Created on 11-28-2021 11:15 PM
Description |
This article describes tips regarding tracing radius account start and stop messages in the debug log file of collector agent.
How to distinguish between start and stop messages for troubleshooting and visibility reasons. |
Scope |
Scope of this article is related to FSSO setups when CA will use Radius accounting start and stop messages as a source event to enable single sign on for users .
Topology will be: Radius Server ---> Collector Agent --->FortiGate
FGT 6.0/ 6.2/6.4 FSSO CA 5.0297 / 5.0301
#https://docs.fortinet.com/document/fortigate/6.0.0/handbook/482937/agent-based-fsso#RADIUS |
Solution |
1) Radius Server will send accounting start and stop meesages to the FSSO Collector Agent.
2)Collector Agent will parse Radius messages, and will register logons. A start message will denote a login event, whilst a stop message a logout event for the user.
3)Collector Agent will update accordingly the FortiGate for any changes related to the user login /logout events , so FortiGate can have an updated database of authenticated and unathenticated users .
- Q:How should Start accounting messages look on collector agent debug logs +Accounting start messages should appear in CA logs as :
1 1/27/2021 12:03:14 [ 2628] [D][ShowAttributes]RadiusAttr: Type= 40, Length= 6, Value={00 00 00 01 ...} --->value 1 is associated with Start . This is is the same '1' value that it is found in the start packet capture from the Radius accounting source.
+Accounting start has 5 attributes.
11/27/2021 12:03:14 [ 2628] [D][DumpPacketData]RadiusPacket: data=0000005FD014E950, size=67 +Start messages on a packet capture
- Q:How should stop acounting messages look on collector agent debug logs +Accounting stop messages should appear in CA logs as :
+Accounting stop has 2 attributes
+Stop messages on a packet capture
Related articles
https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-RSSO-issue/ta-p/197897
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.