[cisco-nas] Problem with per user accesslist via radius
eric at tal.de
eric at tal.de
Tue Sep 30 10:02:42 EDT 2003
Hello cisco-nas,
I have following problem when i try to set more than 46
entrys for per user filter then only 46 rules are set.
we are using a 7206 to termiate a l2tp tunnel with dsl lines.
Cisco Internetwork Operating System Software
IOS (tm) 7200 Software (C7200-JO3S-M), Version 12.2(16)B, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Mon 12-May-03 20:22 by leccese
Image text-base: 0x60008954, data-base: 0x61FBE000
ROM: System Bootstrap, Version 12.0(19990210:195103) [12.0XE 105], DEVELOPMENT SOFTWARE
BOOTLDR: 7200 Software (C7200-BOOT-M), Version 12.0(2)XE2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
cisco 7206VXR (NPE300) processor (revision B) with 229376K/65536K bytes of memory.
Processor board ID 16069708
R7000 CPU at 262Mhz, Implementation 39, Rev 1.0, 256KB L2, 2048KB L3 Cache
6 slot VXR midplane, Version 2.0
We use a Cistron-radius version 1.6-stable
asample config for a user is:
test#xyz.de Auth-Type = Local, Password = "test"
Service-Type = Framed-User,
Cisco-AVPair = "ip:dns-servers=81.92.1.1 81.92.1.2",
Cisco-AVPair = "ip:inacl#1=deny tcp 0.0.0.0 255.255.255.255 x.x.x.x 0.0.0.0 eq 23",
.
.
.
Cisco-AVPair = "ip:inacl#51=deny tcp 0.0.0.0 255.255.255.255 x.x.x.x 0.0.0.0 eq 443",
.
.
.
Cisco-AVPair = "ip:inacl#179=permit ip any any",
Framed-Protocol = PPP,
Acct-Interim-Interval = 300,
Framed-Route = "x.x.x.x/x x.x.x.x 1",
Framed-IP-Address = x.x.x.x,
Framed-IP-Netmask = x.x.x.x
Has anybody any idea whats going worng here or is there a maximum of rules per user ?
Tanks.
Mit freundlichem Gruße,
Eric Thiele
-----------------------------------------------
TAL.DE Klaus Internet Service GmbH eric at tal.de
Robertstrasse 6 * D-42107 Wuppertal, Germany
Tel: 0202 / 495-0 * Fax: 0202 / 495-399
-----------------------------------------------
More information about the cisco-nas
mailing list