[c-nsp] client mac address on LNS??

Asad Ul-Islam asad747 at cyber.net.pk
Mon Apr 6 23:49:35 EDT 2009 

We do accounting on usernames obviously. But client-mac-address is our
policy requirement for generating certain security related reports.

-----Original Message-----
From: Adam Armstrong [mailto:lists at memetic.org] 
Sent: Tuesday, April 07, 2009 1:18 AM
To: Asad Ul-Islam
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] client mac address on LNS??

Why aren't you just using the username for accounting?
> Dear Friends!
>
>  
>
> I have a setup in which DSL users connect to a LNS via L2TP. Everything is
> working fine, however on LNS I am not receiving any MAC address for the
DSL
> Users( Type PPPoVPDN). This is my standard crucial requirement for
> generating several reports for management purposes. 
>
>  
>
> Can someone tell me if it is possible to get Mac-address for the VPDN
> users??? I am getting mac-address for PPPoE type users which are
terminated
> on my BRAS.
>
>  
>
> Attach is the debug output for both LNS and BRAS which shows that
> mac-address field is missing in LNS output.
>
>  
>
> ######### LNS output (domain stripping is used) ##########
>
>  
>
> Apr  6 04:29:47.020: RADIUS(00001037): Send Access-Request to
> 10.10.10.10:3312 id 1645/44, len 123
>
> Apr  6 04:29:47.020: RADIUS:  Framed-Protocol     [7]   6   PPP
> [1]
>
> Apr  6 04:29:47.020: RADIUS:  User-Name           [1]   11  "testuser7"
>
> Apr  6 04:29:47.020: RADIUS:  User-Password       [2]   18  *
>
> Apr  6 04:29:47.020: RADIUS:  NAS-Port            [5]   6   370
>
>
> Apr  6 04:29:47.020: RADIUS:  NAS-Port-Id         [87]  17
> "Uniq-Sess-ID370"
>
> Apr  6 04:29:47.020: RADIUS:  Connect-Info        [77]  9   "1920000"
>
> Apr  6 04:29:47.020: RADIUS:  NAS-Port-Type       [61]  6   Virtual
> [5]
>
> Apr  6 04:29:47.020: RADIUS:  Service-Type        [6]   6   Framed
> [2]
>
> Apr  6 04:29:47.020: RADIUS:  NAS-IP-Address      [4]   6   1.1.1.1
>
>
> Apr  6 04:29:47.020: RADIUS:  Acct-Session-Id     [44]  18
> "CAA36E5A00001058"
>
> Apr  6 04:29:47.308: RADIUS: Received from id 1645/44 10.10.10.10:3312,
> Access-Accept, len 37
>
> Apr  6 04:29:47.308: RADIUS:  Class               [25]  5   
>
> Apr  6 04:29:47.308: RADIUS:   50 49 4E
> [PIN]
>
> Apr  6 04:29:47.308: RADIUS:  Service-Type        [6]   6   Framed
> [2]
>
> Apr  6 04:29:47.308: RADIUS:  Framed-Protocol     [7]   6   PPP
> [1]
>
> Apr  6 04:31:47.100: RADIUS(00001038): Received from id 1645/45
>
> Apr  6 04:31:47.100: VT[Vi3.1]:Request took 0 msec, 0 msec processing time
>
> Apr  6 04:31:47.100: uid:371 Tnl/Sn 58894/504 L2TP: Virtual interface
> created for testuser7 at best-dsl bandwidth 1920 Kbps
>
> Apr  6 04:31:47.100: Vi3.1 Tnl/Sn 58894/504 L2TP: Virtual interface
created
> for testuser7 at best-dsl, bandwidth 1920 Kbps
>
> Apr  6 04:31:47.100: Vi3.1 Tnl/Sn 58894/504 L2TP: VPDN session up
>
> Apr  6 04:31:47.220: RADIUS/ENCODE(00001038):Orig. component type = VPDN
>
>  
>
>  
>
> Cisco-3845-L2TP-LNS#show users
>
>  
>
>   Interface    User               Mode         Idle     Peer Address
>
>   Vi3.1        testuser7 at best-ds PPPoVPDN     -        1.1.1.233
>
>  
>
> ######### BRAS output ##########
>
>  
>
> *Mar  1 00:13:15.367: RADIUS(00000009): Send Access-Request to
> 10.10.10.10:3312 id 1645/6, len 167
>
> *Mar  1 00:13:15.367: RADIUS:  Vendor, Cisco       [26]  41  
>
> *Mar  1 00:13:15.367: RADIUS:   Cisco AVpair       [1]   35
> "client-mac-address=000f.a392.4bef"
>
> *Mar  1 00:13:15.367: RADIUS:  Framed-Protocol     [7]   6   PPP
> [1]
>
> *Mar  1 00:13:15.367: RADIUS:  User-Name           [1]   11  "testuser6"
>
> *Mar  1 00:13:15.367: RADIUS:  User-Password       [2]   18  *
>
> *Mar  1 00:13:15.367: RADIUS:  NAS-Port-Type       [61]  6   Virtual
> [5]
>
> *Mar  1 00:13:15.367: RADIUS:  Vendor, Cisco       [26]  18  
>
> *Mar  1 00:13:15.367: RADIUS:   cisco-nas-port     [2]   12  "3/0/0/0.36"
>
> *Mar  1 00:13:15.367: RADIUS:  NAS-Port            [5]   6   805306404
>
>
> *Mar  1 00:13:15.367: RADIUS:  Service-Type        [6]   6   Framed
> [2]
>
> *Mar  1 00:13:15.371: RADIUS:  NAS-IP-Address      [4]   6   1.1.1.1
>
>
> *Mar  1 00:13:15.371: RADIUS:  Acct-Session-Id     [44]  29
> "3/0/0/0.36_CAA3693A0000000E"
>
> *Mar  1 00:13:15.519: RADIUS: Received from id 1645/6 10.10.10.10:3312,
> Access-Accept, len 37
>
> *Mar  1 00:13:15.519: RADIUS:  Class               [25]  5   
>
> *Mar  1 00:13:15.519: RADIUS:   50 49 4E
> [PIN]
>
> *Mar  1 00:13:15.519: RADIUS:  Service-Type        [6]   6   Framed
> [2]
>
> *Mar  1 00:13:15.519: RADIUS:  Framed-Protocol     [7]   6   PPP
> [1]
>
> *Mar  1 00:13:15.523: RADIUS(00000009): Received from id 1645/6
>
> *Mar  1 00:13:15.643: RADIUS/ENCODE(00000009):Orig. component type = PPoE
>
>  
>
>  
>
> Cisc-3640-BRAS-And-L2TP-LAC#         show user
>
>  
>
>   Interface    User               Mode         Idle     Peer Address
>
>   Vi2.1        testuser6          PPPoE        00:03:25 2.2.2.244
>
>  
>
>  
>
>  
>
> Best Regards,
>
>  
>
> Asad Ul-Islam
>
>
>
>  
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list