Perform RADIUS accounting for PPSK and PSK access.

  • 5
  • Idea
  • Updated 4 years ago
At present, RADIUS accounting is only performed for 802.1X authentication.

It would be highly useful if HiveOS could also perform RADIUS accounting for PPSK and PSK access so that that an active session state table can be maintained externally for single sign on (SSO) and historical logging purposes.

At present, this information is available via SNMP traps and syslog scraping, however these are not guaranteed to be reliable due to the design of SNMP and syslog as there is no acknowledgement from the destination, with retry on failure of acknowledgement receipt.

(The Acct-Authentic AVP provides HiveOS the opportunity to assert if the session has been authenticated locally or via the RADIUS server.)
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2487 Posts
  • 449 Reply Likes

Posted 5 years ago

  • 5
Photo of Mike Kouri

Mike Kouri, Official Rep

  • 1026 Posts
  • 269 Reply Likes
Good idea, Nick. I was a little surprised when I read your message that we didn't already do this. I'll discuss it with my peer who owns authentication and related areas for consideration in a future release.
Photo of Carsten Buchenau

Carsten Buchenau, Champ

  • 343 Posts
  • 115 Reply Likes
Mike, do you have any update on the availability of this feature?

I would actually like to see this being available for any type of authentication, including Open access.

We are building public wireless hotspots at the moment, and we would like to display localized Portal content. The authentication and portal side is done with Netinary (, and they support localization information through both Radius accounting messages and SNMP traps. I'd definitely prefer Radius accounting.
Photo of Aaron Scott

Aaron Scott

  • 43 Posts
  • 9 Reply Likes
This would be a great idea if we could get it for PPSK!
Photo of Stephen Wegener

Stephen Wegener

  • 1 Post
  • 0 Reply Likes
I second this, it is an excellent idea, and would be very beneficial in our educational environment.
Stephen Wegener
IT Manager
Green Point Christian College
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2487 Posts
  • 449 Reply Likes
The best approach/workaround that I have found for the moment is to use the SNMP traps and periodically poll with a SNMP get to confirm that nothing has been lost. Obviously this is not ideal...

Great to hear that it will be considered for a future release.