I'll try to be clear :) We have Cisco 2500 with IOS 12.0(4) and it seems to have such bug...
Some user tries to log in on this Cisco, and gets Access-Reject, but Cisco (I don't know whether it has already processed Access-Reject at this moment) sends Accounting-Stop packet for that user without corresponding Accounting-Start packet. Probably, this user disconnects BEFORE Cisco gets Access-Reject, and then it decided to send Stop-record... Did anybody see such problem and what are possible workarounds for this sutuations? Thanks in advice... These are logs from our proxy freeradius: rad_recv: Access-Request packet from host <cisco>:1645, id=38, length=78 Thread 1 assigned request 4550 --- Walking the entire request list --- Threads: total/active/spare threads = 5/1/4 Nothing to do. Sleeping until we see a request. Thread 1 handling request 4550, (826 handled so far) NAS-IP-Address = <cisco> NAS-Port = 4 NAS-Port-Type = Async User-Name = "HACKER" Called-Station-Id = "" User-Password = "..." Service-Type = Framed-User Framed-Protocol = PPP ... Sending Access-Reject of id 38 to <cisco>:1645 Reply-Message = "*** User HACKER already online!\n\r\n" Finished request 4550 Going to the next request Thread 2 waiting to be assigned a request rad_recv: Accounting-Request packet from host <cisco>:1646, id=39, length=100 Thread 3 assigned request 4552 --- Walking the entire request list --- Waking up in 6 seconds... Thread 3 handling request 4552, (826 handled so far) NAS-IP-Address = <cisco> NAS-Port = 4 NAS-Port-Type = Async User-Name = "HACKER" Called-Station-Id = "" Acct-Status-Type = Stop Acct-Authentic = RADIUS Service-Type = Framed-User Acct-Session-Id = "0000A931" Acct-Input-Packets = 0 Acct-Output-Packets = 0 Acct-Session-Time = 0 Acct-Delay-Time = 0 ... -- Fduch M. Pravking - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html