General discussion

Locked

cisco as5300 not sending username login to radius

By saiyen2002 ·
I have an AS5300 IOS (tm) 5300 Software (C5300-I-M), Version 12.2(16) using it as RAS.



I am using FreeRADIUS Version 2.1.8 for accounting puposes



The problem I am facing is that when users dial into the as5300, it is not sending the username. I need the as5300 to send the username so that a realm can be matched.



Below is snippet of debug output from FreeRadius



rad_recv: Accounting-Request packet from host 192.168.0.57 port 1646, id=211, length=97
NAS-IP-Address = 192.168.0.57
NAS-Port = 182
NAS-Port-Type = Async
Called-Station-Id = "02081131234"
Calling-Station-Id = "2075176623"
Acct-Status-Type = Start
Service-Type = Framed-User
Acct-Session-Id = "0000006E"
Framed-Protocol = PPP
Acct-Delay-Time = 0
+- entering group preacct {...}
++[preprocess] returns ok
[acct_unique] WARNING: Attribute User-Name was not found in request, unique ID MAY be inconsistent
[acct_unique] Hashing 'NAS-Port = 182,Client-IP-Address = 192.168.0.57,NAS-IP-Address = 217.73.64.57,Acct-Session-Id = "0000006E",'
[acct_unique] Acct-Unique-Session-ID = "93340c227b9a5bca".
++[acct_unique] returns ok
[suffix] Proxy reply, or no User-Name. Ignoring.
++[suffix] returns ok
++[files] returns noop





Below is my AAA config from my cisco



aaa new-model
aaa authentication login default local
aaa authentication ppp default group radius
aaa authorization network default none
aaa accounting send stop-record authentication failure
aaa accounting network default start-stop group radius



I have tested with radtest with username testing@secureroot and i get the following output which does ffind the username and thus the realm. this indicates to me that there is nothing wrong with my freeradius config




rad_recv: Access-Request packet from host 127.0.0.1 port 37443, id=212, length=67
User-Name = "testing@secureroot"
User-Password = "mypassword"
NAS-IP-Address = 217.73.64.75
NAS-Port = 1812
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "secureroot" for User-Name = "testing@secureroot"
[suffix] Found realm "secureroot"
[suffix] Adding Stripped-User-Name = "testing"
[suffix] Adding Realm = "secureroot"
[suffix] Authentication realm is LOCAL.



My full debug is pretty long, if you think it will help then I will post it







Thanks

This conversation is currently closed to new comments.

0 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Back to Networks Forum
0 total posts (Page 1 of 1)  

Related Discussions

Related Forums