Hello,
I'm analyzing Radius accounting data from my AP(access point). Found some
unusual behavior.
The Acct-Session-Time is very huge, about 42 years. Also the
Acct-Status-Type is set to
Interim-Update.
Some additional info
NAS-Port-Type = Wireless-802.11
User-Name = Unknown
Sharad P wrote:
I'm analyzing Radius accounting data from my AP(access point). Found some
unusual behavior.
...
Any ideas regarding such a huge active session time?
The NAS software is buggy.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
So how to move forward now? I am in need of correct session time to validate
the session timings.
Also, Is the Status type ok? I mean its other than Start/Stop.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Very-huge-Acct-Session-Time-tp5679718p5679779.html
Sent from
Sharad P wrote:
So how to move forward now? I am in need of correct session time to validate
the session timings.
Buy a NAS that works.
Also, Is the Status type ok? I mean its other than Start/Stop.
If the session time is garbage, the other fields don't matter.
Alan DeKok.
-
List
Any suggestion regarding the same(NAS)?
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Very-huge-Acct-Session-Time-tp5679718p5679792.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See
Wild and illogical guess: look at the time on your NAS device. Maybe it is set
to a crazy point in the past or future and this is (somehow) messing up the NAS
calculations.
That said, the Acct-Session-Time looks to me like a timestamp for about the
current date time:
$ date +%s
1335942133
$
This applies to messages with
Acct-Status-Type set to both Interim-Update and Stop.
Acctstarttime is calculated from current
date and Acct-Session-Time but 1970-01-01 is minimal possible value. This is
sample for one client MAC address.
radacctid | acctsessionid
That acct-session-time is just a Unix timestamp. As already said, either the
NAS has bugs, in which case, check if it has any available firmware updates, or
its incorrectly configured...or replace it, or write lots of funky scripts or
sql procedures to handle it.
alan
--
This smartphone has
Sharad P wrote:
Any suggestion regarding the same(NAS)?
Buy a NAS that works.
Or, tell the vendor to fix it.
There isn't much else you can do. Writing custom code on FR to fix
the issue is bad. Get the people responsible to fix their code.
There's no reason why it's *your* problem to
Thanks a lot.
This was a problem reported by the end client. I will suggest them to either
replace it or do a re-configuration of NAS.
Thanks again!
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Very-huge-Acct-Session-Time-tp5679718p5679933.html
Sent from the
Last question.
As posted above, do I need to check the time of NAS? Will it help in
resolving the issue?
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Very-huge-Acct-Session-Time-tp5679718p5679951.html
Sent from the FreeRadius - User mailing list archive at
Hi,
I am new to the idea of virtual servers on freeradius.
I would like to authenticate one group of users using Port 1812 and a
second group of users on port 1645 with the intention of using virtual
server settings. I have got freeradius 2.1.11 with default radiusd.conf
settings working
On Wed, May 2, 2012 at 4:42 PM, Alan Kong ako...@ee.cuhk.edu.hk wrote:
I would like to authenticate one group of users using Port 1812 and a second
group of users on port 1645 with the intention of using virtual server
settings.
I have got freeradius 2.1.11
Why? That's a version with known
In a continuation to my previous issue about how to reference an LDAP
attribute in post-auth, I am now wondering how to iterate through a
multi-valued attribute in a perl script I call from post-auth. In the
debug you can see all three values are returned:
Multi-value attributes are an
Adam Track wrote:
I'm still having no luck trying to get all of the values off this
multi-valued attribute.. I believe I've got the perl syntax correct but
when I try to dereference @{$RAD_REPLY{'Person-Type'}} to check through
all values, I get:
rlm_perl: perl_embed:: module =
No. The default operator for the LDAP attribute mapping is '='. If
you want '+=', edit ldap.attrmap.
This has been in ldap.attrmap, *and* documented there since 2004. If
you're editing the file to add personType, the PLEASE READ THE FILE.
Thank you very much for that. Again, I wouldn't
Adam Track wrote:
I'd also like to add, although I'm probably going to have my head
chopped off, that I did read the file.. many times in the past, several
times today in fact, but unfortunately my brain did not interpret the
operator description to mean that one need add += for multi-valued
Hello everyone,
I've got FreeRADIUS running to proxy requests from a wireless controller to a
domain controller (NPS). The realm name is being passed to NPS as the logon
domain, which is fine but I'd like to catch a number of different possible
realms that users may put into the login and
hi all,
Is there anyone using /usr/sbin/radwatch? At line 166 it comments "Send
email only once every hour (or so)", what does it means? and how it
works?
At line 178, restarts be re-assigned to 0, so I do think $restarts no
more than 1.
-
List info/subscribe/unsubscribe? See
19 matches
Mail list logo