MLPPP Acct-Session-Id

Alan DeKok aland at
Tue Mar 29 07:50:14 CEST 2011

Jay Kuhne (jkuhne) wrote:
> Is there another attribute syntax on radclient that could be used aside from Acct-Session-Id  to perform COA to a session

  I'm not sure I can parse that.

  I *think* the correct response is to say "read the NAS documentation".
 If the NAS accepts CoA packets, the documentation *should* say what it
needs in the CoA to disconnect a session.

  Failing that, look at the Accounting-Request packets for the session.
 Take that data (other than the various counters), put it into a CoA
packet, and hope for the best.

> RADIUS: COA  received from id 48 x.x.x.99:1052, CoA Request, len 149                  
> COA: x.x.x.20 request queued                                                          
> COA: Message Authenticator missing or failed decode                                   

  That message seems clear.  Add the Message-Authenticator attribute to
the CoA packet.

  And *why* does the NAS require this?  RFC5176 does *not* require a
Message-Authenticator to be in a CoA packet.

  Alan DeKok.

More information about the Freeradius-Users mailing list