---------- Forwarded Message ----------
Subject: BOUNCE [EMAIL PROTECTED]: Non-member submission from ["Ollis,
Stephen" <[EMAIL PROTECTED]>]
Date: Thu, 4 Oct 2001 02:31:00 -0500
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
>From [EMAIL PROTECTED] Thu Oct 4 02:31:00 2001
Received: from cnhon1imr4.i.wcom.com.hk (mailhost3.wcom.com.hk
[202.130.178.68]) by server1.open.com.au (8.11.0/8.11.0) with ESMTP id
f947Ux305579
for <[EMAIL PROTECTED]>; Thu, 4 Oct 2001 02:30:59 -0500
X-Internal-ID: 3BA9ED2F0004C130
Received: from cnhon1imr4.i.wcom.com.hk (166.45.172.22) by
cnhon1imr4.i.wcom.com.hk (NPlex 3.0.036) for [EMAIL PROTECTED]; Thu, 4
Oct 2001 10:15:14 +0100 Received: from cnhon1gw0.i.wcom.com.hk
(cnhon1gw0.i.wcom.com.hk [166.45.172.46]) by cnhon1imr4.i.wcom.com.hk with
SMTP (MailShield v2.04 - WIN32 Jul 17 2001 17:12:42); Thu, 04 Oct 2001
10:14:47 +0100 Received: by cnhon1gw0.i.wcom.com.hk with Internet Mail
Service (5.5.2653.19) id <4185SYHG>; Thu, 4 Oct 2001 17:15:36 +0800
Message-ID: <C1CFCBF00D83D511871E00508B638F254B6F06@AUSYD1EX4>
From: "Ollis, Stephen" <[EMAIL PROTECTED]>
To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
Subject: Cisco router sending 4 RADIUS accts per login
Date: Thu, 4 Oct 2001 17:15:06 +0800
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: multipart/mixed;
boundary="----_=_NextPart_000_01C14CB5.0F1795C0"
X-SMTP-HELO: cnhon1gw0.i.wcom.com.hk
X-SMTP-MAIL-FROM: [EMAIL PROTECTED]
X-SMTP-PEER-INFO: cnhon1gw0.i.wcom.com.hk [166.45.172.46]
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_000_01C14CB5.0F1795C0
Content-Type: text/plain;
charset="iso-8859-1"
I have an L2TP setup using a Cisco 4500 acting as the Tunnel EndPoint,
and an Ascend TNT as the Tunnel Initiator. There is a Radiator platform
which is used as the Tunnel Auth Server which proxies the request
to our production Radius servers and strips out the L2TP setup
parameters. This all works fine!
Except...
I get 3 copies of each of the acct-start and acct-stop records.
How can I make it stop?
Radius specific CISCO config lines are:
aaa new-model
aaa authentication ppp default local
aaa authentication ppp vpdn group radius
aaa accounting network default start-stop group radius
!
radius-server host x.x.x.x auth-port 1645 acct-port 1646
radius-server retransmit 3
radius-server key XXXXXXXXXXX
Radiator config is:
# Set this to the directory where your logfile and details file are to go
LogDir /var/log/radius
LogFile %L/radius.%Y%m%d.log
Trace 3
# Set this to the database directory. It should contain these files:
# users The user database
# dictionary The dictionary for your NAS
DbDir /usr/local/etc/raddb
# we're mulithomed, so we'll hard specify the interface we want.
BindAddress x.x.x.x
# This clause defines a single client to listen to
<Client CI.SC.OB.OX>
Secret XXXXXXXXXXXXXX
DupInterval 30
</Client>
# For testing: this allows us to honour requests from radpwtst
# on the same host.
<Client localhost>
Secret mysecret
DupInterval 0
</Client>
<Realm DEFAULT>
<AuthBy RADIUS>
StripFromReply
Tunnel-Type,Tunnel-Medium-Type,Tunnel-Server-Endpoint
Host prod-radius1,prod-radius2,prod-radius3
Secret XXXXXXXXXXXXX
AuthPort 1645
AcctPort 1646
IgnoreAccounting
</AuthBy>
# Log accounting to the detail file in LogDir
AuthLog %L/proxy-auth.%Y%m%d.log
AcctLogFileName %L/proxy-detail.%Y%m%d.log
</Realm>
Excerpt of trace 4 log:
---
UUNET Asia Pacific, Network Services Ph: +61 2 9434 5172
Stephen Ollis <[EMAIL PROTECTED]> Fx: +61 2 9434 5800
Systems Technical Assistance Centre, Manager Mb: 0410 599462
Level 3, 203 Pacific Highway, St. Leonards NSW 2065 AUSTRALIA
"Never be afraid to take a risk; amateurs built the Ark,
professionals built the Titanic.." - unknown
PGP Key available- http://www.ozemail.com.au/~sollis/public-key.asc
------_=_NextPart_000_01C14CB5.0F1795C0
Content-Type: application/octet-stream;
name="radius.log"
Content-Disposition: attachment;
filename="radius.log"
Thu Oct 4 19:08:28 2001
NAS-IP-Address = CI.SC.OB.OX
NAS-Port = 1
NAS-Port-Type = Async
User-Name = "tunneluser"
Called-Station-Id = "xxxxxxxxxx"
Calling-Station-Id = "02xxyyyyyyyy"
Acct-Status-Type = Stop
Acct-Authentic = RADIUS
Service-Type = Framed-User
Acct-Session-Id = "00000044"
Framed-Protocol = PPP
Framed-IP-Address = cis.co.ip.pool
Acct-Terminate-Cause = User-Request
Acct-Input-Octets = 14958
Acct-Output-Octets = 105195
Acct-Input-Packets = 184
Acct-Output-Packets = 213
Acct-Session-Time = 73
Acct-Delay-Time = 0
Timestamp = 1002186508
Thu Oct 4 19:08:33 2001
NAS-IP-Address = CI.SC.OB.OX
NAS-Port = 1
NAS-Port-Type = Async
User-Name = "tunneluser"
Called-Station-Id = "xxxxxxxxxx"
Calling-Station-Id = "02xxyyyyyyyy"
Acct-Status-Type = Stop
Acct-Authentic = RADIUS
Service-Type = Framed-User
Acct-Session-Id = "00000044"
Framed-Protocol = PPP
Framed-IP-Address = cis.co.ip.pool
Acct-Terminate-Cause = User-Request
Acct-Input-Octets = 14958
Acct-Output-Octets = 105195
Acct-Input-Packets = 184
Acct-Output-Packets = 213
Acct-Session-Time = 73
Acct-Delay-Time = 5
Timestamp = 1002186508
Thu Oct 4 19:08:38 2001
NAS-IP-Address = CI.SC.OB.OX
NAS-Port = 1
NAS-Port-Type = Async
User-Name = "tunneluser"
Called-Station-Id = "xxxxxxxxxx"
Calling-Station-Id = "02xxyyyyyyyy"
Acct-Status-Type = Stop
Acct-Authentic = RADIUS
Service-Type = Framed-User
Acct-Session-Id = "00000044"
Framed-Protocol = PPP
Framed-IP-Address = cis.co.ip.pool
Acct-Terminate-Cause = User-Request
Acct-Input-Octets = 14958
Acct-Output-Octets = 105195
Acct-Input-Packets = 184
Acct-Output-Packets = 213
Acct-Session-Time = 73
Acct-Delay-Time = 10
Timestamp = 1002186508
Thu Oct 4 19:08:43 2001
NAS-IP-Address = CI.SC.OB.OX
NAS-Port = 1
NAS-Port-Type = Async
User-Name = "tunneluser"
Called-Station-Id = "xxxxxxxxxx"
Calling-Station-Id = "02xxyyyyyyyy"
Acct-Status-Type = Stop
Acct-Authentic = RADIUS
Service-Type = Framed-User
Acct-Session-Id = "00000044"
Framed-Protocol = PPP
Framed-IP-Address = cis.co.ip.pool
Acct-Terminate-Cause = User-Request
Acct-Input-Octets = 14958
Acct-Output-Octets = 105195
Acct-Input-Packets = 184
Acct-Output-Packets = 213
Acct-Session-Time = 73
Acct-Delay-Time = 15
Timestamp = 1002186508
------_=_NextPart_000_01C14CB5.0F1795C0--
-------------------------------------------------------
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.