DNN Community Forums

Detect multiple connections from an internal network sharing public IP

Sort:

You are not authorized to post a reply.

Author

Messages

Hermes

New Member

Posts:

05/01/2016 23:37

Hello, Portal Keeper lets be configured to avoid multiple connections so that multiple users of an internal network to share a public IP address, can not log on with a particular user from different PCs on that network?

Jesse

New Member

Posts:

06/01/2016 14:09

Hi,

that should be possible, yes, through the dedicated default "Simultaneous Connections Detection" Firewall rule to be configured accordingly.

You can customize the corresponding "Catch Multiple connections" condition, specifically to :

uncheck "Returning Only", so that a new connection is not possible rather that the original computer being logged off (the default policy is "no coming back to the original computer").
switch the "Discrimination Source" from "XForwarded IP" to "Session" to support your case of an internal network with shared public IP.

You can also customize the resulting sequence of actions, such as the email template sent to the account holder, or maybe in order to add a redirection to a page with a dedicated message (see "Critical Accounts Protection" for an example of such an action that you can copy), or to directly display a page message to the user (see "Warn IE 6 Users" for an example of such an action that you can copy)

Regards

Hermes

New Member

Posts:

06/01/2016 23:04

Thanks for your answer, but I must tell you that following the letter to your recommendations, yet detects me like simultaneous sessions for different users in different PCs from my internal network.

Also when it detects a "Connection simultaneous " sends several notices by email.

Please if you can help me about it I thank you in advance.

Jesse

New Member

Posts:

07/01/2016 18:04

Hermes wrote:
Thanks for your answer, but I must tell you that following the letter to your recommendations, yet detects me like simultaneous sessions for different users in different PCs from my internal network.

Also when it detects a "Connection simultaneous " sends several notices by email.

Please if you can help me about it I thank you in advance.

This seems unintended behavior indeed. With the above configuration, you should have:

When a single account logs in from 2 computers or from 2 browsers similarly (or one in regular mode and one in private mode, session being stored in cookie), without "returning only" checked, the 2nd user should get logged off (otherwise, the 1st one will trigger detection). An email should be sent each time a detection is triggered, that is each time a new connection is attempted in your case, or each time a returning user logs in with "returning only" checked.

I guess I should do some tests to see if for some reason the rule stopped working correctly.

I'll get back to you when I know more about it, and if it's a bug I'll send you a patch.

Jesse

New Member

Posts:

12/01/2016 13:26

Hi,

I could do some tests, and there seems to be a race condition causing interference with the locking mechanism upon signing off.

Here's a link to a patch that should fix the issue. In order to apply the patch, unzip and replace the corresponding assembly files in your bin folder.

I could test both of the above scenarios with success, with session as a discrimination source with same IP shared (returning only checked = people keep stealing the session and unsign each other / returing only checked = any new connection is rejected)

The next release will include the fix.

Regards

You are not authorized to post a reply.