Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

noc
New Member

Unable to log Radius Attribute 40 from NAS device 1230AG AP

Hi all,

I am trying to get a Radius Reporting tool (Radrep) working but to do this I require stop and start accounting records (Attribute 40 - Acct-Status-Type) in my RADIUS accounting server (IAS) log files.

Definition:

Radius Attribute 40 (Acct-Status-Type - Number Specifies whether accounting packet starts or stops a bridging, routing, or terminal server session.)

All IAS local file property settings are checked - accounting, authentication requests and periodic status are set to be logged.

IAS is listening on ports 1812,1645 for RADIUS authentication info and ports 1813,1646 for accounting info.

The AP is a 1230 AG using version 12.3(8)JEA, below are the aaa directives:

aaa new-model

!

!

aaa group server radius rad_eap

server x.x.x.x auth-port 1645 acct-port 1646

!

aaa group server radius rad_mac

!

aaa group server radius rad_acct

!

aaa group server radius rad_admin

!

aaa group server tacacs+ tac_admin

!

aaa group server radius rad_pmip

!

aaa group server radius dummy

!

aaa authentication login default local

aaa authentication login eap_methods group rad_eap

aaa authentication login mac_methods local

aaa authorization exec default local

aaa accounting delay-start

aaa accounting exec default start-stop group radius

aaa accounting network default start-stop broadcast group radius

aaa session-id common

!

------------

ip http authentication aaa

ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

ip radius source-interface BVI1

!

snmp-server community ******** RO

radius-server attribute 32 include-in-access-req format %h

radius-server host ********** auth-port 1645 acct-port 1646 key 7 *******************

radius-server vsa send accounting

!

I am able to log IAS heder data (NAS-IP-Address, User-Name, Record-Date, Record-Time, Service-Name, Computer-Name) and a quite a few others IAS radius attributes (Attributes: 4, 5, 6, 7, 12, 25,30, 31, 32, 61, 62, 87, 4108, 4116, 4120, 4127, 4128, 4129, 4130, 4132, 4136, 4142, 4149, 4154, 4155, 8100).

Can anyone tell me if I need to upgrade my IOS or add some different configuration?

Many thanks,

2 REPLIES
noc
New Member

Re: Unable to log Radius Attribute 40 from NAS device 1230AG AP

Here is the debug aaa accounting output when I connected to the AP.

Jul 18 16:49:08.917: AAA/ACCT/HC(0019BA47): Register DOT11/00D04728 0bit/s, assuming 100Mbit/s, poll every 5m 0s

Jul 18 16:49:08.917: AAA/ACCT/HC(0019BA47): Update DOT11/00D04728

Jul 18 16:49:08.917: AAA/ACCT/HC(0019BA47): DOT11/00D04728 [init-sess] (rx/tx) base 0/0 pre 0/0 call 0/0

Jul 18 16:49:08.917: AAA/ACCT/HC(0019BA47): DOT11/00D04728 [init-sess] (rx/tx) adjusted, pre 0/0 call 0/0

Jul 18 16:49:08.917: AAA/ACCT/EVENT/(0019BA47): CALL START

Jul 18 16:49:08.917: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:08.918: AAA/ACCT(00000000): add node, session 1686301

Jul 18 16:49:08.918: AAA/ACCT/NET(0019BA47): add, count 1

Jul 18 16:49:08.995: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.012: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.113: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.137: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.146: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.158: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.170: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.175: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.182: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.191: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.196: Getting session id for NET(0019BA47) : db=D4E918

Jul 18 16:49:09.224: %DOT11-6-ASSOC: Interface Dot11Radio0, Station 0013.ce0e.3ac5 Associated KEY_MGMT[WPA]

Jul 18 16:49:09.224: AAA/ACCT/NET(0019BA47): Pick method list 'default'

Jul 18 16:49:09.224: AAA/ACCT/SETMLIST(0019BA47): Handle 0, mlist 00D33CF8, Name default

Jul 18 16:49:09.225: AAA/ACCT/EVENT/(0019BA47): NET UP

Jul 18 16:49:09.225: AAA/ACCT/HC(0019BA47): Update DOT11/00D04728

Jul 18 16:49:09.225: AAA/ACCT/HC(0019BA47): DOT11/00D04728 [pre-sess] (rx/tx) base 0/0 pre 1466/6195 call 1466/6195

Jul 18 16:49:09.226: AAA/ACCT/HC(0019BA47): DOT11/00D04728 [pre-sess] (rx/tx) adjusted, pre 1466/6195 call 0/0

Jul 18 16:49:13.566: AAA/ACCT/EVENT/(0019BA46): NET DOWN

Jul 18 16:49:13.567: AAA/ACCT/HC(0019BA46): Update DOT11/00CFE0A0

Jul 18 16:49:13.567: AAA/ACCT/HC(0019BA46): DOT11/00CFE0A0 [sess] (rx/tx) base 0/0 pre 1711/6366 call 10614/11397

Jul 18 16:49:13.568: AAA/ACCT/HC(0019BA46): DOT11/00CFE0A0 [sess] (rx/tx) adjusted, pre 1711/6366 call 8903/5031

Jul 18 16:49:13.568: AAA/ACCT/NET(0019BA46): Accounting record not sent

Jul 18 16:49:13.568: AAA/ACCT(0019BA46): del node, session 1686300

Jul 18 16:49:13.568: AAA/ACCT/NET(0019BA46): free_rec, count 0

Jul 18 16:49:13.568: AAA/ACCT/NET(0019BA46) reccnt 0, csr FALSE, osr 0

Jul 18 16:49:13.568: AAA/ACCT/HC(0019BA46): Deregister DOT11/00CFE0A0

Jul 18 16:49:13.569: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating Station 0012.f032.9758 Reason: Sending station has left the BSS

noc
New Member

Re: Unable to log Radius Attribute 40 from NAS device 1230AG AP

Jul 18 16:49:13.569: AAA/ACCT/EVENT/(0019BA46): CALL STOP

Jul 18 16:49:13.569: AAA/ACCT(0019BA46) reccnt 0, osr 0

Jul 18 16:49:14.664: AAA/ACCT/HC(0019BA48): Register DOT11/00CFE0A0 0bit/s, assuming 100Mbit/s, poll every 5m 0s

Jul 18 16:49:14.664: AAA/ACCT/HC(0019BA48): Update DOT11/00CFE0A0

Jul 18 16:49:14.665: AAA/ACCT/HC(0019BA48): DOT11/00CFE0A0 [init-sess] (rx/tx) base 0/0 pre 0/0 call 0/0

Jul 18 16:49:14.665: AAA/ACCT/HC(0019BA48): DOT11/00CFE0A0 [init-sess] (rx/tx) adjusted, pre 0/0 call 0/0

Jul 18 16:49:14.665: AAA/ACCT/EVENT/(0019BA48): CALL START

Jul 18 16:49:14.665: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.665: AAA/ACCT(00000000): add node, session 1686302

Jul 18 16:49:14.665: AAA/ACCT/NET(0019BA48): add, count 1

Jul 18 16:49:14.778: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.800: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.816: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.831: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.846: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.854: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.863: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.896: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.902: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.908: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.922: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:14.927: Getting session id for NET(0019BA48) : db=D0095C

Jul 18 16:49:15.079: %DOT11-6-ASSOC: Interface Dot11Radio0, Station 0012.f032.9758 Associated KEY_MGMT[WPA]

Jul 18 16:49:15.080: AAA/ACCT/NET(0019BA48): Pick method list 'default'

Jul 18 16:49:15.080: AAA/ACCT/SETMLIST(0019BA48): Handle 0, mlist 00D33CF8, Name default

Jul 18 16:49:15.080: AAA/ACCT/EVENT/(0019BA48): NET UP

Jul 18 16:49:15.081: AAA/ACCT/HC(0019BA48): Update DOT11/00CFE0A0

Jul 18 16:49:15.082: AAA/ACCT/HC(0019BA48): DOT11/00CFE0A0 [pre-sess] (rx/tx) base 0/0 pre 1559/6444 call 1559/6444

Jul 18 16:49:15.082: AAA/ACCT/HC(0019BA48): DOT11/00CFE0A0 [pre-sess] (rx/tx) adjusted, pre 1559/6444 call 0/0

157
Views
0
Helpful
2
Replies