The Pix as NAS/Radius client to the Windows 2000 IAS Radius server does not send an Accounting-Start Request packet at the beginning of a VPN session. It does send an Access Request, and does send an Accounting-Stop, but no Accounting-Start. I determined this through a network monitor capture. As a result, the IAS log does not record the time that a VPN user has stopped a session, and the resulting session length.
This may seem convoluted, but the session start is logged by IAS, without an accounting-start (attribute 40=1) being sent. I am guessing that the reason the IAS does not log when a user stops (attribute 40=2) his VPN session is because it never got the Accounting-start.
This problem is distinct from Xauth Accounting, which I did enable, but works in a more granular way, as opposed to the overall session starts and stops.
Does anyone know why this is happening? As it is, I have no way of knowing the time spent in a VPN session, without extrapolating through the overkill of Xauth accounting.
Thanks to anyone who has experienced this.
This may seem convoluted, but the session start is logged by IAS, without an accounting-start (attribute 40=1) being sent. I am guessing that the reason the IAS does not log when a user stops (attribute 40=2) his VPN session is because it never got the Accounting-start.
This problem is distinct from Xauth Accounting, which I did enable, but works in a more granular way, as opposed to the overall session starts and stops.
Does anyone know why this is happening? As it is, I have no way of knowing the time spent in a VPN session, without extrapolating through the overkill of Xauth accounting.
Thanks to anyone who has experienced this.