Last Modified: Dec 18, 2024
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6
Opened: Feb 10, 2022 Severity: 4-Minor
The Acct-Session-id attribute displays the F5-BIGIP-AUDIT-FORWARDER message for all sessions. As per RFC2866 it should be unique for each session.
The user expects that the F5-BIGIP-AUDIT-FORWARDER value must be unique for each session. Also, the RADIUS platform cannot start or stop records, making it difficult to differentiate between sessions.
Configure radius remote audit logging. In the Radius “Accounting-Request” which BIG-IP sent is configured in the audit server, but “Acct-Session-Id” always has the same “F5-BIGIP-AUDIT-FORWARDER” value.
None
None