Cisco-Account-Info

Radius related questions
Post Reply
elc
Posts: 15
Joined: 30 Jun 2016, 07:13

Cisco-Account-Info

Post by elc » 15 Jul 2016, 12:06

Есть ли возможность заставить accel работать с Cisco-Account-Info ?
с Cisco-Avpair работает отлично, но т.к. уже всё настроено на Cisco-Account-Info было бы удобно.

Атрибуты в dictionary.cisco есть , в конфиге указал vendor=Cisco и "attr=Cisco-Account-Info" вместо "attr=Cisco-AVPair" но accel что то не принимает :(

Dmitry
Администратор
Posts: 949
Joined: 09 Oct 2014, 10:06

Re: Cisco-Account-Info

Post by Dmitry » 15 Jul 2016, 12:52

лог запросов к радиусу приложи

elc
Posts: 15
Joined: 30 Jun 2016, 07:13

Re: Cisco-Account-Info

Post by elc » 15 Jul 2016, 13:14

Запросы проходят , сессии поднимаются.

Fri Jul 15 15:02:43 2016 : Auth: Login OK: [78.26.*.*/78.26.*.*] (from client ISG17 port 990 cli 00:15:17:cb:46:d4)
Fri Jul 15 15:03:00 2016 : Auth: Login OK: [78.26.*.*/78.26.*.*] (from client ISG17 port 1812)
Fri Jul 15 15:16:37 2016 : Auth: Login OK: [78.26.*.*/78.26.*.*] (from client ISG17 port 1247 cli 00:15:17:cb:46:d4)
Fri Jul 15 15:16:48 2016 : Auth: Login OK: [78.26.*.*/78.26.*.*] (from client ISG17 port 1812)
Fri Jul 15 15:17:38 2016 : Auth: Login OK: [78.26.*.*/78.26.*.*] (from client ISG17 port 1254 cli 00:15:17:cb:46:d4)
Fri Jul 15 15:36:58 2016 : Auth: Login OK: [78.26.*.*/78.26.*.*] (from client ISG17 port 1609 cli 00:15:17:cb:46:d4

да и radtest нормально всё показывает

# radtest 78.26.*.* 78.26.*.* 10.0.0.40 1812 secret
Sending Access-Request of id 50 to 10.0.0.40 port 1812
User-Name = "78.26.*.*"
User-Password = "78.26.*.*"
NAS-IP-Address = 127.0.1.1
NAS-Port = 1812
Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 10.0.0.40 port 1812, id=50, length=66
Cisco-Account-Info = "QU;10000000;1250000;D;10000000;1250000"

но вот если использовать

vendor=Cisco
attr=Cisco-Account-Info
то получается вот такая вот ситуёвина

root@IPoE17:/home/elc# accel-cmd show sessions
ifname | username | calling-sid | ip | rate-limit | type | comp | state | uptime
--------+--------------+-------------------+--------------+------------+------+------+--------+----------
ipoe0 | 78.26.*.* | 00:15:17:cb:46:d4 | 78.26.*.* | | ipoe | | active | 00:00:03

А если Cisco-AVPair то
root@IPoE17:/home/elc# accel-cmd show sessions
ifname | username | calling-sid | ip | rate-limit | type | comp | state | uptime
--------+---------------+-------------------+---------------+-------------+------+------+--------+----------
ipoe0 | 78.26.*.* | 00:15:17:cb:46:d4 | 78.26.*.* | 10000/10000 | ipoe | | active | 00:00:04

ЗЫ: accel - 1.10.2

Dmitry
Администратор
Posts: 949
Joined: 09 Oct 2014, 10:06

Re: Cisco-Account-Info

Post by Dmitry » 15 Jul 2016, 13:34

Cisco-Account-Info = "QU;10000000;1250000;D;10000000;1250000"
такой формат не поддерживается

elc
Posts: 15
Joined: 30 Jun 2016, 07:13

Re: Cisco-Account-Info

Post by elc » 15 Jul 2016, 13:35

Ясненько ... Спасибо.

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest