(RADIATOR) A SOLUTION: Session check for Cisco ISDN users

Hugh Irvine hugh at open.com.au
Thu Oct 31 17:20:41 CST 2002 

Hello Utku -

Please send the code (a "diff -c ..." preferably) to Mike and we will 
take a look.

I have also been working an a different approach with another customer, 
and I should be posting something soon.

regards

Hugh


On Friday, November 1, 2002, at 05:14 AM, Utku Er wrote:

> Hi everyone,
>  
> This is discussed on this list before... We have problems getting 
> information with snmp on ISDN users from the Cisco access servers. 
> RADIATOR can doublecheck the session table entries when needed from 
> the Cisco NAS with SNMP for the ASYNC users. RADIATOR uses the SNMP 
> request of  
> ".iso.org.dod.internet.private.enterprises.9.2.9.2.1.18.NASPORT" to 
> get the username connected to that port.
>  
> However, when RADIATOR tries to doublecheck the NAS for the ISDN 
> users, this SNMP request is not working. Since radiator cannot verify 
> this user is still connected, session check problems occur... Like 
> discussed 
> in http://www.open.com.au/archives/radiator/2000-02/msg00246.html  and 
> in many of the others.
>  
> I contacted TAC and they've said it's not possible to get this 
> username/nasport relation via SNMP for the ISDN users. Since we agree 
> on they cannot provide it (maybe they'll do it in later IOS releases) 
> I alter the radiator source a little and create my solution.
>  
> Cisco ISDN nas_port are structured like 2XXYY in the start record. I 
> guess this means SerialXX:YY. I altered 
> /usr/lib/perl5/site_perl/5.6.0/Radius/Nas/Cisco.pm to finger to NAS if 
> NAS-Port is higher than 20000 and use the normal snmp procedure for 
> the other users. This procedure searches "SeXX:YY   username" in this 
> finger output. (of course XX and YY can be zero or include zero and 
> username is printed only 10 characters)
>  
> This is working quite well and ISDN users cannot connect more than 
> their simultaneous-use allow them to. I can send this updated Cisco.pm 
> code if writer or Open System Consultants allow me to.
>  
> regards,
>  
> Utku Er
> http://www.utkuer.com
>

NB: I am travelling this week, so there may be delays in our 
correspondence.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 2990 bytes
Desc: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20021101/d4accea8/attachment.bin>

More information about the radiator mailing list