Service-Logon
Jay Kuhne (jkuhne)
jkuhne at cisco.com
Fri Oct 8 22:16:30 CEST 2010
Do I need to define the service that I am referencing "v4_POLICY" elsewhere in freeradius?
For example in a .conf file?
Thanks,
Jay
-----Original Message-----
From: freeradius-users-bounces+jkuhne=cisco.com at lists.freeradius.org [mailto:freeradius-users-bounces+jkuhne=cisco.com at lists.freeradius.org] On Behalf Of Jay Kuhne (jkuhne)
Sent: Friday, October 08, 2010 5:53 AM
To: freeradius-users at lists.freeradius.org
Subject: RE: Service-Logon
Hello,
I am attempting to "COA Service-Logon" with Radclient and cisco av-pair attributes.
I can perform other COA like tagged ACL or Named but so far not service-logon
Local ACL "IN_ACL_NAMED_v4_2" is on my ISG gateway (Cisco ASR1k).
Have this cmd which I understand allows radius to define the policy.
aaa authorization subscriber-service default group RADIUS_GROUP
Syntax I am using for Radclient/coa to existing session: (Have tried without Outbound-User as well)
Acct-Session-Id="000003EE"
Service-Type += Outbound-User
cisco-avpair="subscriber:command=activate-service"
cisco-avpair="subscriber:service-name=v4_POLICY"
cisco-avpair="ip:inacl=IN_ACL_NAMED_v4_2"
Am seeing the following on the gateway: "COA: Message Authenticator missing or failed decode"
Could someone verify my syntax and give any suggestions?
Do I need to actually define/configure "v4_POLICY" anywhere?
Jay
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list