[RADIATOR] SQL accounting problem

Hugh Irvine hugh at open.com.au
Thu Sep 16 12:09:21 CDT 2010


Hello Adrian -

The debug you include below only shows an access request, not an accounting request.

If you are not receiving any accounting requests from your NAS, you will not see anything in the debug.

You will need to check the configuration of your NAS equipment to verify if it is sending accounting data.

regards

Hugh


On 16 Sep 2010, at 12:00, adrian wrote:

>    Hi :
> 
> I have a problem with the SQL accounting. Radiator do not process the 
> accounting- request. Below are my radius.cfg and the trace 4. I have 
> checked the ports on my server and are ok. I'm using port 1812 for 
> Radius and 1813 for accounting.
> 
> # windows.cfg
> #
> # Example Radiator configuration file.
> # This very simple file will allow you to get started with
> # a simple system on Windows. You can then add and change features.
> # We suggest you start simple, prove to yourself that it
> # works and then develop a more complicated configuration.
> #
> # This example is expected to be installed in
> #   c:\Program Files\Radiator\radius.cfg
> # It will authenticate from a standard users file in
> #   c:\Program Files\Radiator\users
> # it will log debug and other messages to
> #   c:\Program Files\Radiator\logfile
> # and log accounting to a file in
> #   c:\Program Files\Radiator\detail
> # (of course you can change all these by editing this config file if you 
> wish)
> #
> # It will accept requests from any client and try to handle requests
> # for any realm.
> # And it will print out what its doing in great detail to the log file.
> #
> # See radius.cfg for more complete examples of features and
> # syntax, and refer to the reference manual for a complete description
> # of all the features and syntax.
> #
> # You should consider this file to be a starting point only
> # $Id: windows.cfg,v 1.1 2003/03/27 09:41:28 mikem Exp $
> 
> Foreground
> LogStdout
> LogDir        c:/Program Files/Radiator
> DbDir        c:/Program Files/Radiator
> 
> 
> AuthPort    1812
> AcctPort    1813
> 
> # This will log at DEBUG level: very verbose
> # User a lower trace level in production systems, typically use 3
> Trace         4
> 
> # You will probably want to add other Clients to suit your site,
> # one for each NAS you want to work with. This will work
> # at least with radpwtst running on the local machine
> <Client 80.231.58.20>
>    Secret ##########
> 
> </Client>
> 
> <Client 80.231.58.22>
>    Secret #########
> 
> </Client>
> 
> # Authenticate all realms with this
> 
> # LDAP, LDAP2 and LDAPSDK are all basically the same
> # but they use different LDAP modules:
> # LDAP uses Net::LDAPapi (which is now deprecated. Dont use
> #    this for new installation102s)
> # LDAP2 uses the newer Net::LDAP in perl-ldap-0.09 or better
> # LDAPSDK uses the Netscape PerLDAP SDK(which is easily availble
> #     for ActiveState Perl on NT)
> #
> # You must install the required perl module before you
> # can use this authentication method.
> # If you want to test AuthBy LDAP, uncomment and configure this Realm
> #<Realm YouRoam.com>
>    RewriteUsername    s/^([^@]+).*/$1/
> 
> <Handler Request-Type = Accounting-Request>
> <AuthBy SQL>
>    # Adjust DBSource, DBUsername, DBAuth to suit your DB
>    DBSource    dbi:ODBC:YouRoam
>    DBUsername    #####
>    DBAuth      #######
> 
>      AccountingTable ACCOUNTING
>      AcctColumnDef   USERNAME,User-Name
>      AcctColumnDef   TIME_STAMP,Timestamp,integer
>      AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type,integer
>      AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
>      AcctColumnDef   ACCTINPUTOCTETS,Acct-Input-Octets,integer
>      AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
>      AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
>      AcctColumnDef   ACCTSESSIONTIME,Acct-Session-Time,integer
>      AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
>      AcctColumnDef   ACCTTERMINATECAUSE,Ascend-Disconnect-Cause,integer
>      AcctColumnDef   FRAMEDIPADDRESS,Framed-Address
>      AcctColumnDef   NASIDENTIFIER,NAS-Identifier
>      AcctColumnDef   NASPORT,NAS-Port,integer
>      AcctColumnDef   GlobalRoamingWasZone,GlobalRoaming-Was-Zone
>      AcctColumnDef   GlobalRoamingUnitsUsed, GlobalRoaming-Units-Used, 
> integer
> 
> </AuthBy>
> </Handler>
> 
> <Handler>
> <AuthBy LDAP2>
>    Host SourceIT.Youroam.com
>    AuthDN YOUROAM\iasprueba
>    AuthPassword #########
>    BaseDN cn=Users, dc=Youroam, dc=com
>    UsernameAttr cn
>     AuthAttrDef GlobalRoamingMaxUnitsA,GlobalRoaming-Max-Units,reply
> </AuthBy>
> </Handler>
> #</Realm>
> 
> 
> *Trace 4:*
> 
> C:\Users\administrator.YOUROAM>perl c:\perl64\bin\radiusd
> Thu Sep 16 18:48:11 2010: WARNING: No PasswordAttr or 
> EncryptedPasswordAttr defi
> ned for AuthLDAP2 at 'C:\Program Files\Radiator\radius.cfg' line
> Thu Sep 16 18:48:11 2010: DEBUG: Finished reading configuration file 
> 'C:\Program
> Files\Radiator\radius.cfg'
> This Radiator license will expire on 2011-02-01
> This Radiator license will stop operating after 1000 requests
> To purchase an unlimited full source version of Radiator, see
> http://www.open.com.au/ordering.html
> To extend your license period, contact admin at open.com.au
> 
> Thu Sep 16 18:48:11 2010: DEBUG: Reading dictionary file 'c:/Program 
> Files/Radia
> tor/dictionary'
> Thu Sep 16 18:48:12 2010: DEBUG: Creating authentication port 0.0.0.0:1812
> Thu Sep 16 18:48:12 2010: DEBUG: Creating accounting port 0.0.0.0:1813
> Thu Sep 16 18:48:12 2010: NOTICE: Server started: Radiator 4.6 on 
> SOURCEIT (LOCK
> ED)
> Thu Sep 16 18:48:27 2010: DEBUG: Rewrote user name to iasprueba
> Thu Sep 16 18:48:27 2010: DEBUG: Packet dump:
> *** Received from 80.231.58.22 port 1814 ....
> Code:       Access-Request
> Identifier: 92
> Authentic:  <234>V<168>5D<170><151><153>%<150><168>[<166><244>-<158>
> Attributes:
>        NAS-Port-Type = Virtual
>        Proxy-State = 124
>        Service-Type = Framed-User
>        GlobalRoaming-Is-Zone = "A"
>        Called-Station-Id = "mobilitypass.com"
>        Calling-Station-Id = "423660000132"
>        Framed-Protocol = PPP
>        User-Name = "iasprueba"
>        User-Password = 
> <20>C<142>@<131>)q<145><130>G<210><8>1<157><163><179>
>        Connect-Info = "64000/57600"
>        NAS-IP-Address =  ##.##.##.##
>        NAS-Port = 166
>        NAS-Port-Id = "Uniq-Sess-ID166"
> 
> Thu Sep 16 18:48:27 2010: DEBUG: Handling request with Handler ''
> Thu Sep 16 18:48:27 2010: DEBUG:  Deleting session for 
> iasprueba at youroam.com, 19
> 2.168.124.254, 166
> Thu Sep 16 18:48:27 2010: DEBUG: Handling with Radius::AuthLDAP2:
> Thu Sep 16 18:48:27 2010: INFO: Connecting to SourceIT.Youroam.com:389
> Thu Sep 16 18:48:27 2010: INFO: Attempting to bind to LDAP server 
> SourceIT.Youro
> am.com:389
> Thu Sep 16 18:48:27 2010: DEBUG: LDAP got result for 
> CN=iasprueba,CN=Users,DC=Yo
> uRoam,DC=com
> Thu Sep 16 18:48:27 2010: DEBUG: LDAP got GlobalRoamingMaxUnitsA: 299
> Thu Sep 16 18:48:27 2010: DEBUG: Radius::AuthLDAP2 looks for match with 
> iasprueb
> a [iasprueba at youroam.com]
> Thu Sep 16 18:48:27 2010: DEBUG: Radius::AuthLDAP2 ACCEPT: : iasprueba 
> [iasprueb
> a at youroam.com]
> Thu Sep 16 18:48:27 2010: DEBUG: AuthBy LDAP2 result: ACCEPT,
> Thu Sep 16 18:48:27 2010: DEBUG: Access accepted for iasprueba
> Thu Sep 16 18:48:27 2010: DEBUG: Packet dump:
> *** Sending to 80.231.58.22 port 1814 ....
> Code:       Access-Accept
> Identifier: 92
> Authentic:  <186><135><208><149><30>\<168>6rv%<26><197><151><167><164>
> Attributes:
>        GlobalRoaming-Max-Units = 299
>        Proxy-State = 124
> 
> 
> 
> 
> 
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator



NB: 

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets), 
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.





More information about the radiator mailing list