RADIUS module: Difference between revisions

The RADIUS module (from V4.4) shows information about RADIUS (Remote Authentication Dial-In User Service) traffic, which is used for authentication and accounting of users for dial-up connections like DSL, WLAN or VPN. Each RADIUS packet contains one message, which may carry optional attributes. RADIUS messages can be grouped into classes, the standard RFC 2865 defined Access and Accounting, but many other message types were implemented by various vendors.

Access messages

• Access Request: Clients send such messages to the server with information used to determine if the user should be granted access. Attached information attributes may be the Called Station ID, the Calling Station ID or the Network Access Server (NAS) Specifier.
• Access Accept: Servers may respond with such messages to provide configuration information to the client for using the requested services.
• Access Reject: Servers may respond with such messages if the received request did not contain valid information to grant access to its services.
• Access Challenge: Servers may respond with such messages send the client a challenge, requiring a response.

Accounting messages

• Accounting Request: Clients send such messages to the server with information to identify the user, who uses a service.
• Accounting Response: Servers respond with such messages to acknowledge that the request of the client has been received and recorded successfully.

Overview

RADIUS overview

Information about all RADIUS packets are shown as values and graphs to give a quick overview. Global traffic can be shown in the traffic graph to see the share of RADIUS on the overall traffic. A PCAP download button allows capturing that traffic.

The Packet response times section shows the delay between client requests and their server responses as minimum, average and maximum duration values, as well as in a graph.

The RADIUS messages section shows counters and graphs for the different message types grouped by their message type classes. Transport quality issues are indicated in the Messages with not in order sequence number subsection. Counters show for clients and servers the number of Expected messages. Transport problems due to Repeated messages, Reordered messages or even Lost messages are shown for both directions as counters and graphs.

Connections

RADIUS connections common columns

All RADIUS connections with their client and server IPs and ports and optional details like host names are shown. Various toggles allow to show only relevant information about the connections:

• Name: The reported Called Station ID, Calling Station ID and NAS Specifier of the client requests are shown.
• Timing: The Start time, Last activity and Duration of the connection will be visible.
• Counters: RADIUS packets and bytes are shown as total counters as well as rates in packets or bits per second.
• Message types: Counters for the total RADIUS message count and the different message type classes RADIUS Access messages, RADIUS Accounting messages and RADIUS Other messages are shown for servers and clients.
  • Access Messages: In combination with the Message types toggle, counters for the message types RADIUS Access Accept messages, RADIUS Access Challenge messages, RADIUS Access Reject messages and RADIUS Access Response messages are shown.
  • Accounting Messages: In combination with the Message types toggle, counters for the message types RADIUS Accounting Request messages and RADIUS Accounting Response messages are shown.
• Lost/repeated Packets: Packet counters with the result of the message sequence counter (RADIUS identifier) analysis can be shown. Expected Messages are the amount of RADIUS messages the peer should have sent according to the sequence numbers used. Repeated Messages count repeatedly seen packets from a peer with the same sequence number, while Reordered Messages indicate conditions, where older messages are seen after newer ones. Lost Messages count gaps in the seen sequence numbers, indicating that expected packets got lost.
• Response times: The duration statistics between the seen client request packet and its corresponding (according to the RADIUS identifier) server response packet are shown for minimum, average and maximum value.
• VLAN: The used IDs of Outer VLANs and Inner VLANs are shown.
• Graph: Up to five graphs can be selected from the following available graphs to be shown simultaneously:
  • RADIUS traffic (bit/s)
  • RADIUS traffic (packets/s)
  • Packet response times
  • RADIUS messages (messages/s)
  • RADIUS Access messages (messages/s)
  • RADIUS Accounting messages (messages/s)
  • Client message flow (messages/s)
  • Server message flow (messages/s)
• PCAP: The PCAP download button is shown for each RADIUS connection.

A complex filter for the shown row values can be used to limit the shown connections to the specific needs. See Live filtering of tables for a detailed description about how to use this.