(RADIATOR) AuthLog & Framed-IP-Address

Hugh Irvine hugh at open.com.au
Thu Aug 14 18:25:53 CDT 2003 

Hello James -

The first thing to understand is that there are two different things  
going on with the radius protocol. The first is the access request and  
and corresponding access accept - this is the authentication and  
authorisation phase. After the session has been established as a result  
of the NAS processing the access accept, the accounting start is  
generated - and of course the accounting stop is generated at the end  
of the session.

On the Cisco at least there is an additional aaa configuration line  
required that will cause the NAS to generate an interim accounting  
(Alive) packet containing the Framed-IP-Address.

Note however that the initial access request that is logged by the  
AuthLog clause will never contain the Framed-IP-
Address. I also wonder why you have the AuthLog clause pointing to the  
"Accounting" table - this seems odd.

If you have any other questions, I'm always happy to help.

regards

Hugh


On Friday, Aug 15, 2003, at 05:45 Australia/Melbourne, James Nelson  
wrote:

> I'm having problems getting Radiator to log the Framed-IP-Address in  
> the SQL logs it generates.  The NAS's are 3Com & Cisco devices.  The  
> problem seems to originate from the fact that the record is created  
> before the NAS responds with the reply that contains the  
> Framed-IP-Address.  Here is a debug & part of my radius config.  I've  
> been digging through the archives & fighting this for a couple days,  
> so any help would be appreciated.  Thanks.
>
> *** Received from ###.###.###.### port 1812 ....
> Code:       Access-Request
> Identifier: 161
> Authentic:  <238><182><17>;-<218><212><199><12><225>X<245><192>d<30>|
> Attributes:
>    NAS-IP-Address = ###.###.###.###
>    NAS-Port = 24
>    NAS-Port-Type = Virtual
>    User-Name = "user"
>    User-Password = xxxxxxxxxx
>    Service-Type = Framed-User
>    Framed-Protocol = PPP
>
> Fri Aug  8 13:35:51 2003: DEBUG: Rewrote user name to user
> Fri Aug  8 13:35:51 2003: DEBUG: Handling request with Handler ''
> Fri Aug  8 13:35:51 2003: DEBUG:  Deleting session for user,  
> ###.###.###.###, 24
> Fri Aug  8 13:35:51 2003: DEBUG: Handling with Radius::AuthSQL
> Fri Aug  8 13:35:51 2003: DEBUG: Handling with Radius::AuthSQL:
> Fri Aug  8 13:35:51 2003: DEBUG: Query is:
> Fri Aug  8 13:35:51 2003: DEBUG: Radius::AuthSQL looks for match with  
> user
> Fri Aug  8 13:35:51 2003: DEBUG: Radius::AuthSQL ACCEPT:
> Fri Aug  8 13:35:51 2003: DEBUG: Access accepted for user
> Fri Aug  8 13:35:51 2003: DEBUG: do query is: 'insert into RadAcct  
> values  
> ('13:35:51','08/08/ 
> 2003','Success','user','user','###.###.###.###','','')':
>
> Fri Aug  8 13:35:51 2003: DEBUG: Packet dump:
> *** Sending to ###.###.###.### port 1812 ....
> Code:       Access-Accept
> Identifier: 161
> Authentic:  <238><182><17>;-<218><212><199><12><225>X<245><192>d<30>|
> Attributes:
>    Service-Type = Framed-User
>    Framed-Protocol = PPP
>    Framed-Routing = None
>    Framed-MTU = 1500
>    Framed-Compression = Van-Jacobson-TCP-IP
>    Idle-Timeout = 1800
>    Session-Timeout = 43200
>    Port-Limit = 1
>
> Fri Aug  8 13:35:54 2003: DEBUG: Packet dump:
> *** Received from ###.###.###.### port 1813 ....
> Code:       Accounting-Request
> Identifier: 162
> Authentic:  <233>h.<128><149><209><214><167>kN<23><215><253>^<180><22>
> Attributes:
>    NAS-IP-Address = ###.###.###.###
>    NAS-Port = 24
>    NAS-Port-Type = Virtual
>    User-Name = "user"
>    Acct-Status-Type = Start
>    Acct-Authentic = RADIUS
>    Service-Type = Framed-User
>    Acct-Session-Id = "000179B4"
>    Framed-Protocol = PPP
>    Framed-IP-Address = ###.###.###.###
>    Acct-Delay-Time = 0
>
>
>
> <Handler>
>
>    # Look up user details in a mySQL DB
>    <AuthBy SQL>
>
>        DBSource     xxxxxxx
>        DBUsername     xxxxxxx
>        DBAuth         xxxxxxx
>
>        AuthSelect select xxxxxxxxxxxxxxx
>
>        AddToReply Service-Type = Framed-User,\
>                Framed-Protocol = PPP,\
>                Framed-Routing = None,\
>                Framed-MTU = 1500,\
>                Framed-Compression = Van-Jacobson-TCP-IP,\
>            Idle-Timeout = 1800,\
>            Session-Timeout = 43200,\
>            Port-Limit = 1
>
>    </AuthBy>
>
>
>    <AuthLog SQL>
>
>        DBSource     xxxxxxx
>        DBUsername     xxxxxxx
>        DBAuth         xxxxxxx
>        Table        Accounting
>
>        SuccessQuery    insert into Accounting values  
> ('%H:%M:%S','%m/%d/%Y','Success','%u','%U','%c',%1,'%a')
>        FailureQuery    insert into Accounting values  
> ('%H:%M:%S','%m/%d/%Y','Failure(PAP-Auth)','%u','%U','%c',%1,'%a')
>        LogSuccess    1
>
>    </AuthLog>
>
> </Handler>
>
> ::James Nelson
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list