[cisco-nas] local user with static ip
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Wed Mar 24 04:21:41 EST 2004
> Does this (dialer pool-member) mean i have to remove "dialer
> rotary-group 1" from "int Serial0:15" ?
yes. and Aaron's config should rather say "dialer pool-member 1" on the
physical, I guess the "3" in his mail was a typo...
oli
>
> Aaron Leonard wrote:
>
> > I'd recommend that you do this with a dialer profile.
> >
> > interface dialer 2
> > ip unnumbered loopback 0
> > peer default ip address 10.10.10.10
> > dialer remote-name testuser
> > dialer pool 1
> > ppp authentication pap chap callin
> > interface dialer 3
> > ip unnumbered loopback 0
> > peer default ip address 10.10.10.11
> > dialer remote-name DUMMY dialer pool 1 ppp authentication pap
> chap callin
> > interface serial 0:15
> > dialer pool-member 3
> > ppp authentication pap chap callin RADIUS-AAA
> > ppp authorization RADIUS-AAA
> > ppp accounting RADIUS-AAA
> > no virtual-profile if-needed
> >
> > So the users that need static addresses can get dialer profiles,
> > while the rest of the users will get virtual profiles.
> >
> > Why did I configure the dummy dialer profile? Because, if you have
> > exactly one dialer profile, then all calls into the corresponding
> > dialer pool-members will bind to that dialer profile, rather than
> > to the virtual template.
> >
> > Aaron
> >
> > ---
> >
> > > I'm using the following config (some non-important parts are
> > > missing) for a dialup scenario:
> >
> >
> > > 5300 (12.2(15)T9)
> > > !-------------------------------------------------------- !
> > > username testuser password 0 testpass
> > > !
> > > virtual-profile if-needed
> > > virtual-profile virtual-template 1
> > > !
> > > controller E1 0
> > > clock source line primary
> > > pri-group timeslots 1-31
> > > !
> > > interface Virtual-Template1
> > > ip unnumbered Loopback0
> > > peer default ip address pool test
> > > ppp authentication pap chap callin RADIUS-AAA
> > > ppp authorization RADIUS-AAA
> > > ppp accounting RADIUS-AAA
> > > !
> > > interface Serial0:15
> > > ip unnumbered Loopback0
> > > encapsulation ppp
> > > dialer rotary-group 1
> > > dialer-group 1
> > > isdn switch-type primary-net5
> > > isdn incoming-voice modem
> > > !
> > > interface Group-Async1
> > > ip unnumbered Loopback0
> > > encapsulation ppp
> > > async dynamic routing
> > > async mode interactive
> > > peer default ip address pool test
> > > ppp authentication pap chap callin RADIUS-AAA
> > > ppp authorization RADIUS-AAA
> > > ppp accounting RADIUS-AAA
> > > group-range 1 30
> > > !
> > > interface Dialer1
> > > ip unnumbered Loopback0
> > > encapsulation ppp
> > > dialer in-band
> > > dialer idle-timeout 1200 either
> > > dialer-group 1
> > > peer default ip address pool test
> > > ppp authentication pap chap callin RADIUS-AAA
> > > ppp authorization RADIUS-AAA
> > > ppp accounting RADIUS-AAA
> > > !
> > > ip local pool test x.x.x.x y.y.y.y
> > > !
> > > dialer-list 1 protocol ip list 101
> > > access-list 101 permit ip any any
> > > !--------------------------------------------------------
> >
> >
> > > aaa method "RADIUS-AAA" does local aaa first and then radius aaa.
> >
> >
> >
> > > I'm trying to make the local defined user "testuser" to get a
> > > static ip (10.10.10.10) whenever he calls into this router (he
> > > gets a dynamic instead). I suppose this needs a "dialer map"
> > > configuration under "dialer 1", but i would like your help here.
> > > Is this possible without affecting all the other (dynamic/static)
> > > users?
> >
> >
> >
> > > --
> > > ***************************************
> > > Chatzithomaoglou Anastasios
> > > Network Design & Development Department
> > > FORTHnet S.A.
> > > <achatz at forthnet.gr>
> > > ***************************************
> >
> >
> > > _______________________________________________
> > > cisco-nas mailing list
> > > cisco-nas at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-nas
More information about the cisco-nas
mailing list