

--- Quote from: COFroot on March 27, 2017, 12:07:19 pm ---krashneo
Could not do Captive Portal integrated with FreeRadius and LDAP

how did you do it ?

--- End quote ---

Hello COFroot, your CP + FreeRadius are working fine? Only missing LDAP?

vucuong:
Hello krashneo

I can't find the file /usr/local/etc/raddb/ldap.attrmap
Can you help me?

Navigation

[0] Message Index

Go to full version