[strongSwan] Enabled eap-radius doesn't log session information
Houman
houmie at gmail.com
Mon Dec 25 11:40:56 CET 2017
Hello,
I have setup StrongSwan successfully with FreeRadius. I can create a new
user in the radcheck table inside radius DB and authenticate with the VPN
with that user afterwards.
However, there is no information saved inside the radacct table. I was
expecting to see the session time of a connected user and find out a way to
count the traffic a user has been utilising.
But why is the table empty?
I install StrongSwan like this, I don't specifically compile it with
*./configure
--enable-eap-radius*
Instead, I install it like this, is that ok?
add-apt-repository ppa:freeradius/stable-3.0 -y
apt-get install -y language-pack-en strongswan strongswan-ikev2
libstrongswan-standard-plugins strongswan-libcharon libcharon-extra-plugins
freeradius freeradius-utils freeradius-mysql
*# vim /etc/strongswan.conf*
charon {
load_modular = yes
plugins {
include strongswan.d/charon/*.conf
}
}
include strongswan.d/*.conf
*# vim /etc/strongswan.d/charon/eap-radius.conf*
servers {
server-a {
accounting = yes
secret = ${CLIENT_SECRET}
address = 127.0.0.1
auth_port = 1812
acct_port = 1813
}
}
*# vim /etc/ipsec.conf*
config setup
strictcrlpolicy=yes
uniqueids=never
conn roadwarrior
auto=add
compress=no
type=tunnel
keyexchange=ikev2
fragmentation=yes
forceencaps=yes
ike=aes256gcm16-sha256-ecp521,aes256-sha256-ecp384,aes256-3des-sha1-modp1024!
esp=aes256gcm16-sha256,aes256-3des-sha256-sha1!
dpdaction=clear
dpddelay=180s
rekey=no
left=%any
leftid=@${VPNHOST}
leftcert=cert.pem
leftsendcert=always
leftsubnet=0.0.0.0/0
right=%any
rightid=%any
rightauth=eap-radius
eap_identity=%any
rightdns=208.67.222.222,208.67.220.220
rightsourceip=${VPNIPPOOL}
rightsendcert=never
Merry Christmas and thank you,
Houman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20171225/cf5cd507/attachment.html>
More information about the Users
mailing list