Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

AS5300 & Radius Attributes - Framed-IP-Address: 32 or 8?????

I am trying to get the AS to send me the Ip address of the dial-up client so that I can work with the Domain/IP Address combination.

I tried "aaa accounting update newinfo" - I get my IP Address, but also too much additional info which places an added load on the SQL server.

The other bit of advice pulled off the Cisco site is the following:

"radius-server attribute .........."

According to the Radius Attribute spec sheet, "Framed-IP-Address = 8"

however according to the AS (and a 2600 I had a quick look at) gives the "Framed-IP-Address = 32"

I have entered the "32" in the command, but fail to get any additional info from the Server.

In the "Cisco Attribute" list the Attribute 32 shows up as 'not supported'.

How do I get the IP address into the Radius Start Packet?

Lutz.

5 REPLIES
Bronze

Re: AS5300 & Radius Attributes - Framed-IP-Address: 32 or 8?????

"aaa accounting update newinfo" is really the best way to do this. Otherwise, if the server is being overburdened you can use "aaa accounting delay-start". Note that thi

The "framed-ip-address" (AV 8) is the attribute used by the server to notify the NAS what address to use for the peer; I don't think this is what you are interested in (if you want the NAS to tell the server what address is being used, versus the other way around).

Bronze

Re: AS5300 & Radius Attributes - Framed-IP-Address: 32 or 8?????

Correction: it is AV8 that you are interested in, not AV32. The NAS should notify the server of the address used using AV8.

New Member

Re: AS5300 & Radius Attributes - Framed-IP-Address: 32 or 8?????

That is correct - that is what I am looking for.

I want the NAS to send me additional Info (dial-up IP Address) in the Radius Packet so that I can extract it on the Radius server and execute a Dynamic DNS Script - so that I can register the dial-up client (Address/Domain) on the DNS.

The following link: http://www.cisco.com/en/US/products/sw/iosswrel/ps1834/products_feature_guide09186a00800804e0.html

describes it all very well except that throughout the description AV8 is being used whereas the NAS gives me AV32 as Framed-IP-Address.

I know that Framed-IP-Address is AV8, but the NAS does not allow me to enter an "8" in the following statement:

"radius-server attribute 8 include-in-access-req"

Instead it returns: "Unknown command...."

Could this be an IOS Error? Or should I try to poke and pop on the bit level?

Bronze

Re: AS5300 & Radius Attributes - Framed-IP-Address: 32 or 8?????

If the parser is rejecting the command, ensure that you are running code that supports it (12.1(5)T and later, or any 12.2). The command was initially hidden, and then unhidden in 12.2(7) and all 12.2T and later code. Technically speaking, it's only when it is unhidden that it is officially supported, so you may want to ensure you have the latest 12.2M code to test. Make sure too that you remove the command "aaa accounting update newinfo"; it should no longer be required. Finally, ensure that the AV32 is indeed showing up as the Framed-IP-Address (which would be wrong) versus the NAS-address (which would be correct).

New Member

Re: AS5300 & Radius Attributes - Framed-IP-Address: 32 or 8?????

Solved. :)

Thank you for your time. We have installed a new IOS (12.2.12) and it does indeed show me AV 8 = Framed-IP-Address and AV 32 = Nas Address.

The AS5300 also sends the IP address through.

Thank you once again.

Have a GREAT Day.

316
Views
0
Helpful
5
Replies