(RADIATOR) Radiator Logging

Cottrell, Charles P. cottrell at musc.edu
Mon Jun 2 18:39:04 CDT 2008 

Hugh,

Thank you.  In your experience, which is better....using the eap_anon_hook.pl or the EAPAnonymous %0?  Also, would it be correct to say that if we used EAPAnonymous %0 then we would not need to maintain a mysql database?  Will one produce a higher load on the radius process over the other?  If I can use the EAPAnonymous %0 without any penalties and decrease the maintenance (by taking mysql out of the equation)  then it is preferred.

Thanks for the speedy response!

Charles




________________________________________
From: Hugh Irvine [hugh at open.com.au]
Sent: Monday, June 02, 2008 6:51 PM
To: Cottrell, Charles P.
Cc: radiator at open.com.au
Subject: Re: (RADIATOR) Radiator Logging

Hello Charles -

You will need the eap_anon_hook.pl as a PreProcessingHook in your
accounting Handler:

.....

<Handler Request-Type = Accounting-Request>
        PreProcessingHook file:"%D/scripts/eap_anon_hook.pl"
        AddToRequest Connect-Info=%{Client:Identifier},Ascend-Authen-Alias=%h
        StripFromRequest Class
        <AuthBy RADIUS>
                Host radacct.mdc.musc.edu
                Secret nosecret
                AcctPort 1813
                Retries 10
                AcctFailedLogFileName %L/%{Client:Identifier}/%m%d%y.log.missed
        </AuthBy>
        AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log
</Handler>

.....

You can also set "EAPAnonymous %0" in your outer AuthBy FILE:

        ......

        <AuthBy FILE>
                ......
                EAPAnonymous %0
        </AuthBy>

        ......

See section 5.18.24 in the Radiator 4.2 reference manual ("doc/
ref.pdf").

You can also try adding the User-Name as a reply attribute to the
access accept - some devices will then use it in the accounting
requests.

regards

Hugh



On 3 Jun 2008, at 00:12, Cottrell, Charles P. wrote:

> Greetings folks!  I hope all is well.
>
> We have recently configured Radiator to run on Windows.  All seems
> to be working nicely with one exception.  Without a noticeable
> pattern our logs will show anonymous users successfully connecting
> instead of proper user names.  Anonymous has appeared in both alive
> and start records.   A user authenticates and the alive records may
> show anonymous but the start record may show their username, or
> vice-versa.  The controller (Cisco WiSM) also may show the user
> name or anonymous.
>
> Below is a log example.  Notice that the workstation is the same,
> and both are alive records.  Config is attached.
>
> Thanks in advance.  -charles
>
> Mon Jun 2 07:41:48 2008
>
> User-Name = "username"
>
> NAS-Port = 29
>
> NAS-IP-Address = 10.24.70.26
>
> Framed-IP-Address = 128.23.65.173
>
> NAS-Identifier = "c2wism6"
>
> Airespace-WLAN-Id = 4
>
> Acct-Session-Id = "483fe936/00:12:f0:ea:97:f2/12551"
>
> Acct-Authentic = RADIUS
>
> Tunnel-Type = 0:VLAN
>
> Tunnel-Medium-Type = 0:802
>
> Tunnel-Private-Group-ID = 64
>
> Acct-Status-Type = Alive
>
> Acct-Input-Octets = 1815855
>
> Acct-Output-Octets = 298259
>
> Acct-Input-Packets = 27572
>
> Acct-Output-Packets = 1914
>
> Acct-Session-Time = 258782
>
> Acct-Delay-Time = 0
>
> Calling-Station-Id = "0012.f0ea.97f2"
>
> Called-Station-Id = "10.24.70.26"
>
> Connect-Info = "airespace"
>
> Ascend-Authen-Alias = "RADAUTH3"
>
> Timestamp = 1212406908
>
> Mon Jun 2 07:42:03 2008
>
>
> User-Name = "anonymous"
>
> NAS-Port = 29
>
> NAS-IP-Address = 10.24.70.26
>
> Framed-IP-Address = 128.23.65.173
>
> NAS-Identifier = "c2wism6"
>
> Airespace-WLAN-Id = 4
>
> Acct-Session-Id = "483fe936/00:12:f0:ea:97:f2/12551"
>
> Acct-Authentic = RADIUS
>
> Tunnel-Type = 0:VLAN
>
> Tunnel-Medium-Type = 0:802
>
> Tunnel-Private-Group-ID = 64
>
> Acct-Status-Type = Alive
>
> Acct-Input-Octets = 1817575
>
> Acct-Output-Octets = 302938
>
> Acct-Input-Packets = 27596
>
> Acct-Output-Packets = 1924
>
> Acct-Session-Time = 258798
>
> Acct-Delay-Time = 0
>
> Calling-Station-Id = "0012.f0ea.97f2"
>
> Called-Station-Id = "10.24.70.26"
>
> Connect-Info = "airespace"
>
> Ascend-Authen-Alias = "RADAUTH3"
>
> Timestamp = 1212406923
>
>
>
>
>
> <radius.nosecret.cfg>



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list