Hello James -
The first thing to understand is that there are two different things going on with the radius protocol. The first is the access request and and corresponding access accept - this is the authentication and authorisation phase. After the session has been established as a result of the NAS processing the access accept, the accounting start is generated - and of course the accounting stop is generated at the end of the session.
On the Cisco at least there is an additional aaa configuration line required that will cause the NAS to generate an interim accounting (Alive) packet containing the Framed-IP-Address.
Note however that the initial access request that is logged by the AuthLog clause will never contain the Framed-IP-
Address. I also wonder why you have the AuthLog clause pointing to the "Accounting" table - this seems odd.
If you have any other questions, I'm always happy to help.
regards
Hugh
On Friday, Aug 15, 2003, at 05:45 Australia/Melbourne, James Nelson wrote:
I'm having problems getting Radiator to log the Framed-IP-Address in the SQL logs it generates. The NAS's are 3Com & Cisco devices. The problem seems to originate from the fact that the record is created before the NAS responds with the reply that contains the Framed-IP-Address. Here is a debug & part of my radius config. I've been digging through the archives & fighting this for a couple days, so any help would be appreciated. Thanks.
*** Received from ###.###.###.### port 1812 .... Code: Access-Request Identifier: 161 Authentic: <238><182><17>;-<218><212><199><12><225>X<245><192>d<30>| Attributes: NAS-IP-Address = ###.###.###.### NAS-Port = 24 NAS-Port-Type = Virtual User-Name = "user" User-Password = xxxxxxxxxx Service-Type = Framed-User Framed-Protocol = PPP
Fri Aug 8 13:35:51 2003: DEBUG: Rewrote user name to user
Fri Aug 8 13:35:51 2003: DEBUG: Handling request with Handler ''
Fri Aug 8 13:35:51 2003: DEBUG: Deleting session for user, ###.###.###.###, 24
Fri Aug 8 13:35:51 2003: DEBUG: Handling with Radius::AuthSQL
Fri Aug 8 13:35:51 2003: DEBUG: Handling with Radius::AuthSQL:
Fri Aug 8 13:35:51 2003: DEBUG: Query is:
Fri Aug 8 13:35:51 2003: DEBUG: Radius::AuthSQL looks for match with user
Fri Aug 8 13:35:51 2003: DEBUG: Radius::AuthSQL ACCEPT:
Fri Aug 8 13:35:51 2003: DEBUG: Access accepted for user
Fri Aug 8 13:35:51 2003: DEBUG: do query is: 'insert into RadAcct values ('13:35:51','08/08/ 2003','Success','user','user','###.###.###.###','','')':
Fri Aug 8 13:35:51 2003: DEBUG: Packet dump: *** Sending to ###.###.###.### port 1812 .... Code: Access-Accept Identifier: 161 Authentic: <238><182><17>;-<218><212><199><12><225>X<245><192>d<30>| Attributes: Service-Type = Framed-User Framed-Protocol = PPP Framed-Routing = None Framed-MTU = 1500 Framed-Compression = Van-Jacobson-TCP-IP Idle-Timeout = 1800 Session-Timeout = 43200 Port-Limit = 1
Fri Aug 8 13:35:54 2003: DEBUG: Packet dump: *** Received from ###.###.###.### port 1813 .... Code: Accounting-Request Identifier: 162 Authentic: <233>h.<128><149><209><214><167>kN<23><215><253>^<180><22> Attributes: NAS-IP-Address = ###.###.###.### NAS-Port = 24 NAS-Port-Type = Virtual User-Name = "user" Acct-Status-Type = Start Acct-Authentic = RADIUS Service-Type = Framed-User Acct-Session-Id = "000179B4" Framed-Protocol = PPP Framed-IP-Address = ###.###.###.### Acct-Delay-Time = 0
<Handler>
# Look up user details in a mySQL DB <AuthBy SQL>
DBSource xxxxxxx DBUsername xxxxxxx DBAuth xxxxxxx
AuthSelect select xxxxxxxxxxxxxxx
AddToReply Service-Type = Framed-User,\ Framed-Protocol = PPP,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP,\ Idle-Timeout = 1800,\ Session-Timeout = 43200,\ Port-Limit = 1
</AuthBy>
<AuthLog SQL>
DBSource xxxxxxx DBUsername xxxxxxx DBAuth xxxxxxx Table Accounting
SuccessQuery insert into Accounting values ('%H:%M:%S','%m/%d/%Y','Success','%u','%U','%c',%1,'%a')
FailureQuery insert into Accounting values ('%H:%M:%S','%m/%d/%Y','Failure(PAP-Auth)','%u','%U','%c',%1,'%a')
LogSuccess 1
</AuthLog>
</Handler>
::James Nelson
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
NB: have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening?
-- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence.
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.