Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

aaa accounting Aironet 1100

Hi,

I have been able to get mac-authentication working with my Funk SBR AAA server. Being keen on punishment, I though I would get accounting to work as well. I think I am close, but I don't see the accounting packets going out to the AAA server, only the authentication packets. Here is the aaa relivant sections of the config...

aaa new-model

aaa group server radius moonbox

aaa authentication login default group radius local

aaa accounting exec default start-stop group radius

aaa accounting network default start-stop group radius

aaa accounting connection default start-stop group radius

aaa session-id common

...here is the ssid section for the dot 0 interface...

ssid tsunami

authentication open mac-address default

accounting default

guest-mode

...here is the radius section...

ip radius source-interface BVI1

radius-server host xxxx auth-port xxxx acct-port xxxx key xxx

radius-server retransmit 3

...Here is what happens when I ifconfig up the pcmcia card...

CiscoCS1100#show debug

General OS:

AAA Authentication debugging is on

AAA Authorization debugging is on

AAA Accounting debugging is on

AAA Subsystem debugs debugging is on

AAA DB debugs debugging is on

dot11 aaa:

Mac Authentication debugging is on

Radius protocol debugging is on

Radius packet protocol (accounting) debugging is on

dot11:

IEEE 802.11 packets debugging is on

CiscoCS1100#term mon

CiscoCS1100#

...this is where I push in the pcmcia card...

08:48:54: AAA/ACCT/EVENT/(000000BE): NET DOWN

08:48:54: AAA/ACCT/NET(000000BE): Method list not found <- this part gets me its like I can't get accounting to go to the network.

08:48:54: AAA/ACCT(000000BE):acctdb->rec_count = 0..sending signal

08:48:54: AAA/ACCT(000000BE): Interface DB not enqueued

08:48:54: AAA/DB(000000BF): Creating DB element.

08:48:54: AAA/DB(000000BF): Adding Interface

08:48:54: AAA/DB(000000BF): Adding Client

08:48:54: AAA/DB(000000BF): Adding General

08:48:54: AAA/ACCT/EVENT/(000000BF): CALL START

08:48:54: AAA/DB(000000BF): Adding Accounting

08:48:54: AAA/ACCT/NET(000000BF): Rec init, Session Id=191

08:48:54: dot11_aaa_mac_auth: method_list: default

08:48:54: dot11_aaa_mac_auth: method_index: 0xFFFFFFFF, req: 0x64BDA4

08:48:54: dot11_aaa_mac_auth: client->unique_id: 0xBF

08:48:54: AAA/AUTHEN/LOGIN (000000BF): Pick method list 'default'

08:48:54: AAA/DB(000000BE): Deleting Accounting

08:48:54: AAA/DB(000000BE): Deleting Radius

08:48:54: AAA/DB(000000BE): Deleting Interface

08:48:54: AAA/DB(000000BE): Deleting Authen

08:48:54: AAA/DB(000000BE): Deleting General

08:48:54: AAA/DB(000000BE): Deleting Client

08:48:54: AAA/DB(000000BE): Deleting DB element.

08:48:54: AAA SRV(000000BF): process authen req

08:48:54: AAA SRV(000000BF): Authen method=SERVER_GROUP radius

08:48:54: AAA/DB(000000BF): Adding Radius

08:48:54: AAA SRV(000000BF): protocol reply PASS

08:48:54: AAA/DB(000000BF): Adding Authen

08:48:54: AAA SRV(000000BF): Return Authentication status=PASS

08:48:54: dot11_mac_process_reply: AAA reply for 000c.3002.1f57 PASSED

...Now the pcmcia card gets popped out...

CiscoCS1100#

08:49:02: AAA/ACCT/EVENT/(000000BF): NET DOWN

08:49:02: AAA/ACCT/NET(000000BF): Method list not found <- this part bugs me.

08:49:02: AAA/ACCT(000000BF):acctdb->rec_count = 0..sending signal

08:49:02: AAA/ACCT(000000BF): Interface DB not enqueued

08:49:02: AAA/DB(000000C0): Creating DB element.

08:49:02: AAA/DB(000000C0): Adding Interface

08:49:02: AAA/DB(000000C0): Adding Client

08:49:02: AAA/DB(000000C0): Adding General

08:49:02: AAA/ACCT/EVENT/(000000C0): CALL START

08:49:02: AAA/DB(000000C0): Adding Accounting

08:49:02: AAA/ACCT/NET(000000C0): Rec init, Session Id=192

08:49:02: dot11_aaa_mac_auth: method_list: default

08:49:02: dot11_aaa_mac_auth: method_index: 0xFFFFFFFF, req: 0x74957C

08:49:02: dot11_aaa_mac_auth: client->unique_id: 0xC0

08:49:02: AAA/AUTHEN/LOGIN (000000C0): Pick method list 'default'

08:49:02: AAA/DB(000000BF): Deleting Accounting

08:49:02: AAA/DB(000000BF): Deleting Radius

08:49:02: AAA/DB(000000BF): Deleting Interface

08:49:02: AAA/DB(000000BF): Deleting Authen

08:49:02: AAA/DB(000000BF): Deleting General

08:49:02: AAA/DB(000000BF): Deleting Client

08:49:02: AAA/DB(000000BF): Deleting DB element.

08:49:02: AAA SRV(000000C0): process authen req

08:49:02: AAA SRV(000000C0): Authen method=SERVER_GROUP radius

08:49:03: AAA/DB(000000C0): Adding Radius

08:49:03: AAA SRV(000000C0): protocol reply PASS

08:49:03: AAA/DB(000000C0): Adding Authen

08:49:03: AAA SRV(000000C0): Return Authentication status=PASS

08:49:03: dot11_mac_process_reply: AAA reply for 000c.3002.1f57 PASSED

...any ideas? Thanks,

Bryan

2 REPLIES
Anonymous
N/A

Re: aaa accounting Aironet 1100

I forgot to include...

CiscoCS1100#show aaa method-lists all

authen queue=AAA_ML_AUTHEN_LOGIN

name=default valid=1 id=FFFFFFFF : SERVER_GROUP radius LOCAL

authen queue=AAA_ML_AUTHEN_ENABLE

authen queue=AAA_ML_AUTHEN_PPP

authen queue=AAA_ML_AUTHEN_ARAP

authen queue=AAA_ML_AUTHEN_NASI

permanent lists

name=Permanent Enable None valid=1 id=FFFFFFFF : ENABLE NONE

name=Permanent Enable valid=1 id=FFFFFFFF : ENABLE

name=Permanent None valid=1 id=FFFFFFFF : NONE

name=Permanent Local valid=1 id=FFFFFFFF : LOCAL

author queue=AAA_ML_AUTHOR_SHELL

author queue=AAA_ML_AUTHOR_NET

name=default valid=0 id=FFFFFFFF : SERVER_GROUP radius

author queue=AAA_ML_AUTHOR_CONN

author queue=AAA_ML_AUTHOR_IPMOBILE

author queue=AAA_ML_AUTHOR_COMMAND

author queue=AAA_ML_AUTHOR_RM

author queue=AAA_ML_AUTHOR_CONFIG

author queue=AAA_ML_AUTHOR_AUTH_PROXY

author queue=AAA_ML_AUTHOR_PREAUTH

permanent lists

name=local-list valid=1 id=FFFFFFFF : LOCAL

acct queue=AAA_ML_ACCT_SHELL

name=default valid=1 id=FFFFFFFF Action=START STOP : SERVER_GROUP radius

acct queue=AAA_ML_ACCT_NET

name=default valid=0 id=FFFFFFFF Action=START STOP : SERVER_GROUP radius

acct queue=AAA_ML_ACCT_CONN

name=default valid=1 id=FFFFFFFF Action=START STOP : SERVER_GROUP radius

acct queue=AAA_ML_ACCT_SYSTEM

acct queue=AAA_ML_ACCT_RESOURCE

name=default valid=0 id=FFFFFFFF Action=START STOP : SERVER_GROUP radius

acct queue=AAA_ML_ACCT_RM

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

acct queue=AAA_ML_ACCT_COMMAND

permanent lists

name=Permanent None valid=1 id=FFFFFFFF Action=NOT_SET : NONE

...Thought it would be helpful.

...thanks

New Member

Re: aaa accounting Aironet 1100

306
Views
0
Helpful
2
Replies
CreatePlease to create content