I am working with some cambium wireless equipment. So far I have been able
to get radiator the send back Access-Accepts, and the device is able to get
online and browse.

However I am seeing some weird behavior, I am seeing another request for
the anonymous user that is accepted after the actual user is sent the first
accept. Any ideas why this maybe happening?

The other issue I am having is that the accounting data (start/stop/alive)
are logging as the anonymous username. I have tried using EAPAnonymous %0
option, I've tried adding in just a accounting handler, I've tried the
eap_anon_hook.pl, as well as the eap_acct_username.pl scripts to no avail.

My Access-Accepts are sending the correct username, however, it appears the
device is not using that as some do when it is passed the right username in
the access-accept for the rest of accounting.

I have attached my handlers, as well as a level 6 trace debug. Any help
would be greatly appreciated!


[image: photo]
Michael Tipton
Network Engineer at NeoNova
919-460-3330 (opt 1) • mtip...@neonova.net
www.neonova.net <https://neonova.net>
<https://www.facebook.com/NeoNovaNNS/>  <https://twitter.com/NeoNova_NNS>
<Handler TunnelledByTTLS = 1>
        PostProcessingHook file:"%D/handlers/eap_acct_username.pl"       
        <AuthBy FILE>
                Filename %D/users/dsl/users

<Handler Request-Type = Accounting-Request>
        PreProcessingHook file:"%D/handlers/eap_anon_hook.pl"
        AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log
        SessionDatabase customer

        PasswordLogFileName /var/tmp/password.log

        ## Hooks
        PostAuthHook file:"%D/handlers/postAuth-hook.pl"
        PreProcessingHook file:"%D/handlers/preProcessing-hook.pl"
        ## Forward Account Data to Central server else log to local DB
        <AuthBy RADIUS>
                AddToRequest Signature=customer,Token=%R
                Host xx.xx.xx.xx
                AcctPort 5051
                Secret mysecret

                # If no reply is received, send it to the AuthBy SQL below
                NoReplyHook sub 

        <AuthBy FILE>
                EAPType TTLS
                EAPTLS_CAFile %D/certificates/cacert_aaasvr.pem
                EAPTLS_CertificateFile %D/certificates/aaasvr_cert.pem
                EAPTLS_CertificateType PEM
                EAPTLS_PrivateKeyFile %D/certificates/aaasvr_key.pem
                EAPTLS_PrivateKeyPassword xxxxxxxxx
                EAPTLS_MaxFragmentSize 1000
                EAPAnonymous %0

        AcctLogFileFormat %Y%m%d 

Attachment: 20170428_au1812-ac1813.logfile
Description: Binary data

radiator mailing list

Reply via email to