Hello.
I would like to log the client IP of failed successful
authentications to my RADIUS-enabled switches. Right now
failed/success show up like this:
radiusd[13877]: Login incorrect: [xyzzy] (from client SW-2745-C1.sv4 port 0)
radiusd[13877]: Login OK: [plugh] (from client SW-2745-C1.sv4
Matt Hite wrote:
It looks like I can possibly enable auth_badpass and auth_goodpass in
radiusd.conf and then set:
msg_goodpass = %{Calling-Station-Id}
msg_badpass = %{Calling-Station-Id}
Yes.
Is this going about it the right way?
Yes.
Also, I really don't want the failed passwords
Was a bit confused with this one. You can't actually use msg_goodpass
and/or msg_badpass unless auth_goodpass and/or auth_badpass is set to
yes. Doing this DOES force logging of passwords. (Comments in
radiusd.conf seem to confirm.)
Did a bit more digging (ie. checked out source code and looked
3 matches
Mail list logo