Hi Ludovic,
I took another debug on the switch and packetfence. It seems that
Radius Accounting Start Packets are sent from
the switch to PF, anyways the online/offline state still is not
getting updated and PF is not sending accounting-response.
Also the pfacct.log remains empty
I attached the radsniff and my cisco debug below.
This is what I configured on the switch side:
aaa new-model
aaa group server radius PACKETFENCE
server name PACKETFENCE
aaa authentication login default local group radius
aaa authentication enable default enable
aaa authentication dot1x default group PACKETFENCE
aaa authorization console
aaa authorization exec default local group radius if-authenticated
aaa authorization network default group PACKETFENCE
aaa accounting update newinfo
aaa accounting dot1x default start-stop group PACKETFENCE
aaa accounting network default start-stop group PACKETFENCE
aaa accounting connection default start-stop group PACKETFENCE
aaa server radius dynamic-author
client 10.0.20.14 server-key xxxxxxxxxxxxxxxx
port 3799
aaa session-id common
radius-server vsa send accounting
radius-server vsa send authentication
Cisco "debug aaa accounting"
Oct 18 11:00:02.554: AAA/ACCT/DOT1X(0000005A): Pick method list 'default'
Oct 18 11:00:02.554: AAA/ACCT/SETMLIST(0000005A): Handle 0, mlist
05861080, Name default
Oct 18 11:00:02.554: Getting session id for DOT1X(0000005A) : db=55391F0
Oct 18 11:00:02.554: AAA/ACCT/DOT1X(0000005A): add, count 2
Oct 18 11:00:03.513: AAA/ACCT/EVENT/(0000005A): ATTR REPLACE
Oct 18 11:00:03.513: AAA/ACCT(0000005A): Accounting response status = FAILURE
Oct 18 11:00:03.513: AAA/ACCT(0000005A): Send NEWINFO accounting
notification to EM failed
Oct 18 11:00:03.550: %AUTHMGR-5-SUCCESS: Authorization succeeded for
client (b827.eb3f.01c8) on Interface Gi1/0/2 Aud itSessionID
0A0014FD0000002ED5397B59
Oct 18 11:00:03.550: AAA/ACCT/EVENT/(0000005A): NET UP
Oct 18 11:00:03.550: AAA/ACCT/HC(0000005A): Update Dot1X/2E00002F
Oct 18 11:00:03.550: AAA/ACCT/HC(0000005A): no HC Dot1X/2E00002F
Oct 18 11:00:03.550: AAA/ACCT/DOT1X(0000005A): Queueing record is START
Oct 18 11:00:03.550: AAA/ACCT(0000005A): Accounting method=PACKETFENCE (RADIUS)
Oct 18 11:00:15.011: AAA/ACCT/EVENT/(0000005A): ATTR REPLACE
Oct 18 11:00:15.011: AAA/ACCT/HC(0000005A): Update Dot1X/2E00002F
Oct 18 11:00:15.011: AAA/ACCT/HC(0000005A): no HC Dot1X/2E00002F
Oct 18 11:00:15.011: AAA/ACCT/DOT1X(0000005A): Queueing record is NEWINFO
Oct 18 11:00:15.011: AAA/ACCT/EVENT/(0000005A): SESSION INFO
Oct 18 11:00:15.011: AAA/ACCT/HC(0000005A): Update Dot1X/2E00002F
Oct 18 11:00:15.011: AAA/ACCT/HC(0000005A): no HC Dot1X/2E00002F
Oct 18 11:00:15.011: AAA/ACCT/DOT1X(0000005A): Queueing record is UPDATE
Oct 18 11:00:15.016: AAA/ACCT(0000005A): Accounting method=PACKETFENCE (RADIUS)
Oct 18 11:00:15.016: AAA/ACCT(0000005A): Accounting method=PACKETFENCE (RADIUS)
Oct 18 11:00:23.719: AAA/ACCT/DOT1X(0000005A): START protocol reply FAIL
Oct 18 11:00:23.719: AAA/ACCT(0000005A): Accounting method=NOT_SET
Oct 18 11:00:23.719: AAA/ACCT(0000005A): Accounting response status = FAILURE
Oct 18 11:00:23.719: AAA/ACCT(0000005A): Send START accounting
notification to EM failed
Oct 18 11:00:23.719: AAA/ACCT(0000005A): mlist_periodic is not set, interval 0
Oct 18 11:00:30.095: %RADIUS-4-RADIUS_DEAD: RADIUS server
10.0.20.14:1812,1813 is not responding.
Oct 18 11:00:30.152: %RADIUS-4-RADIUS_ALIVE: RADIUS server
10.0.20.14:1812,1813 is being marked alive.
Oct 18 11:00:35.107: AAA/ACCT/DOT1X(0000005A): NEWINFO protocol reply FAIL
Oct 18 11:00:35.107: AAA/ACCT(0000005A): Accounting method=NOT_SET
Oct 18 11:00:35.107: AAA/ACCT(0000005A): mlist_periodic is not set, interval 0
Packetfence radsniff:
2020-10-18 11:00:32.445522 (5) Accounting-Request Id 158
eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +23.614
User-Name = "b8:27:eb:3f:01:c8"
NAS-IP-Address = 10.0.20.253
NAS-Port = 50102
Service-Type = Framed-User
Framed-IP-Address = 169.254.118.80
Called-Station-Id = "3C-0E-23-5A-3E-02"
Calling-Station-Id = "B8-27-EB-3F-01-C8"
NAS-Port-Type = Ethernet
Acct-Status-Type = Start
Acct-Delay-Time = 0
Acct-Session-Id = "00000050"
Acct-Authentic = RADIUS
NAS-Port-Id = "GigabitEthernet1/0/2"
PMIP6-Home-HN-Prefix = 3039:4330:3842::/56
Cisco-AVPair = "audit-session-id=0A0014FD0000002ED5397B59"
Cisco-AVPair = "connect-progress=Call Up"
Authenticator-Field = 0x603bc2274431edd546dc9c758d86191f
2020-10-18 11:00:37.497158 (6) Accounting-Request Id 159
eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +28.665
User-Name = "b8:27:eb:3f:01:c8"
NAS-IP-Address = 10.0.20.253
NAS-Port = 50102
Service-Type = Framed-User
Framed-IP-Address = 169.254.118.80
Called-Station-Id = "3C-0E-23-5A-3E-02"
Calling-Station-Id = "B8-27-EB-3F-01-C8"
NAS-Port-Type = Ethernet
Acct-Status-Type = Start
Acct-Delay-Time = 5
Acct-Session-Id = "00000050"
Acct-Authentic = RADIUS
NAS-Port-Id = "GigabitEthernet1/0/2"
PMIP6-Home-HN-Prefix = 3039:4330:3842::/56
Cisco-AVPair = "audit-session-id=0A0014FD0000002ED5397B59"
Cisco-AVPair = "connect-progress=Call Up"
Authenticator-Field = 0xfb92fbb9cc7ef65439c9c4e49d8283c6
2020-10-18 11:00:37.645522 (5) ** norsp ** Accounting-Request Id 158
eth1:10.0.20.253:1646 -> 10.0.20.14:1813
2020-10-18 11:00:37.645522 (5) Cleaning up request packet ID 158
2020-10-18 11:00:42.551582 (7) Accounting-Request Id 160
eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +33.720
User-Name = "b8:27:eb:3f:01:c8"
NAS-IP-Address = 10.0.20.253
NAS-Port = 50102
Service-Type = Framed-User
Framed-IP-Address = 169.254.118.80
Called-Station-Id = "3C-0E-23-5A-3E-02"
Calling-Station-Id = "B8-27-EB-3F-01-C8"
NAS-Port-Type = Ethernet
Acct-Status-Type = Start
Acct-Delay-Time = 10
Acct-Session-Id = "00000050"
Acct-Authentic = RADIUS
NAS-Port-Id = "GigabitEthernet1/0/2"
PMIP6-Home-HN-Prefix = 3039:4330:3842::/56
Cisco-AVPair = "audit-session-id=0A0014FD0000002ED5397B59"
Cisco-AVPair = "connect-progress=Call Up"
Authenticator-Field = 0x42233d99f083a7639d3684208165238f
2020-10-18 11:00:42.697158 (6) ** norsp ** Accounting-Request Id 159
eth1:10.0.20.253:1646 -> 10.0.20.14:1813
2020-10-18 11:00:42.697158 (6) Cleaning up request packet ID 159
2020-10-18 11:00:43.911491 (8) Accounting-Request Id 161
eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +35.080
User-Name = "b8:27:eb:3f:01:c8"
NAS-IP-Address = 10.0.20.253
NAS-Port = 50102
Service-Type = Framed-User
Framed-IP-Address = 10.0.40.61
Called-Station-Id = "3C-0E-23-5A-3E-02"
Calling-Station-Id = "B8-27-EB-3F-01-C8"
NAS-Port-Type = Ethernet
Acct-Status-Type = Interim-Update
Acct-Delay-Time = 0
Acct-Input-Octets = 2857
Acct-Output-Octets = 9508
Acct-Session-Id = "00000050"
Acct-Authentic = RADIUS
Acct-Session-Time = 12
Acct-Input-Packets = 17
Acct-Output-Packets = 35
NAS-Port-Id = "GigabitEthernet1/0/2"
PMIP6-Home-HN-Prefix = 3039:4330:3842::/56
Cisco-AVPair = "audit-session-id=0A0014FD0000002ED5397B59"
Cisco-AVPair = "connect-progress=Call Up"
Authenticator-Field = 0x2dbd87095bebf4a1b6ee64255131b410
2020-10-18 11:00:43.912010 (9) Accounting-Request Id 162
eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +35.080
User-Name = "b8:27:eb:3f:01:c8"
NAS-IP-Address = 10.0.20.253
NAS-Port = 50102
Service-Type = Framed-User
Framed-IP-Address = 10.0.40.61
Called-Station-Id = "3C-0E-23-5A-3E-02"
Calling-Station-Id = "B8-27-EB-3F-01-C8"
NAS-Port-Type = Ethernet
Acct-Status-Type = Interim-Update
Acct-Delay-Time = 0
Acct-Input-Octets = 2857
Acct-Output-Octets = 9508
Acct-Session-Id = "00000050"
Acct-Authentic = RADIUS
Acct-Session-Time = 12
Acct-Input-Packets = 17
Acct-Output-Packets = 35
NAS-Port-Id = "GigabitEthernet1/0/2"
PMIP6-Home-HN-Prefix = 3039:4330:3842::/56
Cisco-AVPair = "audit-session-id=0A0014FD0000002ED5397B59"
Cisco-AVPair = "connect-progress=Call Up"
Authenticator-Field = 0xb0a63e46552c8152ef507257f9e10b72
2020-10-18 11:00:47.595411 (10) Accounting-Request Id 163
eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +38.763
User-Name = "b8:27:eb:3f:01:c8"
NAS-IP-Address = 10.0.20.253
NAS-Port = 50102
Service-Type = Framed-User
Framed-IP-Address = 169.254.118.80
Called-Station-Id = "3C-0E-23-5A-3E-02"
Calling-Station-Id = "B8-27-EB-3F-01-C8"
NAS-Port-Type = Ethernet
Acct-Status-Type = Start
Acct-Delay-Time = 15
Acct-Session-Id = "00000050"
Acct-Authentic = RADIUS
NAS-Port-Id = "GigabitEthernet1/0/2"
PMIP6-Home-HN-Prefix = 3039:4330:3842::/56
Cisco-AVPair = "audit-session-id=0A0014FD0000002ED5397B59"
Cisco-AVPair = "connect-progress=Call Up"
Authenticator-Field = 0xdc631f70c7df87de580a8d5c38561393
2020-10-18 11:00:47.751582 (7) ** norsp ** Accounting-Request Id 160
eth1:10.0.20.253:1646 -> 10.0.20.14:1813
2020-10-18 11:00:47.751582 (7) Cleaning up request packet ID 160
Am Fr., 16. Okt. 2020 um 14:30 Uhr schrieb Ludovic Zammit <[email protected]>:
>
> Hello Kenny,
>
> PacketFence is looking for Accouting start / stop packet for the online
> offline.
>
> It looks like the device does not send the Acct-Status-Type: Start or Stop.
>
> Thanks,
>
>
> Ludovic Zammit
> [email protected] :: +1.514.447.4918 (x145) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
> (http://packetfence.org)
>
>
>
>
>
> On Oct 15, 2020, at 5:52 AM, Kenny Wallrath via PacketFence-users
> <[email protected]> wrote:
>
> Hi everyone,
>
> I am currently trying to get the online/offline state working. It
> seems that the state is working if requests are coming from Wireless
> AccessPoints (My device gets registered when online and unregistered
> when offline)
> But if I try the same with my Cisco 2960S switches the nodes remain "unknown".
>
> From what I understood pfacct supersedes radiusd-acct. The service
> pfacct is running and there is no firewall in between. Switch is
> configured to send accounting to PF on port 1813.
> My switch debug tells me that there is no response from Server, which
> I also can verify on PF side. A TCPDUMP shows that Radius Accounting
> Requests arrive at the PF but no response is being generated.
> If I check the pfacct.log it is empty... I pasted a radsniff on port
> 1813 below...
>
> Interestingly, if I disable pfacct and enable radiusd-acct a
> Accounting-Reply is generated to the switch but the online/offline
> state remains unknown.
>
> 2020-10-15 11:42:21.448660 (5) Accounting-Request Id 49
> eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +10.924
> User-Name = "b8:27:eb:3f:01:c8"
> NAS-IP-Address = 10.0.20.253
> NAS-Port = 50102
> Service-Type = Framed-User
> Framed-IP-Address = 10.0.40.61
> Called-Station-Id = "3C-0E-23-5A-3E-02"
> Calling-Station-Id = "B8-27-EB-3F-01-C8"
> NAS-Port-Type = Ethernet
> Acct-Status-Type = Interim-Update
> Acct-Delay-Time = 10
> Acct-Input-Octets = 15178
> Acct-Output-Octets = 1620296
> Acct-Session-Id = "0000004B"
> Acct-Authentic = RADIUS
> Acct-Session-Time = 6229
> Acct-Input-Packets = 225
> Acct-Output-Packets = 9530
> NAS-Port-Id = "GigabitEthernet1/0/2"
> PMIP6-Home-HN-Prefix = 3831:3437:4232::/57
> Cisco-AVPair = "audit-session-id=0A0014FD0000002AC57E41EC"
> Cisco-AVPair = "connect-progress=Auth Open"
> Authenticator-Field = 0xe184ba9b392f14f26741c4f7c64c815a
> 2020-10-15 11:42:21.214706 (4) ** norsp ** Accounting-Request Id 48
> eth1:10.0.20.253:1646 -> 10.0.20.14:1813
> 2020-10-15 11:42:21.214706 (4) Cleaning up request packet ID 48
> 2020-10-15 11:42:26.606010 (6) Accounting-Request Id 50
> eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +15.940
> User-Name = "b8:27:eb:3f:01:c8"
> NAS-IP-Address = 10.0.20.253
> NAS-Port = 50102
> Service-Type = Framed-User
> Framed-IP-Address = 10.0.40.61
> Called-Station-Id = "3C-0E-23-5A-3E-02"
> Calling-Station-Id = "B8-27-EB-3F-01-C8"
> NAS-Port-Type = Ethernet
> Acct-Status-Type = Interim-Update
> Acct-Delay-Time = 15
> Acct-Input-Octets = 15178
> Acct-Output-Octets = 1620296
> Acct-Session-Id = "0000004B"
> Acct-Authentic = RADIUS
> Acct-Session-Time = 6229
> Acct-Input-Packets = 225
> Acct-Output-Packets = 9530
> NAS-Port-Id = "GigabitEthernet1/0/2"
> PMIP6-Home-HN-Prefix = 3831:3437:4232::/57
> Cisco-AVPair = "audit-session-id=0A0014FD0000002AC57E41EC"
> Cisco-AVPair = "connect-progress=Auth Open"
> Authenticator-Field = 0xe77e42cc33f62dcd1164461139b59e6d
> 2020-10-15 11:42:26.244866 (5) ** norsp ** Accounting-Request Id 49
> eth1:10.0.20.253:1646 -> 10.0.20.14:1813
> 2020-10-15 11:42:26.244866 (5) Cleaning up request packet ID 49
> 2020-10-15 11:42:31.260601 (6) ** norsp ** Accounting-Request Id 50
> eth1:10.0.20.253:1646 -> 10.0.20.14:1813
> 2020-10-15 11:42:31.260601 (6) Cleaning up request packet ID 50
>
>
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
