[cisco-nas] Re: 'interface-config" cisco av-pair

Dennis Peng dpeng at cisco.com
Mon Jun 23 10:12:59 EDT 2003 

Anastassios Chatzithomaoglou [achatz at forthnet.gr] wrote:
> Does this command ("virtual-profile aaa") allow only lcp:interface-config 
> attributes to be passed per-user, or does it do something more?

It is for the lcp:interface-config attribute only.

> I have a lot of other per-user commands that are applied without the need 
> of this command.

Yep, exactly right. So it didn't make a lot of sense to make the
interface-config attribute a special case, and we now just apply it
automatically if it is sent in the user profile.

Dennis

> Dennis Peng wrote:
> 
> >Note that starting from 12.3 and onward, the "virtual-profile aaa"
> >command is deprecated and we will automatically apply any
> >interface-config AVP received from the AAA server without an explicit
> >configuration. If you ever upgrade to 12.3 and then downgrade back to
> >an older release, the command will be removed from the configuration,
> >so you'll need to add it back in. Just something to keep in the back
> >of your mind.
> >
> >Dennis
> >
> >Anastassios Chatzithomaoglou [achatz at forthnet.gr] wrote:
> >
> >>I just found the "virtual-profile aaa" command which solved my problem ;-)
> >>
> >>Anastassios Chatzithomaoglou wrote:
> >>
> >>
> >>>Interface-config seems not to be applied. Any idea why?
> >>>
> >>>IOS (tm) 7200 Software (C7200-IS-M), Version 12.2(6i), RELEASE SOFTWARE 
> >>>(fc1)
> >>>----------------------------------------------------------------------------- 
> >>>
> >>>Jun 20 16:44:04.950: Vi821 AAA/AUTHOR/LCP (3737647052): 
> >>>Method=FORTHNET-RADIUS-DSL (radius)
> >>>Jun 20 16:44:04.950: Vi821 AAA/AUTHOR (3737647052): Post authorization 
> >>>status = PASS_REPL
> >>>Jun 20 16:44:04.954: Vi821 AAA/AUTHOR/LCP: Processing AV service=ppp
> >>>Jun 20 16:44:04.954: Vi821 AAA/AUTHOR/LCP: Processing AV timeout=86400
> >>>Jun 20 16:44:04.954: Vi821 AAA/AUTHOR/LCP: Processing AV 
> >>>interface-config#2=rate-limit output 384000 32000 32000 conform-action 
> >>>transmit exceed-action drop
> >>>Jun 20 16:44:04.954: Vi821 AAA/AUTHOR/LCP: Processing AV 
> >>>interface-config#1=rate-limit input 128000 32000 32000 conform-action 
> >>>transmit exceed-action drop
> >>>Jun 20 16:44:04.954: Vi821 AAA/AUTHOR/LCP: Per-user interface config 
> >>>created:
> >>>timeout absolute 1440 0
> >>>
> >>>Jun 20 16:44:04.958: Vi821 AAA/AUTHOR/FSM: (0): Can we start IPCP?
> >>>
> >>>
> >>>
> >>>
> >>
> >>-- 
> >>***********************************
> >>  Chatzithomaoglou Anastasios
> >>Network Design & Operations Center
> >>         FORTHnet S.A.
> >>     <achatz at forthnet.gr>
> >>***********************************
> >>
> >>_______________________________________________
> >>cisco-nas mailing list
> >>cisco-nas at puck.nether.net
> >>http://puck.nether.net/mailman/listinfo/cisco-nas
> >
> >
> 
> -- 
> ***********************************
>    Chatzithomaoglou Anastasios
> Network Design & Operations Center
>           FORTHnet S.A.
>       <achatz at forthnet.gr>
> ***********************************

More information about the cisco-nas mailing list