I am configuring a 5350 to work with a RADIUS server. The 5350 sends an Access Request and receives the access request, as seen below. But it is not parsing proper values in my TCL script variables. I have configured the NAS using Cisco manuals: aaa authorization, vsa etc are all enabled as shown below. What is it that I am missing or not doing properly.
Any pointers / help will be highly appreciated
All IP and identifiable info sanitized. The sanitized configuration info is attached for reference.
21:10:18: RADIUS(00000048): Storing nasport 0 in rad_db
21:10:18: RADIUS(00000048): Config NAS IP: 0.0.0.0
meaning you set the values for these attributes to 0, 1, 0, 1, 20.0000 respectively. However, for h323 Av pairs specifically, the actual attribute return values should not just be the value, but be the attribute name and the value.
For example, a working debug on my router here shows the following:
Nov 29 101409 RADIUS Vendor, Cisco  26
Nov 29 101409 RADIUS h323-return-code  20 "h323-return-code=0"
Nov 29 101409 RADIUS Vendor, Cisco  30
Nov 29 101409 RADIUS h323-preferred-lang 24 "h323-preferred-lang=en"
Nov 29 101409 RADIUS Vendor, Cisco  34
Nov 29 101409 RADIUS h323-credit-amount  28 "h323-credit-amount=-180.26"
Nov 29 101409 RADIUS Vendor, Cisco  23
Nov 29 101409 RADIUS h323-billing-model  17 "billing-model=0"
Nov 29 101409 RADIUS Vendor, Cisco  25
Nov 29 101409 RADIUS h323-currency  19 "currency-type=USD"
See how the attribute value as defined on my Radius server for h323-return-code is "h323-return-code=0", as opposed to just "0" like you have defined. Never been sure why you have to do it this way, it's just the way the IOS coders implemented it.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...