Re: [RADIATOR] Radius Accounting to LDAP and Radius server

Mon, 30 Jul 2012 03:40:57 -0700 

Hello eliran shlomo -

You would do something like this:


…..

<AuthBy LDAP2>
        Identifier LDAP_User
        EAPType MD5
        # Tell Radiator how to talk to the LDAP server
        include %{GlobalVar:CONFIGROOT}/include/Use_LDAP.inc
        include %{GlobalVar:CONFIGROOT}/include/LDAP_User.inc
        include %{GlobalVar:CONFIGROOT}/include/LDAP_User_PostSearchHook.inc
</AuthBy>

<AuthBy RADIUS>
        Identifier ProxyAccounting
        NoForwardAuthentication
        Host **************
        AcctPort 1813
        FailureBackoffTime 180
        Retries 1
        RetryTimeout 3
        Secret secret
</AuthBy>

# process accounting

<Handler Request-Type=Accounting-Request, Acct-Status-Type = /^(Start|Stop)/>
        include %{GlobalVar:CONFIGROOT}/include/RewriteUsername.inc
        PostProcessingHook 
file:"%{GlobalVar:CONFIGROOT}/include/write-start-file.pl"
        SessionDatabase SDB1
        AccountingHandled
        AcctLogFileName %{GlobalVar:DETAILDIR}/%c/detail-%Y%m%d.csv
        AcctLogFileFormat  \
                %{User-Name},%{Acct-Session-Id},%{Framed-IP-Address},\
                %{Calling-Station-Id},%{Called-Station-Id},%{NAS-IP-Address},\
                %{NAS-Port-Type},%{NAS-Port},%{Acct-Status-Type},\
                %{Tunnel-Server-Endpoint},%{Tunnel-Client-Endpoint},\
                %{Tunnel-Server-Auth-ID},%{Tunnel-Client-Auth-ID},\
                %{RB-Context-Name},%{Acct-Input-Octets},%{Acct-Output-Octets},\
                %{Acct-Input-Gigawords},%{Acct-Output-Gigawords},\
                %{RB-QoS-Metering-Profile-Name},%{Acct-Terminate-Cause},\
                %{Acct-Session-Time},%{Event-Timestamp},\
                %{Acct-Authentic},%{Acct-Delay-Time},\
                %{Acct-Input-Packets},%{Acct-Output-Packets},\
                %{Framed-Protocol},%{Service-Type}
        # forward the accounting
        AuthBy ProxyAccounting
</Handler>

# process authentication

<Handler>
        AuthBy LDAP_User
</Handler>


hope that helps

regards

Hugh



On 30 Jul 2012, at 18:44, eliran shlomo <[email protected]> wrote:

> Hi,
> I'm trying to set multiple accounting respond but something isn't clear to me.
> currently now the radius using AuthBy LDAP2, and i want that the accounting 
> respond after the authentication will be send to another accounting server.
> 
> i set this up for now
> 
> <AuthBy LDAP2>
>         Identifier LDAP_User
>         EAPType MD5
>         # Tell Radiator how to talk to the LDAP server
>         include %{GlobalVar:CONFIGROOT}/include/Use_LDAP.inc
>         include %{GlobalVar:CONFIGROOT}/include/LDAP_User.inc
>         include %{GlobalVar:CONFIGROOT}/include/LDAP_User_PostSearchHook.inc
> </AuthBy>
> 
> <AuthBy RADIUS>
>         NoForwardAuthentication
>         Host **************
>         AcctPort 1813
>         FailureBackoffTime 180
>         Retries 1
>         RetryTimeout 3
>         Secret secret
> </AuthBy>
> 
> and this is the handler
> 
> <Handler Request-Type=Accounting-Request, Acct-Status-Type = /^(Start|Stop)/>
>         include %{GlobalVar:CONFIGROOT}/include/RewriteUsername.inc
>         PostProcessingHook 
> file:"%{GlobalVar:CONFIGROOT}/include/write-start-file.pl"
>         SessionDatabase SDB1
>         AccountingHandled
>         AcctLogFileName %{GlobalVar:DETAILDIR}/%c/detail-%Y%m%d.csv
>         AcctLogFileFormat  \
>                 %{User-Name},%{Acct-Session-Id},%{Framed-IP-Address},\
>                 %{Calling-Station-Id},%{Called-Station-Id},%{NAS-IP-Address},\
>                 %{NAS-Port-Type},%{NAS-Port},%{Acct-Status-Type},\
>                 %{Tunnel-Server-Endpoint},%{Tunnel-Client-Endpoint},\
>                 %{Tunnel-Server-Auth-ID},%{Tunnel-Client-Auth-ID},\
>                 
> %{RB-Context-Name},%{Acct-Input-Octets},%{Acct-Output-Octets},\
>                 %{Acct-Input-Gigawords},%{Acct-Output-Gigawords},\
>                 %{RB-QoS-Metering-Profile-Name},%{Acct-Terminate-Cause},\
>                 %{Acct-Session-Time},%{Event-Timestamp},\
>                 %{Acct-Authentic},%{Acct-Delay-Time},\
>                 %{Acct-Input-Packets},%{Acct-Output-Packets},\
>                 %{Framed-Protocol},%{Service-Type}
> 
> </Handler>
> 
> any idea how to continue from here?
> kinda get lost...
> 
> Best regards,
> 
> Eliran
> 
> _______________________________________________
> radiator mailing list
> [email protected]
> http://www.open.com.au/mailman/listinfo/radiator


--

Hugh Irvine
[email protected]

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. 
Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.

_______________________________________________
radiator mailing list
[email protected]
http://www.open.com.au/mailman/listinfo/radiator

Reply via email to