Re: (ASCEND) Radius - Inconsistent Records

To: "James Fischer" <jfischer@supercollider.com>
Subject: Re: (ASCEND) Radius - Inconsistent Records
From: "Will Pierce" <willp@dreamscape.com>
Date: Mon, 4 Aug 1997 13:24:21 -0400
Cc: <ascend-users@bungi.com>
Reply-To: "Will Pierce" <willp@dreamscape.com>
Sender: owner-ascend-users@max.bungi.com

Are they logging in with PAP/CHAP or via login:/password:
prompts?  If it is PAP/CHAP, we see the framed-address and
framed-protocol attributes.  If it is via the terminal
server login/passwd prompts, we don't see those attributes
until the Stop record.

-Will
--
Will Pierce
System Administrator
Dreamscape Online, LLC.
willp@dreamscape.com

 ----
From: James Fischer <jfischer@supercollider.com>
To: ascend-users@max.bungi.com
Date: Saturday, August 02, 1997 2:35 PM
Subject: (ASCEND) Radius - Inconsistent Records

Here's one for the Radius junkies - I cannot find what is wrong,
but I am not happy with the inconsistent set of data logged about
each call into an Ascend Max 4xxx (running on the "tk.m40" code load).

A "normal" start record using Ascend's Nov 1996 version of Radius
looks like the record below (some fields have been changed to
address privacy and security concerns):

        Sat Aug  2 12:41:42 1997
                User-Name = "normal"                    (Not the real
username)
                NAS-Identifier = xxx.xxx.xxx.xxx        (This number is
valid)
                NAS-Port = 20107
                Acct-Status-Type = Start
                Acct-Delay-Time = 0
                Acct-Session-Id = "237720102"
                Acct-Authentic = RADIUS
                Caller-Id = "aaannxqqqq"                (Also valid)
                Client-Port-DNIS = "nnxqqqq"            (Also valid)
                Framed-Protocol = PPP
                Framed-Address = uuu.uuu.uuu.uuu        (Also valid)

An "abnormal" start record looks like:

        Sat Aug  2 12:30:44 1997
                User-Name = "bozo"
                NAS-Identifier = xxx.xxx.xxx.xxx
                NAS-Port = 20103
                Acct-Status-Type = Start
                Acct-Delay-Time = 0
                Acct-Session-Id = "237720100"
                Acct-Authentic = RADIUS
                Caller-Id = "aaannxqqqq"
                Client-Port-DNIS = "nnxqqqq"

The question is simple - where are my "Framed-Protocol" and
"Framed-Address" data elements?  In these cases, one must wait
for the user to end his/her session, and get them from the Stop
record.

Yes, I know that Radius is intended to be a log of prior activity
rather than a real-time snapshot, but if Radius can provide the
information in the first case, but not in the second, what causes
the difference?  In all cases, SNMP will show the Active Session
table, and verify that the user in question did properly authenticate,
get an IP address, and so on.

Yes, I could forget the radius logs and use SMNP for all such information,
but it seems duplicative to gather what should be the same information via
two different processes, using two different tools.

May I please buy a vowel?

SiliCON Graphics - A Workstation,  SiliCONE Graphics - A Playboy
Centerfold

james fischer                                jfischer@supercollider.com

++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>


++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

Prev by Date: Re: (ASCEND) Nailed Modem Users - No No
Next by Date: Re: (ASCEND) disabling modems
Prev by thread: (ASCEND) Radius - Inconsistent Records
Next by thread: (ASCEND) Fundamentals of Business
Index(es):
- Main
- Thread