Re: FreeRadius and PIX 520 accounting

lmarante Thu, 14 Jul 2005 07:27:17 -0700

OK, Last time I tried accounting was 2 years ago so I kinda forgot how to do it or what I did to get that error.

Today I enabled accounting in my PIX for all udp traffic (that would be ipsec) and in /usr/local/var/log/radius/radacct/mypixIP/ I got a file named detail-20050714 which has, for example these lines:

Thu Jul 14 10:38:25 2005
        Acct-Status-Type = Start
        NAS-Port = 0
        NAS-IP-Address = 172.17.0.50
        Login-IP-Host = 172.17.0.32
        Login-TCP-Port = 1433
        Acct-Session-Id = "0x01778531"
        User-Name = "sicslaag1"
        Cisco-AVPair = "ip:source-ip=192.168.128.3"
        Cisco-AVPair = "ip:source-port=1567"
        Cisco-AVPair = "ip:destination-ip=172.17.0.32"
        Cisco-AVPair = "ip:destination-port=1433"
        Client-IP-Address = 172.17.0.50
        Acct-Unique-Session-Id = "2a8ae9a2feb3e9e9"
        Timestamp = 1121348305

Thu Jul 14 10:38:26 2005
        Acct-Status-Type = Stop
        NAS-Port = 0
        NAS-IP-Address = 172.17.0.50
        Login-IP-Host = 172.17.0.32
        Login-TCP-Port = 1433
        Acct-Session-Id = "0x01778531"
        User-Name = "sicslaag1"

        Acct-Session-Time = 0
        Acct-Input-Octets = 710
        Acct-Output-Octets = 676
        Cisco-AVPair = "ip:source-ip=192.168.128.3"
        Cisco-AVPair = "ip:source-port=1567"
        Cisco-AVPair = "ip:destination-ip=172.17.0.32"
        Cisco-AVPair = "ip:destination-port=1433"
        Client-IP-Address = 172.17.0.50
        Acct-Unique-Session-Id = "2a8ae9a2feb3e9e9"
        Timestamp = 1121348306

Running radiusd -X would give me this (for another username):

rad_recv: Accounting-Request packet from host 172.17.0.50:1646, id=17, length=21
7
        Acct-Status-Type = Stop
        NAS-Port = 0
        NAS-IP-Address = 172.17.0.50
        Login-IP-Host = 172.17.0.17
        Login-TCP-Port = 53
        Acct-Session-Id = "0x01788b59"
        User-Name = "sicrgaag"
        Acct-Session-Time = 0
        Acct-Input-Octets = 0
        Acct-Output-Octets = 138
        Cisco-AVPair = "ip:source-ip=192.168.128.12"
        Cisco-AVPair = "ip:source-port=53"
        Cisco-AVPair = "ip:destination-ip=172.17.0.17"
        Cisco-AVPair = "ip:destination-port=53"
modcall: entering group preacct for request 1
modcall[preacct]: module "preprocess" returns noop for request 1
    rlm_realm: No '@' in User-Name = "sicrgaag", looking up realm NULL
    rlm_realm: No such realm "NULL"
modcall[preacct]: module "suffix" returns noop for request 1
modcall[preacct]: module "files" returns noop for request 1
modcall: group preacct returns noop for request 1
modcall: entering group accounting for request 1

rlm_acct_unique: WARNING: Attribute NAS-Port-Id was not found in request, unique
ID MAY be inconsistent
rlm_acct_unique: Hashing ',Client-IP-Address = 172.17.0.50,NAS-IP-Address = 172.
17.0.50,Acct-Session-Id = "0x01788b59",User-Name = "sicrgaag"'
rlm_acct_unique: Acct-Unique-Session-ID = "b9222392a2ba67aa".
modcall[accounting]: module "acct_unique" returns ok for request 1
radius_xlat: '/usr/local/var/log/radius/radacct/172.17.0.50/detail-20050714'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to /usr/local/var/log/radius/radacct/172.17.0.50/detail-20050714
modcall[accounting]: module "detail" returns ok for request 1
rlm_counter: Packet Unique ID = 'b9222392a2ba67aa'
rlm_counter: Could not find Service-Type attribute in the request. Returning NOO
P.
modcall[accounting]: module "counter" returns noop for request 1
modcall: group accounting returns ok for request 1
Sending Accounting-Response of id 17 to 172.17.0.50:1646
Finished request 1
Going to the next request

Sorry for the LONG mail, but I don't really know if this means it's working now or it still isn't, but that what I get.

Thanks, and again sorry for the long mail.

Lior

[EMAIL PROTECTED] wrote: -----

To: FreeRadius users mailing list <[email protected]>
From: Dusty Doris <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
Date: 07/14/2005 10:03AM
Subject: Re: FreeRadius and PIX 520 accounting

On Thu, 14 Jul 2005 [EMAIL PROTECTED] wrote:

> You're right, sorry
>
> Here's what I get in my radius.log
>
> "Error: WARNING: Malformed RADIUS packet from host 172.17.xxxx: Vendor
> specific attributes do not exactly fill Vendor-Specific"
>
> That's the only error I get.
>
Please run radius under debug mode (radiusd -X) and copy/paste the output
from when the packet comes in (so we can see all the attributes that are
sent) to where the error messages occurs.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: FreeRadius and PIX 520 accounting

Reply via email to