At 07:15 PM 5/17/2002 +0100, freeradius-users wrote:
>[EMAIL PROTECTED] wrote:
>
> >Read the docs. This is covered in the 'cisco' readme in the 'docs'
> >directory.
>
>I did that before posting to the list... ;-).
>
>
> >You need to add a config command to your cisco NAS that tells them not
> >to send the accounting packet until it has assigned the IP.
>
>The docs (correctly, according to Cisco's web site) note that from IOS 11.3
>you can do the "aaa accounting update new-info" to do that. Oddly, our
>11.2 box has this command in it's config (without error).
11.2 is really really old, wow. That predates even the 11.3 docs, which
was about the first release that was marginally functional for a NAS.
11.3 and later ( 12.0, 12.1, 12.2 ) all have the command:
aaa accounting delay-start
which causes the nas to wait until it has an IP assigned. I would highly
recommend updating to a more recent IOS.
>My initial thought was actually that the NAS wasn't including the username
>in the update request. Nope - the old RADIUS server picked it up just
>fine... the problem only exists with FR. Either that, or the old RADIUS did
>some extrapolation to work out the missing user name (e.g. using session
>ID's or something). If it wasn't for the fact that this kit is in co-lo
>miles away I'd run over there and plug in a sniffer to be sure...
You may need to modify/update your 'sql.conf', so that the username is
pulled correctly from the packet. See the part where it discusess the
options you can use to set what values ( and what order it tries ) to
find the username to use.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless! \ Director, Engineering
| @ @ | \ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\------------------------------------------------------
\ Wholesale Internet Services - http://www.megapop.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
