On Fri, 28 Jan 2011, Steve Lalonde wrote:
> On 28 Jan 2011, at 02:30, Michael wrote: > >> >> I give up. I've searched for hours for a hint at what this CoA / >> Change-of-Authorization / Change-Filter-Request is. I think it is what >> i'm looking for. >> >> I was kinda hoping something like this would work: >> -code Change-Filter-Request User-Name="test" cisco-Policy-Down="rate1M" >> or: >> code Change-Filter-Request Acct-Session-Id="00000012" >> cisco-Policy-Down="rate1M" >> >> My Disconnect-Request process works fine which uses a similar process. >> >> >> Michael > > Hi > > I had the same problem and eventually got it working using the following > > /usr/local/bin/radpwtst -noauth -noacct -code Change-Filter-Request -secret > XXXXXXXX -s $nas-ip -auth_port 1700 Framed-IP-Address=$ip > cisco-avpair="ip:sub-qos-policy-out=$policy" > > that worked but i had scaling issues, only solved when i moved the traffic > management to Cisco SCE devices. > > -- > Steve Lalonde RTFM > Chief Technical Officer > Entanet International Ltd > http://www.enta.net/ > > Thanks for the suggestion. I never thought to try to match by IP alone, but it didn't seem to work. The router shows the attributes i enter with radpwtst, it just refuses to match anything. COA: x.x.x.x request queued ++++++ CoA Attribute List ++++++ 86124E38 0 00000001 addr(7) 4 x.x.x.x 857EA738 0 00000009 sub-qos-policy-out(348) 6 RATE1M COA: No matching entry found COA: Added Reply Message: No Matching Session COA: Added NACK Error Cause: Session Context Not Found COA: Sending NAK from port 1700 to x.x.x.x There must be more strict limitations/requirments in order to match a session for CoA? maybe something else has to be used as matching attributes? I do have the match policy set for ANY for now during testing: aaa server radius dynamic-author ... auth-type any This to me is suppose to tell the router to match a session if ANY attribute at all match. There must me something more that's required that most people unknowingly adhere to? _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
