accounting with 802.1X: some clients trigger multiple starts at a time

Alan DeKok aland at deployingradius.com
Fri May 22 16:18:10 CEST 2009


Sam Hooker wrote:
>>   So the big question is: what NAS is causing the problem?
> 
> Cisco LWAPP controllers.

  Well... file a bug.

>>   Maybe suppress multiple accounting starts in the same second?
> 
> This sounds promising: How would you recommend doing it? I'm still new to the manipulation of RADIUS conversations, so hints are most welcome.

  Write an SQL query that looks for a matching field, and then put the
query into "unlang":

	if ("%{sql: SELECT from ....}") {
		ok # it's OK...
	}
	else {
		sql  # log to SQL.
	}

  The only issue is it's not clear *which* IP will get logged.

>>   Tell the rogue department to buy an AP that works.
> 
> Well, they're using a client bridge (and must be NATting), so no rogue AP...at least not in this particular case. Although there are plenty of those, too. 

  I was suggesting to buy an AP that doesn't exhibit this problem.

  Alan DeKok.



More information about the Freeradius-Users mailing list