[cisco-bba] "NAS-Port = 0" with software upgrade on Cisco 7206VXR
Frank Bulk
frnkblk at iname.com
Fri Jul 18 18:55:41 EDT 2008
When I was running 12.2(26) the NAS-Port that was reported to our RADIUS
server was the Virtual-Interface value (i.e Vi435).
Sun Jun 22 00:56:11 2008 : Auth: Login OK: [daved] (from client
dslam port 435)
Sun Jun 22 00:56:58 2008 : Auth: Login OK: [daved] (from client
dslam port 435)
Sun Jun 22 00:57:59 2008 : Auth: Login OK: [daved] (from client
dslam port 435)
Sun Jun 22 00:59:01 2008 : Auth: Login OK: [daved] (from client
dslam port 435
That was a really handy way to use the RADIUS logs to identify which
Virtual-Interface a person was on, so that I could go to the 7206VXR,
identify the VP/VC (show interface Vi435), and trace out which DSLAM port
they were on.
That's not the case anymore with 12.4(19b). Now they all show up as dslam
port 0:
Thu Jul 17 16:12:44 2008 : Auth: Login OK: [hum2321el] (from client
dslam port 0)
Thu Jul 17 16:12:44 2008 : Auth: Login OK: [m123jilts] (from client
dslam port 0)
Thu Jul 17 16:12:44 2008 : Auth: Login OK: [gwdf1h] (from client
dslam port 0)
Thu Jul 17 16:12:44 2008 : Auth: Login OK: [abc123] (from client
dslam port 0)
I've added "radius-server attribute nas-port format d" so that at least I
get a unique number that somehow represents the interface details, but I've
not seen any examples to convert these numbers into something I can
understand.
Fri Jul 18 13:09:52 2008 : Auth: Login OK: [khj] (from client dslam
port 1073873726)
Fri Jul 18 13:09:55 2008 : Auth: Login OK: [dfsands6] (from client
dslam port 1073873388)
Fri Jul 18 13:10:37 2008 : Auth: Login OK: [s44] (from client dslam
port 1073742057)
I do see in my packet captures that a "NAS-Port-Id(87) is sent to our RADIUS
server which contains the port/?/VP/VC, which is nice, but FreeRADIUS
doesn't appear to be able to log that, either, in its main log.
Any ideas how I can get back to having the NAS-Port return the
Virtual-Interface values (which are now in the Vi#.#### format) or to get
FreeRADIUS to log attribute 87 to the main log?
Regards,
Frank Bulk
More information about the cisco-bba
mailing list