[cisco-nas] virtual-Profile question

Matyas Szilard szilard.matyas at enternet.hu
Tue Oct 14 14:01:56 EDT 2003


Hello,

My problem is that I would like to do that all ppp configuration parameters
for a dialin user like pap or chap authentication,auth lists etc can be get
from a virtual-template for all dialin user. And on Physical interfaces like
group-async and serial could be only media specific parameters. This
configuration would be ideal for configuring because we use same auth list
for all kind of dialin user (modem/ISDN) and if an auth list changes I don't
have to change it on every serial and group async interfaces etc. I thought
It can be done easily with virtual profile. But life was not so easy. Or I
misunderstanded the Virtual Profile feature.I configured " virtual-profile
virtual-template 1" and "interface virtual-template 1 " with "encap ppp",
"ppp authentication pap listname", etc.....On the physical interfaces I
configured only the media specific components neither "encap ppp", nor "ppp
authentication pap listname", etc.....
And also the physical interfaces is neither configured for dialer profile
and nor for legacy ddr.
I thought it should be working. I thought that for all of the users dial-in
(no matters async or sync) an interface will be cloned from the virtual
template and ppp starts and the auth list on the virt. template is used for
authentication. But it didn't work. The NAS did  wholly other thing. If I
dial in the AS with modem the PPP starts on the async, but there is no
"encap ppp"  on group async interface.
I think because of the autoselect ppp on the line. And then searches the
authentication list on group async only (there was no auth list on it) and
don't be engaged in using the auth list on virt-template. But, the cloning
is succesful, ios makes virt. acces interface and I dial in without
authentication with any kind of user/pass. If I dial with ISDN there is even
no ppp on the physical serial interfaces and the PPP didn't start.
 If someone know the solution please help.

Thanks everyone response!



szicsu



More information about the cisco-nas mailing list