Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
542
Views
0
Helpful
2
Replies

aaa accounting Aironet 1100

admin_2
Level 3
Level 3

‎08-11-2003 04:43 PM - edited ‎07-04-2021 08:56 AM

Hi,

I have been able to get mac-authentication working with my Funk SBR AAA server. Being keen on punishment, I though I would get accounting to work as well. I think I am close, but I don't see the accounting packets going out to the AAA server, only the authentication packets. Here is the aaa relivant sections of the config...

aaa new-model

aaa group server radius moonbox

aaa authentication login default group radius local

aaa accounting exec default start-stop group radius

aaa accounting network default start-stop group radius

aaa accounting connection default start-stop group radius

aaa session-id common

...here is the ssid section for the dot 0 interface...

ssid tsunami

authentication open mac-address default

accounting default

guest-mode

...here is the radius section...

ip radius source-interface BVI1

radius-server host xxxx auth-port xxxx acct-port xxxx key xxx

radius-server retransmit 3

...Here is what happens when I ifconfig up the pcmcia card...

CiscoCS1100#show debug

General OS:

AAA Authentication debugging is on

AAA Authorization debugging is on

AAA Accounting debugging is on

AAA Subsystem debugs debugging is on

AAA DB debugs debugging is on

dot11 aaa:

Mac Authentication debugging is on

Radius protocol debugging is on

Radius packet protocol (accounting) debugging is on

dot11:

IEEE 802.11 packets debugging is on

CiscoCS1100#term mon

CiscoCS1100#

...this is where I push in the pcmcia card...

08:48:54: AAA/ACCT/EVENT/(000000BE): NET DOWN

08:48:54: AAA/ACCT/NET(000000BE): Method list not found <- this part gets me its like I can't get accounting to go to the network.

08:48:54: AAA/ACCT(000000BE):acctdb->rec_count = 0..sending signal

08:48:54: AAA/ACCT(000000BE): Interface DB not enqueued

08:48:54: AAA/DB(000000BF): Creating DB element.

08:48:54: AAA/DB(000000BF): Adding Interface

08:48:54: AAA/DB(000000BF): Adding Client

08:48:54: AAA/DB(000000BF): Adding General

08:48:54: AAA/ACCT/EVENT/(000000BF): CALL START

08:48:54: AAA/DB(000000BF): Adding Accounting

08:48:54: AAA/ACCT/NET(000000BF): Rec init, Session Id=191

08:48:54: dot11_aaa_mac_auth: method_list: default

08:48:54: dot11_aaa_mac_auth: method_index: 0xFFFFFFFF, req: 0x64BDA4

08:48:54: dot11_aaa_mac_auth: client->unique_id: 0xBF

08:48:54: AAA/AUTHEN/LOGIN (000000BF): Pick method list 'default'

08:48:54: AAA/DB(000000BE): Deleting Accounting

08:48:54: AAA/DB(000000BE): Deleting Radius

08:48:54: AAA/DB(000000BE): Deleting Interface

08:48:54: AAA/DB(000000BE): Deleting Authen

08:48:54: AAA/DB(000000BE): Deleting General

08:48:54: AAA/DB(000000BE): Deleting Client

08:48:54: AAA/DB(000000BE): Deleting DB element.

08:48:54: AAA SRV(000000BF): process authen req

08:48:54: AAA SRV(000000BF): Authen method=SERVER_GROUP radius

08:48:54: AAA/DB(000000BF): Adding Radius

08:48:54: AAA SRV(000000BF): protocol reply PASS

08:48:54: AAA/DB(000000BF): Adding Authen

08:48:54: AAA SRV(000000BF): Return Authentication status=PASS

08:48:54: dot11_mac_process_reply: AAA reply for 000c.3002.1f57 PASSED

...Now the pcmcia card gets popped out...

CiscoCS1100#

08:49:02: AAA/ACCT/EVENT/(000000BF): NET DOWN

08:49:02: AAA/ACCT/NET(000000BF): Method list not found <- this part bugs me.

08:49:02: AAA/ACCT(000000BF):acctdb->rec_count = 0..sending signal

08:49:02: AAA/ACCT(000000BF): Interface DB not enqueued

08:49:02: AAA/DB(000000C0): Creating DB element.

08:49:02: AAA/DB(000000C0): Adding Interface

08:49:02: AAA/DB(000000C0): Adding Client

08:49:02: AAA/DB(000000C0): Adding General

08:49:02: AAA/ACCT/EVENT/(000000C0): CALL START

08:49:02: AAA/DB(000000C0): Adding Accounting

08:49:02: AAA/ACCT/NET(000000C0): Rec init, Session Id=192

08:49:02: dot11_aaa_mac_auth: method_list: default

08:49:02: dot11_aaa_mac_auth: method_index: 0xFFFFFFFF, req: 0x74957C

08:49:02: dot11_aaa_mac_auth: client->unique_id: 0xC0

08:49:02: AAA/AUTHEN/LOGIN (000000C0): Pick method list 'default'

08:49:02: AAA/DB(000000BF): Deleting Accounting

08:49:02: AAA/DB(000000BF): Deleting Radius

08:49:02: AAA/DB(000000BF): Deleting Interface

08:49:02: AAA/DB(000000BF): Deleting Authen

08:49:02: AAA/DB(000000BF): Deleting General

08:49:02: AAA/DB(000000BF): Deleting Client

08:49:02: AAA/DB(000000BF): Deleting DB element.

08:49:02: AAA SRV(000000C0): process authen req

08:49:02: AAA SRV(000000C0): Authen method=SERVER_GROUP radius

08:49:03: AAA/DB(000000C0): Adding Radius

08:49:03: AAA SRV(000000C0): protocol reply PASS

08:49:03: AAA/DB(000000C0): Adding Authen

08:49:03: AAA SRV(000000C0): Return Authentication status=PASS

08:49:03: dot11_mac_process_reply: AAA reply for 000c.3002.1f57 PASSED

...any ideas? Thanks,

Bryan

Labels:
0 Helpful
2 Replies 2

Not applicable

‎08-11-2003 04:55 PM

I forgot to include...

CiscoCS1100#show aaa method-lists all

authen queue=AAA_ML_AUTHEN_LOGIN

name=default valid=1 id=FFFFFFFF : SERVER_GROUP radius LOCAL

authen queue=AAA_ML_AUTHEN_ENABLE

authen queue=AAA_ML_AUTHEN_PPP

authen queue=AAA_ML_AUTHEN_ARAP

authen queue=AAA_ML_AUTHEN_NASI

permanent lists

name=Permanent Enable None valid=1 id=FFFFFFFF : ENABLE NONE

name=Permanent Enable valid=1 id=FFFFFFFF : ENABLE

name=Permanent None valid=1 id=FFFFFFFF : NONE

name=Permanent Local valid=1 id=FFFFFFFF : LOCAL

author queue=AAA_ML_AUTHOR_SHELL

author queue=AAA_ML_AUTHOR_NET

name=default valid=0 id=FFFFFFFF : SERVER_GROUP radius

author queue=AAA_ML_AUTHOR_CONN

author queue=AAA_ML_AUTHOR_IPMOBILE

author queue=AAA_ML_AUTHOR_COMMAND

author queue=AAA_ML_AUTHOR_RM

author queue=AAA_ML_AUTHOR_CONFIG

author queue=AAA_ML_AUTHOR_AUTH_PROXY

author queue=AAA_ML_AUTHOR_PREAUTH

permanent lists

name=local-list valid=1 id=FFFFFFFF : LOCAL

acct queue=AAA_ML_ACCT_SHELL

name=default valid=1 id=FFFFFFFF Action=START STOP : SERVER_GROUP radius

acct queue=AAA_ML_ACCT_NET

name=default valid=0 id=FFFFFFFF Action=START STOP : SERVER_GROUP radius

acct queue=AAA_ML_ACCT_CONN

name=default valid=1 id=FFFFFFFF Action=START STOP : SERVER_GROUP radius

acct queue=AAA_ML_ACCT_SYSTEM

acct queue=AAA_ML_ACCT_RESOURCE

name=default valid=0 id=FFFFFFFF Action=START STOP : SERVER_GROUP radius

acct queue=AAA_ML_ACCT_RM

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

permanent lists

name=Permanent None valid=1 id=FFFFFFFF Action=NOT_SET : NONE

...Thought it would be helpful.

...thanks

0 Helpful

wanart
Level 1
Level 1

‎10-09-2003 01:27 PM

Look up this url: http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo1200/accsspts/b12211ja/b12211cr/cr11main.htm#2449819

This command should do the trick!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card