This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
- Community
- RUCKUS Technologies
- RUCKUS Lennar Support
- Community Services
- RTF
- RTF Community
- Australia and New Zealand – English
- Brazil – Português
- China – 简体中文
- France – Français
- Germany – Deutsch
- Hong Kong – 繁體中文
- India – English
- Indonesia – bahasa Indonesia
- Italy – Italiano
- Japan – 日本語
- Korea – 한국어
- Latin America – Español (Latinoamérica)
- Middle East & Africa – English
- Netherlands – Nederlands
- Nordics – English
- North America – English
- Poland – polski
- Russia – Русский
- Singapore, Malaysia, and Philippines – English
- Spain – Español
- Taiwan – 繁體中文
- Thailand – ไทย
- Turkey – Türkçe
- United Kingdom – English
- EOL Products
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- RUCKUS Forums
- RUCKUS Technologies
- ICX
- Re: Send radius accounting interim-updates when Us...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Send radius accounting interim-updates when User-Name Changes
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-11-2021 04:18 AM
Hello, I am trying to configure ICX7450 with FortiGate Firewall Radius SSO. It is working ok for most of the cases. The only problem I have is on Windows 10 domain computer using User or computer authentication dot1x. The behaviour is as fallows:
1. The computer authenticates with the Computer Domain account. The switch sends radius accounting START packet and INTERIM packet with the computer User-Name and IP. Till this point everything is working as expected.
2. The User logs in and performs Authentication Request. The switch is not sending Accounting START, STOP or INTERIM packet to the firewall and the accounting session continues. Because of this the User-Name in the firewall is not updated.
3. When some time passes INTERIM Update is sent with the new User-Name by the switch to the firewall and the firewall updates the User-Name.
Question: How to configure the switch to send INTERIM Update immediately after the User logs in.
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2021 05:07 AM
I understand your point.
I haven't tested such a scenario in my lab, so I am not able to tell whether the behavior observed is expected, but it's something that definitely worths the try.
For a better approach, the best action is opening a support case, that way we can replicate in our lab and even request for the fix/enhancement in case we found it's applicable.
As a workaround, I can think of enabling COA to see if that will force the interim update to be immediately sent when the new user logs in:
device(config)# aaa authorization coa enable
With regards,
--
Orlando Elias
Technical Support
--
Orlando Elias
Technical Support
Labels
-
7250
1 -
802.3af PoE
1 -
802.3at PoE
1 -
ACL
1 -
auto-provision
1 -
auto-provisioning
1 -
Crypto Keys
1 -
dhcp-66
1 -
fastiron-10
1 -
fastiron-8
1 -
Firmware Upgrade
2 -
ICX
3 -
ICX 7150-C12p
1 -
ICX switch
2 -
ICX-7150-C12
1 -
ICX-7550
1 -
ICX-8200
1 -
not enough electricity
1 -
overlad
1 -
Override PoE Operating Mode
1 -
PD overload
1 -
Poe
1 -
PoE mode.
1 -
power limitations
1 -
Proposed Solution
1 -
RUCKUS Self-Help
2 -
stack
1 -
stack password
1 -
tftp
1 -
Upgrade
1 -
Upgrade path
1 -
We
1 -
zero-touch
1
- « Previous
- Next »
