Troubleshooting Radius Accounting Issues - Motorola WiNG 4.4 Reference Manual

C - 12 WiNG 4.4 Switch System Reference Guide
• Save the current configuration
C.3.2.7 Authentication using LDAP fails
Ensure the following have been attempted:
• Is LDAP server reachable?
• Have all LDAP attributes been configured properly?
• Dbtype must be set to LDAP in AAA configuration
• Save the current configuration
C.3.2.8 VPN Authentication using onboard RADIUS server fails
Ensure the following have been attempted:
• Ensure that the VPN user is present in AAA users
• This VPN user MUST NOT added to any group.
• Save the current configuration
C.3.2.9 Accounting does not work with external RADIUS Accounting server
Ensure that accounting is enabled.
• Ensure that the RADIUS Accounting server reachable
• Verify that the port number being configured on accounting configuration matches that of external RADIUS Accounting
Server
• Verify that the shared secret being configured on accounting configuration matches that of external RADIUS
Accounting Server
C.3.3 Troubleshooting RADIUS Accounting Issues
Use the following guidelines when configuring RADIUS Accounting
• The RADIUS Accounting records are supported for clients performing 802.1X EAP based authentication or using the
Hotspot functionality.
• The user name present in the accounting records, could be that of the name in the outer tunnel in authentication
methods like: TTLS, PEAP.
• If the switch crashes for whatever reason, and there were active EAP clients, then there would be no corresponding
STOP accounting record.
• If using the on-board RADIUS Accounting server, one can delete the accounting files, using the del command in the
enable context.
• If using the on-board RADIUS Accounting server, the files would be logged under the path:
/flash/log/radius/radacct/