AP 1252 in autonomous mode not sending framed-ip-address

Unanswered Question
Nov 20th, 2008

I was attempting to use the Websense RADIUS Agent to transparently map wireless users in it's database. This is done by passing the RADIUS accounting packets through the websense server where Websense can read them and map the username and password. This works for our Cisco VPN clients and Anyconnect clients. The problem I have is that the 1252 AP does not send the framed-ip-address in the RADIUS accounting packet. The AP should know the client IP since it can be seen with "show dot11 association".

For whatever reason, the AP doesn't know the IP address. This is verified by enabling aaa acounting delay-start which delays the sending accounting packets until the peer IP is known. With this command in, no accounting packets are ever sent from the AP.

Does anyone know why the AP doesn't include the framed-ip-address in the accounting packets? Or, why the AP is not able to learn the peer IP address from the client association information?

Thanks,

Mark

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
carenas123 Thu, 11/27/2008 - 05:13

For a session to be disconnected, the values in one or more of the key fields in the POD request must match the values for a session on one of the network access server ports. Which values must match depends on the auth-type attribute defined in the command. If noauth-type is specified, all four values must match. If no match is found, all connections remain intact and an error response is returned. The key fields are as follows:

User-Name

Framed-IP-Address

Session-Id

Server-Key

MARK BAKER Mon, 12/01/2008 - 05:26

Thanks Carenas123.

I didn't quite follow your repsonse. I'm not sure you understood the question I was asking. The question is why is the framed-ip-address not included in the 1252's RADIUS accounting packets?

Also, I had a mistake in my description. Websense RADIUS agent maps username/IP not username/password.

Thanks,

Mark

Actions

This Discussion

 

 

Trending Topics - Security & Network