FSSO Collector Agent radius accounting stop doesnt logoff user

alihonsy · ‎10-15-2025

I have Setup FSSO Collector Agent to be radius accounting server so that it monitors FSSO users and Radius Wifi users , NPS Server forward accounting requests to the FSSO but i have two problems with this setup:

1- The FSSO Agent receives accounting stop messages ( confirmed through debug log) but it doesnt remove the user from login users list and neither tells fortigate to remove users

alihonsy · ‎10-16-2025

For anyone facing the same issue i have found the problem was in the radius accounting settings in advanced settings.
1- i have set it as my domain in UPN format ad.domains.com
2- once i changed it to legacy name DOMAIN it started working and stop messages successfuly removed the user from logon users
for example instead of setting Default domain name to ad.example.com
set it tojust EXAMPLE or whatever your legacy domain is .
i used upper case as this how fsso read the users in logon users list

View solution in original post

distillednetwork · ‎10-15-2025

Have you confirmed that in the radius accounting message, the Framed IP (client's ip) is in the message?

::: If a solution is helpful, don't forget to give kudos or Accept as Solution for others. :::

alihonsy · ‎10-16-2025

yes the message contains the framed ip address and user name , th e only thing that i think of is case sensitivity or domain suffix , in logon users the users are listed by DOMAIN/USERNAME all capital while the radius mesage contains user name in user.name small letters , i dont know if the collector matches by ip address or user name , in my radius accounting settings i have my domain as ad.domain.com i have added a sample accounting stop message below

[D][ShowHeaderInfo]RadiusPacket: Code=4, Id=53, Length=350, Auth={AB 5C 49 ... F0 5F}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 40, Length= 6, Value={00 00 00 02 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 4, Length= 6, Value={0A 0A 0A 64 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 1, Length= 14, Value={6D 61 6C 61 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 5, Length= 6, Value={00 00 00 00 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 61, Length= 6, Value={00 00 00 13 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 31, Length= 14, Value={64 36 66 39 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 30, Length= 24, Value={37 54 48 2D ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 8, Length= 6, Value={0A 0A 11 DB ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 50, Length= 25, Value={44 36 46 39 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 44, Length= 42, Value={33 34 33 41 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 41, Length= 6, Value={00 00 00 00 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 26, Length= 16, Value={00 00 39 E7 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 26, Length= 21, Value={00 00 39 E7 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 26, Length= 12, Value={00 00 39 E7 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 26, Length= 16, Value={00 00 39 E7 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 25, Length= 34, Value={25 7B 41 63 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 26, Length= 12, Value={00 00 39 E7 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 42, Length= 6, Value={00 00 4F CB ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 43, Length= 6, Value={00 00 2E AD ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 47, Length= 6, Value={00 00 00 B9 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 48, Length= 6, Value={00 00 00 43 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 52, Length= 6, Value={00 00 00 00 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 53, Length= 6, Value={00 00 00 00 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 49, Length= 6, Value={00 00 00 03 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 46, Length= 6, Value={00 00 00 3E ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 6, Length= 6, Value={00 00 00 01 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]RadiusAttr: Type= 33, Length= 10, Value={0A 0A 0B 02 ...}
10/16/2025 13:51:08 [ 848] [D][ShowAttributes]---- 27 Attribute(s) 330 bytes ----

alihonsy · ‎10-16-2025

For anyone facing the same issue i have found the problem was in the radius accounting settings in advanced settings.
1- i have set it as my domain in UPN format ad.domains.com
2- once i changed it to legacy name DOMAIN it started working and stop messages successfuly removed the user from logon users
for example instead of setting Default domain name to ad.example.com
set it tojust EXAMPLE or whatever your legacy domain is .
i used upper case as this how fsso read the users in logon users list

FSSO Collector Agent radius accounting stop doesnt logoff user

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website