[cisco-nas] Callback with Microsoft IAS (RADIUS)

Michael Taylor (mitaylor) mitaylor at cisco.com
Thu Apr 24 09:14:12 EDT 2003 

Hi,

I've done some work a while back on Callback, here's the RADIUS profile I 
was using:

callback Auth-Type := Local, User-Password == "testing"
         Service-Type = Framed-User,
         Framed-IP-Address = 192.168.1.1,
         Cisco-AVPair = "lcp:callback-dialstring=1234567",
         Cisco-AVPair = "lcp:nocallback-verify=1",
         Cisco-AVPair = "ip:addr=192.168.1.1",
         Fall-Through = Yes

I was working on authentication issues with 12.2T, and haven't actually 
tried it on 12.0(7)T, but I can load it up for a test when I get into the 
office if you like...

Cheers,
Mike

At 03:20 PM Wednesday 23/04/2003 +0200, Harald Astrand wrote:




>Hi,
>
>I am trying to get callback working on an AS5200 (12.0.7(T)) using RADIUS.
>The AAA server used is a Windows 2000 Server running IAS.
>
>On the AS5200 I have the following AAA configuration:
>
>aaa new-model
>aaa group server radius RASGROUP
>  server 10.168.10.13 auth-port 1645 acct-port 1646
>  server 10.168.10.14 auth-port 1645 acct-port 1646
>!
>aaa authentication login RAS group RASGROUP
>aaa authentication ppp RAS group RASGROUP
>aaa authorization exec RAS group RASGROUP
>aaa authorization network RAS group RASGROUP
>aaa accounting exec RAS start-stop group RASGROUP
>aaa accounting network RAS start-stop group RASGROUP
>
>interface Group-Async 1
>  ppp authentication pap RAS
>  ppp authorization RAS
>  ppp accounting RAS
>
>I have set us the policy in IAS to return the following parameters:
>
>Framed-Protocol=PPP
>Service-Type=Framed (there does not seem to be any service-type called
>Framed-User)
>Cisco-AV-Pair="lcp:callback-dialstring=12345678"
>
>Unfortunately, I am not able to get this to work. Are there any more
>parameters that I have to return to the NAS?
>Also, if possible I would like to specify the callback number in the user
>profile (and not in a AV-pair)
>
>Any help would be greatly appreciated!
>
>Regards,
>
>Harald
>
>_______________________________________________
>cisco-nas mailing list
>cisco-nas at puck.nether.net
>http://puck.nether.net/mailman/listinfo/cisco-nas

Cisco Systems
VGDBU - Voice Gateway and Dial Business Unit
Customer Engineering
Sydney, Australia
Ph:     (+61 2) 8446 6044
Mobile: (+61) 401 890 474

More information about the cisco-nas mailing list