On Tue, 27 Mar 2007, Hugh Irvine wrote:
Hello Joe -
There is a RADIUS "Reply-Message" reply attribute that can be used to send
any message you wish in an Access-Reject. However the display of whatever is
sent in the "Reply-Message" is up to your NAS equipment and/or connecting
client device. In my experience there are almost no client devices that
actually display the "Reply-Message", but as always YMMV.
It seems to me this would be something best reserved for the radius
server, not the end-user to track.
And it seems trivial to get (at least on 2 out of 3) radius servers to
have them log a line to syslog/your choice of log file upon failures,
including which of your three scenarios caused the failure..
- d.
On 26 Mar 2007, at 23:50, Joe Shen wrote:
We want to identify the exact reason for customer
complaint. So, it that possible to extend radius
server and Broadband Access Server ( Juniper E series)
to echo different error code for different reason.
E.g.
Error code 691 for wrong password
Error code 851 for wrong access port
Error code 852 for exceeding limit of concurrent
session number
--
Dominic J. Eidson
"Baruk Khazad! Khazad ai-menu!" - Gimli
----------------------------------------------------------------------------
http://www.the-infinite.org/
