ClearBox Server is capable of dumping content of all packets it
receives and sends and all errors and warnings that may occur
during server operation.
The logs may be directed to
- Log files (optionally);
- Server Manager for remote observing;
- Windows Event Log (optionally).
These logs cannot be used for accounting and are intended for
debugging purposes only.
NOTE. I t is not recommended to turn on dumping packets to
Windows Event Log to prevent its overfilling.
Log files may be permanent (i.e. they are not changed when the
server runs) and be optionally renewed daily. In order to turn on
the latter, open Server Manager, go to the 'Server settings' tab,
select 'Logging settings' and check the 'Start new file
every day' option. ClearBox then renames current log file
every midnight, adding the passed date to the file name, and starts
All errors are logged into a specific file with the default
location in <installation directory>/Bin/errlog.txt.
Three types of events are logged into error file:
- Errors. Every entry reporting about an error has its number, by
which it can be identified (see numeric list
of errors). An error has a description and may have additional
information, which may describe error reason.
- Warnings. They report about events that are not so severe as
errors but may affect server operation.
- Informational messages ("Info"). They carry information about
changes in server state.
Error log file is the first place to look in when server does
not operate properly. If the server doesn't start, but this file
doesn't exist or have no related information, this means that all
errors are sent to Windows Event Log.
See Troubleshooting for more
details how to find errors and fix them.
Debug logging writes all information relevant to a RADIUS
request processing to the packets log file. Debug logging is
described in details here.
ClearBox Server can be configured to log content of all packets.
This feature should be used primarily for debugging.
RADIUS packets are logged as request/response transactions,
which means that every request packet has a matching response, and
these two packets are logged as a single transaction. An empty line
separates packets within a transaction.
There are three types of transactions:
- RADIUS Authentication transaction (Authentication
- RADIUS Accounting transaction (Accounting
- RADIUS Proxy transaction (RADIUS packet forwarded to another
host and a response).
The following fields are logged for every packet in a
- Client address. It is IP address of client (i.e. the
sender of the request packet).
- NAS address. It is the value extracted from
NAS-IP-Address attribute if it is present in the
- UniqueID. It is the unique number assigned by ClearBox
to the packet. It is incremented by one with every new packet.
- Realm. It is the name of realm chosen by ClearBox for
packet processing. If no realm is specified for a user,
(null) is used.
- User. It is the user name for which the packet was
created. It may not correspond to User-Name attribute from
the request packet as the server may rewrite it.
- PAP password. It is user password in cleartext form,
decrypted from User-Password attribute in the Access-Request
packet. The password is logged only if Log PAP cleartext
passwords option is turned on in Server Manager.
- Code. It is a standard RADIUS packet type (e.g.
- ID. It is ID of the RADIUS packet and is used for
matching request-response packets.
- Length. It is the number of bytes in the packet. This
field is valid for request packets only, and length of response
packets is calculated only after the transaction is logged.
- Authenticator. It is the Authenticator field from
the packet. Authenticator is calculated after transaction is
logged, and is valid for request packets only.
- Forwarded to/received from. It is specified for 'RADIUS
Proxy transactions' and describes a host to which a packet was
Then list of RADIUS attributes then follows.
Raw Packets Logging
ClearBox is capable of dumping all incoming and outcoming RADIUS
packets to files in binary form. This feature may become useful in
debugging when problems can be caused by invalid packet structure.
The binary log (in hexadecimal form) of raw (unparsed) data allows
to view and analyze the packets.
By default, dumping raw data is turned off and can be configured
with Server Manager on the Server settings tab (Server
Settings -> Logging settings -> Raw packet data dumping).
Data bytes are grouped by four and are written for every received
and sent packet with current date, time, IP address and port of a
Note that this featured should normally be turned off as it hits
the server performance.
© 2001-2007 XPerience Technologies. www.xperiencetech.com