cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
fbal
New Contributor

vwlan radius requests in external radius

Hello all,

We are using External Radius Authentication with external redirection portal for landing/welcome page. ( This occurs in both 2.8.0 version and 3.0.0 )

We have noticed that Called-Station-ID attribute is not the same in Radius Access-Request and Accounting-Request Messages. Called-Station-ID should be common for both in order to help us correlate a user during auth and acct. In Access-Request this attribute consist of AP MAC-Address and SSID. In Accounting-Request consists only from the AP MAC-address. It should the same in both packets.

Below you can find some relevant logs from radius server.

Is this a bug ? should we issue a feature request ?


**E** Received from xxx.xxx.xxx.xxx port 45825 ....

Code:       Access-Request

Identifier: 62

Authentic:  <168><203><162>>><219><161><197><227><182>z<202>GY<188><219>

Attributes:

        User-Name = "fanistest"

        User-Password =

y<173><3><199><166>,/<224>]@<148><210><163><12><166>O

        NAS-IP-Address = xxx.xxx.xxx.xxx

        Service-Type = Login-User

        Framed-IP-Address = 10.252.0.2

        Called-Station-Id = "00-19-92-32-13-60:New_domain_portal"

        Calling-Station-Id = "48-5a-3f-52-f1-c5"

        NAS-Identifier = "MultiTenant-vWLAN"

        Acct-Session-Id = ""

        NAS-Port-Type = Wireless-IEEE-802-11

        BlueSocketap = "00:19:92:32:13:60"

Accounting-Request:

*** Received from xxx.xxx.xxx.xxx port 48380 ....

Code:       Accounting-Request

Identifier: 29

Authentic:  <19><143><168>P<146>6<243>,?<194>=<249>*<143>`<141>

Attributes:

        User-Name = "fanistest"

        NAS-Identifier = "vwlan.xxx.xxx"

        NAS-IP-Address = xxx.xxx.xxx.xxx

        Acct-Status-Type = Start

        Acct-Session-Id = "48:5a:3f:52:f1:c5:1456221047"

        Acct-Authentic = RADIUS

        Acct-Input-Octets = 816

        Acct-Output-Octets = 46

        Calling-Station-Id = "48:5a:3f:52:f1:c5"

        Called-Station-Id = "00:19:92:32:13:60"

        Framed-IP-Address = 192.168.1.86

        NAS-Port-Type = Wireless-IEEE-802-11

        BlueSocketRole = "AllowAll"

        BlueSocketap = "00:19:92:32:13:60"

Also,

Calling station ID different in the special character which discriminates the ( in auth is "-" and in acct is ":# )

BR,

Fanis Balanos

0 Kudos
Reply