Inner identity in accounting logs
Jonathan Gazeley
jonathan.gazeley at bristol.ac.uk
Thu Jan 15 16:31:19 CET 2009
I have an existing FreeRadius setup for an 802.1x wireless network.
Currently the accounting is done to a MySQL database. Presently, the
username appearing in these records is the outer identity. I want to use
the authenticated inner identity, such that I can rely on my accounting
data e.g. for billing.
I know that accounting packets are not sent through the inner-tunnel and
so I can't simply move my accounting to the inner-tunnel. I suppose what
I'm after is a way to tie a session at authentication to the associated
session in accounting. Is there any sort of ID that is used both in
inner-tunnel authentication and accounting, that can be relied upon?
Otherwise am I looking at using something like the MAC address of the
client?
The other option might be using vendor supplied attributes from the
Cisco controllers. Has anyone done this before?
Thanks,
Jonathan
----------------------------
Jonathan Gazeley
Systems Support Specialist
ResNet | Wireless & VPN Team
Information Services
University of Bristol
----------------------------
More information about the Freeradius-Users
mailing list