[cisco-bba] Only work with 7 user (client)

Mark Johnson mljohnso at cisco.com
Wed Nov 22 09:34:50 EST 2006 

At 04:08 AM 11/22/2006 -0500, Tom Miller wrote:
>Would you guys help me out with this issues again please.
>I am having the same problem as before.  The Cisco 7204
>won't seem to accept any more than 7 users.   What am I
>missing here?

This must be a different problem.  Capture <debug ppp neg>
for the 8th user attempting to connect; if you don't see
any debug output, then the problem is VPDN and you want to
have a look at

debug vpdn error
debug vpdn l2x-event
debug vpdn l2x-error
debug vtemplate

mark



>Here is my 7204 configuration:
>
>aaa new-model
>aaa authentication login default local
>aaa authentication login console enable
>aaa authentication login telnet line
>aaa authentication login localauth local
>aaa authentication ppp default group radius local
>aaa authorization network default group radius local
>aaa accounting delay-start
>aaa accounting nested
>aaa accounting exec default start-stop group radius
>aaa accounting network default start-stop group radius
>
>
>
>interface Loopback2
>  ip address 16.10.172.1 255.255.255.128
>!
>!
>interface Virtual-Template1
>  mtu 1492
>  ip unnumbered Loopback2
>  peer default ip address pool DSLCustomer
>  ppp authentication chap callin
>
>
>
>Thanks so much
>
>Tom
>
>
>
>
>
>
>
>
>
>
>---- Original message ----
> >Date: Thu, 05 Oct 2006 19:23:24 -0700
> >From: Mark Johnson <mljohnso at cisco.com>
> >Subject: RE: [cisco-bba] Only work with 5 user (client)
> >To: tom at hostwebase.com, gabriel.grissett at gmail.com
> >Cc: cisco-bba at puck.nether.net
> >
> >At 04:31 PM 10/5/2006 -0400, Tom Miller wrote:
> >>Guys,
> >>
> >>It seems to be working fine.  The system is currently
> >>excepted up to 7 users without any issues.  Can you guy
> >>enlighten me why it fix with the loopback interface?  Is
> >>this a bug?
> >
> >IOS will not allow more than 6 interfaces with the same
> >static ip address.  Without IP unnumbered, each virtual-
> >access interface is cloned with the same IP address as
> >the virtual-template, thus you'll fail on the 6th user
> >(the VT counts as 1).
> >
> >mark
> >
> >
> >>Thank you so much for your advices.
> >>
> >>Tom
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>---- Original message ----
> >> >Date: Wed, 4 Oct 2006 14:38:18 -0500
> >> >From: "Gabriel Grissett" <gabriel.grissett at gmail.com>
> >> >Subject: RE: [cisco-bba] Only work with 5 user (client)
> >> >To: <tom at hostwebase.com>
> >> >
> >> >Use a loopback interface ...
> >> >
> >> >Interface loopback 2
> >> >  ip address 192.168.172.1 255.255.255.128
> >> >
> >> >then change your virtual-template to...
> >> >
> >> >interface Virtual-Template1
> >> >  mtu 1492
> >> >  ip unnumbered loopback 2
> >> >...
> >> >...
> >> >...
> >> >
> >> >This should be in the archives...
> >> >
> >> >> -----Original Message-----
> >> >> From: cisco-bba-bounces at puck.nether.net [mailto:cisco-
>bba-
> >> >> bounces at puck.nether.net] On Behalf Of Tom Miller
> >> >> Sent: Wednesday, October 04, 2006 2:28 PM
> >> >> To: cisco-bba at puck.nether.net
> >> >> Subject: [cisco-bba] Only work with 5 user (client)
> >> >>
> >> >> I have a 7204 (12.0(22)S1) terminating DSL L2TP VPDN
>and
> >> >> freeradius ( 1.0.4)
> >> >>
> >> >> I am having problem when number of users (clients)
> >> >> increase from 6 and up.
> >> >>
> >> >> It worked fine when I have only 5 users (clients) using
> >> >> the system.
> >> >>
> >> >> The Cisco 7204 sending missing informationn to the
>radius
> >> >> server when the user # 6 try to connect.  Information
>such
> >> >> as  Tunnel-Server-Endpoint and Tunnel-Client-Endpoint
> >> >>
> >> >>
> >> >> I must have a missing value within my Cisco
>configuration.
> >> >> However, I don't know what it is.
> >> >>
> >> >> Would you guys help me out please.
> >> >>
> >> >>
> >> >> Here is my cisco 7204 configuration:
> >> >>
> >> >> > aaa new-model
> >> >> > aaa authentication login default local
> >> >> > aaa authentication login console enable
> >> >> > aaa authentication login telnet line
> >> >> > aaa authentication login localauth local
> >> >> > aaa authentication ppp default group radius local
> >> >> > aaa authorization network default group radius local
> >> >> > aaa accounting delay-start
> >> >> > aaa accounting nested
> >> >> > aaa accounting exec default start-stop group radius
> >> >> > aaa accounting network default start-stop group
>radius
> >> >> >
> >> >> >
> >> >> > !
> >> >> > vpdn enable
> >> >> > vpdn aaa override-server 172.17.17.17
> >> >> > !
> >> >> > vpdn-group 1
> >> >> >  accept-dialin
> >> >> >   protocol l2tp
> >> >> >   virtual-template 1
> >> >> >  terminate-from hostname aaaabbbr.ca.AADS
> >> >> >  local name abc123456789cha
> >> >> >  lcp renegotiation always
> >> >> >  l2tp tunnel password 7 xxxxxxxxxxxxxxxx
> >> >> > !
> >> >> >
> >> >> > radius-server host 172.17.17.17 auth-port 1645 acct-
>port
> >> >> 1646
> >> >> >
> >> >> >
> >> >> > !
> >> >> > interface Virtual-Template1
> >> >> >  mtu 1492
> >> >> >  ip address 192.168.172.1 255.255.255.128
> >> >> >  peer default ip address pool DSLCustomer
> >> >> >  ppp authentication chap callin
> >> >> > !
> >> >> > ip local pool DSLCustomer 192.168.172.51
>192.168.172.125
> >> >>
> >> >>
> >> >> Thank you,
> >> >>
> >> >> Tom
> >> >>
> >> >> _______________________________________________
> >> >> cisco-bba mailing list
> >> >> cisco-bba at puck.nether.net
> >> >> https://puck.nether.net/mailman/listinfo/cisco-bba
> >> >
> >

More information about the cisco-bba mailing list