(RADIATOR) Calling-Station and Called-Station ID Hook

Terry Simons galimore at mac.com
Mon Feb 9 13:18:18 CST 2004


I have been working on a hook for Radiator that fixes broken accounting 
that many Wireless Access Points seem to have.

The problem is that many APs do not account  the "Calling Station ID" 
and "Called Station ID" attributes when they send an accounting record.

This is problematic for 802.1x authentications, because without that 
information it isn't possible to tie a MAC address of a user to an 
authentication attempt.

This problem appears in the following APs:

D-Link DWL 900AP+ (All versions)
Proxim/Avaya (And likely all Agere-based derivitives... likely the HP 
models too) AP-2000.
Cisco 1200 series (This problem doesn't seem to appear in the older 
VxWorks code, but we have seen it with certain versions of IOS, still 

The Proxim APs are braindead in that they use the Accounting Station ID 
to store the MAC address of the authenticated user.  I think the 
appropriate behavior would be to also account Calling-Station-Id, but 
they do not.

And likely many many others.

My hook is based off of the eap_anon_hook.pl script, written by Mike 

My question is whether or not this might be useful for others in the 
Radiator community.

This script should work for pretty much any AP that accounts, but 
doesn't account properly.

I'm pretty new to this, so I don't know if I've done everything 
correctly, but I'd like to make it available for others.

Is this something that might be interesting in the Radiator goodies 

I should be finished with the script this week, so if anyone is 
interested please let me know.

- Terry

Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list