You can report user session information to an external RADIUS accounting server. If you select this mode only, the system assumes that you have set up another type of authentication method to authenticate and authorize your users to access their resources.
This accounting data is used primarily for billing, statistical, and general network monitoring purposes.
For RADIUS authentication, Access Policy Manager (APM) converts an attribute value to hex if it contains unprintable characters, or if it is the class attribute. APM converts the class attribute to hex even if it contains only printable values (by attribute type). No other attributes are encoded to hex if they do not contain unprintable characters.
1bf80e04.session.radius.last.attr.class 62 / 0x54230616000001370001ac1d423301caa87483dadf740000000000000007
243be90d.session.radius.last.attr.class 119 0x6162636465666768696 / a6b6c6d6e6f707172737475767778797a | 0x54220615000001370001ac1d423301caa87483 / dadf740000000000000006
3888eb70.session.radius.last.attr.login-lat-group 37 / 0x6d7920bda12067726f757032 | mygroup1
In this case, only values that are unprintable are encoded to hex.
You might run into problems with RADIUS authentication and accounting in some instances. Follow these tips to try to resolve any issues you might encounter.
|Possible error messages||Possible explanations and actions|
|Authentication failed due to timeout||
|Authentication failed due to RADIUS access reject||
|Check to see if your access policy is attempting to perform authentication||
Note: Make sure that your log level is set to the appropriate level. The default log level is notice.
|Check the RADIUS Server configuration||
|Confirm network connectivity||
|Capture a TCP dump||
Important: If you decide to escalate the issue to customer support, you must provide a capture of the TCP dump when you encounter authentication issues that you cannot otherwise resolve on your own.