Hi, when doing tunneled EAP methods, the logging behaviour is different between v1 and v2. v1 used to be: inner request = localhost, outer request = real client, like below: Wed Dec 5 21:11:11 2007 : Auth: Login OK: [stefan.winter@restena.lu] (from client localhost port 0) Wed Dec 5 21:11:11 2007 : Auth: Login OK: [@restena.lu] (from client radius-1 port 1 cli 00-13-ce-c2-b1-86) v2 format is: both are logged as coming from real client, like:
Thu Mar 27 11:00:00 2008 : Auth: Login incorrect: [x.y@uni.lu] (from client WLC-Walferdange2 port 0) Thu Mar 27 11:00:00 2008 : Auth: Login incorrect: [x.y@uni.lu] (from client WLC-Walferdange2 port 29 cli 00-1C-BF-73-E6-0A)
That makes parsing the log file more difficult, if the number of authentications happening is to be taken out of the radius.log file. If a NAS doesn't send Calling-Station-Id, the two are almost not correlatable, except for the timestamp and a possibly different port (both seem whacky ways of doing it). Was this change advertantly? Can I get the old behaviour back? Or at least, add "-inner" to the client name for inner requests? Greetings, Stefan Winter -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: stefan.winter@restena.lu Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473
participants (1)
-
Stefan Winter