Logging

ClearBox Server is capable of dumping content of all packets it receives and sends and all errors and warnings that may occur during server operation.

The logs may be directed to

• Log files (optionally);
• Server Manager for remote observing;
• Windows Event Log (optionally).

These logs cannot be used for accounting and are intended for debugging purposes only.

NOTE. I t is not recommended to turn on dumping packets to Windows Event Log to prevent its overfilling.

Log files may be permanent (i.e. they are not changed when the server runs) and be optionally renewed daily. In order to turn on the latter, open Server Manager, go to the 'Server settings' tab, select 'Logging settings' and check the 'Start new file every day' option. ClearBox then renames current log file every midnight, adding the passed date to the file name, and starts new file.

Error Logging

All errors are logged into a specific file with the default location in <installation directory>/Bin/errlog.txt.

Three types of events are logged into error file:

• Errors. Every entry reporting about an error has its number, by which it can be identified (see numeric list of errors). An error has a description and may have additional information, which may describe error reason.
• Warnings. They report about events that are not so severe as errors but may affect server operation.
• Informational messages ("Info"). They carry information about changes in server state.

Error log file is the first place to look in when server does not operate properly. If the server doesn't start, but this file doesn't exist or have no related information, this means that all errors are sent to Windows Event Log.

See Troubleshooting for more details how to find errors and fix them.

Debug Logging

Debug logging writes all information relevant to a RADIUS request processing to the packets log file. Debug logging is described in details here.

Packets logging

ClearBox Server can be configured to log content of all packets. This feature should be used primarily for debugging.

RADIUS packets are logged as request/response transactions, which means that every request packet has a matching response, and these two packets are logged as a single transaction. An empty line separates packets within a transaction.

There are three types of transactions:

• RADIUS Authentication transaction (Authentication request-response).
• RADIUS Accounting transaction (Accounting request-response).
• RADIUS Proxy transaction (RADIUS packet forwarded to another host and a response).

The following fields are logged for every packet in a transaction:

• Client address. It is IP address of client (i.e. the sender of the request packet).
• NAS address. It is the value extracted from NAS-IP-Address attribute if it is present in the packet.
• UniqueID. It is the unique number assigned by ClearBox to the packet. It is incremented by one with every new packet.
• Realm. It is the name of realm chosen by ClearBox for packet processing. If no realm is specified for a user, (null) is used.
• User. It is the user name for which the packet was created. It may not correspond to User-Name attribute from the request packet as the server may rewrite it.
• PAP password. It is user password in cleartext form, decrypted from User-Password attribute in the Access-Request packet. The password is logged only if Log PAP cleartext passwords option is turned on in Server Manager.
• Code. It is a standard RADIUS packet type (e.g. Access-Request, Accounting-Response).
• ID. It is ID of the RADIUS packet and is used for matching request-response packets.
• Length. It is the number of bytes in the packet. This field is valid for request packets only, and length of response packets is calculated only after the transaction is logged.
• Authenticator. It is the Authenticator field from the packet. Authenticator is calculated after transaction is logged, and is valid for request packets only.
• Forwarded to/received from. It is specified for 'RADIUS Proxy transactions' and describes a host to which a packet was forwarded.

Then list of RADIUS attributes then follows.

Raw Packets Logging

ClearBox is capable of dumping all incoming and outcoming RADIUS packets to files in binary form. This feature may become useful in debugging when problems can be caused by invalid packet structure. The binary log (in hexadecimal form) of raw (unparsed) data allows to view and analyze the packets.

By default, dumping raw data is turned off and can be configured with Server Manager on the Server settings tab (Server Settings -> Logging settings -> Raw packet data dumping). Data bytes are grouped by four and are written for every received and sent packet with current date, time, IP address and port of a packet sender/receiver.

Note that this featured should normally be turned off as it hits the server performance.