[cisco-nas] RADIUS IP Question
Aaron Leonard
Aaron at cisco.com
Fri Oct 3 12:35:13 EDT 2003
I believe that "aaa accounting delay-start" should fit the bill
here. http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_reference_chapter09186a00800ca7af.html#1033002
(This command was hidden for a long time, as I recall it.)
Aaron
---
> Dave,
> Can you try with "aaa accounting update newinfo"
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/
> fsecur_c/fsaaa/scfacct.htm#1001449 indicates:
> "When the aaa accounting update command is activated, the Cisco IOS
> software issues interim accounting records for all users on the system.
> If the keyword newinfo is used, interim accounting records will be sent
> to the accounting server every time there is new accounting information
> to report. An example of this would be when IPCP completes IP address
> negotiation with the remote peer. The interim accounting record will
> include the negotiated IP address used by the remote peer."
> It sounds it will do what you want but may be it does "too much"...
> Cheers
> Vincent
> ------------------------------------------------------------------------
> ---------------
> Vincent Fayet
> Systems Engineer
> Cisco Systems
> ------------------------------------------------------------------------
> ---------------
> > -----Original Message-----
> > From: Dave Lechlitner [mailto:dlechlitner at decommunications.com]
> > Sent: vendredi 3 octobre 2003 16:40
> > To: cisco-nas at puck.nether.net
> > Subject: [cisco-nas] RADIUS IP Question
> >
> >
> > We use Funk's Steel Belted RADIUS v04.00.248 to terminate PPP
> > traffic on our NAS's. We have AS5400s, AS5800, and 6400s. I
> > recently moved the handing out of dynamic IP addresses off of
> > RADIUS and locally onto the NAS's using the "IP local pool" command.
> >
> > Ever since the change, I've noticed that I no longer get the
> > dynamic IP address noted in the RADIUS accounting records.
> > Other non-Cisco NAS's are configured in a similar manner
> > where they hand out the IPs themselves and I do get the IP
> > address in the RADIUS accounting logs.
> >
> > I'm sure I must be missing some AAA or RADIUS command to
> > correct this. Any advice?
> >
> > 6400 config portions:
> >
> > aaa new-model
> > aaa authentication ppp default local group radius
> > aaa authorization network default local group radius
> > aaa accounting network default start-stop group radius
> > !
> > interface Virtual-Template1
> > ip unnumbered Loopback0
> > no logging event link-status
> > load-interval 30
> > no snmp trap link-status
> > peer default ip address pool dyn-pool
> > ppp authentication pap
> > !
> > ip local pool dyn-pool xxx.xxx.xxx.1 xxx.xxx.xxx.254 (actual
> > IP replaced with "x")
> > !
> > ip radius source-interface Loopback0
> > !
> > radius-server host xxx.xxx.xxx.10 auth-port 1645 acct-port
> > 1646 key 7 xxxxxxxxxx
> > radius-server retransmit 3
> >
> >
> > Thanks,
> >
> > Dave
> >
> >
> >
> > **DISCLAIMER
> > This e-mail message and any files transmitted with it are
> > intended for the use of the individual or entity to which
> > they are addressed and may contain information that is
> > privileged, proprietary and confidential. If you are not the
> > intended recipient, you may not use, copy or disclose to
> > anyone the message or any information contained in the
> > message. If you have received this communication in error,
> > please notify the sender and delete this e-mail message. The
> > contents do not represent the opinion of D&E except to the
> > extent that it relates to their official business.
> >
> > _______________________________________________
> > cisco-nas mailing list
> > cisco-nas at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nas
> >
> _______________________________________________
> cisco-nas mailing list
> cisco-nas at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nas
More information about the cisco-nas
mailing list