Accounting Packets and Anonymous Identity

Selahattin Cilek selahattin_cilek at
Sun Feb 5 14:13:29 CET 2017

On 05.02.2017 16:10, Phil Mayers wrote:
> As a couple of people have noted, if the NAS supports it you can (in 
> order of preference):
> 1. Return User-Name in Access-Accept which a compliant NAS will then 
> copy to Accounting-Requests
> 2. Abuse Class in Access-Accept e.g. set it to "user=<name>" then 
> extract that in preacct{} and rewrite the received username in the 
> accounting packets
> 3. If the NAS sends Acct-Session-Id in Access-Requests, cache or store 
> these in a DB, then do a cache/SQL lookup in preacct{} to find the 
> username from authentication, and rewrite the accounting. You could 
> hack this with NAS-IP-Address & Calling-Station-Id if you're really 
> desperate and the Acct-Session-Id isn't present in Access-Request.
Done it in post-auth. Thank you.
> If none of these options are available, then you will need to perform 
> offline or near-realtime analysis of your accounting to match auth to 
> acct sessions and discover the real username.
> -
> List info/subscribe/unsubscribe? See 

This email has been checked for viruses by Avast antivirus software.

More information about the Freeradius-Users mailing list