Skip to content

RADIUS Sessions

RADIUS Session Logs Documentation

The RADIUS Session Logs in the Mideye Server interface provide detailed records of both active and historical RADIUS sessions managed by the server. As part of the Mideye RADIUS Accounting Server, these logs enable administrators to monitor, manage, and terminate ongoing RADIUS user sessions efficiently. The logs support critical functionalities, such as dynamically disconnecting approved sessions via RADIUS Disconnect Messages, when supported by the RADIUS client.

Overview of the RADIUS Session Logs

  • Purpose:
    The logs track all RADIUS sessions handled by the Mideye Server, offering insights into user session activities, including start and stop times, session duration, and termination causes. This functionality supports session monitoring, audit trails, and manual session management.

Key Components of the RADIUS Session Logs Table

  • Start Time:
    Indicates the exact UTC timestamp when the session was initiated.

  • Username:
    Displays the identity of the user associated with the RADIUS session. This can include users from internal directories or external sources such as Active Directory.

  • Session ID:
    A unique identifier for the RADIUS session, useful for tracking and identifying specific user sessions.

  • RADIUS Client:
    Shows the RADIUS client involved in the session. This may include various client types, such as VPN services, network access devices, or other RADIUS-compliant systems.

  • Stop Time:
    If applicable, the timestamp when the session was terminated, providing a clear indication of session duration.

  • Termination Cause:
    Specifies the reason for session termination, including:

  • User Request: Session was terminated by the user.
  • Session Timeout: Session expired due to a timeout.
  • Idle Timeout: Session terminated due to inactivity.

  • Admin Reset: Session was terminated by an administrator.

  • Action (Stop Session):
    Administrators have the option to manually stop a session if required. This functionality is supported through the Enable Disconnect Messages feature, allowing for dynamic session management.

RADIUS Disconnect Messages

  • Purpose:
    The Mideye Server supports sending RADIUS Disconnect Messages, as per RFC 3576 (Dynamic Authorization Extensions). This feature enables administrators or approvers to disconnect approved user sessions on-demand.

  • Configuration:
    RADIUS clients (e.g., Pulse Secure) must support Disconnect Messages for this feature to work. It can be enabled per RADIUS client under the Client Configuration tab in the Mideye Server interface.

  • Functionality:
    When enabled, the Mideye Server can issue a Disconnect-Request to the RADIUS client, effectively terminating the session. This is useful for enforcing security policies, addressing compliance requirements, and ensuring session control.

Important Notes for RADIUS Sessions in the Mideye+ Application

Network Communication Requirement

For RADIUS Sessions to function correctly in the Mideye+ application, the Mideye Server must be able to communicate with mas.mideyecloud.se on port tcp/443. This connectivity is required for session synchronization and management.

  • Address1: 75.2.63.167
  • Address2: 99.83.200.218

Example Use Cases

  • Session Monitoring:
    Administrators can review ongoing RADIUS sessions to monitor user activity, session duration, and termination events.

  • Session Termination:
    By using the Stop Session action, administrators can manually terminate sessions that are deemed unnecessary or potentially malicious.

  • Dynamic Authorization:
    RADIUS Disconnect Messages enable dynamic session management, providing administrators with real-time control over active sessions.