Proxim AP-4000 manual Authentication Attributes, Accounting Attributes, 111

NOTE: This feature requires RADIUS authentication using MAC Access Control or 802.1x. Wireless clients configured in the Access Point’s static MAC Access Control list are not tracked.

Authentication and Accounting Attributes

Additionally, the AP supports a number of Authentication and Accounting Attributes defined in RFC2865, RFC2866, RFC2869, and RFC3580.

Authentication Attributes

•State: Received in Access-Accept Packet by the AP during Authentication and sent back as-is during Re-Authentication.

•Class: Received in Access-Accept Packet by the AP during Authentication and back as in Accounting Packets.

•Session-Timeout

–If the RADIUS server does not send a Session-Timeout, the AP will set the subscriber expiration time to 0, which means indefinite access.

–The Termination Action attribute defines how the Session-Timeout attribute will be interpreted. If the Termination Action is DEFAULT, then the session is terminated on expiration of the Session-Timeout time interval. If Termination Action is RADIUS-Request, then re-authentication is done on expiration on the session.

–If the RADIUS server sends a Session-Timeout, the value specified by the Session-Timeout attribute will take precedence over the configured Authorization Lifetime value.

•Termination-Action

–Valid values are: Default (0), RADIUS-Request (1). When the value is “default,” the Termination-Action attribute sends an accounting stop message and then reauthenticates. If the value is “RADIUS-Request,” the Termination-Action attribute reauthenticates without sending an accounting stop.

•Idle Timeout

–The AP internally maintains the Idle-Timeout attribute obtained for each of the users during their authentication process, and uses this time interval in place of accounting inactivity time for timing out clients.

•Calling Station Id

–MAC address of the client getting authenticated.

•Called Station Id

–The AP sends the MAC address of its own wireless interface with which the client getting authenticated is getting associated, appended with the SSID. If VLAN is enabled, the SSID and corresponding VLAN ID get appended.

•Acct-Interim-Interval

–Obtained during the Authentication process and used for determining the time interval for sending Accounting Update messages.

–This attribute value takes precedence over the value of the Accounting Update Interval.

Accounting Attributes

•Acct-Delay-Time

–Indicates how many seconds the AP has been trying to send a particular packet related to a particular user. This time can be used at the server to determine the approximate time of the event generating this accounting request.

•Acct-Session-Id

–Unique accounting ID that aids in tracking client accounting records. This attribute is sent in Start and Stop RADIUS accounting messages, and contains the client MAC address appended with the unique session ID.

•Acct-Session-Time

–Acct-Session-Time is calculated the following way (for each transmitted/retransmitted Acct-Stop): Acct-Session-Time = time of last sent packet - subscriber login time.

•Acct-Input-Octets

111