NAS-Post in Netgear Accounting-Packet

Stefan Puch s.puch at web.de
Tue Aug 19 21:06:03 CEST 2008 

> In the "Start"-Packets and "Interim-Update"-Packets it seems to be right.
> 
> But ALL the "Stop"-Packets have 0 as NAS-Port.
> 
> So, you agree that this is a bug of the Access-Point?
> 
> Thank you for your reply.
> 
> Wolfgang Burger

Hello, I've got three WG102 Access Points from Netgear. I'm using the latest 
firmware Version 4.0.27 because it should "Fixed the issue that 802.1x 
Authentication does not work with machine authentication"

But I can confirm that the accounting it still NOT working everytime. Looking 
into my logfiles I can see that the cases which worked fine everytime the same 
port is used.
Here are two examples, the first one worked fine, the Session-Id is always the same:
Wed Aug 13 20:05:14 2008
         Service-Type = Framed-User
         Acct-Status-Type = Start
         User-Name = "test1"
         Framed-MTU = 1488
         Acct-Session-Id = "       1"
         Acct-Authentic = RADIUS
         Acct-Delay-Time = 0
         Called-Station-Id = "00184DC8XXXX:Network"
         Calling-Station-Id = "001A73XXXXXX"
         NAS-Identifier = "APBuero"
         NAS-Port-Type = Wireless-802.11
         Connect-Info = "CONNECT 11Mbps 802.11b"
         NAS-IP-Address = 192.168.XX.XX
         NAS-Port = 1
         NAS-Port-Id = "STA port # 1"
         Acct-Unique-Session-Id = "866e0c5655a05a0b"
         Timestamp = 1218650714
         Request-Authenticator = Verified


Wed Aug 13 20:10:13 2008
         Service-Type = Framed-User
         Acct-Status-Type = Interim-Update
         User-Name = "test1"
         Framed-MTU = 1488
         Acct-Session-Id = "       1"
         Acct-Authentic = RADIUS
         Acct-Session-Time = 299
         Acct-Delay-Time = 0
         Called-Station-Id = "00184DC8XXXX:Network"
         Calling-Station-Id = "001A73XXXXXX"
         NAS-Identifier = "APBuero"
         NAS-Port-Type = Wireless-802.11
         Connect-Info = "CONNECT 11Mbps 802.11b"
         NAS-IP-Address = 192.168.XX.XX
         NAS-Port = 1
         NAS-Port-Id = "STA port # 1"
         Acct-Unique-Session-Id = "866e0c5655a05a0b"
         Timestamp = 1218651013
         Request-Authenticator = Verified


Wed Aug 13 20:34:33 2008
         Service-Type = Framed-User
         Acct-Status-Type = Stop
         User-Name = "test1"
         Framed-MTU = 1488
         Acct-Session-Id = "       1"
         Acct-Authentic = RADIUS
         Acct-Session-Time = 1758
         Acct-Terminate-Cause = User-Request
         Acct-Delay-Time = 0
         Called-Station-Id = "00184DC8XXXX:Network"
         Calling-Station-Id = "001A73XXXXXX"
         NAS-Identifier = "APBuero"
         NAS-Port-Type = Wireless-802.11
         Connect-Info = "CONNECT 11Mbps 802.11b"
         NAS-IP-Address = 192.168.XX.XX
         NAS-Port = 1
         NAS-Port-Id = "STA port # 1"
         Acct-Unique-Session-Id = "866e0c5655a05a0b"
         Timestamp = 1218652473
         Request-Authenticator = Verified

------------------------------------------------------------------------------------
But this second one from today fails with the error:

Tue Aug 19 18:11:30 2008 : Auth: Login OK: [test2 /<via Auth-Type = EAP>] (from 
client AP-Halle1 port 1 cli 001302BEXXXX)
Tue Aug 19 18:12:30 2008 : Error: rlm_radutmp: Logout for NAS AP-Halle1 port 0, 
but no Login record

When looking into detail log I can also see, that the Session-Id and the port 
changed and I don't know why

Tue Aug 19 18:11:30 2008
         Service-Type = Framed-User
         Acct-Status-Type = Start
         User-Name = "test2"
         Framed-MTU = 1488
         Acct-Session-Id = "       6"
         Acct-Authentic = RADIUS
         Acct-Delay-Time = 0
         Called-Station-Id = "000000000000:Network"
         Calling-Station-Id = "001302BEXXXX"
         NAS-Identifier = "AP-Halle1"
         NAS-Port-Type = Wireless-802.11
         Connect-Info = "CONNECT 11Mbps 802.11b"
         NAS-IP-Address = 192.168.xx.xx
         NAS-Port = 1
         NAS-Port-Id = "STA port # 1"
         Acct-Unique-Session-Id = "11f6ee9422434136"
         Timestamp = 1219162290
         Request-Authenticator = Verified

Tue Aug 19 18:12:30 2008
         Service-Type = Framed-User
         Acct-Status-Type = Stop
         User-Name = "test2"
         Framed-MTU = 1488
         Acct-Session-Id = "       6"
         Acct-Authentic = RADIUS
         Acct-Session-Time = 60
         Acct-Terminate-Cause = User-Request
         Acct-Delay-Time = 0
         Called-Station-Id = "000000000000:Network"
         Calling-Station-Id = "001302BEXXXX"
         NAS-Identifier = "AP-Halle1"
         NAS-Port-Type = Wireless-802.11
         Connect-Info = "CONNECT 11Mbps 802.11b"
         NAS-IP-Address = 192.168.xx.xx
         NAS-Port = 0
         NAS-Port-Id = "STA port # 0"
         Acct-Unique-Session-Id = "9c44efbf7672967b"
         Timestamp = 1219162350
         Request-Authenticator = Verified

---------------------------------------------------------------------------
Obviously the netgear access point uses port 1 on start but port 0 on stop.
Also the user is definitely NOT connected anymore but radwho shows the following:


# radwho -R
User-Name = "test2"
Acct-Session-Id = "       6"
NAS-IP-Address = 192.168.XX.XX
NAS-Port = 1
Service-type = Login-User
Framed-IP-Address =
Acct-Session-Time = 10255
Calling-Station-Id = "001302BEXXXX"

User-Name = "test2"
Acct-Session-Id = "      16"
NAS-IP-Address = 192.168.XX.XX
NAS-Port = 1
Service-type = Login-User
Framed-IP-Address =
Acct-Session-Time = 8170
Calling-Station-Id = "001302BEXXXX"

#

It's shows that the user is still connected...
Does anyone know how this is possible?

Best regards

Stefan Puch

More information about the Freeradius-Users mailing list