Jay Kuhne (jkuhne)
jkuhne at cisco.com
Tue Mar 29 15:08:04 CEST 2011
Thanks for your reply. I think the bottom line is I need to do some
I tried a PPP vs. MLPPP session and my COAs work as expected.
I'll see if I can gather data from the Accounting-Request like you
mention. I'll see if I can find the " Message-Authenticator attribute"
I'm not sure why the NAS is making this mandatory, I'll have to
This is very helpful since as I can clearly see I'm not an expert in
From: freeradius-users-bounces+jkuhne=cisco.com at lists.freeradius.org
[mailto:freeradius-users-bounces+jkuhne=cisco.com at lists.freeradius.org]
On Behalf Of Alan DeKok
Sent: Tuesday, March 29, 2011 1:50 AM
To: FreeRadius users mailing list
Subject: Re: MLPPP Acct-Session-Id
Jay Kuhne (jkuhne) wrote:
> Is there another attribute syntax on radclient that could be used
> aside from Acct-Session-Id to perform COA to a session
I'm not sure I can parse that.
I *think* the correct response is to say "read the NAS documentation".
If the NAS accepts CoA packets, the documentation *should* say what it
needs in the CoA to disconnect a session.
Failing that, look at the Accounting-Request packets for the session.
Take that data (other than the various counters), put it into a CoA
packet, and hope for the best.
> RADIUS: COA received from id 48 x.x.x.99:1052, CoA Request, len 149
> COA: x.x.x.20 request queued
> COA: Message Authenticator missing or failed decode
That message seems clear. Add the Message-Authenticator attribute to
the CoA packet.
And *why* does the NAS require this? RFC5176 does *not* require a
Message-Authenticator to be in a CoA packet.
List info/subscribe/unsubscribe? See
More information about the Freeradius-Users