[cisco-nas] VPDN

Srdjan Simic srdjan at sezampro.yu
Fri Jul 25 09:55:18 EDT 2003


   Hello everybody,

   We are trying to deploy a LAC/LNS system where LAC is CVX and LNS are
Cisco 3640 with 12.2(8)T. When we turn on ppp multilink option in
virtual-template some users get authenticated without authorisation. AAA
does NOT send RADIUS start and STOP record and user gets free connection.

   We determined that this is happening when an user turns on multilink
option in win2k and Cisco command aaa accounting delay-start is on. All
other users (non multilink) are ok. And what is more funny, this is not
happening all the time (in 25% cases).


aaa authentication login default local
aaa authentication ppp default group radius local
aaa authorization network default group radius local none
aaa accounting delay-start
aaa accounting network default start-stop group radius
aaa session-id unique

interface Virtual-Template1
 mtu 1448
 ip unnumbered Ethernet0/0
 no ip redirects
 no ip proxy-arp
 no logging event link-status
 no keepalive
 peer default ip address pool SMIN
 ppp authentication pap
 ppp chap refuse
 hold-queue 100 out

   Regards Srdjan Simic
   CTO
   SezamPro On-Line
   http://www.sezampro.yu
   Tel&Fax: +381 11 3227-231




More information about the cisco-nas mailing list