[cisco-nas] dhcp "like" ppp aaa - maybe silly question ;-)

Aaron Leonard Aaron at cisco.com
Fri Oct 31 11:37:18 EST 2003


> Aaron Leonard wrote:

> >> Is there a way to have username/password authentication/accounting
> >> (with radius) when
> >> using dhcp, just like normal ppp?
> >
> >
> >> If yes, is there a way to have per-user (security, qos) attributes
> >> applied through radius?
> >
> >
> > Sounds like you're talking about 802.1X, or something like it, perhaps?
> >
> > http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123limit/123x/123xa/gt_802_1.htm
> >
> > http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12113ea1/3550scg/sw8021x.htm
> >

> Quite interesting.....but 2 questions come to my mind:

> 1. What encapsulation does virtual-template use?
> 2. Is there a 802.1X accounting method?

> >
> > What exact physical topology connects these users to the network?
> >

> These users are terminated (RFC1483 Routing/Bridging) in a dslam and until now they just
> get an ip through dhcp. We're trying to find a way in order to make them "behave" like ppp
> users with username/password authentication/accounting, per-user attributes/qos, like we
> do in all our other users through our radius servers.

Well, the right answer (I suppose you know this already) is
to switch from RFC-1483 to PPPoA or PPPoE.  I'm not sure what
you can do with RFC-1483 ... maybe someone has some ideas?

Aaron


More information about the cisco-nas mailing list