This article describes the issue of the SBR administrator not displaying the active user sessions of authenticated users on the Current Sessions page. The sessions are still active on the NAS device.
Problem or Goal
Even though SBR has authenticated several users and granted them access to a Layer 2 switch configured for 802.1x auth, the current sessions page on SBR administrator is blank and it does not populate it with any of the user sessions.
In SBR administrator the Current Sessions page is located under the Reports section. The information, which is displayed in this section, is dependent on Accounting data. A user, who is authenticated by SBR and whose session is still active in the NAS device, will not be displayed under Current Sessions; unless the NAS device is configured to send Accounting data to SBR.
When the user is successfully authenticated by SBR and network access is granted by the NAS device, a Radius Accounting Request packet, which contains an Acct-Status-Type attribute with 1 as its value, is sent by the NAS device to the Radius server to signal the start of the user's network access. This information is mandatory for SBR to display the user sessions on SBR administrator's Current Sessions page.
Similarly, when the user logs off from the NAS device and network access is closed, the NAS device issues a final Radius Accounting Request packet, which contains an Acct-Status-Type attribute with 2 as its value, to the RADIUS server. It provides information on the final usage in terms of time, packets transferred, data transferred, reason for disconnect, and other information related to the user's network access. Upon the receipt of this information from NAS, SBR clears the user session on the Current Sessions page.