Radclient COA - sending Cisco non-AVpair attributes

Steve Schubert shschubert at gmail.com
Wed Nov 6 23:25:16 CET 2013


Hi,

I'm trying to do an account-logon to a cisco ISG (aka NAS). I've created a
file to carry the attributes.

The file looks like this..

User-Name += "jane"
Service-Type = Outbound-User
cisco-command-code=01
cisco-avpair = "ssg-account-info=S10.174.168.2:294",

Here's the command I sent.

Radclient ­x ­f /home/admin/coa_file 10.172.168.6:3799 coa testing123

The debug from radclient doesn't show any errors.

It shows Cisco-Command-Code = "01"

Here's the debug from the cisco router.

Nov  6 22:40:03.489: RADIUS/DECODE: Reply-Message fragments, 13, total 13
bytes
Nov  6 22:43:43.542: RADIUS: COA  received from id 164 10.194.170.150:43374,
CoA Request, len 84
Nov  6 22:43:43.542: RADIUS/ENCODE(00000000):Orig. component type = Invalid
Nov  6 22:43:43.542: RADIUS/ENCODE: Skip encoding 0 length AAA attribute
formatted-clid
Nov  6 22:43:43.543: RADIUS(00000000): sending
Nov  6 22:43:43.543: RADIUS(00000000): Send CoA Nack Response to
10.194.170.150:43374 id 164, len 120
Nov  6 22:43:43.543: RADIUS:  authenticator 00 37 CB 5E 01 05 D8 08 - 3F 8F
EA 3D 09 88 E4 8F
Nov  6 22:43:43.543: RADIUS:  User-Name           [1]   6   "jane"
Nov  6 22:43:43.543: RADIUS:  Service-Type        [6]   6   Outbound
[5]
Nov  6 22:43:43.543: RADIUS:  Vendor, Cisco       [26]  29
Nov  6 22:43:43.543: RADIUS:   Cisco AVpair       [1]   23
"service-type=Outbound"
Nov  6 22:43:43.543: RADIUS:  Vendor, Cisco       [26]  10
Nov  6 22:43:43.543: RADIUS:   ssg-command-code   [252] 4
Nov  6 22:43:43.543: RADIUS:   30 31                [Unknown 01]
Nov  6 22:43:43.543: RADIUS:  Vendor, Cisco       [26]  25
Nov  6 22:43:43.543: RADIUS:   ssg-account-info   [250] 19
"S10.174.168.2:294"
Nov  6 22:43:43.543: RADIUS:  Reply-Message       [18]  18
Nov  6 22:43:43.543: RADIUS:   4E 6F 20 76 61 6C 69 64 20 53 65 73 73 69 6F
6E  [ No valid Session]
Nov  6 22:43:43.543: RADIUS:  Dynamic-Author-Error[101] 6   Unsupported
Service       [405]

As you can see it's translating the command code from decimal to hex. How do
I specify the command code to be hex? (I've tried 0x01 but again it converts
the ascii to hex)

Also, is there documentation that explains the syntax to be used in the
attribute file?

Thanks,
Steve


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20131106/49157df3/attachment.html>


More information about the Freeradius-Users mailing list