Minor RADIUS POD bug in 12.3

C350 Software (C350-K9W7-M), Version 12.3(8)JA

The problem is the MAC address (Calling-Station-ID attribute) accepted by RADIUS POD requests can only be in the CISCO default format.

This is still the case even when the global format is changed to IETF and RADIUS accounting messages are sent out in the IETF MAC format.

This effectivly breaks Disconnect/COA when the router is configured to send MAC addresses in a different format.

Bad request:

Jun 8 19:51:16.961: DOT11 POD Received PoD request Jun 8 19:51:16.961: DOT11 POD Invalid MAC address (00-05-4E-45-23-D5) len=17 Jun 8 19:51:16.965: DOT11 POD Could not terminate session, wds=0 err_code=404 Jun 8 19:51:16.965: POD: Added NACK Error Cause: Invalid Request Jun 8 19:51:16.965: POD: Sending NAK from port 1700 to 10.0.3.195/4539 Jun 8 19:51:16.965: RADIUS: 101 6 00000194

A similiar request works with the native formatting for MAC addresses. IMHO it would be useful for interoperabilitiy if it was more liberal in the formats it accepts. At the very least any configured RADIUS accounting format should to be seen as valid coming back via POD.

Jun 8 20:00:40.262: POD: 10.0.3.195 request queued Jun 8 20:00:40.262: ++++++ POD Attribute List ++++++ Jun 8 20:00:40.262: 00A772C0 0 00000009 username(344) 6 peterd Jun 8 20:00:40.266: 00BD49CC 0 00000009 interface(156) 1 8 Jun 8 20:00:40.266: 00BD49E0 0 00000001 nas-ip-address(457) 4 10.0.3.2 Jun 8 20:00:40.266: 00BD49F4 0 00000009 clid(27) 14 0005.4e45.23d5 Jun 8 20:00:40.270: 00BD4A08 0 00000001 session-id(319) 4 15423786 (EB592A) Jun 8 20:00:40.270: Jun 8 20:00:40.270: DOT11 POD Received PoD request Jun 8 13:00:40.270 U: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticatin g Station 0005.4e45.23d5 Reason: Disassociated by authentication server tesla# Jun 8 20:00:40.274: POD: Sending ACK from port 1700 to 10.0.3.195/4770

~Peter

Reply to
Peter Deacon
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.