understanding NAS and accounting packets
Saurabh Shandilya
saurabhshandilya.1991 at gmail.com
Tue Jun 20 23:21:08 CEST 2017
On Wed, Jun 21, 2017 at 2:15 AM, Alan Buxey <alan.buxey at gmail.com> wrote:
> Your wireless device (the dlink) is the NAS. If you're not seeing
> accounting packets at the RADIUS server then
>
> 1 can NAS do accounting?
> 2 is NAS configured to send packets?
> 3 acct is on UDP port 1813 , is that open and accessible on your AWS
> instance and OS?
> 4 is accounting listener enabled/configured on your FreeRADIUS server?
>
> alan
>
> Hi alan,
Thanks for your response. So the next step is to figure out as what you
pointed out.
1. I don't know if my dlink 850l can do accounting. How to know that? All
I can see is a routerlogin page at my router page i.e. 192.168.0.1 and I
can nowhere see any sort of accounting thing.
Datasheet of this doesn't say anything like this too.
2. How to configure it for sending packets ??
Is this some kind of high order functionality that we receive in hardware
firewalls or some higher end routers ?
3. Yes on my aws instance, for testing purposes I have opened both the
ports and I can see in the freeradius debug output that it is listening on
that.
Here is the output of netstat
# netstat -aun
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 127.0.0.1:18120 0.0.0.0:*
udp 0 0 0.0.0.0:1812 0.0.0.0:*
udp 0 0 0.0.0.0:1813 0.0.0.0:*
udp 0 0 0.0.0.0:1814 0.0.0.0:*
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp 0 0 0.0.0.0:39817 0.0.0.0:*
4. Yes i have uncommented sql part in sites-enabled/default and other
sections.
> On 20 Jun 2017 9:37 pm, "Saurabh Shandilya" <saurabhshandilya.1991 at gmail.
> com>
> wrote:
>
> > Hi all,
> >
> > I am using freeradius server on my AWS.
> > Freeradius version : 2.2.8 on 64bit system installed it via package
> > manager.
> >
> > I have tried to go through a few times over the online present materials
> > for freeradius but still I am not able to wrap my head around NAS.
> >
> > Here is my picture & current understanding:
> >
> > *Wireless AP* : D link 850l ; WPA-enterprise is only on 5 GHz band. The
> > router firmware gives me this flexibility to put different security
> > provisions on 2.4 and 5.0 GHz spectrum.
> >
> > AWS instance : *freeradius* server running.
> > radtest output is correct as I can see by username and password being
> > authenticated by access-accept response.
> >
> >
> > 1. One of my node i.e laptop/mobile phone tries to connect to my wireless
> > access point at 5.0 GHz.
> > 2. I recieve packets at my freeradius server as I see it by running with
> -X
> > swtich.
> > 3. Successfull authentication is done and my device is connected.
> >
> > The problem arises for me when there occurs no accounting packets, the
> > radacct table is empty all along. As what I think I understand by
> reading
> > materails over internet, it seems like NAS sends this which I probably
> was
> > considering my router to be.
> >
> > Is my d-link 850l is NAS?
> > or I am getting it all wrong?
> >
> > There are no accounting packets, I checked it with radsniff.
> >
> > I am attaching a very big output response from my free-radius output.
> > Initial few attempts are done while I tried connecting from my android
> > phone to wireless AP with wrong credentials. Line number 1890 is when I
> > sent request with correct credentials.
> >
> > Also, attaching my default file under sites-enabled/.
> >
> > I understand that I am here asking two things but I guess thats how I
> come
> > to know about the problem.
> >
> > Let me know if any other outputs or logs are required.
> > --
> > Regards,
> > saurabh shandilya
> > www.embedded4fun.com
> > https://in.linkedin.com/in/shandilyasaurabh
> >
> > -
> > List info/subscribe/unsubscribe? See http://www.freeradius.org/
> > list/users.html
> >
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html
--
Regards,
saurabh shandilya
www.embedded4fun.com
https://in.linkedin.com/in/shandilyasaurabh
More information about the Freeradius-Users
mailing list