Detecting RELATED accounting packets

Nasser Heidari nasser at
Tue Nov 17 15:42:38 CET 2015

Thanks for your helpful point. I'm using Cisco NAS (Cisco ASR and Cisco 7200 

-----Original Message-----
From: Freeradius-Users 
[ at] On 
Behalf Of Vijay S
Sent: Tuesday, November 17, 2015 5:45 PM
To: FreeRadius users mailing list <freeradius-users at>
Subject: Re: Detecting RELATED accounting packets

Hi Nasser
It would have been helpful if you mentioned what NAS you are using.

Vijay A.

On Tuesday, November 17, 2015, Nasser Heidari <nasser at> wrote:

> Hi,
> In my current environment I'm using Radius Proxy. As a new requirement
> I want to allow all users whom rejected by Proxy to connect to
> Network, but put them in walled garden and let them to access only specified 
> resources.
> Also when they get connected I should store their IP, Mac, NAS
> information which exist in accounting packet.
> I want to create virtual server on radius proxy and handle all
> REJECTED users with this. Problem is, there isn't any relation between
> authentication and accounting packets so I don't know which accounting
> packets are related to REJECTED users to forward them to virtual
> server.
> I have two Ideas which may help me to solve this issue:
> 1- Store POSTAUTH message in DB and then when I receive accounting
> packets, in preacct stage lookup user's info using (mac+nas+nas-port)
> in POSTAUTH DB and then decide to forward packet to PROXY or Virtual server.
> 2- When I'm sending access-accept, send another attribute to NAS
> (which is Cisco), and NAS should include this special attribute in all
> accounting packets of REJECTED users so using this I can seprate users
> and send correct accounting info to PROXY or virtual server. (Trying
> to use a kind of marking method, which I'm not sure it's possible).
> I would be thankful if you kindly share your Ideas about this problem
> and other possible methods to solve it.
> Kind Regards,
> Nasser
> -
> List info/subscribe/unsubscribe? See
List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list