0 Replies Latest reply on Oct 9, 2017 5:11 AM by fbal

    vwlan radius requests in external radius

    fbal New Member

      Hello all,

       

      We are using External Radius Authentication with external redirection portal for landing/welcome page. ( This occurs in both 2.8.0 version and 3.0.0 )

      We have noticed that Called-Station-ID attribute is not the same in Radius Access-Request and Accounting-Request Messages. Called-Station-ID should be common for both in order to help us correlate a user during auth and acct. In Access-Request this attribute consist of AP MAC-Address and SSID. In Accounting-Request consists only from the AP MAC-address. It should the same in both packets.

       

      Below you can find some relevant logs from radius server.

      Is this a bug ? should we issue a feature request ?

       

       


      **E** Received from xxx.xxx.xxx.xxx port 45825 ....

      Code:       Access-Request

      Identifier: 62

      Authentic:  <168><203><162>>><219><161><197><227><182>z<202>GY<188><219>

      Attributes:

              User-Name = "fanistest"

              User-Password =

      y<173><3><199><166>,/<224>]@<148><210><163><12><166>O

              NAS-IP-Address = xxx.xxx.xxx.xxx

              Service-Type = Login-User

              Framed-IP-Address = 10.252.0.2

              Called-Station-Id = "00-19-92-32-13-60:New_domain_portal"

              Calling-Station-Id = "48-5a-3f-52-f1-c5"

              NAS-Identifier = "MultiTenant-vWLAN"

              Acct-Session-Id = ""

              NAS-Port-Type = Wireless-IEEE-802-11

              BlueSocketap = "00:19:92:32:13:60"

       

       

       

      Accounting-Request:

       

      *** Received from xxx.xxx.xxx.xxx port 48380 ....

      Code:       Accounting-Request

      Identifier: 29

      Authentic:  <19><143><168>P<146>6<243>,?<194>=<249>*<143>`<141>

      Attributes:

              User-Name = "fanistest"

              NAS-Identifier = "vwlan.xxx.xxx"

              NAS-IP-Address = xxx.xxx.xxx.xxx

              Acct-Status-Type = Start

              Acct-Session-Id = "48:5a:3f:52:f1:c5:1456221047"

              Acct-Authentic = RADIUS

              Acct-Input-Octets = 816

              Acct-Output-Octets = 46

              Calling-Station-Id = "48:5a:3f:52:f1:c5"

              Called-Station-Id = "00:19:92:32:13:60"

              Framed-IP-Address = 192.168.1.86

              NAS-Port-Type = Wireless-IEEE-802-11

              BlueSocketRole = "AllowAll"

              BlueSocketap = "00:19:92:32:13:60"

       

       

      Also,

      Calling station ID different in the special character which discriminates the ( in auth is "-" and in acct is ":# )

       

      BR,

      Fanis Balanos