On 07/02/2017 16:20, Selahattin Cilek wrote:
I have been experimenting with the Class attribute to obtain the user's true identity in order to do accounting and I realised that accounting packets arriving from some users do not have this attribute.
Did you definitely send the Class attribute in all the Access-Accept packets? Then the NAS is broken. Did you not send the Class attribute in some Access-Accept packets? Then your RADIUS config is broken. To prove it one way or the other, use tcpdump / wireshark / radsniff. Find an example of an accounting packet which does not have a Class attribute, and then tie it back to the corresponding Access-Accept packet. Aside: it's a good idea to add "-s 1500" to the tcpdump command line ("-s 0" on Linux) to capture the whole packet. But in your case I don't think they are truncated. Regards, Brian.