Contents

User's Guide
Overview
What It Is
What's New
Key Features List
ClearBox Enterprise vs ClearBox
System Requirements
Purchasing Licenses
Getting Started
Quick Start
Understanding Server Components
Managing User Accounts
Configuring RADIUS Realms
Realm Settings
Realm Rules
Dynamic Realm Rules
Authentication
Authentication Protocols Compatibility
Logging Authentication Packets
Logging Discarded Requests
Authorization
Accounting
Account Log Files
Realm Settings
Configuring SQL Queries
Private RADIUS Attributes
Regular Expressions Syntax
RADIUS Clients
RADIUS Client Settings
Dynamic Clients Settings
SQL Data Sources
SQL Data Source Settings
LDAP Servers
LDAP Server Settings
Remote RADIUS Servers
Remote RADIUS Server Settings
State Servers
State Server Settings
Meta Configuration
Meta Configuration
Meta Configuration Settings
Meta Base Schema
TLS Settings
Creating SSL Certificates
Creating Server Sertificate
Requesting Server Certificate
Creating Client Certificates
Revoking a Certificate or Renewing CRL
Exporting CA Certificate
Issuing a Certificate in Active Directory CA
Remote Configuration
Advanced ISP Billing Integration
DTH Billing Integration
Platypus Billing System Intergration
OnDO SIP Server Integration
How Do I...
Wi-Fi Security
Wireless Authentication
Wi-Fi and RADIUS
Supported EAP Authentication Types
Security Considerations
10 Tips for Wireless Network Security
Administering the Server
Logging
Debug Logs
Troubleshooting
Using Client Tool
List of Server Errors
Maintaining RADIUS Dictionary
Basic Concepts
AAA
Authentication
Wireless Authentication
Authentication Protocols
Authorization
Accounting
RADIUS
RADIUS
Realms
RADIUS Proxy
RADIUS Attributes
Example of RADIUS Packet Transactions
List of Standard RADIUS Attributes
Glossary
Technical Support
Purchasing Licenses
Contacts

 
Home
ClearBox Enterprise Server 2.0 Online Manual
Prev Page Next Page
 
 
ClearBox Enterprise Serverâ„¢ 2.0. User's Guide

Packets Logging Settings

This dialog defines how authentication request and reply request attributes may be logged to a database. This may be useful, for instance, to track failed requests for better customer support.

Data source ID. Select one of the configured data connections from the list.

Log proxy-forwarded requests/responses. Check this option to log attributes from proxy-forwarded packets. If this option checked off, forwarded packets are not logged.

Issue this SQL command to log Access-Accept authentication transaction. Check this option to log successful authentication request/response packets.

Access-Accept command. Type in SQL command here that logs RADIUS attributes.

You may use the special keys $u, $r, $c, $n, $s, $f, $h in the command to substitute user name, realm, etc. from the request packet (see their meaning here). Besides these keys, you may insert attribute values from the request and response packets into the command. Read more about it.

Sample command: <INSERT INTO Table1(User, IPAddress, ServiceType) values('$u', '{out:Framed-IP-Address}', '{$Service-Type?0}')>

You may use 'out:' prefix to specify an attribute from a response packet. Thus {Framed-IP-Address} is an attribute from Access-Request packet, while {out:Framed-IP-Address} is the one from an Access-Accept packet.

Issue this SQL command to log Access-Reject authentication transaction. Check this option to log failed authentication request/response transactions.

Access-Reject command. Type in SQL command here that logs RADIUS attributes.

You may use the same keys as in Access-Accept command: $u, $r, $c, $n, $s, $f, $h (see their meaning here). Besides, you may insert attribute values from request and response packets into the command. Read more about it.

Sample command: <INSERT INTO Table1(User, Reason, ServiceType) values('$u', '{out:Reply-Message}', '{$Service-Type?0}')>

You may use 'out:' prefix to specify an attribute from a response packet. Thus {Reply-Message} could be an attribute from Access-Request packet (but actually never used there), while {out:Reply-Message} is the one from an Access-Reject packet.

Enable Syslog logging. Turn this option on to send received and sent RADIUS packets to a Syslog server.

Syslog server IP address. Specifies an IP address of the Syslog server.

Message priority. Select an appropriate message type from the list.

Facility. Select one from the list of protocol-defined values.

Message string. Type in a string pattern which is sent to the Syslog server. It may include special keys $u, $r, $c, $n, $s, $f, $h (see their meaning here) and RADIUS attribute values from the request and response packets. Read more about it. There are no syntax restrictions on this string.

Sample string: Packet received from the host: $c

Click 'Apply Changes' when you have configured realm authentication settings and needs to save them.


© 2001-2007 XPerience Technologies. www.xperiencetech.com
Converted from CHM to HTML with chm2web Pro 2.7 (unicode)