(RADIATOR) Tacacs, SessionDatabase and ClearNasQuery

Hugh Irvine hugh at open.com.au
Wed Apr 2 22:33:53 CST 2008 

Hello Ben -

I'm not sure I understand the question, but Radiator uses either an  
"Accounting-On" or an "Accounting-Off" request, or a particular Acct- 
Session-Id on a Cisco (0 or 1) to clear the session database.

See the code in "Radius/Handler.pm->handle_request()".

It doesn't look to me like the request shown below will trigger the  
"ClearNasQuery".

You can test this using "radpwtst" to generate the same RADIUS  
request to see what happens.

regards

Hugh


On 3 Apr 2008, at 14:42, Ben Ragg wrote:
> Hi there,
>
> Has anyone played with Tacacs and SessionDatabase? Does anyone know  
> if "ClearNasQuery" works as intended?
>
> Unfortunately missed changing the Radiator config before an outage  
> window but did manage to get a debug of the packet that's sent when  
> the router came back online...
>
> 2008-04-03 03:25:12.861511500 Thu Apr  3 03:25:12 2008: DEBUG:  
> TACACSPLUS derived Radius request packet dump:
> 2008-04-03 03:25:12.861549500 Code:       Accounting-Request
> 2008-04-03 03:25:12.861550500 Identifier: UNDEF
> 2008-04-03 03:25:12.861552500 Authentic:  *q<2><208><219>'<229>uF 
> {<131><178><181><252><147><22>
> 2008-04-03 03:25:12.861554500 Attributes:
> 2008-04-03 03:25:12.861555500   NAS-IP-Address = x.x.x.x
> 2008-04-03 03:25:12.861556500   User-Name = ""
> 2008-04-03 03:25:12.861557500   cisco-avpair = "task_id=1"
> 2008-04-03 03:25:12.861558500   cisco-avpair = "timezone=ACDT"
> 2008-04-03 03:25:12.861595500   cisco-avpair = "service=system"
>
> Any information would be greatly appreciated.
>
> Regards,
> Ben
>
> -- 
> Ben Ragg - Internode - Network Operations
> 150 Grenfell Street, Adelaide, SA, 5000
> Phone: 13NODE Web: http://www.on.net
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list