Nas IP address in logs
Sergio Belkin
sebelk at gmail.com
Wed Apr 23 19:39:34 CEST 2008
Thanks Ivan that I did'n know :) also, I had disabled accounting, now,
I enabled that and detailed auth log
Now I get something as follow in radacct/10.128.255.80/auth-detail-20080423 :
Wed Apr 23 14:16:22 2008
Packet-Type = Access-Request
User-Name = "quelocoquesoyche"
NAS-IP-Address = 10.128.255.80
Called-Station-Id = "005d7edc25de"
Calling-Station-Id = "005cb37ae2ee"
NAS-Identifier = "005d7edc25de"
NAS-Port = 55
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0200000c0167736965727232
Message-Authenticator = 0x955e4a648595f3ae5dd7f3486dea99f4
Great!
2008/4/23, Ivan Kalik <tnt at kalik.net>:
> That will be logged in your accounting log.
>
>
> Ivan Kalik
> Kalik Informatika ISP
>
> Dana 23/4/2008, "Sergio Belkin" <sebelk at gmail.com> piše:
>
> >Thanks Ivan,
> >
> >I know that :) But I want get IP from NAS's that are behind a
> >NAT-proxy-firewall server, I want the NAS IP and not the
> >NAT-proxy-firewall server IP.
> >
> >In fact my clients.conf has something as follows:
> >
> > client 10.128.255.86 {
> > require_message_authenticator = no
> > secret = "pepepotamo"
> > shortname = "Hormiga"
> > }
> > client 10.128.255.87 {
> > require_message_authenticator = no
> > secret = "pepepotamo2"
> > shortname = "Avispa"
> > }
> > client 203.221.198.59 {
> > require_message_authenticator = no
> > secret = "pepepotamo3"
> > shortname = "Abeja"
> >}
> >-- end of file---
> >
> >client with 203.221.198.59 is a remote server (connect to radius via
> >vpn) with NAS's "behind".
> >
> >If I run in debug mode I can see the "actual" NAS IP can be read,
> >
> >For example:
> >
> >rad_recv: Access-Request packet from host 203.221.198.59 port 2048,
> >id=0, length=123
> > User-Name = "soyreloco"
> > NAS-IP-Address = 192.168.134.210
> > Called-Station-Id = "001d7edc2621"
> > Calling-Station-Id = "001b63085e39"
> > NAS-Identifier = "001d7edc2624"
> > NAS-Port = 63
> > Framed-MTU = 1400
> > NAS-Port-Type = Wireless-802.11
> > EAP-Message = 0x0200000a016c79616972
> > Message-Authenticator = 0x951db6ffd60187bc4b6fee7f951feef3
> >
> >
> > is there a way to get such a thing (192.168.134.210 in this case) in
> >radius logs with radius running in non-debug mode?
> >
> >Thanks in advance!
> >
> >2008/4/23, Ivan Kalik <tnt at kalik.net>:
> >> >From clients.conf:
> >>
> >> # The short name is used as an alias for the fully qualified
> >> # domain name, or the IP address.
> >> #
> >> shortname = localhost
> >>
> >> shortname is printed in the log. Put NAS IP there if you want it in
> >> radius.log.
> >>
> >> Ivan Kalik
> >> Kalik Informatika ISP
> >>
> >>
> >> Dana 23/4/2008, "Sergio Belkin" <sebelk at gmail.com> piše:
> >>
> >>
> >> >Hi, how can I get the "NAS-IP-Address" in radius.log?
> >> >
> >> >--
> >> >--
> >> >Open Kairos http://www.openkairos.com
> >> >Watch More TV http://sebelk.blogspot.com
> >> >Sergio Belkin -
> >>
> >> >-
> >> >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> >> >
> >> >
> >>
> >> -
>
> >> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
> >>
> >
> >
> >--
>
> >--
> >Open Kairos http://www.openkairos.com
> >Watch More TV http://sebelk.blogspot.com
> >Sergio Belkin -
> >
> >-
> >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> >
> >
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
More information about the Freeradius-Users
mailing list