I am working with some cambium wireless equipment. So far I have been able to get radiator the send back Access-Accepts, and the device is able to get online and browse.
However I am seeing some weird behavior, I am seeing another request for the anonymous user that is accepted after the actual user is sent the first accept. Any ideas why this maybe happening? The other issue I am having is that the accounting data (start/stop/alive) are logging as the anonymous username. I have tried using EAPAnonymous %0 option, I've tried adding in just a accounting handler, I've tried the eap_anon_hook.pl, as well as the eap_acct_username.pl scripts to no avail. My Access-Accepts are sending the correct username, however, it appears the device is not using that as some do when it is passed the right username in the access-accept for the rest of accounting. I have attached my handlers, as well as a level 6 trace debug. Any help would be greatly appreciated! Thanks, -- [image: photo] Michael Tipton Network Engineer at NeoNova 919-460-3330 (opt 1) • mtip...@neonova.net www.neonova.net <https://neonova.net> <https://www.facebook.com/NeoNovaNNS/> <https://twitter.com/NeoNova_NNS> <http://www.linkedin.com/company/neonova-network-services>
<Handler TunnelledByTTLS = 1> PostProcessingHook file:"%D/handlers/eap_acct_username.pl" <AuthBy FILE> Filename %D/users/dsl/users </AuthBy> </Handler> <Handler Request-Type = Accounting-Request> PreProcessingHook file:"%D/handlers/eap_anon_hook.pl" AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log </Handler> <Handler> SessionDatabase customer PasswordLogFileName /var/tmp/password.log ## Hooks PostAuthHook file:"%D/handlers/postAuth-hook.pl" PreProcessingHook file:"%D/handlers/preProcessing-hook.pl" ## Forward Account Data to Central server else log to local DB <AuthBy RADIUS> AddToRequest Signature=customer,Token=%R IgnoreAuthentication #NoForwardAuthentication Host xx.xx.xx.xx AcctPort 5051 Secret mysecret # If no reply is received, send it to the AuthBy SQL below NoReplyHook sub {Radius::AuthGeneric::find('AcctDB_customer')->handle_request(${$_[0]});} </AuthBy> <AuthBy FILE> EAPType TTLS EAPTLS_CAFile %D/certificates/cacert_aaasvr.pem EAPTLS_CertificateFile %D/certificates/aaasvr_cert.pem EAPTLS_CertificateType PEM EAPTLS_PrivateKeyFile %D/certificates/aaasvr_key.pem EAPTLS_PrivateKeyPassword xxxxxxxxx EAPTLS_MaxFragmentSize 1000 AutoMPPEKeys EAPAnonymous %0 </AuthBy> AcctLogFileFormat %Y%m%d %H:%M:%S;%n;%{NAS-IP-Address};%{Acct-Session-Id};%{Acct-Status-Type};\ %{Timestamp};%{NAS-Port};%{Acct-Delay-Time};%{Acct-Session-Time};\ %{NNS-User-Type};%{Acct-Input-Octets};%{Acct-Output-Octets};%{Framed-IP-Address};\ %{NAS-Port-Type};%{Acct-Terminate-Cause} AcctLogFileName /var/log/radacct/%Y%m%d_au%{GlobalVar:auPort}-ac%{GlobalVar:acPort}.accounting </Handler>
20170428_au1812-ac1813.logfile
Description: Binary data
_______________________________________________ radiator mailing list radiator@lists.open.com.au http://lists.open.com.au/mailman/listinfo/radiator