OT: Cisco Disconnect-Request packets

Arran Cudbard-Bell a.cudbardb at freeradius.org
Wed Aug 24 12:43:29 CEST 2011


On 24 Aug 2011, at 12:31, Jonathan Gazeley wrote:

> Hi all,
> 
> Not directly related to FreeRADIUS but I gather people here have some experience with Cisco WiSMs and 802.1x.
> 
> I'm trying to use radclient to craft a Disconnect-Request packet to disconnect a user on an 802.1x network. I've checked the RFCs for the Disconnect-Request packets and I believe I am providing all the necessary attributes to disconnect a user, however the WiSM always responds:
> 
> rad_recv: Disconnect-NAK packet from host 172.17.107.211 port 3799, id=219, length=26
> 	Error-Cause = Missing-Attribute


All attributes *MUST* match in the disconnect request, if you're including attributes that are not directly supported by Ciscos DM implementation, or are not in exactly the right format, you may run into issues.

I'd just try it with the minimum 

User-Name
Calling-Station-ID
Acct-Session-ID
NAS-IP-Address

-Arran

> 
> 
> I am sending packets like these:
> 
> Sending Disconnect-Request of id 219 to 172.17.107.211 port 3799
> 	User-Name = "jg4461"
> 	Calling-Station-Id = "00:1b:63:08:b4:eb"
> 	Framed-IP-Address = 172.21.107.197
> 	Called-Station-Id = "00:21:55:ac:5b:60:ResNet-Wireless"
> 	NAS-Port-Id = "29"
> 	NAS-Port-Type = Async
> 	Acct-Session-Id = "jg44614ddcd9e6/00:1b:63:08:b4:eb/222935"
> 	NAS-IP-Address = 172.17.107.211
> 	NAS-Port = 29
> 	NAS-Identifier = "wism11"
> 
> 
> So, does anyone know which attributes I must send to disconnect a user in this way? Is there an easier way of doing it?
> 
> Many thanks,
> Jonathan
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 

Arran Cudbard-Bell
a.cudbardb at freeradius.org

RADIUS - Half the complexity of Diameter





More information about the Freeradius-Users mailing list