Unable to log Radius Attribute 40 from NAS device 1230AG AP

Unanswered Question

Hi all,

I am trying to get a Radius Reporting tool (Radrep) working but to do this I require stop and start accounting records (Attribute 40 - Acct-Status-Type) in my RADIUS accounting server (IAS) log files.

Definition:

Radius Attribute 40 (Acct-Status-Type - Number Specifies whether accounting packet starts or stops a bridging, routing, or terminal server session.)

All IAS local file property settings are checked - accounting, authentication requests and periodic status are set to be logged.

IAS is listening on ports 1812,1645 for RADIUS authentication info and ports 1813,1646 for accounting info.

The AP is a 1230 AG using version 12.3(8)JEA, below are the aaa directives:

aaa new-model

!

!

aaa group server radius rad_eap

server x.x.x.x auth-port 1645 acct-port 1646

!

aaa group server radius rad_mac

!

aaa group server radius rad_acct

!

aaa group server radius rad_admin

!

aaa group server tacacs+ tac_admin

!

aaa group server radius rad_pmip

!

aaa group server radius dummy

!

aaa authentication login default local

aaa authentication login eap_methods group rad_eap

aaa authentication login mac_methods local

aaa authorization exec default local

aaa accounting delay-start

aaa accounting exec default start-stop group radius

aaa accounting network default start-stop broadcast group radius

aaa session-id common

!

------------

ip http authentication aaa

ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

ip radius source-interface BVI1

!

snmp-server community ******** RO

radius-server attribute 32 include-in-access-req format %h

radius-server host ********** auth-port 1645 acct-port 1646 key 7 *******************

radius-server vsa send accounting

!

I am able to log IAS heder data (NAS-IP-Address, User-Name, Record-Date, Record-Time, Service-Name, Computer-Name) and a quite a few others IAS radius attributes (Attributes: 4, 5, 6, 7, 12, 25,30, 31, 32, 61, 62, 87, 4108, 4116, 4120, 4127, 4128, 4129, 4130, 4132, 4136, 4142, 4149, 4154, 4155, 8100).

Can anyone tell me if I need to upgrade my IOS or add some different configuration?

Many thanks,

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Here is the debug aaa accounting output when I connected to the AP.

Jul 18 16:49:08.917: AAA/ACCT/HC(0019BA47): Register DOT11/00D04728 0bit/s, assuming 100Mbit/s, poll every 5m 0s

Jul 18 16:49:08.917: AAA/ACCT/HC(0019BA47): Update DOT11/00D04728

Jul 18 16:49:08.917: AAA/ACCT/HC(0019BA47): DOT11/00D04728 [init-sess] (rx/tx) base 0/0 pre 0/0 call 0/0

Jul 18 16:49:08.917: AAA/ACCT/HC(0019BA47): DOT11/00D04728 [init-sess] (rx/tx) adjusted, pre 0/0 call 0/0

Jul 18 16:49:08.917: AAA/ACCT/EVENT/(0019BA47): CALL START

Jul 18 16:49:08.917: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:08.918: AAA/ACCT(00000000): add node, session 1686301

Jul 18 16:49:08.918: AAA/ACCT/NET(0019BA47): add, count 1

Jul 18 16:49:08.995: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.012: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.113: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.137: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.146: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.158: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.170: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.175: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.182: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.191: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.196: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.224: %DOT11-6-ASSOC: Interface Dot11Radio0, Station 0013.ce0e.3ac5 Associated KEY_MGMT[WPA]

Jul 18 16:49:09.224: AAA/ACCT/NET(0019BA47): Pick method list 'default'

Jul 18 16:49:09.224: AAA/ACCT/SETMLIST(0019BA47): Handle 0, mlist 00D33CF8, Name default

Jul 18 16:49:09.225: AAA/ACCT/EVENT/(0019BA47): NET UP

Jul 18 16:49:09.225: AAA/ACCT/HC(0019BA47): Update DOT11/00D04728

Jul 18 16:49:09.225: AAA/ACCT/HC(0019BA47): DOT11/00D04728 [pre-sess] (rx/tx) base 0/0 pre 1466/6195 call 1466/6195

Jul 18 16:49:09.226: AAA/ACCT/HC(0019BA47): DOT11/00D04728 [pre-sess] (rx/tx) adjusted, pre 1466/6195 call 0/0

Jul 18 16:49:13.566: AAA/ACCT/EVENT/(0019BA46): NET DOWN

Jul 18 16:49:13.567: AAA/ACCT/HC(0019BA46): Update DOT11/00CFE0A0

Jul 18 16:49:13.567: AAA/ACCT/HC(0019BA46): DOT11/00CFE0A0 [sess] (rx/tx) base 0/0 pre 1711/6366 call 10614/11397

Jul 18 16:49:13.568: AAA/ACCT/HC(0019BA46): DOT11/00CFE0A0 [sess] (rx/tx) adjusted, pre 1711/6366 call 8903/5031

Jul 18 16:49:13.568: AAA/ACCT/NET(0019BA46): Accounting record not sent

Jul 18 16:49:13.568: AAA/ACCT(0019BA46): del node, session 1686300

Jul 18 16:49:13.568: AAA/ACCT/NET(0019BA46): free_rec, count 0

Jul 18 16:49:13.568: AAA/ACCT/NET(0019BA46) reccnt 0, csr FALSE, osr 0

Jul 18 16:49:13.568: AAA/ACCT/HC(0019BA46): Deregister DOT11/00CFE0A0

Jul 18 16:49:13.569: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating Station 0012.f032.9758 Reason: Sending station has left the BSS

Jul 18 16:49:13.569: AAA/ACCT/EVENT/(0019BA46): CALL STOP

Jul 18 16:49:13.569: AAA/ACCT(0019BA46) reccnt 0, osr 0

Jul 18 16:49:14.664: AAA/ACCT/HC(0019BA48): Register DOT11/00CFE0A0 0bit/s, assuming 100Mbit/s, poll every 5m 0s

Jul 18 16:49:14.664: AAA/ACCT/HC(0019BA48): Update DOT11/00CFE0A0

Jul 18 16:49:14.665: AAA/ACCT/HC(0019BA48): DOT11/00CFE0A0 [init-sess] (rx/tx) base 0/0 pre 0/0 call 0/0

Jul 18 16:49:14.665: AAA/ACCT/HC(0019BA48): DOT11/00CFE0A0 [init-sess] (rx/tx) adjusted, pre 0/0 call 0/0

Jul 18 16:49:14.665: AAA/ACCT/EVENT/(0019BA48): CALL START

Jul 18 16:49:14.665: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.665: AAA/ACCT(00000000): add node, session 1686302

Jul 18 16:49:14.665: AAA/ACCT/NET(0019BA48): add, count 1

Jul 18 16:49:14.778: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.800: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.816: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.831: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.846: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.854: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.863: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.896: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.902: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.908: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.922: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.927: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:15.079: %DOT11-6-ASSOC: Interface Dot11Radio0, Station 0012.f032.9758 Associated KEY_MGMT[WPA]

Jul 18 16:49:15.080: AAA/ACCT/NET(0019BA48): Pick method list 'default'

Jul 18 16:49:15.080: AAA/ACCT/SETMLIST(0019BA48): Handle 0, mlist 00D33CF8, Name default

Jul 18 16:49:15.080: AAA/ACCT/EVENT/(0019BA48): NET UP

Jul 18 16:49:15.081: AAA/ACCT/HC(0019BA48): Update DOT11/00CFE0A0

Jul 18 16:49:15.082: AAA/ACCT/HC(0019BA48): DOT11/00CFE0A0 [pre-sess] (rx/tx) base 0/0 pre 1559/6444 call 1559/6444

Jul 18 16:49:15.082: AAA/ACCT/HC(0019BA48): DOT11/00CFE0A0 [pre-sess] (rx/tx) adjusted, pre 1559/6444 call 0/0

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode