(RADIATOR) Stop Records

Andrew andrewb at acenet.net.au
Thu Feb 16 01:59:26 CST 2006


Hi All,

I've been running some tests using Radiator 3.13 (<authby file>,<realm
default>) and a Cisco 3600 with PPTP tunnels. Of course the Session-Timeout
works perfectly, but I have been trying out the Disconnect-Request via
radpwtst and it has so far been unsuccessful. It seems like Cisco doesn't
support it? 

Here's the command I have been running.

--
radpwtst -s x.x.x.x -secret xxx -noauth -noacct -trace 5 -code
Disconnect-Request "User-Name=andrew at test.com"
--

And here's the result, my connection isn't disconnected but who is sending
back the 'Disconnect-Request-ACKed'? Is it Radiator or the Cisco? Even when
I try different attributes that don't exist I still get the ACK?

--
Reading dictionary file './dictionary'
sending Disconnect-Request...
Packet dump:
*** Sending to x.x.xx port 1645 ....

Code:       Disconnect-Request
Identifier: 37
Authentic:  <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Attributes:
        User-Name = "andrew at test.com"

*** Received from x.x.x.x port 1645 ....

Code:       Disconnect-Request-ACKed
Identifier: 37
Authentic:  YX<218><137><204><27>!<146><3><251><30><7><173><139><170><25>
Attributes:

OK


-- Andrew
> -----Original Message-----
> From: owner-radiator at open.com.au [mailto:owner-radiator at open.com.au] On
> Behalf Of Hugh Irvine
> Sent: Tuesday, 14 February 2006 11:26 AM
> To: andrewb at acenet.net.au
> Cc: radiator at open.com.au
> Subject: Re: (RADIATOR) Stop Records
> 
> 
> Hello Andrew -
> 
> Why not just put a Session-Timeout in the access accept which will
> drop the session after 24 hours?
> 
> Otherwise you may be able to use a "Change-Filter-Request" if your
> NAS equipment supports it, or even a "Disconnect-Request". Check your
> NAS documentation for details. Note that in both cases you would use
> "radpwtst" to generate the requests, not Radiator.
> 
> regards
> 
> Hugh
> 
> 
> On 14 Feb 2006, at 12:04, Andrew wrote:
> 
> > Thanks Hugh, we are generating accounting alive records. I guess to
> > achieve
> > what I want the NAS would have to have an option to renegotiate an
> > accounting session after say 24 hours in order to generate the new
> > session
> > ID (Acct-Session-Id). Would you agree with that? Or can the session
> > ID only
> > be negotiated during authentication?
> >
> > I was just hopeful that maybe radiator had some neat trick to help out
> > (since it usually does) with this issue.
> >
> > -- Andrew
> >
> >> -----Original Message-----
> >> From: Hugh Irvine [mailto:hugh at open.com.au]
> >> Sent: Tuesday, 14 February 2006 10:29 AM
> >> To: andrewb at acenet.net.au
> >> Cc: radiator at open.com.au
> >> Subject: Re: (RADIATOR) Stop Records
> >>
> >>
> >> Hello Andrew -
> >>
> >> The preferred solution usually is to configure your NAS equipment to
> >> generate interim accounting requests (AKA accounting alives).
> >>
> >> Check your NAS documentation for details.
> >>
> >> regards
> >>
> >> Hugh
> >>
> >>
> >>
> >> On 14 Feb 2006, at 11:01, Andrew wrote:
> >>
> >>> Hi All,
> >>>
> >>> I was wondering if it is possible for Radiator to generate a stop
> >>> record or
> >>> new session ID without requiring the user to disconnect?
> >>>
> >>> My billing system relies on Session IDs to track usage. This used
> >>> to be a
> >>> fine solution for dial-up but it is no good for DSL as sometimes
> >>> sessions
> >>> can last longer than a month. If I can generate a new session ID or
> >>> better
> >>> yet, a stop record on a daily basis it would be perfect.
> >>>
> >>> Thanks!
> >>>
> >>> -- Andrew
> >>>
> >>>
> >>> --
> >>> Archive at http://www.open.com.au/archives/radiator/
> >>> Announcements on radiator-announce at open.com.au
> >>> To unsubscribe, email 'majordomo at open.com.au' with
> >>> 'unsubscribe radiator' in the body of the message.
> >>
> >>
> >> NB:
> >>
> >> Have you read the reference manual ("doc/ref.html")?
> >> Have you searched the mailing list archive (www.open.com.au/archives/
> >> radiator)?
> >> Have you had a quick look on Google (www.google.com)?
> >> Have you included a copy of your configuration file (no secrets),
> >> together with a trace 4 debug showing what is happening?
> >>
> >> --
> >> Radiator: the most portable, flexible and configurable RADIUS server
> >> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> >> -
> >> Nets: internetwork inventory and management - graphical, extensible,
> >> flexible with hardware, software, platform and database independence.
> >> -
> >> CATool: Private Certificate Authority for Unix and Unix-like systems.
> >>
> >>
> >
> >
> >
> > --
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
> 
> 
> NB:
> 
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/archives/
> radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
> 
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
> 
> 
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.



--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list