Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPDN And Radius

Dear All;

At my radius I have problem with stop record , when I check the debug menu I find that the lns send the username twice which is wrong it must send it once , I don't know where is the problem could it be at aaa configuration the following are aaa configuration at my LNS router :

aaa authentication login vpdn group radius

aaa authentication ppp vpdn group radius

aaa authorization network default group radius

aaa accounting suppress null-username

aaa accounting update newinfo

aaa accounting exec default start-stop group radius

aaa accounting network default wait-start group radius

aaa accounting system default start-stop group radius

aaa session-id common

could you please find where the problem is

regards

Alaa Musa

  • Other Security Subjects
3 REPLIES
Cisco Employee

Re: VPDN And Radius

LNS should not send the username twice in one accounting packet to radius..config looks ok to me but just turn on "debug radius" and post it here so that we can decode the accounting packet to radius from LNS and see whats going on...Tejal

New Member

Re: VPDN And Radius

Dear Sir :

Thanks for you response the following are the debug for radius at LNS router

Jun 26 08:36:15: RADIUS: Acct-Session-Id [44] 10 "00003F9C"

Jun 26 08:36:15: RADIUS: Tunnel-Server-Endpoi[67] 15 00:"212.118.2.22"

Jun 26 08:36:15: RADIUS: Tunnel-Client-Endpoi[66] 14 00:"212.34.0.50"

Jun 26 08:36:15: RADIUS: Tunnel-Assignment-Id[82] 4 00:"1"

Jun 26 08:36:15: RADIUS: Tunnel-Type [64] 6 00:L2TP [3]

Jun 26 08:36:15: RADIUS: Acct-Tunnel-Connecti[68] 8 "181229"

Jun 26 08:36:15: RADIUS: Tunnel-Client-Auth-I[90] 11 00:"BASo-TLA"

Jun 26 08:36:15: RADIUS: Tunnel-Server-Auth-I[91] 11 00:"LNS_ADSL"

Jun 26 08:36:15: RADIUS: Framed-Protocol [7] 6 PPP [1]

Jun 26 08:36:15: RADIUS: Framed-IP-Address [8] 6 212.118.6.233

Jun 26 08:36:15: RADIUS: User-Name [1] 19 "momaiyaz@adslnets"

Jun 26 08:36:15: RADIUS: Acct-Session-Time [46] 6 104

Jun 26 08:36:15: RADIUS: Acct-Input-Octets [42] 6 108757

Jun 26 08:36:15: RADIUS: Acct-Output-Octets [43] 6 1072685

Jun 26 08:36:15: RADIUS: Acct-Input-Packets [47] 6 920

Jun 26 08:36:15: RADIUS: Acct-Output-Packets [48] 6 1070

Jun 26 08:36:15: RADIUS: Acct-Terminate-Cause[49] 6 user-request [1]

Jun 26 08:36:15: RADIUS: Authentic [45] 6 RADIUS [1]

Jun 26 08:36:15: RADIUS: User-Name [1] 19 "momaiyaz@adslnets"

Jun 26 08:36:15: RADIUS: Acct-Status-Type [40] 6 Stop [2]

Jun 26 08:36:15: RADIUS: NAS-Port [5] 6 25

Jun 26 08:36:15: RADIUS: NAS-Port-Type [61] 6 Virtual [5]

Jun 26 08:36:15: RADIUS: Service-Type [6] 6 Framed [2]

Jun 26 08:36:15: RADIUS: NAS-IP-Address [4] 6 212.118.2.121

Jun 26 08:36:15: RADIUS: Event-Timestamp [55] 6 1025080575

Jun 26 08:36:15: RADIUS: Acct-Delay-Time [41] 6 0

And The IOS At LNS router are : c3660-js-mz.122-8.T4.bin

Regards

Alaa Musa

Cisco Employee

Re: VPDN And Radius

I agree with you..Router is sending the username twice in "accounting-stop" record..Here is the bug for that issue CSCdw79914..Its resolved in 12.2(9.2)T onwards so wait for 12.2(10)T to be released..or contact a www.cisco.com/tac for more..Thanks..Tejal

240
Views
0
Helpful
3
Replies