000018998 - ACE/Server 5.0 Radius Accounting not working correctly

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 5Show Document
  • View in full screen mode

Article Content

Article Number000018998
Applies ToRSA ACE/Server 5.0 (no longer supported as of 8-15-2004)
Radius Accounting
RADIUS
RSA ACE/Server RADIUS
Microsoft Windows 2000
IssueACE/Server 5.0 Radius Accounting not working correctly
Radius Accounting does not log to a file
Radius daemon exits when receives accounting request
Resolution1.  Open the Windows 2000 services file (winnt/system32/drivers/etc) and change the following radius ports from 1812/1813 to 1645/1646:

radius 1812 --> radius 1645
radacct 1813 --> radacct 1646

2.  From the ../ace/prog directory, run the radius configuration utility "rwconfig.exe" and make sure "Enable Radius Accounting" is checked.

3.  On the same configuration screen, make sure "Full Path to Accounting Directory" does NOT contain a drive letter.  For example, if you want the accounting log to go into "c:\ace\radacct", you would type "ace\radacct" in the path.  Leaving this field blank will automatically send the accounting log to "ace/data/radacct" by default.

4.  Under Administration Tools --> open Routing and Remote Access and Disable.

5.  Check the ACE/Server data directory and delete the "radacct" folder if one exists.  The ACE/Server will automatically create this directory if needed.

The NAS device that is pointing to the ACE/Server for radius authentication must have accounting turned on.  For example, if the radius device is a Cisco 2500 router, the following lines must be added in order to enable radius accounting:

aaa accounting exec start-stop radius
aaa accounting network start-stop radius

A Free Radius Test Utility (NTRadPing) can be download from http://www.mastersoft-group.com/download/.

See also RADIUS Accounting not working correctly with ACE/Server 5.0
Legacy Article IDa4794

Attachments

    Outcomes