I am working with some cambium wireless equipment. So far I have been able to get radiator the send back Access-Accepts, and the device is able to get online and browse.
However I am seeing some weird behavior, I am seeing another request for the anonymous user that is accepted after the actual user is sent the first accept. Any ideas why this maybe happening? The other issue I am having is that the accounting data (start/stop/alive) are logging as the anonymous username. I have tried using EAPAnonymous %0 option, I've tried adding in just a accounting handler, I've tried the eap_anon_hook.pl, as well as the eap_acct_username.pl scripts to no avail. My Access-Accepts are sending the correct username, however, it appears the device is not using that as some do when it is passed the right username in the access-accept for the rest of accounting. I have attached my handlers, as well as a level 6 trace debug. Any help would be greatly appreciated! Thanks, -- [image: photo] Michael Tipton Network Engineer at NeoNova 919-460-3330 (opt 1) • mtip...@neonova.net www.neonova.net <https://neonova.net> <https://www.facebook.com/NeoNovaNNS/> <https://twitter.com/NeoNova_NNS> <http://www.linkedin.com/company/neonova-network-services>
<Handler TunnelledByTTLS = 1>
PostProcessingHook file:"%D/handlers/eap_acct_username.pl"
<AuthBy FILE>
Filename %D/users/dsl/users
</AuthBy>
</Handler>
<Handler Request-Type = Accounting-Request>
PreProcessingHook file:"%D/handlers/eap_anon_hook.pl"
AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log
</Handler>
<Handler>
SessionDatabase customer
PasswordLogFileName /var/tmp/password.log
## Hooks
PostAuthHook file:"%D/handlers/postAuth-hook.pl"
PreProcessingHook file:"%D/handlers/preProcessing-hook.pl"
## Forward Account Data to Central server else log to local DB
<AuthBy RADIUS>
AddToRequest Signature=customer,Token=%R
IgnoreAuthentication
#NoForwardAuthentication
Host xx.xx.xx.xx
AcctPort 5051
Secret mysecret
# If no reply is received, send it to the AuthBy SQL below
NoReplyHook sub
{Radius::AuthGeneric::find('AcctDB_customer')->handle_request(${$_[0]});}
</AuthBy>
<AuthBy FILE>
EAPType TTLS
EAPTLS_CAFile %D/certificates/cacert_aaasvr.pem
EAPTLS_CertificateFile %D/certificates/aaasvr_cert.pem
EAPTLS_CertificateType PEM
EAPTLS_PrivateKeyFile %D/certificates/aaasvr_key.pem
EAPTLS_PrivateKeyPassword xxxxxxxxx
EAPTLS_MaxFragmentSize 1000
AutoMPPEKeys
EAPAnonymous %0
</AuthBy>
AcctLogFileFormat %Y%m%d
%H:%M:%S;%n;%{NAS-IP-Address};%{Acct-Session-Id};%{Acct-Status-Type};\
%{Timestamp};%{NAS-Port};%{Acct-Delay-Time};%{Acct-Session-Time};\
%{NNS-User-Type};%{Acct-Input-Octets};%{Acct-Output-Octets};%{Framed-IP-Address};\
%{NAS-Port-Type};%{Acct-Terminate-Cause}
AcctLogFileName
/var/log/radacct/%Y%m%d_au%{GlobalVar:auPort}-ac%{GlobalVar:acPort}.accounting
</Handler>
20170428_au1812-ac1813.logfile
Description: Binary data
_______________________________________________ radiator mailing list radiator@lists.open.com.au http://lists.open.com.au/mailman/listinfo/radiator
