Problem with F5 BigIP accouting : hexadecimal attribute

Vincent, Fabien fabien.vincent at
Mon Oct 17 13:26:02 CEST 2011

Dear all,


I'm using Radius for authenticating admin users on different network
equipments. "group authorize {...}" works fine with rlm_ldap and group


But I have some problem for accounting on F5 BigIP LTM / GTM.


In fact, my radius accounting server is receiving accounting-request like
this :


Accounting-Request packet from host port 36875, id=29,

NAS-IP-Address = [IP address unknown, not corresponding to NAS interfaces]

        F5-Attr-14 =  [Hexa decimal output starting with 0x .]

WARNING: Empty section.  Using default return values.

+- entering group accounting {...}

[sql]   expand: packet has no accounting status type. [user '%{User-Name}',
nas '%{NAS-IP-Address}'] -> packet has no accounting status type. [user '',
nas '[nas IP unknown]']

[sql] packet has no accounting status type. [user '', nas '[nas IP

++[sql] returns invalid

Finished request 37.

Cleaning up request 37 ID


Did someone  here already use accounting with F5 BigIP LTM or GTM ? I'm
looking to make this working by changing audit_forward TCL script provided
with F5 (syslog-ng) but I wasn't able to produce something different .


I also tried to edit the dictionnary for F5 in

ATTRIBUTE       F5-LTM-User-Info-1              12       string

ATTRIBUTE       F5-LTM-User-Info-2              13       string

++ ATTRIBUTE       F5-Attr-14                      14       octets


Thanks in advance for your help !



 <mailto:fabien.vincent at> fabien.vincent at

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3746 bytes
Desc: not available
URL: <>

More information about the Freeradius-Users mailing list