How does the device sensor send information to a RADIUS server? 05/27/2018 – by Mod_GuideK 1 How does the device sensor send information to a RADIUS server? A. Accounting B. Authorization C. Analyzer D. Collector SHOW ANSWERSCorrect Answer: A Explanation/Reference: aaa accounting dot1x default start-stop group radius radius-server vsa send accounting Accounting request:
You can verify that using ‘debug radius’ command on the switch or performing packet capture between switch and ISE. Radius debug: Mar 30 05:34:58.716: RADIUS(00000000): Send Accounting-Request to 1.1.1.1:1813 id 1646/85, len 378 Mar 30 05:34:58.716: RADIUS: authenticator 17 DA 12 8B 17 96 E2 0F – 5D 3D EC 79 3C ED 69 20 Mar 30 05:34:58.716: RADIUS: Vendor, Cisco [26] 40 Mar 30 05:34:58.716: RADIUS: Cisco AVpair [1] 34 “cdp-tlv= ” Mar 30 05:34:58.716: RADIUS: Vendor, Cisco [26] 23 Mar 30 05:34:58.716: RADIUS: Cisco AVpair [1] 17 “cdp-tlv= ” Mar 30 05:34:58.721: RADIUS: Vendor, Cisco [26] 59 Mar 30 05:34:58.721: RADIUS: Cisco AVpair [1] 53 “lldp-tlv= ” Mar 30 05:34:58.721: RADIUS: User-Name [1] 19 “20-BB-C0-DE-06-AE” Mar 30 05:34:58.721: RADIUS: Vendor, Cisco [26] 49 Mar 30 05:34:58.721: RADIUS: Cisco AVpair [1] 43 “audit-session-id=0AE518200000022800E2481C” Mar 30 05:34:58.721: RADIUS: Vendor, Cisco [26] 19 Mar 30 05:34:58.721: RADIUS: Cisco AVpair [1] 13 “vlan-id=101” Mar 30 05:34:58.721: RADIUS: Vendor, Cisco [26] 18 Mar 30 05:34:58.721: RADIUS: Cisco AVpair [1] 12 “method=mab” Mar 30 05:34:58.721: RADIUS: Called-Station-Id [30] 19 “F0-29-29-49-67-0D” Mar 30 05:34:58.721: RADIUS: Calling-Station-Id [31] 19 “20-BB-C0-DE-06-AE” Mar 30 05:34:58.721: RADIUS: NAS-IP-Address [4] 6 10.229.20.43 Mar 30 05:34:58.721: RADIUS: NAS-Port [5] 6 60000 Mar 30 05:34:58.721: RADIUS: NAS-Port-Id [87] 23 “GigabitEthernet1/0/13” Mar 30 05:34:58.721: RADIUS: NAS-Port-Type [61] 6 Ethernet [15] Mar 30 05:34:58.721: RADIUS: Acct-Session-Id [44] 10 “00000018” Mar 30 05:34:58.721: RADIUS: Acct-Status-Type [40] 6 Watchdog [3] Mar 30 05:34:58.721: RADIUS: Event-Timestamp [55] 6 1301463298 Mar 30 05:34:58.721: RADIUS: Acct-Input-Octets [42] 6 538044 Mar 30 05:34:58.721: RADIUS: Acct-Output-Octets [43] 6 3201914 Mar 30 05:34:58.721: RADIUS: Acct-Input-Packets [47] 6 1686 Mar 30 05:34:58.721: RADIUS: Acct-Output-Packets [48] 6 35354 Mar 30 05:34:58.721: RADIUS: Acct-Delay-Time [41] 6 0 Mar 30 05:34:58.721: RADIUS(00000000): Sending a IPv4 Radius Packet Mar 30 05:34:58.721: RADIUS(00000000): Started 5 sec timeout Mar 30 05:34:58.737: RADIUS: Received from id 1646/85 10.62.145.51:1813, Accounting-response, len 20 Reply
You can verify that using ‘debug radius’ command on the switch or performing packet capture between switch and ISE.
Radius debug:
Mar 30 05:34:58.716: RADIUS(00000000): Send Accounting-Request to 1.1.1.1:1813 id 1646/85, len 378
Mar 30 05:34:58.716: RADIUS: authenticator 17 DA 12 8B 17 96 E2 0F – 5D 3D EC 79 3C ED 69 20
Mar 30 05:34:58.716: RADIUS: Vendor, Cisco [26] 40
Mar 30 05:34:58.716: RADIUS: Cisco AVpair [1] 34 “cdp-tlv= ”
Mar 30 05:34:58.716: RADIUS: Vendor, Cisco [26] 23
Mar 30 05:34:58.716: RADIUS: Cisco AVpair [1] 17 “cdp-tlv= ”
Mar 30 05:34:58.721: RADIUS: Vendor, Cisco [26] 59
Mar 30 05:34:58.721: RADIUS: Cisco AVpair [1] 53 “lldp-tlv= ”
Mar 30 05:34:58.721: RADIUS: User-Name [1] 19 “20-BB-C0-DE-06-AE”
Mar 30 05:34:58.721: RADIUS: Vendor, Cisco [26] 49
Mar 30 05:34:58.721: RADIUS: Cisco AVpair [1] 43 “audit-session-id=0AE518200000022800E2481C”
Mar 30 05:34:58.721: RADIUS: Vendor, Cisco [26] 19
Mar 30 05:34:58.721: RADIUS: Cisco AVpair [1] 13 “vlan-id=101”
Mar 30 05:34:58.721: RADIUS: Vendor, Cisco [26] 18
Mar 30 05:34:58.721: RADIUS: Cisco AVpair [1] 12 “method=mab”
Mar 30 05:34:58.721: RADIUS: Called-Station-Id [30] 19 “F0-29-29-49-67-0D”
Mar 30 05:34:58.721: RADIUS: Calling-Station-Id [31] 19 “20-BB-C0-DE-06-AE”
Mar 30 05:34:58.721: RADIUS: NAS-IP-Address [4] 6 10.229.20.43
Mar 30 05:34:58.721: RADIUS: NAS-Port [5] 6 60000
Mar 30 05:34:58.721: RADIUS: NAS-Port-Id [87] 23 “GigabitEthernet1/0/13”
Mar 30 05:34:58.721: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Mar 30 05:34:58.721: RADIUS: Acct-Session-Id [44] 10 “00000018”
Mar 30 05:34:58.721: RADIUS: Acct-Status-Type [40] 6 Watchdog [3]
Mar 30 05:34:58.721: RADIUS: Event-Timestamp [55] 6 1301463298
Mar 30 05:34:58.721: RADIUS: Acct-Input-Octets [42] 6 538044
Mar 30 05:34:58.721: RADIUS: Acct-Output-Octets [43] 6 3201914
Mar 30 05:34:58.721: RADIUS: Acct-Input-Packets [47] 6 1686
Mar 30 05:34:58.721: RADIUS: Acct-Output-Packets [48] 6 35354
Mar 30 05:34:58.721: RADIUS: Acct-Delay-Time [41] 6 0
Mar 30 05:34:58.721: RADIUS(00000000): Sending a IPv4 Radius Packet
Mar 30 05:34:58.721: RADIUS(00000000): Started 5 sec timeout
Mar 30 05:34:58.737: RADIUS: Received from id 1646/85 10.62.145.51:1813, Accounting-response, len 20