NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
M7100-24X does RADIUS auth but no acccounting
We have an M7100-24X (11.0.0.31 firmware) configured to do RADIUS AAA on all auth lists for the management console. It does the authentication part just fine, but it never sends any accounting packets. We have both the auth server and accounting server configured (they are the same server), but there is 0 accounting traffic when a user logs in or even tries to (no traffic on a failed login, either).
We've even tried using separate servers for auth and accounting and the result is the same: no accounting packets. The counters in the "Accounting Serever Configuration" stats section are always 0, and tcpdump at the RADIUS server shows no traffic on port 1813.
- Yes, we have accoutning mode set to "Enabled"
- Yes, the IP address has been verified to be correct
- Yes, the "Number of configured accounting servers" is > 0 in the "Radius Configuration" summary page
- No, we do not have "Radius 4 Attribute Mode" enabled
We've got an XS748 switch configured for this same RADIUS server that behaves as expected (we see both auth and accounting traffic from it on a console login).
Any clues?
8 Replies
I see commands in the CLI that supposedly manipulate global accouting settings, but it's not obvious to me what commands will turn on accounting for the HTTPS connection.
Welcome to the community! :)
As far as I have checked, there is no issue logged on the M7100-24X as per described on your post. Not sure if this will help but let us try this. Kindly try to update the firmware of the M7100-24X to the latest version which v11.0.0.40 then observe if the same problem will occur. You can download firmware v11.0.0.40 here.
Regards,
DaneA
NETGEAR Community Team
We don't update firmware on a whim. It's an event that impacts users. The changelog for this firmware suggests the only change was this:
- Compliant with California Privacy Law: Force user to change the default password on first login to the device.
Unless you have a better argument for why you think this firmware will resolve the issue, then no, I am not going to take down a bunch of users for a non-essential change.
I understand that you do not want to just update the firmware. With regard to that, I suggest you to set up port mirroring on the M7100-24X. Select a port as a source port on the M7100-24X where the user is directly connected. Then, select another port as a destination port on the M7100-24X where a PC with Wireshark installed is directly connected. Run Wireshark and observe. It would be best that Wireshark would be able to capture that there is 0 accounting traffic whenever a user logs in.
Kindly read pages 700-701 of the M7100 user manual here on how to set up port mirroring. You may download Wireshark here. Also, check this link I found online and use it as a guide on how to use Wireshark.
For the captured packets to be analyzed, kindly open a chat or online support ticket with NETGEAR Support at anytime. Attach the captured packets from Wireshark on the support ticket you have opened for it to be investigated by the NETGEAR Support team.
Regards,
DaneA
NETGEAR Community Team
I've already run tcpdump on the accounting server, which is directly connected to the switch. There is traffic on port 1812 when the user authenticates, but none on 1813 (the accounting port).
And the switch's own sats show it is not generating accounting traffic:
I inquired your concern to the higher tier of NETGEAR Support and got a feedback. According to them, it would be best that you open a support ticket with NETGEAR Support at anytime for further investigation about your concern.
Regards,
DaneA
NETGEAR Community Team
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
