2

I have pfsense and daloRadius(running freeRadius inside) up and running, I successfully configured radius parameters on pfSense and the NAS on daloRadius and they can talk to each other.

I am able to create users from daloRadius and authenticate them from pfSense. But when I add some attributes for bandwidth limitation or download quota limitation, authentication fails from pfSense.

Plus in spite of all the search i did, am' not able to understand clearly how radius attributes function: - Difference between check and reply and when to use either - also the operators being used.

Since i didn't understand clearly i tried all combinations that made sense to me but it never worked, I always get access-reject.

I added to daloRadius the pfSense radius attribute dictionary which i got from here:

VENDOR      pfSense             13644

BEGIN-VENDOR    pfSense

ATTRIBUTE   pfSense-Bandwidth-Max-Up        1   integer
ATTRIBUTE   pfSense-Bandwidth-Max-Down      2   integer
ATTRIBUTE   pfSense-Max-Total-Octets        3   integer

END-VENDOR pfSense

but whenever I create a user and try using one of these attributes in either reply or check attribute, the user is not authorised when logging in, just getting access-reject with no explanations.

What am I doing wrong ?

Xsmael
  • 171
  • 1
  • 10
  • Are you using pfsenses built in pppoe server? If so then the bandwith limiting commands are here in this post by me: [enter link description here](https://forum.netgate.com/topic/141034/rate-limit-on-radius-reply-attributes-for-pppoe-connections-not-working) – Muhammad Ibrahim Sep 29 '19 at 12:16

0 Answers0