Hello, Can you show me the output of:
netstat -nlp | grep 1813 Thanks, Ludovic Zammit [email protected] <mailto:[email protected]> :: +1.514.447.4918 (x145) :: www.inverse.ca <http://www.inverse.ca/> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu <http://www.sogo.nu/>) and PacketFence (http://packetfence.org <http://packetfence.org/>) > On Oct 18, 2020, at 5:21 AM, Kenny Wallrath <[email protected]> wrote: > > Hi Ludovic, > > I took another debug on the switch and packetfence. It seems that > Radius Accounting Start Packets are sent from > the switch to PF, anyways the online/offline state still is not > getting updated and PF is not sending accounting-response. > Also the pfacct.log remains empty > I attached the radsniff and my cisco debug below. > > This is what I configured on the switch side: > > aaa new-model > aaa group server radius PACKETFENCE > server name PACKETFENCE > aaa authentication login default local group radius > aaa authentication enable default enable > aaa authentication dot1x default group PACKETFENCE > aaa authorization console > aaa authorization exec default local group radius if-authenticated > aaa authorization network default group PACKETFENCE > aaa accounting update newinfo > aaa accounting dot1x default start-stop group PACKETFENCE > aaa accounting network default start-stop group PACKETFENCE > aaa accounting connection default start-stop group PACKETFENCE > aaa server radius dynamic-author > client 10.0.20.14 server-key xxxxxxxxxxxxxxxx > port 3799 > aaa session-id common > radius-server vsa send accounting > radius-server vsa send authentication > > > > Cisco "debug aaa accounting" > Oct 18 11:00:02.554: AAA/ACCT/DOT1X(0000005A): Pick method list 'default' > Oct 18 11:00:02.554: AAA/ACCT/SETMLIST(0000005A): Handle 0, mlist > 05861080, Name default > Oct 18 11:00:02.554: Getting session id for DOT1X(0000005A) : db=55391F0 > Oct 18 11:00:02.554: AAA/ACCT/DOT1X(0000005A): add, count 2 > Oct 18 11:00:03.513: AAA/ACCT/EVENT/(0000005A): ATTR REPLACE > Oct 18 11:00:03.513: AAA/ACCT(0000005A): Accounting response status = FAILURE > Oct 18 11:00:03.513: AAA/ACCT(0000005A): Send NEWINFO accounting > notification to EM failed > > Oct 18 11:00:03.550: %AUTHMGR-5-SUCCESS: Authorization succeeded for > client (b827.eb3f.01c8) on Interface Gi1/0/2 Aud itSessionID > 0A0014FD0000002ED5397B59 > Oct 18 11:00:03.550: AAA/ACCT/EVENT/(0000005A): NET UP > Oct 18 11:00:03.550: AAA/ACCT/HC(0000005A): Update Dot1X/2E00002F > Oct 18 11:00:03.550: AAA/ACCT/HC(0000005A): no HC Dot1X/2E00002F > Oct 18 11:00:03.550: AAA/ACCT/DOT1X(0000005A): Queueing record is START > Oct 18 11:00:03.550: AAA/ACCT(0000005A): Accounting method=PACKETFENCE > (RADIUS) > Oct 18 11:00:15.011: AAA/ACCT/EVENT/(0000005A): ATTR REPLACE > Oct 18 11:00:15.011: AAA/ACCT/HC(0000005A): Update Dot1X/2E00002F > Oct 18 11:00:15.011: AAA/ACCT/HC(0000005A): no HC Dot1X/2E00002F > Oct 18 11:00:15.011: AAA/ACCT/DOT1X(0000005A): Queueing record is NEWINFO > Oct 18 11:00:15.011: AAA/ACCT/EVENT/(0000005A): SESSION INFO > Oct 18 11:00:15.011: AAA/ACCT/HC(0000005A): Update Dot1X/2E00002F > Oct 18 11:00:15.011: AAA/ACCT/HC(0000005A): no HC Dot1X/2E00002F > Oct 18 11:00:15.011: AAA/ACCT/DOT1X(0000005A): Queueing record is UPDATE > Oct 18 11:00:15.016: AAA/ACCT(0000005A): Accounting method=PACKETFENCE > (RADIUS) > Oct 18 11:00:15.016: AAA/ACCT(0000005A): Accounting method=PACKETFENCE > (RADIUS) > Oct 18 11:00:23.719: AAA/ACCT/DOT1X(0000005A): START protocol reply FAIL > Oct 18 11:00:23.719: AAA/ACCT(0000005A): Accounting method=NOT_SET > Oct 18 11:00:23.719: AAA/ACCT(0000005A): Accounting response status = FAILURE > Oct 18 11:00:23.719: AAA/ACCT(0000005A): Send START accounting > notification to EM failed > Oct 18 11:00:23.719: AAA/ACCT(0000005A): mlist_periodic is not set, interval 0 > Oct 18 11:00:30.095: %RADIUS-4-RADIUS_DEAD: RADIUS server > 10.0.20.14:1812,1813 is not responding. > Oct 18 11:00:30.152: %RADIUS-4-RADIUS_ALIVE: RADIUS server > 10.0.20.14:1812,1813 is being marked alive. > Oct 18 11:00:35.107: AAA/ACCT/DOT1X(0000005A): NEWINFO protocol reply FAIL > Oct 18 11:00:35.107: AAA/ACCT(0000005A): Accounting method=NOT_SET > Oct 18 11:00:35.107: AAA/ACCT(0000005A): mlist_periodic is not set, interval 0 > > > Packetfence radsniff: > 2020-10-18 11:00:32.445522 (5) Accounting-Request Id 158 > eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +23.614 > User-Name = "b8:27:eb:3f:01:c8" > NAS-IP-Address = 10.0.20.253 > NAS-Port = 50102 > Service-Type = Framed-User > Framed-IP-Address = 169.254.118.80 > Called-Station-Id = "3C-0E-23-5A-3E-02" > Calling-Station-Id = "B8-27-EB-3F-01-C8" > NAS-Port-Type = Ethernet > Acct-Status-Type = Start > Acct-Delay-Time = 0 > Acct-Session-Id = "00000050" > Acct-Authentic = RADIUS > NAS-Port-Id = "GigabitEthernet1/0/2" > PMIP6-Home-HN-Prefix = 3039:4330:3842::/56 > Cisco-AVPair = "audit-session-id=0A0014FD0000002ED5397B59" > Cisco-AVPair = "connect-progress=Call Up" > Authenticator-Field = 0x603bc2274431edd546dc9c758d86191f > 2020-10-18 11:00:37.497158 (6) Accounting-Request Id 159 > eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +28.665 > User-Name = "b8:27:eb:3f:01:c8" > NAS-IP-Address = 10.0.20.253 > NAS-Port = 50102 > Service-Type = Framed-User > Framed-IP-Address = 169.254.118.80 > Called-Station-Id = "3C-0E-23-5A-3E-02" > Calling-Station-Id = "B8-27-EB-3F-01-C8" > NAS-Port-Type = Ethernet > Acct-Status-Type = Start > Acct-Delay-Time = 5 > Acct-Session-Id = "00000050" > Acct-Authentic = RADIUS > NAS-Port-Id = "GigabitEthernet1/0/2" > PMIP6-Home-HN-Prefix = 3039:4330:3842::/56 > Cisco-AVPair = "audit-session-id=0A0014FD0000002ED5397B59" > Cisco-AVPair = "connect-progress=Call Up" > Authenticator-Field = 0xfb92fbb9cc7ef65439c9c4e49d8283c6 > 2020-10-18 11:00:37.645522 (5) ** norsp ** Accounting-Request Id 158 > eth1:10.0.20.253:1646 -> 10.0.20.14:1813 > 2020-10-18 11:00:37.645522 (5) Cleaning up request packet ID 158 > 2020-10-18 11:00:42.551582 (7) Accounting-Request Id 160 > eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +33.720 > User-Name = "b8:27:eb:3f:01:c8" > NAS-IP-Address = 10.0.20.253 > NAS-Port = 50102 > Service-Type = Framed-User > Framed-IP-Address = 169.254.118.80 > Called-Station-Id = "3C-0E-23-5A-3E-02" > Calling-Station-Id = "B8-27-EB-3F-01-C8" > NAS-Port-Type = Ethernet > Acct-Status-Type = Start > Acct-Delay-Time = 10 > Acct-Session-Id = "00000050" > Acct-Authentic = RADIUS > NAS-Port-Id = "GigabitEthernet1/0/2" > PMIP6-Home-HN-Prefix = 3039:4330:3842::/56 > Cisco-AVPair = "audit-session-id=0A0014FD0000002ED5397B59" > Cisco-AVPair = "connect-progress=Call Up" > Authenticator-Field = 0x42233d99f083a7639d3684208165238f > 2020-10-18 11:00:42.697158 (6) ** norsp ** Accounting-Request Id 159 > eth1:10.0.20.253:1646 -> 10.0.20.14:1813 > 2020-10-18 11:00:42.697158 (6) Cleaning up request packet ID 159 > 2020-10-18 11:00:43.911491 (8) Accounting-Request Id 161 > eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +35.080 > User-Name = "b8:27:eb:3f:01:c8" > NAS-IP-Address = 10.0.20.253 > NAS-Port = 50102 > Service-Type = Framed-User > Framed-IP-Address = 10.0.40.61 > Called-Station-Id = "3C-0E-23-5A-3E-02" > Calling-Station-Id = "B8-27-EB-3F-01-C8" > NAS-Port-Type = Ethernet > Acct-Status-Type = Interim-Update > Acct-Delay-Time = 0 > Acct-Input-Octets = 2857 > Acct-Output-Octets = 9508 > Acct-Session-Id = "00000050" > Acct-Authentic = RADIUS > Acct-Session-Time = 12 > Acct-Input-Packets = 17 > Acct-Output-Packets = 35 > NAS-Port-Id = "GigabitEthernet1/0/2" > PMIP6-Home-HN-Prefix = 3039:4330:3842::/56 > Cisco-AVPair = "audit-session-id=0A0014FD0000002ED5397B59" > Cisco-AVPair = "connect-progress=Call Up" > Authenticator-Field = 0x2dbd87095bebf4a1b6ee64255131b410 > 2020-10-18 11:00:43.912010 (9) Accounting-Request Id 162 > eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +35.080 > User-Name = "b8:27:eb:3f:01:c8" > NAS-IP-Address = 10.0.20.253 > NAS-Port = 50102 > Service-Type = Framed-User > Framed-IP-Address = 10.0.40.61 > Called-Station-Id = "3C-0E-23-5A-3E-02" > Calling-Station-Id = "B8-27-EB-3F-01-C8" > NAS-Port-Type = Ethernet > Acct-Status-Type = Interim-Update > Acct-Delay-Time = 0 > Acct-Input-Octets = 2857 > Acct-Output-Octets = 9508 > Acct-Session-Id = "00000050" > Acct-Authentic = RADIUS > Acct-Session-Time = 12 > Acct-Input-Packets = 17 > Acct-Output-Packets = 35 > NAS-Port-Id = "GigabitEthernet1/0/2" > PMIP6-Home-HN-Prefix = 3039:4330:3842::/56 > Cisco-AVPair = "audit-session-id=0A0014FD0000002ED5397B59" > Cisco-AVPair = "connect-progress=Call Up" > Authenticator-Field = 0xb0a63e46552c8152ef507257f9e10b72 > 2020-10-18 11:00:47.595411 (10) Accounting-Request Id 163 > eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +38.763 > User-Name = "b8:27:eb:3f:01:c8" > NAS-IP-Address = 10.0.20.253 > NAS-Port = 50102 > Service-Type = Framed-User > Framed-IP-Address = 169.254.118.80 > Called-Station-Id = "3C-0E-23-5A-3E-02" > Calling-Station-Id = "B8-27-EB-3F-01-C8" > NAS-Port-Type = Ethernet > Acct-Status-Type = Start > Acct-Delay-Time = 15 > Acct-Session-Id = "00000050" > Acct-Authentic = RADIUS > NAS-Port-Id = "GigabitEthernet1/0/2" > PMIP6-Home-HN-Prefix = 3039:4330:3842::/56 > Cisco-AVPair = "audit-session-id=0A0014FD0000002ED5397B59" > Cisco-AVPair = "connect-progress=Call Up" > Authenticator-Field = 0xdc631f70c7df87de580a8d5c38561393 > 2020-10-18 11:00:47.751582 (7) ** norsp ** Accounting-Request Id 160 > eth1:10.0.20.253:1646 -> 10.0.20.14:1813 > 2020-10-18 11:00:47.751582 (7) Cleaning up request packet ID 160 > > Am Fr., 16. Okt. 2020 um 14:30 Uhr schrieb Ludovic Zammit > <[email protected]>: >> >> Hello Kenny, >> >> PacketFence is looking for Accouting start / stop packet for the online >> offline. >> >> It looks like the device does not send the Acct-Status-Type: Start or Stop. >> >> Thanks, >> >> >> Ludovic Zammit >> [email protected] :: +1.514.447.4918 (x145) :: www.inverse.ca >> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence >> (http://packetfence.org) >> >> >> >> >> >> On Oct 15, 2020, at 5:52 AM, Kenny Wallrath via PacketFence-users >> <[email protected]> wrote: >> >> Hi everyone, >> >> I am currently trying to get the online/offline state working. It >> seems that the state is working if requests are coming from Wireless >> AccessPoints (My device gets registered when online and unregistered >> when offline) >> But if I try the same with my Cisco 2960S switches the nodes remain >> "unknown". >> >> From what I understood pfacct supersedes radiusd-acct. The service >> pfacct is running and there is no firewall in between. Switch is >> configured to send accounting to PF on port 1813. >> My switch debug tells me that there is no response from Server, which >> I also can verify on PF side. A TCPDUMP shows that Radius Accounting >> Requests arrive at the PF but no response is being generated. >> If I check the pfacct.log it is empty... I pasted a radsniff on port >> 1813 below... >> >> Interestingly, if I disable pfacct and enable radiusd-acct a >> Accounting-Reply is generated to the switch but the online/offline >> state remains unknown. >> >> 2020-10-15 11:42:21.448660 (5) Accounting-Request Id 49 >> eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +10.924 >> User-Name = "b8:27:eb:3f:01:c8" >> NAS-IP-Address = 10.0.20.253 >> NAS-Port = 50102 >> Service-Type = Framed-User >> Framed-IP-Address = 10.0.40.61 >> Called-Station-Id = "3C-0E-23-5A-3E-02" >> Calling-Station-Id = "B8-27-EB-3F-01-C8" >> NAS-Port-Type = Ethernet >> Acct-Status-Type = Interim-Update >> Acct-Delay-Time = 10 >> Acct-Input-Octets = 15178 >> Acct-Output-Octets = 1620296 >> Acct-Session-Id = "0000004B" >> Acct-Authentic = RADIUS >> Acct-Session-Time = 6229 >> Acct-Input-Packets = 225 >> Acct-Output-Packets = 9530 >> NAS-Port-Id = "GigabitEthernet1/0/2" >> PMIP6-Home-HN-Prefix = 3831:3437:4232::/57 >> Cisco-AVPair = "audit-session-id=0A0014FD0000002AC57E41EC" >> Cisco-AVPair = "connect-progress=Auth Open" >> Authenticator-Field = 0xe184ba9b392f14f26741c4f7c64c815a >> 2020-10-15 11:42:21.214706 (4) ** norsp ** Accounting-Request Id 48 >> eth1:10.0.20.253:1646 -> 10.0.20.14:1813 >> 2020-10-15 11:42:21.214706 (4) Cleaning up request packet ID 48 >> 2020-10-15 11:42:26.606010 (6) Accounting-Request Id 50 >> eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +15.940 >> User-Name = "b8:27:eb:3f:01:c8" >> NAS-IP-Address = 10.0.20.253 >> NAS-Port = 50102 >> Service-Type = Framed-User >> Framed-IP-Address = 10.0.40.61 >> Called-Station-Id = "3C-0E-23-5A-3E-02" >> Calling-Station-Id = "B8-27-EB-3F-01-C8" >> NAS-Port-Type = Ethernet >> Acct-Status-Type = Interim-Update >> Acct-Delay-Time = 15 >> Acct-Input-Octets = 15178 >> Acct-Output-Octets = 1620296 >> Acct-Session-Id = "0000004B" >> Acct-Authentic = RADIUS >> Acct-Session-Time = 6229 >> Acct-Input-Packets = 225 >> Acct-Output-Packets = 9530 >> NAS-Port-Id = "GigabitEthernet1/0/2" >> PMIP6-Home-HN-Prefix = 3831:3437:4232::/57 >> Cisco-AVPair = "audit-session-id=0A0014FD0000002AC57E41EC" >> Cisco-AVPair = "connect-progress=Auth Open" >> Authenticator-Field = 0xe77e42cc33f62dcd1164461139b59e6d >> 2020-10-15 11:42:26.244866 (5) ** norsp ** Accounting-Request Id 49 >> eth1:10.0.20.253:1646 -> 10.0.20.14:1813 >> 2020-10-15 11:42:26.244866 (5) Cleaning up request packet ID 49 >> 2020-10-15 11:42:31.260601 (6) ** norsp ** Accounting-Request Id 50 >> eth1:10.0.20.253:1646 -> 10.0.20.14:1813 >> 2020-10-15 11:42:31.260601 (6) Cleaning up request packet ID 50 >> >> >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> >>
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
