Preventing multiple logins

[arjunking]

[This has been moved to Authentication Scripts]

Hi,
I have installed OpenVPN System Based On User/Password Authentication with mysql & Day Control (shell script) on centos 6 64 bit.
to install I followed this tutorial : http://chagridsada.blogspot.fr/2011/01/ ... rpass.html
It is perfectly setup and I have tested it with multiple servers.
But now I can have multiple logins with the same account. So how should I prevent this?
I want to limit to maximum of 1 login per account.
Please help me

Many thanks ,
Arjun

[xauen]

well, you have 2 options here:
1. Use a client connect/disconnect script on the openvpn server that triggers 1 if user is "online" and triggers a 0 if the user has been "offline" and an sql checking on the script to read the database.
If user1 is online (meaning 1 in the database table) then exit 1 (afaik its reject user) else exit 0

Option 2: (little harder though much more flexible)
2. Setup radius+mysql authentication for openvpn and set Simultaneous-Use = 1 in the radgroupcheck table.

Either of them is usable for your purpose.

[arjunking]

HI
thanks for your reply
I tried the first one but sometimes in case of improper disconnection , the script doesn't return user_online=0 even though i have kept "keepalive 5 30" so user remains online according to the database and hence can't relogin
can you please provide a link for tutorial of mysql+radius+openvpn installation?

[xauen]

put:

Code: Select all

explicit-exit-notify 2

on udp config only

my tutorial on using radius-mysql will be available soon when im a little free.

[arjunking]

Thanks a lot man
waiting for your tutorial
please make it as detailed as possible

[arjunking]

it wont start now
tried to restart openvpn but it fails to
I am using it in server mode so I presume it can't be used in it
any fix for it?

[xauen]

it wont start now
tried to restart openvpn but it fails to
I am using it in server mode so I presume it can't be used in it
any fix for it?

sorry I forgot to tell you it should be in the client config UDP

[arjunking]

thanks it worked
but now i have installed freeradius
didn't know how to add accounts in freeradius so installed daloradius
and now i added a user in daloradius and i am getting auth fail error
any idea on how to use daloradius with openvpn? any tutorial links will be welcomed

[xauen]

thanks it worked
but now i have installed freeradius
didn't know how to add accounts in freeradius so installed daloradius
and now i added a user in daloradius and i am getting auth fail error
any idea on how to use daloradius with openvpn? any tutorial links will be welcomed

This might help! http://safesrv.net/setup-freeradius-plu ... pn-source/
For more information on Freeradius and how to customize it please consult with Daloradius and Freeradius documentation.

[arjunking]

thanks for your fast reply
i followed this tutorial but now i am stuck.
i don't know how to add the user.
this tutorial no where explains how to add an openvpn user
please help
i am sorry for so many questions

or please suggest me a simpler control panel than daloradius

[xauen]

thanks for your fast reply
i followed this tutorial but now i am stuck.
i don't know how to add the user.
this tutorial no where explains how to add an openvpn user
please help
i am sorry for so many questions

or please suggest me a simpler control panel than daloradius

As i've said, you need to customize the radius database and radius configuration based on your openvpn setup.
This is not a freeradius and daloradius support forum so you can only get support from their respective community.
http://freeradius.org/doc/

since the topic is all about radius and authentication system I have moved this topic to Authentication Scripts forum.

[arjunking]

someone please help me
i am getting auth failed error

[xauen]

Please refer to Freeradius documentation on how to customize and link your MySql db to Radius system.