Thank you Christian, finally I decided to do a hook. After receiving an accounting request the radius asks the AP via SNMP to get the IP address and fullfill a table. I'm using the table RADLASTAUTH because I'm also using this table to get the inner authentication (TTLS).
Maybe it's a dirty solution because I have to wait a few seconds before asking the AP and I did that using a thread. Now, I must admit my hook has some memory leak and every few hours radiator is restarted by startWrapper. Before this script I've just did some really easy things with perl and I'm sure that I made some big mistake. Any idea of what is wrong? PD: I'm also using eap_anon_hook.pl but I'm sure this hook is correctly written. -- Gerard Al 07/02/11 13:22, En/na Gerard Alcorlo Bofill ha escrit: > Thanks Christian, > > but the IP address is not in my Accounting-request. May be I need to do > some changes to the AP configuration... > > That's the log I get from the Radius when the AP sends an Start and a > Stop accounting-requests. If I could get the IP from the > accounting-request it would one easy and clean solution but I don't know > how to do it. > > > *** Received from 192.168.50.9 port 1646 .... > Code: Accounting-Request > Identifier: 200 > Authentic: <14><192>d<210><169><24><165><15><242>:3<25>H<189>iW > Attributes: > Acct-Session-Id = "00003186" > Called-Station-Id = "000e380d04a1" > Calling-Station-Id = "c417fe53f792" > cisco-avpair = "ssid=eduroam" > cisco-avpair = "vlan-id=54" > cisco-avpair = "nas-location=unspecified" > User-Name = "[email protected]" > cisco-avpair = "connect-progress=Call Up" > Acct-Authentic = RADIUS > Acct-Status-Type = Start > NAS-Port-Type = Wireless-IEEE-802-11 > Cisco-NAS-Port = "1127" > NAS-Port = 1127 > Service-Type = Framed-User > NAS-IP-Address = 192.168.50.9 > Acct-Delay-Time = 0 > > > > > *** Received from 192.168.50.9 port 1646 .... > Code: Accounting-Request > Identifier: 207 > Authentic: J<192>]<142><20><149><196><164><165>P<227><169><218><147>]<171> > Attributes: > Acct-Session-Id = "00003186" > Called-Station-Id = "000e380d04a1" > Calling-Station-Id = "c417fe53f792" > cisco-avpair = "ssid=eduroam-" > cisco-avpair = "vlan-id=54" > cisco-avpair = "nas-location=unspecified" > cisco-avpair = "auth-algo-type=eap-peap" > User-Name = "[email protected]" > Acct-Authentic = RADIUS > cisco-avpair = "connect-progress=Call Up" > Acct-Session-Time = 282 > Acct-Input-Octets = 95290 > Acct-Output-Octets = 1349850 > Acct-Input-Packets = 806 > Acct-Output-Packets = 962 > Acct-Terminate-Cause = Lost-Carrier > cisco-avpair = "disc-cause-ext=No Reason" > Acct-Status-Type = Stop > NAS-Port-Type = Wireless-IEEE-802-11 > Cisco-NAS-Port = "1127" > NAS-Port = 1127 > Service-Type = Framed-User > NAS-IP-Address = 192.168.50.9 > Acct-Delay-Time = 0 > > > -- > Gerard > > Al 07/02/11 11:39, En/na Christian Kratzer ha escrit: >> Dear Gerard, >> >> On Mon, 7 Feb 2011, Gerard Alcorlo Bofill wrote: >> >>> Heikki, you do understood my problem. >>> And you confirmed me my suspicions, Framed-* attributes are ONLY for >>> connections such as PPP or PPPoE. >>> >>> I wanted to do all this work to have all logs centralized to radius and >>> to be able tu run radwho.cgi script to see which IP addresses were being >>> used in real time. >>> >>> At this moment radwho.cgi is not showing the assigned IP address because >>> radius doesn't know the IP assigned by the DHCP server. The problem is >>> that if I want to trace a connection I need to match the MAC address at >>> the DHCP server and the Radiator server. >>> >>> Do you think trying to pass the IP using SNMP traps from the AP would >>> be a good option or is there easier solution? >> >> The usual way to get the assigned ip would be to process radius >> accounting. Accounting records would also fill your session database >> which radwho.cgi could then query. >> >> Accounting would get you start, stop and interim records which all >> included the actual assigned ip. >> >> This would also let you have the nas assign the ips which is also much >> more stable in the long run. >> >> Greetings >> Christian >> > _______________________________________________ > radiator mailing list > [email protected] > http://www.open.com.au/mailman/listinfo/radiator
retrive_ip_client.pl
Description: Perl program
_______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
