[RADIATOR] Forwarding Radius Accounting Records to Multiple Authby statements.
Simon Dixon
devmug at gmail.com
Wed Feb 24 02:32:58 CST 2010
Guys I have a interesting issue, that I am having issues resolving, I'm
pretty sure I am missing something but not sure what.
Some brief history to start with. We are an ISP migrating to a
new accounting package, this accounting package has a in built radius
server, and as we provide tails to other companies we are going to keep
Radiator as our primary Radius server that our NAS's talk directly to, so
based on realm it can hand off the requests to other radius servers
or authenticate them it's self. For our primary realms we are moving
the authentication to this new accounting package, so radiator will be
proxying this traffic. Due to some other complications we are doing
a staged migration, and have a sql field in our existing Authby statement
saying if it should auth the user or reject them, based on it being 0 or 1,
if 1 then the request flows through to the new accounting package via a
radius proxy authby.
The issue I am having is the accounting records do not flow through, so the
new accounting package does not see the start/alive/stop records which it
requires.
We are running Radiator 4.3.1 blow is the relevant bits of the config. Can
anybody point me in the right direction.
thanks in advance.
Simon.
------
<AuthBy SQL>
Identifier AuthDB
DBSource dbi:mysql:authdb:localhost:3306
DBUsername username
DBAuth passsword
AuthColumnDef 0, User-Password, check
AuthColumnDef 1, Service-Type, reply
AuthColumnDef 2, Framed-Protocol, reply
AuthColumnDef 3, Framed-MTU, reply
AuthColumnDef 4, Framed-IP-Address, reply
AuthColumnDef 5, Framed-IP-Netmask,reply
AuthColumnDef 6, Framed-Route,reply
AuthColumnDef 7, Framed-Route,reply
AuthColumnDef 8, Filter-Id,reply
AuthColumnDef 9, Filter-Id,reply
AuthColumnDef 10, cisco-avpair, reply
AuthColumnDef 11, cisco-avpair, reply
AuthColumnDef 12, cisco-avpair, reply
AuthColumnDef 13, cisco-avpair, reply
AuthSelect select PASSWORD, SERVICE_TYPE, FRAMED_PROTOCOL,
FRAMED_MTU, IP_ADDRESS, NETMASK, FRAMED_ROUTE, FRAMED_ROUTE2, FILTERIN,
FILTEROUT, AVPAIR1, AVPAIR2, AVPAIR3, AVPAIR4 from adslusers where '%n' LIKE
CONCAT(USERNAME,'@%') and NEWACCT='0'
NoDefault
</AuthBy>
<AuthBy SQL>
Identifier SQLAcct
DBAuth password
DBSource dbi:mysql:SQLaccounting:localhost:3306
DBUsername username
AuthSelect
AccountingTable freeway_acct
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef ACCTAUTHENTIC,Acct-Authentic
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CALLERID,Calling-Station-Id
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef TUNNELSEREND,Tunnel-Server-Endpoint
AcctColumnDef TUNNELCLIEND,Tunnel-Client-Endpoint
AcctColumnDef TUNNELTYPE,Tunnel-Type
AcctColumnDef TUNNELSERAUTH,Tunnel-Server-Auth-ID
AcctColumnDef TUNNELID,Tunnel-ID
</AuthBy>
<AuthBy GROUP>
Identifier AuthDB
AuthByPolicy ContinueAlways
AuthBy SQLAcct
AuthBy AuthDB
</AuthBy>
<AuthBy RADIUS>
Identifier NEW_ACCT
Host 10.2.2.2
LocalAddress 10.1.1.1
Secret xxxx
AuthPort 1812
AcctPort 1813
</AuthBy>
<Handler Realm=adsl.domain.tld>
AuthByPolicy ContinueWhileReject
AuthBy AuthDB
AuthBy NEW_ACCT
PacketTrace
</Handler>
--
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20100224/b65a3b7b/attachment-0001.html
More information about the radiator
mailing list