cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2335
Views
0
Helpful
3
Replies

AAA Session Context Error

Haris P
Level 4
Level 4

Dear Experts,

We are using Cisco 7301 as our NAS for our DSL users and a third party software as Radius

We configured PoD radius server for our DSL . But it seems that radius can't remove the users from the NAS .

The following is the error

Dec 7 20:33:27.547: POD: Added Reply Message: No Matching Session

Dec 7 20:33:27.547: POD: Added NACK Error Cause: Session Context Not Found

The following is my config

aaa server radius dynamic-author

client <radius ip address>

server-key cisco

auth-type any

ignore session-key

ignore server-key

aaa pod server auth-type any server-key cisco

Regards

Haris

3 Replies 3

wdrootz
Level 4
Level 4

The work around, to avoid this failure, is "aaa session-id common" needs to be enabled.

My Issue is fixed now

The "aaa session-id common" command was enabled already . But my Issue was different

I got two interfaces from NAS going to two different switches and both were seeing as two different NAS by radius . So sometimes the radius request go from one interface and comes from another interface and it was conflicting the session .

As per Cisco , For a call to be disconnected, all parameters must match their expected values at the gateway. If the parameters do not match, the gateway discards the packet of disconnect packet and sends a NACK (negative acknowledgement message) to the agent

http://www.faqs.org/rfcs/rfc2882.html

Regards

Haris

Add below mentioned commands under aaa config of cisco router

ignore session-key

ignore server-key

post it freeradius will start disconnection active sessions on cisco NAS.

Freeradius config.NAS IP( 10.0.0.1)

# echo "Acct-Session-Id=D91FE8E51802097" > packet.txt
# echo "User-Name=somebody" >> packet.txt
# echo "NAS-IP-Address=10.0.0.1" >> packet.txt

# cat packet.txt | radclient -x 10.0.0.1:3799 disconnect ''secret''

Sending Disconnect-Request of id 214 to 10.0.0.1 port 3799
      Acct-Session-Id = "D91FE8E51802097"
      User-Name = "somebody"
      NAS-IP-Address = 10.0.0.1
rad_recv: Disconnect-ACK packet from host 10.0.0.1 port 3799, id=214, length=20