Document ID: 13845
Updated: May 03, 2004
Including Attribute 26
The layout of Remote Authentication Dial In User Service (RADIUS) packets for
authentication and accounting is described in RFCs 2138
and 2139.
This document provides an example of the breakdown of packets in an exchange
between a RADIUS client and a RADIUS server, which includes sending vendor-specific
attribute 26, and our vendor code 9 (Cisco). The RADIUS client is rtpkrb.rtp.cisco.com
and rtp-pinecone.rtp.cisco.com is the RADIUS server. In the following exchange:
- rtpkrb sends an access-request to rtp-pinecone.
- rtp-pinecone sends an access-accept to rtpkrb.
- rtpkrb sends an accounting-request (start) to rtp-pinecone.
- rtp-pinecone sends an accounting-response to rtpkrb.
- rtpkrb sends an accounting-request (stop) to rtp-pinecone.
- rtp-pinecone sends an accounting-response to rtpkrb.
PktID Timestamp Size Source Node Destination Node Status Protocol
-------------------------------------------------------------------------------
1 18:14:20.355 0119 rtpkrb.rtp.cisco. rtp-pinecone.rtp. DoD UDP
Frame 1 Size 119 Absolute Time Sep 21 18:14:20.355 ASCII MODE
-------------------------------------------------------------------------------
00000: 08 00 20 1a 5f 3d 00 00 0c 5c 5b 38 08 00 45 00 .. ._=...\[8..E.
00016: 00 65 04 e0 00 00 fd 11 8b da 0a 1f 01 05 ab 44 .e.............D
00032: 76 65 06 6d 06 6d 00 51 af 1b 01 09 00 49 a4 74 ve.m.m.Q.....I.t
00048: 24 e1 6f ce 77 79 88 6e e7 be 3c fe 0d a2 04 06 $.o.wy.n..<.....
00064: 0a 1f 01 05 05 06 00 00 00 12 3d 06 00 00 00 05 ..........=.....
00080: 01 06 62 69 6c 6c 1f 0b 31 30 2e 33 31 2e 31 2e ..bill..10.31.1.
00096: 35 02 12 fe 57 fc ec b1 88 e1 91 50 c2 fd de 8f 5...W......P....
00112: 3f 69 20 cc 5c 19 97 ?i .\..
X-byte Value Meaning
42 01 access request
43 09 identifier
44-45 0049 length (X49 = 73 = byte 42-114)
46-61 Request Authenticator
62 04 Attribute 4 = NAS-IP-Address
63 06 length of attribute
64-67 0a 1f 01 05 10.31.1.5
68 05 Attribute 5 = NAS-Port
69 06 length of attribute
70-73 12 X12 = 18 (i.e. tty 18)
74 3d Attribute 61 = NAS-Port-Type
75 06 length of attribute
76-79 00 00 00 05 5 = virtual
80 01 Attribute 1 = User-Name
81 06 length of attribute
82-85 62 69 6c 6c 'bill'
86 1f Attribute 31 = Calling-Station-ID
87 0b length of attribute
88-96 31 30 2e 33 31 2e 31 2e 35 = 10.31.1.5
97 02 Attribute 2 = User-Password
98 12 length of attribute
99-114 fe 57 fc ec b1 88 e1 91 50 c2 fd de 8f 3f 69 20 = encrypted password
PktID Timestamp Size Source Node Destination Node Status Protocol
-------------------------------------------------------------------------------
2 18:14:20.468 0097 rtp-pinecone.rtp. rtpkrb.rtp.cisco. DoD UDP
Frame 2 Size 97 Absolute Time Sep 21 18:14:20.468 ASCII MODE
-------------------------------------------------------------------------------
00000: 00 00 0c 5c 5b 38 08 00 20 1a 5f 3d 08 00 45 00 ...\[8.. ._=..E.
00016: 00 4f 9b f1 00 00 3c 11 b5 df ab 44 76 65 0a 1f .O....<....Dve..
00032: 01 05 06 6d 06 6d 00 3b 00 00 02 09 00 33 be f9 ...m.m.;.....3..
00048: c7 59 9b 6f 6b ee b2 11 d4 67 38 a6 e0 72 06 06 .Y.ok....g8..r..
00064: 00 00 00 06 1a 19 00 00 00 09 01 13 73 68 65 6c ............shel
00080: 6c 3a 70 72 69 76 2d 6c 76 6c 3d 31 35 b0 6c 39 l:priv-lvl=15.l9
00096: d9 .
X-byte Value Meaning
42 02 access accept
43 09 identifier
44-45 0033 length (X22 = 51 = bytes 42-92)
46-61 Request Authenticator
62 06 Attribute 6 = Service-Type
63 06 length of attribute
64-67 00 00 00 06 6 = Administrative User
68 1a Attribute 26 = Vendor-Specific Attribute
69 19 length of attribute
70-73 09 Vendor Code 09 = Cisco
74 01 Vendor Type
75 13 Vendor length
76-92 Attribute Specific (shell:priv-lvl=15)
PktID Timestamp Size Source Node Destination Node Status Protocol
-------------------------------------------------------------------------------
3 18:14:20.500 0135 rtpkrb.rtp.cisco. rtp-pinecone.rtp. DoD UDP
Frame 3 Size 135 Absolute Time Sep 21 18:14:20.500 ASCII MODE
-------------------------------------------------------------------------------
00000: 08 00 20 1a 5f 3d 00 00 0c 5c 5b 38 08 00 45 00 .. ._=...\[8..E.
00016: 00 75 04 e2 00 00 fd 11 8b c8 0a 1f 01 05 ab 44 .u.............D
00032: 76 65 06 6e 06 6e 00 61 c7 33 04 0a 00 59 e9 5e ve.n.n.a.3...Y.^
00048: ab 2b e8 46 87 27 9e ff 87 a3 68 b8 41 32 04 06 .+.F.'....h.A2..
00064: 0a 1f 01 05 05 06 00 00 00 12 3d 06 00 00 00 05 ..........=.....
00080: 01 06 62 69 6c 6c 1f 0b 31 30 2e 33 31 2e 31 2e ..bill..10.31.1.
00096: 35 28 06 00 00 00 01 2d 06 00 00 00 01 06 06 00 5(.....-........
00112: 00 00 07 2c 0a 30 30 30 30 30 30 30 32 29 06 00 ...,.00000002)..
00128: 00 00 00 ee d9 6d 6f .....mo
X-byte Value Meaning
42 04 accounting request
43 0a identifier
44-45 0059 Length (X59 = 89 = bytes 42-130)
46-61 Request Authenticator
62 04 Attribute 4 = NAS-IP-Address
63 06 length of attribute
64-67 0a 1f 01 0f 10.31.1.5
68 05 Attribute 5 = NAS-Port
69 06 length of attribute
70-73 12 X12 = 18 (i.e. tty 18)
74 3d Attribute 61 = NAS-Port-Type
75 06 length of attribute
76-79 00 00 00 05 5 = Virtual
80 01 Attribute 1 = User-Name
81 06 length of attribute
82-85 62 69 6c 6c 'bill'
86 1f Attribute 31 = Calling-Station-Id
87 0b length of attribute
88-96 31 30 2e 33 31 2e 31 2e 35 = 10.31.1.5
97 28 Attribute 40 = Acct-Status-Type
98 06 length of attribute
99-102 00 00 00 01 '1' = Start
103 2d Attribute 45 = Acct-Authentic
104 06 length of attribute
105-108 00 00 00 01 '1' = Radius
109 06 Attribute 6 = Service-Type
110 06 length of attribute
111-114 00 00 00 07 '7' = NAS prompt
115 2c Attribute 48 = Acct-Output-Packets
116 0a length of attribute
117-124 30 30 30 30 30 30 30 32 = '2'
125 29 Attribute 41 = Acct-Delay-Time
126 06 length of attribute
127-130 00 '0'
PktID Timestamp Size Source Node Destination Node Status Protocol
-------------------------------------------------------------------------------
4 18:14:20.556 0066 rtp-pinecone.rtp. rtpkrb.rtp.cisco. DoD UDP
Frame 4 Size 66 Absolute Time Sep 21 18:14:20.556 ASCII MODE
-------------------------------------------------------------------------------
00000: 00 00 0c 5c 5b 38 08 00 20 1a 5f 3d 08 00 45 00 ...\[8.. ._=..E.
00016: 00 30 9c 17 00 00 3c 11 b5 d8 ab 44 76 65 0a 1f .0....<....Dve..
00032: 01 05 06 6e 06 6e 00 1c 00 00 05 0a 00 14 74 4d ...n.n........tM
00048: d3 e8 8c 95 4d c7 2f b5 6a 1b eb e4 b5 3f 0d 0a ....M./.j....?..
00064: 98 ba ..
X-byte Value Meaning
42 05 accounting response
43 0a identifier
44-45 0014 Length (X14 = 20 = bytes 42-61)
46-61 Request Authenticator
PktID Timestamp Size Source Node Destination Node Status Protocol
-------------------------------------------------------------------------------
5 18:14:23.660 0147 rtpkrb.rtp.cisco. rtp-pinecone.rtp. DoD UDP
Frame 5 Size 147 Absolute Time Sep 21 18:14:23.660 ASCII MODE
-------------------------------------------------------------------------------
00000: 08 00 20 1a 5f 3d 00 00 0c 5c 5b 38 08 00 45 00 .. ._=...\[8..E.
00016: 00 81 04 f5 00 00 fd 11 8b a9 0a 1f 01 05 ab 44 ...............D
00032: 76 65 06 6e 06 6e 00 6d 86 b0 04 0b 00 65 2b 8b ve.n.n.m.....e+.
00048: 5a fb bf ab de d9 2e 47 61 ae da ff 73 84 04 06 Z......Ga...s...
00064: 0a 1f 01 05 05 06 00 00 00 12 3d 06 00 00 00 05 ..........=.....
00080: 01 06 62 69 6c 6c 1f 0b 31 30 2e 33 31 2e 31 2e ..bill..10.31.1.
00096: 35 28 06 00 00 00 02 2d 06 00 00 00 01 06 06 00 5(.....-........
00112: 00 00 07 2c 0a 30 30 30 30 30 30 30 32 31 06 00 ...,.000000021..
00128: 00 00 01 2e 06 00 00 00 03 29 06 00 00 00 00 6a .........).....j
00144: 81 16 29 ..)
X-byte Value Meaning
42 04 accounting request
43 0b identifier
44-45 0065 Length (X65 = 101 = bytes 42-142)
46-61 Request Authenticator
62 04 Attribute 4 = NAS-IP-Address
63 06 length of attribute
64-67 0a 1f 01 0f 10.31.1.5
68 05 Attribute 5 = NAS-Port
69 06 length of attribute
70-73 12 X12 = 18 (i.e. tty 18)
74 3d Attribute 61 = NAS-Port-Type
75 06 length of attribute
76-79 00 00 00 05 5 = Virtual
80 01 Attribute 1 = User-Name
81 06 length of attribute
82-85 62 69 6c 6c 'bill'
86 1f Attribute 31 = Calling-Station-Id
87 0b length of attribute
88-96 31 30 2e 33 31 2e 31 2e 35 = 10.31.1.5
97 28 Attribute 40 = Acct-Status-Type
98 06 length of attribute
99-102 00 00 00 02 '2' = Stop
103 2d Attribute 45 = Acct-Authentic
104 06 length of attribute
105-108 00 00 00 01 '1' = Radius
109 06 Attribute 6 = Service-Type
110 06 length of attribute
111-114 00 00 00 07 '7' = NAS prompt
115 2c Attribute 44 = Acct-Session-Id
116 0a length of attribute
117-124 30 30 30 30 30 30 30 32 = '2'
125 31 Attribute 49 = Acct-Terminate-Cause
126 06 length of attribute
127-130 01 '1' = user request
131 2e Attribute 46 = Acct-Session-Time
132 06 length of attribute
133-136 00 00 00 03 '3'
137 29 Attribute 41 = Acct-Delay-Time
138 06 length of attribute
139-142 00 00 00 00 '0'
PktID Timestamp Size Source Node Destination Node Status Protocol
-------------------------------------------------------------------------------
6 18:14:23.747 0066 rtp-pinecone.rtp. rtpkrb.rtp.cisco. DoD UDP
Frame 6 Size 66 Absolute Time Sep 21 18:14:23.747 ASCII MODE
-------------------------------------------------------------------------------
00000: 00 00 0c 5c 5b 38 08 00 20 1a 5f 3d 08 00 45 00 ...\[8.. ._=..E.
00016: 00 30 9c 3f 00 00 3c 11 b5 b0 ab 44 76 65 0a 1f .0.?..<....Dve..
00032: 01 05 06 6e 06 6e 00 1c 00 00 05 0b 00 14 0b 60 ...n.n.........`
00048: d2 d7 ff e4 6c f5 cb ea f1 b0 76 7d 06 b2 a0 f8 ....l.....v}....
00064: 52 eb R.
X-byte Value Meaning
42 05 accounting response
43 0b identifier
44-45 0014 Length (X14 = 20 = bytes 42-61)
46-61 Request Authenticator
Related Information
- RADIUS Technology Support
- Requests for Comments (RFCs)
- Technical Support & Documentation - Cisco Systems
Open a Support Case 
(Requires a Cisco Service Contract.)
Related Cisco Support Community Discussions
The Cisco Support Community is a forum for you to ask and answer questions, share suggestions, and collaborate with your peers.
Refer to Cisco Technical Tips Conventions for information on conventions used in this document.
Updated: May 03, 2004
Document ID: 13845