Home > windows server 2008 > Login-time quota for VPN users

Login-time quota for VPN users

July 21Hits:1
Advertisement

I have configured Routing and Remote Access Service in Windows Server 2003 as the VPN server. VPN users are defined in Active Directory which is running on this server too.

How i can configure the server to give each user a limited download size (for example 1GB) and does not authenticate them when they exceeds their download quota.

The VPN server should also disconnect the users that reach their quota.

Update: Apparently a third-party RADIUS server could provide this feature. One solution I have found is TekRADIUS but it is commercial. FreeRADIUS is a open-source free RADIUS server but I am not sure if it could these kind of features.

Answers

This may be possible by imposing policies and / or restrictions on the network level for IP addresses allocated to the VPN.

That said, here's another thought: if you have your VPN configured right now so that when users are connected, ALL traffic (including outside sites such as google.com etc.) gets routed through the VPN, you might be doing it wrong.

What you can do instead is uncheck the option on the user side to "use the default gateway on the remote network" (something along those lines) so that any traffic NOT intended for VPN ip address / DNS names will get routed through the user's local gateway and therefore around the VPN. HUGE savings in bandwidth if your users tend to do a lot of Internet browsing / downloading.

A lot of corporations, especially big ones, tend to force users to use the remote gateway which not only caps the user's bandwidth (because of the corporate limitations & extra hops), but also restricts the user's access to his own local network i.e. if working from home.

No way to do that with operating system features. RRAS is targetting corporate use - your features sound more like you want to sell something like anonymous surfing via a VPN tunnel, so your traffic is "relevant". This is a very special use case - and thus one MS does not support. For corporate use you want none of this in place.

I would suggest you retire the RRAS solution, put in a Mikrotik router for less than 50 pounds and do itthere ;) It CAN do such things - it is a router / access point for internet providers, not something for busineses with limtied features like Microsoft.

Related Articles

  • Login-time quota for VPN usersJuly 21

    I have configured Routing and Remote Access Service in Windows Server 2003 as the VPN server. VPN users are defined in Active Directory which is running on this server too. How i can configure the server to give each user a limited download size (for

  • SSH login with secure IP VPNFebruary 28

    I have a PC behind a router with port forwarding setup Port 22 for SSH which works perfectly - I can login and everything. What I am trying to do is let this PC connect to a VPN and only allow traffic on local network or via the VPN connection (for i

  • Automatic login to cisco anyconnect vpn on linuxMay 16

    Is there any way to get the vpn client to read in the username and password (I'm ok with plaintext for now) without having to type it everytime? Edit: My intention is to call a script through ssh_config that will automatically connect to the vpn when

  • zimbra 8 policyd failed SMTP login increments quota counterFebruary 6

    I am trying to set up a policyd policy in Zimbra that sets a max number of outbound emails for a given sender ([email protected]). I was testing it with a simple script to log into the SMTP server and send a test mail. I noticed, if I omitted the login inf

  • ctrl alt del login not working over VPNNovember 12

    Windows 7 Desktop User connecting to a VPN over wireless. Connects fine, but after screen locks from no activity the machine will not allow control-alt-delete to let them unlock and login. Machine goes dark for 2 minutes and then brings back the prom

  • Restrict SSH login to local network: VPN connection not allowedFebruary 2

    There are two (unix) users who are allowed to connect to my Debian Wheezy server using ssh: git and peter. While git is allowed to connect from everywhere, peter (who is in the sudo group) should be only allowed to connect from my local network. I th

  • Setting up a VPN connection before login automaticallyMay 31

    Our company's domain controller is located in data center behind the Forefront TMG with a VPN gateway set up. I want my Windows 7 machines to be able to work in an active directory domain environment. For that, I need to VPN into the data center's ne

  • VPN with straightforward, reliable configuration directions

    VPN with straightforward, reliable configuration directionsMarch 12

    We have a rather conventional Windows shop with MS Server 2003 and corresponding Exchange services at a single site. We have some offsite (travelling laptops, stationary workstations) systems that are modern Windows-based. We have a Cisco Router RV08

  • How do I setup/connect a Mac Book Pro OSX to a Windows domain over VPNApril 5

    In windows I am able to do this by logging in as a local user, connecting to VPN, doing the initial domain connection (which includes creating a new user which is my domain account), then leaving that user logged in I "switch user" to the user I

  • Is that possible to change PPTP VPN password on mac?February 6

    Could I directly reset my password for VPN on mac? For Windows, I found the instruction below (source from ehow, not tested as I only has a mac): Log on to your VPN. Enter the "CTRL+ALT+DEL" keys simultaneously and select the "Change a Pass

  • Setting up VPN client: L2TP with IPsecNovember 9

    I've got to connect to vpn server. It works on Windows, but in Ubuntu 10.04 not. Number of options is confusing for me. There is the input that I have: IP Address of VPN Pre-shared key to authenticate Information that MS-CHAPv2 is used Login and Pass

  • Cisco AnyConnect VPN via OpenVPN tunnel [Unable to modify IP forwarding table]November 13

    Background: I'm working as a contractor for a small web design agency. We have a particular project / client requires that any updates / development that are performed are done via VPN. The client VPN requires a static IP address, and connects using

  • RDP Over VPN ProblemJuly 1

    Hello Guys, I have been battling this problem for a week now. And I have no where to run except to you guys. Here is the scenario, VPN connection works perfectly fine I can connect successfully using both windows and linux (ubuntu 10.04) machine. The

  • Setting up Juniper VPN on 14.04

    Setting up Juniper VPN on 14.04September 10

    I saw this post, but unfortunately continue to have issues as seen here: Does anyone have suggestions for fixing this issue? Thanks! --------------Solutions------------- Prepare a 64-bit Linux Machine Remember, the role must NOT be configured to use

  • Aventail Web VPN on Ubuntu 14.04May 27

    I am trying to convert from Windows to Ubuntu (finally). I got everything working fairly easily, including several different VPNs, but this last one is giving me issues. I have one client that uses the Aventail VPN via a web interface (Internet Explo

  • Can I use fingerprint reader to login through SonicWallJune 25

    One of the directors didnt know where to put his head. So he introduced new security measures. Now I have to type login and password every time I login into the office VPN (I work from home so it is annoying). It is SonicWall 4.9. Is there a way to u

  • Public AP: How to reduce vulnerability window between Captive Portal and starting VPN?August 8

    I always use a VPN on my Mac when I access over public APs (such as coffee shop free WiFi) How much should I worry about the window of time where I am in the captive portal (the agreement screen) and have not yet started my VPN? My hunch is "lots&quo

  • Monthly Logins Used is Double Counting Logins to OAuth enabled siteOctober 23

    We are using "Partner Community Login" licenses and Salesforce Communities as our Single Sign On solution for an external web portal (not based on Communities). Each time a user logs in, it is counting as 2 logins against our Monthly Logins Used

  • How to give user permissions on ubuntu server?April 7

    i have an ubuntu server and i give hosting to some users and i use the next command to create users and their ftp accounts: sudo adduser nameofthepage This command creates a directory with the name of the page in the "/home" directory where user

  • How to turn your Ubuntu 14.10 headless server into a XFCE + VNC Network Desktop

    How to turn your Ubuntu 14.10 headless server into a XFCE + VNC Network DesktopMay 18

    This tutorial describes the installation of Gnome 3, XFCE and VNC on a headless server (server without monitor) to turn it into a Linux Desktop that you can access from anywhere over the internet with VNC. The server that is used for this setup is a

Copyright (C) 2018 ceus-now.com, All Rights Reserved. webmaster#ceus-now.com 14 q. 0.801 s.