Hey i found the solution to it by adding ignore session-keyignore server-key under aaa accounting of cisco radius config. below is the config
aaa server radius dynamic-author client <radius ip address> server-key cisco auth-type any ignore session-key ignore server-key aaa pod server auth-type any server-key cisco
Radius config for radclient is also mentioned below.
# echo "Acct-Session-Id=D91FE8E51802097" > packet.txt
# echo "User-Name=somebody" >> packet.txt
# echo "NAS-IP-Address=10.0.0.1" >> packet.txt
# cat packet.txt | radclient -x 10.0.0.1:3799 disconnect ''secret''
Sending Disconnect-Request of id 214 to 10.0.0.1 port 3799
Acct-Session-Id = "D91FE8E51802097"
User-Name = "somebody"
NAS-IP-Address = 10.0.0.1
rad_recv: Disconnect-ACK packet from host 10.0.0.1 port 3799, id=214, length=20
ignoring server-key is not right, because any one in the network could send pod to your NAS only by spoofing radius server ip address
mehdi.sadighian@hotmail.com http://msadighain.com
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
