[cisco-bba] cisco-bba Digest, Vol 64, Issue 6

tolga egemen tegemen at yahoo.com
Wed Oct 22 04:25:54 EDT 2008 

Hi Gerald
Normaly we are use this device for L2tp tunnel authentication.

--- On Tue, 10/21/08, cisco-bba-request at puck.nether.net <cisco-bba-request at puck.nether.net> wrote:
From: cisco-bba-request at puck.nether.net <cisco-bba-request at puck.nether.net>
Subject: cisco-bba Digest, Vol 64, Issue 6
To: cisco-bba at puck.nether.net
Date: Tuesday, October 21, 2008, 7:00 PM

Send cisco-bba mailing list submissions to
	cisco-bba at puck.nether.net

To subscribe or unsubscribe via the World Wide Web, visit
	https://puck.nether.net/mailman/listinfo/cisco-bba
or, via email, send a message with subject or body 'help' to
	cisco-bba-request at puck.nether.net

You can reach the person managing the list at
	cisco-bba-owner at puck.nether.net

When replying, please edit your Subject line so it is more specific
than "Re: Contents of cisco-bba digest..."


Today's Topics:

   1. pppoe agregation ip problem. (tolga egemen)
   2. Re: pppoe agregation ip problem. (Gerald Krause)


----------------------------------------------------------------------

Message: 1
Date: Tue, 21 Oct 2008 05:24:04 -0700 (PDT)
From: tolga egemen <tegemen at yahoo.com>
Subject: [cisco-bba] pppoe agregation ip problem.
To: cisco-bba at puck.nether.net
Message-ID: <407317.88017.qm at web57504.mail.re1.yahoo.com>
Content-Type: text/plain; charset="iso-8859-3"

Bonjour cisco-bba, 

We actualty want to use Alcatel Dslam and Cisco 10000 for Dsl aggregation.
Does any one work with two of them?

When ppp session come to C?SCO 10000 ,its send acces request to radius,if user
is ok radius sending Access request Accept bras to give ip addres from DINAMIC
pool if user not authanticated radius give UNPOOL ip (10.1.1.0) for going to
riderect page.

we are having problem and user not geting public ip adress.Bras sending two
access request to radius but not full username,firstly sending just?
''@test.net'',
secondly send ''test1 at test.net'' format.Becouse of first format
device not geting ip address from DINAMIC pool.
Iam sending config and radius debug.(user:test1 at test.net)
Thanks all.


aaa group server radius RA
?server 84.40.50.9 auth-port 1812 acct-port 1813
?load-balance method least-outstanding
!
aaa group server radius RA_AC
?server 84.40.50.10 auth-port 1812 acct-port 1813
?load-balance method least-outstanding
!
aaa authentication login default local
aaa authentication ppp AUT group RA
aaa authorization network default group radius none 
aaa accounting delay-start all
aaa accounting update periodic 60
aaa accounting network ACC start-stop group RA_AC

redirect server-group PORTAL
?server ip 84.40.50.2

bba-group pppoe alcatel
?virtual-template 10
?sessions per-mac limit 2
?sessions per-vlan limit 250
?sessions auto cleanup 

interface loopback 0
ip address 84.40.50.1 255.255.255.0

interface GigabitEthernet3/1/0
?description ADSL-PPPOE interface
?no ip address
?no ip redirects
?no ip unreachables
?no ip proxy-arp
?load-interval 30
?no negotiation auto
!
interface GigabitEthernet3/1/0.50
?description ADSL-PPPOE interface
?encapsulation dot1Q 50
?no ip redirects
?no ip unreachables
?no ip proxy-arp
?pppoe enable group alcatel
?no snmp trap link-status
!
interface GigabitEthernet3/1/0.4093
?description Alcatel Dslam Management
?encapsulation dot1Q 4093
?ip address 10.10.10.93 255.255.255.252
?no ip unreachables
?pppoe enable group alcatel
?no snmp trap link-status

interface Virtual-Template10
?ip unnumbered Loopback0
?ip mtu 1492
?no ip route-cache cef
?no logging event link-status
?peer pool backup
?peer default ip address pool DINAMIC
?ppp mtu adaptive
?ppp authentication chap pap AUT
?ppp accounting ACC
?ppp ipcp dns 84.40.50.5

ip local pool UNPOOL 10.1.1.1 10.1.1.254
ip local pool DINAMIK 124.20.10.1 124.20.10.254


radius-server host 84.40.50.9 auth-port 1812 acct-port 1813 key XXXXXXXXXXXX
radius-server host 84.40.50.10 auth-port 1812 acct-port 1813 key XXXXXXXXXXXX

=======================

bras#
bras#
bras#
Oct 21 11:59:29.037: Vi5 Debug: Condition 1, username test1 at test.net cleared,
count 0
Oct 21 11:59:29.037: RADIUS/ENCODE(00054B14):Orig. component type = PPoE
Oct 21 11:59:29.037: RADIUS(00054B14): sending
Oct 21 11:59:29.281: ppp1285 Debug: Condition 1, username test1 at test.net
cleared, count -1
Oct 21 11:59:31.365: ppp1425 Debug: Condition 1, username test1 at test.net
triggered, count 1
Oct 21 11:59:31.369: RADIUS/ENCODE(00054B16):Orig. component type = PPoE
Oct 21 11:59:31.369: RADIUS/ENCODE(00054B16): acct_session_id: 562855
Oct 21 11:59:31.369: RADIUS(00054B16): sending
Oct 21 11:59:31.369: RADIUS(00054B16): Send Access-Request to 84.40.50.9:1812
id 1645/103, len 142
Oct 21 11:59:31.369: RADIUS:? authenticator 6A 4E F8 55 D2 04 C3 D6 - 07 D5 D2
E4 3D D7 30 A8
Oct 21 11:59:31.369: RADIUS:? User-Name?????????? [1]?? 15?
"test.net"
Oct 21 11:59:31.369: RADIUS:? User-Password?????? [2]?? 18? *
Oct 21 11:59:31.369: RADIUS:? NAS-Port-Type?????? [61]? 6??
Virtual?????????????????? [5]
Oct 21 11:59:31.369: RADIUS:? NAS-Port??????????? [5]?? 6??
0??????????????????????? ?
Oct 21 11:59:31.369: RADIUS:? NAS-Port-Id???????? [87]? 10?
"3/1/0/50"
Oct 21 11:59:31.369: RADIUS:? Service-Type??????? [6]?? 6??
Outbound????????????????? [5]
Oct 21 11:59:31.369: RADIUS:? NAS-IP-Address????? [4]?? 6??
84.40.50.1????????????? ?
Oct 21 11:59:31.369: RADIUS:? Acct-Session-Id???? [44]? 18?
"0A640312000896A7"
Oct 21 11:59:31.369: RADIUS:? Nas-Identifier????? [32]? 31?
"bras.test.net"
Oct 21 11:59:31.369: RADIUS:? Event-Timestamp???? [55]? 6??
1224590371?????????????? ?
Oct 21 11:59:31.393: RADIUS: Received from id 1645/103 84.40.50.9:1812,
Access-Accept, len 104
Oct 21 11:59:31.393: RADIUS:? authenticator 58 5F 57 86 8B 0B DD 85 - 2B B6 38
C4 BA 62 5B 6F
Oct 21 11:59:31.393: RADIUS:? Vendor, Cisco?????? [26]? 27 ?
Oct 21 11:59:31.393: RADIUS:?? Cisco AVpair?????? [1]?? 21?
"ip:addr-pool=UNPOOL"
Oct 21 11:59:31.393: RADIUS:? Vendor, Cisco?????? [26]? 57 ?
Oct 21 11:59:31.393: RADIUS:?? Cisco AVpair?????? [1]?? 51?
"ip:l4redirect=redirect list 199 to group PORTAL"
Oct 21 11:59:31.393: RADIUS(00054B16): Received from id 1645/103
Oct 21 11:59:31.393: RADIUS/ENCODE(00054B16):Orig. component type = PPoE
Oct 21 11:59:31.393: RADIUS/ENCODE: No idb found! Framed IP Addr might not be
included
Oct 21 11:59:31.393: RADIUS/ENCODE(00054B16): acct_session_id: 562855
Oct 21 11:59:31.393: RADIUS(00054B16): sending
Oct 21 11:59:31.393: RADIUS(00054B16): Send Access-Request to 84.40.50.9:1645
id 1645/104, len 201
Oct 21 11:59:31.393: RADIUS:? authenticator 62 21 85 13 E0 EC 60 98 - 9E 93 DE
5D 53 31 4B A5
Oct 21 11:59:31.393: RADIUS:? Vendor, Cisco?????? [26]? 41 ?
Oct 21 11:59:31.393: RADIUS:?? Cisco AVpair?????? [1]?? 35?
"client-mac-address=0019.cb36.9f4e"
Oct 21 11:59:31.393: RADIUS:? Framed-Protocol???? [7]?? 6??
PPP?????????????????????? [1]
Oct 21 11:59:31.397: RADIUS:? User-Name?????????? [1]?? 26?
"test1 at test.net"
Oct 21 11:59:31.397: RADIUS:? CHAP-Password?????? [3]?? 19? *
Oct 21 11:59:31.397: RADIUS:? NAS-Port-Type?????? [61]? 6??
Virtual?????????????????? [5]
Oct 21 11:59:31.397: RADIUS:? NAS-Port??????????? [5]?? 6??
0??????????????????????? ?
Oct 21 11:59:31.397: RADIUS:? NAS-Port-Id???????? [87]? 10?
"3/1/0/50"
Oct 21 11:59:31.397: RADIUS:? Service-Type??????? [6]?? 6??
Framed??????????????????? [2]
Oct 21 11:59:31.397: RADIUS:? NAS-IP-Address????? [4]?? 6??
84.40.50.1????????????? ?
Oct 21 11:59:31.397: RADIUS:? Acct-Session-Id???? [44]? 18?
"0A640312000896A7"
Oct 21 11:59:31.397: RADIUS:? Nas-Identifier????? [32]? 31?
"bras.test.net"
Oct 21 11:59:31.397: RADIUS:? Event-Timestamp???? [55]? 6??
1224590371?????????????? ?
Oct 21 11:59:31.425: RADIUS: Received from id 1645/104 84.40.50.9:1645,
Access-Accept, len 104
Oct 21 11:59:31.425: RADIUS:? authenticator 01 6D A1 23 A1 FB 4A 35 - BF F6 D3
8F 38 63 3A 6B
Oct 21 11:59:31.425: RADIUS:? Vendor, Cisco?????? [26]? 27 ?
Oct 21 11:59:31.425: RADIUS:?? Cisco AVpair?????? [1]?? 21?
"ip:addr-pool=UNPOOL"
Oct 21 11:59:31.425: RADIUS:? Vendor, Cisco?????? [26]? 57 ?
Oct 21 11:59:31.425: RADIUS:?? Cisco AVpair?????? [1]?? 51?
"ip:l4redirect=redirect list 199 to group PORTAL"
Oct 21 11:59:31.425: RADIUS(00054B16): Received from id 1645/104
Oct 21 11:59:31.453: Vi4 Debug: Condition 1, username test1 at test.net triggered,
count 1
bras#
bras#




      
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://puck.nether.net/pipermail/cisco-bba/attachments/20081021/803dbdfd/attachment-0001.html>

------------------------------

Message: 2
Date: Tue, 21 Oct 2008 16:58:54 +0200
From: Gerald Krause <gk at ax.tc>
Subject: Re: [cisco-bba] pppoe agregation ip problem.
To: cisco-bba at puck.nether.net
Message-ID: <48FDEE2E.7020802 at ax.tc>
Content-Type: text/plain; charset=ISO-8859-3

On 21.10.2008 14:24, tolga egemen wrote:
> we are having problem and user not geting public ip adress.Bras sending
> two access request to radius but not full username,firstly sending just 
> ''@test.net'',
> secondly send ''test1 at test.net'' format.

Maybe your BRAS is doing a "L2TP Tunnel Authentication/VPDN Tunnel
Lookup Based on Domain Name" like described in the 'Cisco IOS VPDN
Configuration Guide - Configuring AAA for VPDNs' documentation.

--
Gerald   (ax/tc)


------------------------------

_______________________________________________
cisco-bba mailing list
cisco-bba at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba

End of cisco-bba Digest, Vol 64, Issue 6
****************************************



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-bba/attachments/20081022/9c677cf7/attachment.html>

More information about the cisco-bba mailing list