[cisco-nas] aaa dnis map - where is it?

Tassos Chatzithomaoglou achatz at forthnet.gr
Tue Jun 1 14:07:16 EDT 2004 

I think i'm going crazy!!!

I tried it in 2 AS5300 (both with 12.2(15)T11) and they both had the same result (the one 
i first wrote in the mail).

Then i tried it in some other routers too:

AS5350 - 12.3.6 displayed it fine
AS5300 - 12.2(2)XA5 displayed it fine
AS5300 - 12.2(15)T8 didn't display it

What ios version did you try Aaron?

Aaron Leonard wrote:

>> Hi Aaaron,
> 
> 
>> I had already done it. My outputs are after the "...enable" command 
>> has been entered.
>> Even now, that all these dnis commands are configured, the "?" doesn't 
>> return the aaa options.
> 
> 
> Hm.  Just now tried this in  and it seems to work as expected:
> 
> esc-5400(config)#no aaa dnis map enable
> esc-5400(config)#aaa dnis map ?
>  enable  Enable mapping of DNIS number to AAA server address.
> 
> esc-5400(config)#aaa dnis map enable
> esc-5400(config)#aaa dnis map ?
>  WORD    DNIS number
>  enable  Enable mapping of DNIS number to AAA server address.
> 
>> Btw, another question. Is there a way i can define local aaa for dnis?
> 
> 
> You're saying, based upon DNIS, you want some calls to authenticate 
> locally?
> I guess you could have your default authentication method be local, then
> configure maps for all the DNISes that you DON'T want authenticated 
> locally.

Well, not actually what i'm looking for (i was looking for a straight configuration of 
local aaa like the group keyword), but thanks for the idea Aaaron.

> 
> Aaron
> 
> ---
> 
>> Aaron Leonard wrote:
> 
> 
>> > Looks like you need first to enter "aaa dnis map enable" before
>> > you can enter any aaa dnis maps.
>> >
>> > Aaron
>> >
>> > ---
>> >
>> >
>> >>I'm trying to test the following feature but i can't find it in the 
>> AS5300 - 12.2(15)T11
>> >>ios. The options about authentication/authorization seem to be missing.
>> >
>> >
>> >>http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guide09186a0080087ae0.html 
>>
>> >
>> >
>> >
>> >>router(config)#aaa dnis ?
>> >>   map  Map a specific AAA server address to a DNIS number.
>> >
>> >
>> >>router(config)#aaa dnis
>> >
>> >
>> >>router(config)#aaa dnis map ?
>> >>   enable  Enable mapping of DNIS number to AAA server address.
>> >
>> >
>> >>router(config)#aaa dnis map
>> >
>> >
>> >
>> >>but when i enter them without using "?" they appear fine in the config.
>> >
>> >
>> >>aaa dnis map enable
>> >>aaa dnis map xxxx authentication ppp group TEST
>> >>aaa dnis map xxxx authentication login group TEST
>> >>aaa dnis map xxxx authorization network group TEST
>> >>aaa dnis map xxxx accounting network none
>> >
>> >
>> >>Does this mean they are hidden? Should i worry about them not 
>> working as expected?
>> >
>> >
>> >
>> >>_______________________________________________
>> >>cisco-nas mailing list
>> >>cisco-nas at puck.nether.net
>> >>https://puck.nether.net/mailman/listinfo/cisco-nas
> 
> 

-- 
***************************************
         Tassos Chatzithomaoglou
Network Design & Development Department
              FORTHnet S.A.
          <achatz at forthnet.gr>
***************************************

More information about the cisco-nas mailing list