[cisco-nas] RADIUS IP Question

Dave Lechlitner dlechlitner at decommunications.com
Fri Oct 3 13:39:14 EDT 2003


Thanks Aaron.  That did the trick :-)

Dave Lechlitner

>>> Aaron Leonard <Aaron at cisco.com> 10/3/2003 12:35:13 PM >>>
I believe that "aaa accounting delay-start" should fit the bill
here.  http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_reference_chapter09186a00800ca7af.html#1033002 

(This command was hidden for a long time, as I recall it.)

Aaron

---

> Dave,

> Can you try with "aaa accounting update newinfo"

> http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ 
> fsecur_c/fsaaa/scfacct.htm#1001449 indicates:

> "When the aaa accounting update command is activated, the Cisco IOS
> software issues interim accounting records for all users on the system.
> If the keyword newinfo is used, interim accounting records will be sent
> to the accounting server every time there is new accounting information
> to report. An example of this would be when IPCP completes IP address
> negotiation with the remote peer. The interim accounting record will
> include the negotiated IP address used by the remote peer."

> It sounds it will do what you want but may be it does "too much"...

> Cheers

> Vincent

> ------------------------------------------------------------------------
> ---------------
> Vincent Fayet
> Systems Engineer
> Cisco Systems
> ------------------------------------------------------------------------
> ---------------


> > -----Original Message-----
> > From: Dave Lechlitner [mailto:dlechlitner at decommunications.com] 
> > Sent: vendredi 3 octobre 2003 16:40
> > To: cisco-nas at puck.nether.net 
> > Subject: [cisco-nas] RADIUS IP Question
> >
> >
> > We use Funk's Steel Belted RADIUS v04.00.248 to terminate PPP
> > traffic on our NAS's.  We have AS5400s, AS5800, and 6400s.  I
> > recently moved the handing out of dynamic IP addresses off of
> > RADIUS and locally onto the NAS's using the "IP local pool" command.
> >
> > Ever since the change, I've noticed that I no longer get the
> > dynamic IP address noted in the RADIUS accounting records.
> > Other non-Cisco NAS's are configured in a similar manner
> > where they hand out the IPs themselves and I do get the IP
> > address in the RADIUS accounting logs.
> >
> > I'm sure I must be missing some AAA or RADIUS command to
> > correct this.  Any advice?
> >
> > 6400 config portions:
> >
> > aaa new-model
> > aaa authentication ppp default local group radius
> > aaa authorization network default local group radius
> > aaa accounting network default start-stop group radius
> > !
> > interface Virtual-Template1
> >  ip unnumbered Loopback0
> >  no logging event link-status
> >  load-interval 30
> >  no snmp trap link-status
> >  peer default ip address pool dyn-pool
> >  ppp authentication pap
> > !
> > ip local pool dyn-pool xxx.xxx.xxx.1 xxx.xxx.xxx.254 (actual
> > IP replaced with "x")
> > !
> > ip radius source-interface Loopback0
> > !
> > radius-server host xxx.xxx.xxx.10 auth-port 1645 acct-port
> > 1646 key 7 xxxxxxxxxx
> > radius-server retransmit 3
> >
> >
> > Thanks,
> >
> > Dave
> >
> >
> >
> > **DISCLAIMER
> > This e-mail message and any files transmitted with it are
> > intended for the use of the individual or entity to which
> > they are addressed and may contain information that is
> > privileged, proprietary and confidential. If you are not the
> > intended recipient, you may not use, copy or disclose to
> > anyone the message or any information contained in the
> > message. If you have received this communication in error,
> > please notify the sender and delete this e-mail message. The
> > contents do not represent the opinion of D&E except to the
> > extent that it relates to their official business.
> >
> > _______________________________________________
> > cisco-nas mailing list
> > cisco-nas at puck.nether.net 
> > https://puck.nether.net/mailman/listinfo/cisco-nas 
> >

> _______________________________________________
> cisco-nas mailing list
> cisco-nas at puck.nether.net 
> https://puck.nether.net/mailman/listinfo/cisco-nas 




**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received this communication in error, please notify the sender and delete this e-mail message. The contents do not represent the opinion of D&E except to the extent that it relates to their official business.



More information about the cisco-nas mailing list