Checkrad and Cisco WLC 4400 NAS

Patrick Machauer machauer at dhbw-mannheim.de
Sat Jun 2 15:25:33 CEST 2012 

Hi,

i've got a problem with simultaneous-use and a Cisco WLC4400. If i
choose nastype=other in clients.conf the radaact table gets queried
and if there is a running session for that user ( acctstoptime IS
NULL)
the user gets rejected ( defined for the users group in radgroupcheck
simultaneous-use := 1 ).

So far so good, but if i choose nastype=cisco, the user can log in as
often as wanted. Checkrad gets executed and logs the following:

/var/log/radius/checkrad.log

----------snip-----------------------------------------------

Fri Jun 1 15:18:27 2012 checkrad cisco 141.72.65.21 1
machauer at staff.dhbw-mannheim.de 4fc8c577/a0:0b:ba:dd:25:8a/44
snmpget: /usr/bin/snmpget -r 1 -t 5 -v2c -c 'xxxxxxxxxx' 141.72.65.21
.iso.org.dod.internet.private.enterprises.9.2.9.2.1.18.1
user at port S1: No
snpwalk: /usr/bin/snmpwalk -r 1 -t 5 -v2c -c 'xxxxxxxxxx' 141.72.65.21
.iso.org.dod.internet.private.enterprises.9.10.19.1.3.1.1.3
Returning 0 (login ok)

------------snap------------------------------------------------


If i execute the snmpget command by hand, i get the following:

 SNMPv2-SMI::enterprises.9.2.9.2.1.18.1 = No Such Object available on
this agent at this OID

The MIB on this device seems to be different than on other cisco
devices :-(

Has anyone an updated checkrad version which can get active
usersessions from Cisco WLC
or a hint how checkrad needs to be edited to do so ?

Using nastype=other is no option, because the NAS only sends
sessiontimeouts every 10 Minutes
and i always have a time lag between radacct sessions and NAS
sessions.

Help would be really great !

Yours

Patrick Machauer
Rechenzentrum

Duale Hochschule Baden-Württemberg Mannheim
Baden-Wuerttemberg Cooperative State University Mannheim
Rechenzentrum
Coblitzallee 1-9
68163 Mannheim

Tel.: +49 (0)621 4105 - 1278
Fax: +49 (0)621 4105 - 1278
E-Mail: machauer at dhbw-mannheim.de <mailto:machauer at dhbw-mannheim.de>
Web: http://www.rz.dhbw-mannheim.de <http://www.rz.dhbw-mannheim.de>





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120602/aacbe949/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PatrickMachauer.vcf
Type: text/x-vcard
Size: 3894 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120602/aacbe949/attachment.vcf>

More information about the Freeradius-Users mailing list