Log final reply packet including any VSA's
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Wed Feb 8 23:32:12 CET 2017
Hi,
> Just wanted to check if their are any ways of logging the final reply
> sent to NAS. By this I mean this bit from radiusd -X
>
> (10) Sent Access-Accept Id 10 from 172.21.8.201:1812 to
> 172.20.0.76:39604 length 0
> (10) Aruba-User-Role = "authenticated"
> (10) MS-MPPE-Recv-Key =
> 0xf2af9bba1de508511fa7ed2d41fdcef297593e51a2901c8d90e64889345c4190
> (10) MS-MPPE-Send-Key =
> 0xf522b78b422d7a5a23302b3370fce4a080e8cad27e83391f220645ca8f269f46
> (10) EAP-Message = 0x030a0004
> (10) Message-Authenticator = 0x00000000000000000000000000000000
> (10) Finished request
>
> In this its sending back an Aruba VSA.
>
> I can get all of the above by doing %{reply:[*]} but it doesnt log the
> actual VSA in it. Just checking if there is an easy way of doing. I
> need both the name of the attribute and the actual attribute value
> returned like its showing up on this debug.
sure - 'reply_log' - just enable it in the post-auth section of the virtual server,
read the detail.log module file for more info.
alan
More information about the Freeradius-Users
mailing list