See the Acct-Delay-Time, this means a miss configuration in the LNS, possibly the shared secret in the router or in the radiusd.
The router retries "n" times (every 5 seconds) according the Acct-Delay-Time, tipically because the LNS don't recive the Accounting ACK or is invalid. RDA.- ----- Original Message ----- From: "Mike McCauley" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, October 04, 2001 10:18 PM Subject: Re: (RADIATOR) Cisco router sending 4 RADIUS accts per login > > > ---------- Forwarded Message ---------- > > Subject: BOUNCE [EMAIL PROTECTED]: Non-member submission from [Tunde > <[EMAIL PROTECTED]>] > Date: Thu, 4 Oct 2001 06:39:25 -0500 > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > > From [EMAIL PROTECTED] Thu Oct 4 06:39:24 2001 > Received: from favour.linkserve.net (IDENT:root@[195.166.232.3]) > by server1.open.com.au (8.11.0/8.11.0) with ESMTP id f94BdL306589; > Thu, 4 Oct 2001 06:39:22 -0500 > Received: from localhost (tunde@localhost) > by favour.linkserve.net (8.9.3/8.9.3) with ESMTP id PAA02601; > Thu, 4 Oct 2001 15:18:52 +0100 > Date: Thu, 4 Oct 2001 15:18:52 +0100 (WAT) > From: Tunde <[EMAIL PROTECTED]> > To: Mike McCauley <[EMAIL PROTECTED]> > cc: [EMAIL PROTECTED] > Subject: Re: (RADIATOR) Cisco router sending 4 RADIUS accts per login > In-Reply-To: <[EMAIL PROTECTED]> > Message-ID: <[EMAIL PROTECTED]> > MIME-Version: 1.0 > Content-Type: TEXT/PLAIN; charset=US-ASCII > > I have the following as check items for some of our customers > (Service-Type = Framed-User, Time = "Al2000 - 0700"). This is used as a > means of offering service based on time of the day restriction 8pm - 7am. > I am > surprised that some of our customers are actually connecting at other time > outside the range specified. This is seriously causimg an abuse of our > network. Can you pls help? > > On Thu, 4 Oct 2001, Mike McCauley wrote: > > ---------- Forwarded Message ---------- > > > > Subject: BOUNCE [EMAIL PROTECTED]: Non-member submission from > > ["Ollis, Stephen" <[EMAIL PROTECTED]>] > > Date: Thu, 4 Oct 2001 02:31:00 -0500 > > From: [EMAIL PROTECTED] > > To: [EMAIL PROTECTED] > > > > >From [EMAIL PROTECTED] Thu Oct 4 02:31:00 2001 > > > > Received: from cnhon1imr4.i.wcom.com.hk (mailhost3.wcom.com.hk > > [202.130.178.68]) by server1.open.com.au (8.11.0/8.11.0) with ESMTP id > > f947Ux305579 > > for <[EMAIL PROTECTED]>; Thu, 4 Oct 2001 02:30:59 -0500 > > X-Internal-ID: 3BA9ED2F0004C130 > > Received: from cnhon1imr4.i.wcom.com.hk (166.45.172.22) by > > cnhon1imr4.i.wcom.com.hk (NPlex 3.0.036) for [EMAIL PROTECTED]; Thu, 4 > > Oct 2001 10:15:14 +0100 Received: from cnhon1gw0.i.wcom.com.hk > > (cnhon1gw0.i.wcom.com.hk [166.45.172.46]) by cnhon1imr4.i.wcom.com.hk with > > SMTP (MailShield v2.04 - WIN32 Jul 17 2001 17:12:42); Thu, 04 Oct 2001 > > 10:14:47 +0100 Received: by cnhon1gw0.i.wcom.com.hk with Internet Mail > > Service (5.5.2653.19) id <4185SYHG>; Thu, 4 Oct 2001 17:15:36 +0800 > > Message-ID: <C1CFCBF00D83D511871E00508B638F254B6F06@AUSYD1EX4> > > From: "Ollis, Stephen" <[EMAIL PROTECTED]> > > To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> > > Subject: Cisco router sending 4 RADIUS accts per login > > Date: Thu, 4 Oct 2001 17:15:06 +0800 > > MIME-Version: 1.0 > > X-Mailer: Internet Mail Service (5.5.2653.19) > > Content-Type: multipart/mixed; > > boundary="----_=_NextPart_000_01C14CB5.0F1795C0" > > X-SMTP-HELO: cnhon1gw0.i.wcom.com.hk > > X-SMTP-MAIL-FROM: [EMAIL PROTECTED] > > X-SMTP-PEER-INFO: cnhon1gw0.i.wcom.com.hk [166.45.172.46] > > > > This message is in MIME format. Since your mail reader does not understand > > this format, some or all of this message may not be legible. > > > > ------_=_NextPart_000_01C14CB5.0F1795C0 > > Content-Type: text/plain; > > charset="iso-8859-1" > > > > I have an L2TP setup using a Cisco 4500 acting as the Tunnel EndPoint, > > and an Ascend TNT as the Tunnel Initiator. There is a Radiator platform > > which is used as the Tunnel Auth Server which proxies the request > > to our production Radius servers and strips out the L2TP setup > > parameters. This all works fine! > > > > Except... > > > > I get 3 copies of each of the acct-start and acct-stop records. > > > > How can I make it stop? > > > > Radius specific CISCO config lines are: > > aaa new-model > > aaa authentication ppp default local > > aaa authentication ppp vpdn group radius > > aaa accounting network default start-stop group radius > > ! > > radius-server host x.x.x.x auth-port 1645 acct-port 1646 > > radius-server retransmit 3 > > radius-server key XXXXXXXXXXX > > > > Radiator config is: > > > > # Set this to the directory where your logfile and details file are to go > > LogDir /var/log/radius > > LogFile %L/radius.%Y%m%d.log > > Trace 3 > > > > # Set this to the database directory. It should contain these files: > > # users The user database > > # dictionary The dictionary for your NAS > > DbDir /usr/local/etc/raddb > > > > # we're mulithomed, so we'll hard specify the interface we want. > > BindAddress x.x.x.x > > > > # This clause defines a single client to listen to > > <Client CI.SC.OB.OX> > > Secret XXXXXXXXXXXXXX > > DupInterval 30 > > </Client> > > > > # For testing: this allows us to honour requests from radpwtst > > # on the same host. > > <Client localhost> > > Secret mysecret > > DupInterval 0 > > </Client> > > > > <Realm DEFAULT> > > <AuthBy RADIUS> > > StripFromReply > > Tunnel-Type,Tunnel-Medium-Type,Tunnel-Server-Endpoint > > Host prod-radius1,prod-radius2,prod-radius3 > > Secret XXXXXXXXXXXXX > > AuthPort 1645 > > AcctPort 1646 > > IgnoreAccounting > > </AuthBy> > > # Log accounting to the detail file in LogDir > > AuthLog %L/proxy-auth.%Y%m%d.log > > AcctLogFileName %L/proxy-detail.%Y%m%d.log > > </Realm> > > > > Excerpt of trace 4 log: > > > > > > --- > > UUNET Asia Pacific, Network Services Ph: +61 2 9434 5172 > > Stephen Ollis <[EMAIL PROTECTED]> Fx: +61 2 9434 5800 > > Systems Technical Assistance Centre, Manager Mb: 0410 599462 > > Level 3, 203 Pacific Highway, St. Leonards NSW 2065 AUSTRALIA > > > > "Never be afraid to take a risk; amateurs built the Ark, > > professionals built the Titanic.." - unknown > > > > PGP Key available- http://www.ozemail.com.au/~sollis/public-key.asc > > > > > > > > ------_=_NextPart_000_01C14CB5.0F1795C0 > > Content-Type: application/octet-stream; > > name="radius.log" > > Content-Disposition: attachment; > > filename="radius.log" > > > > Thu Oct 4 19:08:28 2001 > > NAS-IP-Address = CI.SC.OB.OX > > NAS-Port = 1 > > NAS-Port-Type = Async > > User-Name = "tunneluser" > > Called-Station-Id = "xxxxxxxxxx" > > Calling-Station-Id = "02xxyyyyyyyy" > > Acct-Status-Type = Stop > > Acct-Authentic = RADIUS > > Service-Type = Framed-User > > Acct-Session-Id = "00000044" > > Framed-Protocol = PPP > > Framed-IP-Address = cis.co.ip.pool > > Acct-Terminate-Cause = User-Request > > Acct-Input-Octets = 14958 > > Acct-Output-Octets = 105195 > > Acct-Input-Packets = 184 > > Acct-Output-Packets = 213 > > Acct-Session-Time = 73 > > Acct-Delay-Time = 0 > > Timestamp = 1002186508 > > > > Thu Oct 4 19:08:33 2001 > > NAS-IP-Address = CI.SC.OB.OX > > NAS-Port = 1 > > NAS-Port-Type = Async > > User-Name = "tunneluser" > > Called-Station-Id = "xxxxxxxxxx" > > Calling-Station-Id = "02xxyyyyyyyy" > > Acct-Status-Type = Stop > > Acct-Authentic = RADIUS > > Service-Type = Framed-User > > Acct-Session-Id = "00000044" > > Framed-Protocol = PPP > > Framed-IP-Address = cis.co.ip.pool > > Acct-Terminate-Cause = User-Request > > Acct-Input-Octets = 14958 > > Acct-Output-Octets = 105195 > > Acct-Input-Packets = 184 > > Acct-Output-Packets = 213 > > Acct-Session-Time = 73 > > Acct-Delay-Time = 5 > > Timestamp = 1002186508 > > > > Thu Oct 4 19:08:38 2001 > > NAS-IP-Address = CI.SC.OB.OX > > NAS-Port = 1 > > NAS-Port-Type = Async > > User-Name = "tunneluser" > > Called-Station-Id = "xxxxxxxxxx" > > Calling-Station-Id = "02xxyyyyyyyy" > > Acct-Status-Type = Stop > > Acct-Authentic = RADIUS > > Service-Type = Framed-User > > Acct-Session-Id = "00000044" > > Framed-Protocol = PPP > > Framed-IP-Address = cis.co.ip.pool > > Acct-Terminate-Cause = User-Request > > Acct-Input-Octets = 14958 > > Acct-Output-Octets = 105195 > > Acct-Input-Packets = 184 > > Acct-Output-Packets = 213 > > Acct-Session-Time = 73 > > Acct-Delay-Time = 10 > > Timestamp = 1002186508 > > > > Thu Oct 4 19:08:43 2001 > > NAS-IP-Address = CI.SC.OB.OX > > NAS-Port = 1 > > NAS-Port-Type = Async > > User-Name = "tunneluser" > > Called-Station-Id = "xxxxxxxxxx" > > Calling-Station-Id = "02xxyyyyyyyy" > > Acct-Status-Type = Stop > > Acct-Authentic = RADIUS > > Service-Type = Framed-User > > Acct-Session-Id = "00000044" > > Framed-Protocol = PPP > > Framed-IP-Address = cis.co.ip.pool > > Acct-Terminate-Cause = User-Request > > Acct-Input-Octets = 14958 > > Acct-Output-Octets = 105195 > > Acct-Input-Packets = 184 > > Acct-Output-Packets = 213 > > Acct-Session-Time = 73 > > Acct-Delay-Time = 15 > > Timestamp = 1002186508 > > > > ------_=_NextPart_000_01C14CB5.0F1795C0-- > > > > ------------------------------------------------------- > > === > > Archive at http://www.open.com.au/archives/radiator/ > > Announcements on [EMAIL PROTECTED] > > To unsubscribe, email '[EMAIL PROTECTED]' with > > 'unsubscribe radiator' in the body of the message. > > ------------------------------------------------------- > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
