Service-Logon
Jay Kuhne (jkuhne)
jkuhne at cisco.com
Fri Oct 8 11:52:41 CEST 2010
Hello,
I am attempting to "COA Service-Logon" with Radclient and cisco av-pair attributes.
I can perform other COA like tagged ACL or Named but so far not service-logon
Local ACL "IN_ACL_NAMED_v4_2" is on my ISG gateway (Cisco ASR1k).
Have this cmd which I understand allows radius to define the policy.
aaa authorization subscriber-service default group RADIUS_GROUP
Syntax I am using for Radclient/coa to existing session: (Have tried without Outbound-User as well)
Acct-Session-Id="000003EE"
Service-Type += Outbound-User
cisco-avpair="subscriber:command=activate-service"
cisco-avpair="subscriber:service-name=v4_POLICY"
cisco-avpair="ip:inacl=IN_ACL_NAMED_v4_2"
Am seeing the following on the gateway: "COA: Message Authenticator missing or failed decode"
Could someone verify my syntax and give any suggestions?
Do I need to actually define/configure "v4_POLICY" anywhere?
Jay
More information about the Freeradius-Users
mailing list