[cisco-nas] null username & aaa

Tassos Chatzithomaoglou achatz at forthnet.gr
Tue Nov 25 08:17:49 EST 2003 

As you can see in the following debug logs, there is no User-name attribute sent to radius 
server; that's why the answer is "Protocol error".

Could this be a bug? If not, can we stop such auth requests from reaching radius like we 
do with the acct ones (aaa accounting suppress null-username)?


AS5300 (12.2(15)T7)
AS5350 (12.3(1a))
-----------------------------
Nov 25 14:52:02.120: RADIUS/ENCODE(00038385): ask "Username: "
Nov 25 14:52:02.120: RADIUS/ENCODE(00038385): send packet; GET_USER
Nov 25 14:52:03.064: RADIUS(00038385): Storing nasport 46 in rad_db
Nov 25 14:52:03.064: RADIUS(00038385): Config NAS IP: 194.219.x.x
Nov 25 14:52:03.064: RADIUS/ENCODE(00038385): acct_session_id: 378531
Nov 25 14:52:03.064: RADIUS(00038385): sending
Nov 25 14:52:03.064: RADIUS(00038385): Send Access-Request to 194.219.x.x:1812 id 
21739/143, len 137
Nov 25 14:52:03.064: RADIUS:  authenticator CA 95 A5 15 90 5B 06 02 - 6D 53 12 19 55 D8 F2 58
Nov 25 14:52:03.064: RADIUS:  Framed-Protocol     [7]   6   PPP                       [1]
Nov 25 14:52:03.064: RADIUS:  User-Password       [2]   18  *
Nov 25 14:52:03.064: RADIUS:  Calling-Station-Id  [31]  12  "xxxxxxxxxx"
Nov 25 14:52:03.064: RADIUS:  Called-Station-Id   [30]  12  "xxxxxxxxxx"
Nov 25 14:52:03.064: RADIUS:  NAS-Port-Type       [61]  6   Async                     [0]
Nov 25 14:52:03.068: RADIUS:  Vendor, Cisco       [26]  15
Nov 25 14:52:03.068: RADIUS:   cisco-nas-port     [2]   9   "Async46"
Nov 25 14:52:03.068: RADIUS:  NAS-Port            [5]   6   46
Nov 25 14:52:03.068: RADIUS:  Connect-Info        [77]  30  "31200/28800 V34+/V42bis/LAPM"
Nov 25 14:52:03.068: RADIUS:  Service-Type        [6]   6   Framed                    [2]
Nov 25 14:52:03.068: RADIUS:  NAS-IP-Address      [4]   6   194.219.x.x
Nov 25 14:52:03.096: RADIUS: Received from id 21739/143 194.219.x.x:1812, Access-Reject, 
len 36
Nov 25 14:52:03.096: RADIUS:  authenticator A1 3B E5 24 2E B3 D6 E7 - CA DF BA FC 71 0D 6E 40
Nov 25 14:52:03.096: RADIUS:  Reply-Message       [18]  16
Nov 25 14:52:03.096: RADIUS:   50 72 6F 74 6F 63 6F 6C 20 65 72 72 6F 72        [Protocol 
error]
Nov 25 14:52:03.096: RADIUS(00038385): Received from id 21739/143
Nov 25 14:52:03.096: RADIUS/DECODE: Reply-Message fragments, 14, total 14 bytes


-- 
***************************************
       Chatzithomaoglou Anastasios
Network Design & Development Department
              FORTHnet S.A.
          <achatz at forthnet.gr>
***************************************

More information about the cisco-nas mailing list