[cisco-nas] aaa dnis map - where is it?

Aaron Leonard Aaron at Cisco.COM
Tue Jun 1 15:52:00 EDT 2004


Sorry, I meant to include the router version in my last posting, but
forgot to ... and now a colleague has taken over the router.

Anyway, it sounds like there was a wee parser bug in 12.2(15)T11.

Aaron

---

> I think i'm going crazy!!!

> I tried it in 2 AS5300 (both with 12.2(15)T11) and they both had the same result (the one
> i first wrote in the mail).

> Then i tried it in some other routers too:

> AS5350 - 12.3.6 displayed it fine
> AS5300 - 12.2(2)XA5 displayed it fine
> AS5300 - 12.2(15)T8 didn't display it

> What ios version did you try Aaron?

> Aaron Leonard wrote:

> >> Hi Aaaron,
> >
> >
> >> I had already done it. My outputs are after the "...enable" command
> >> has been entered.
> >> Even now, that all these dnis commands are configured, the "?" doesn't
> >> return the aaa options.
> >
> >
> > Hm.  Just now tried this in  and it seems to work as expected:
> >
> > esc-5400(config)#no aaa dnis map enable
> > esc-5400(config)#aaa dnis map ?
> >  enable  Enable mapping of DNIS number to AAA server address.
> >
> > esc-5400(config)#aaa dnis map enable
> > esc-5400(config)#aaa dnis map ?
> >  WORD    DNIS number
> >  enable  Enable mapping of DNIS number to AAA server address.
> >
> >> Btw, another question. Is there a way i can define local aaa for dnis?
> >
> >
> > You're saying, based upon DNIS, you want some calls to authenticate
> > locally?
> > I guess you could have your default authentication method be local, then
> > configure maps for all the DNISes that you DON'T want authenticated
> > locally.

> Well, not actually what i'm looking for (i was looking for a straight configuration of
> local aaa like the group keyword), but thanks for the idea Aaaron.

> >
> > Aaron
> >
> > ---
> >
> >> Aaron Leonard wrote:
> >
> >
> >> > Looks like you need first to enter "aaa dnis map enable" before
> >> > you can enter any aaa dnis maps.
> >> >
> >> > Aaron
> >> >
> >> > ---
> >> >
> >> >
> >> >>I'm trying to test the following feature but i can't find it in the
> >> AS5300 - 12.2(15)T11
> >> >>ios. The options about authentication/authorization seem to be missing.
> >> >
> >> >
> >> >>http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guide09186a0080087ae0.html
> >>
> >> >
> >> >
> >> >
> >> >>router(config)#aaa dnis ?
> >> >>   map  Map a specific AAA server address to a DNIS number.
> >> >
> >> >
> >> >>router(config)#aaa dnis
> >> >
> >> >
> >> >>router(config)#aaa dnis map ?
> >> >>   enable  Enable mapping of DNIS number to AAA server address.
> >> >
> >> >
> >> >>router(config)#aaa dnis map
> >> >
> >> >
> >> >
> >> >>but when i enter them without using "?" they appear fine in the config.
> >> >
> >> >
> >> >>aaa dnis map enable
> >> >>aaa dnis map xxxx authentication ppp group TEST
> >> >>aaa dnis map xxxx authentication login group TEST
> >> >>aaa dnis map xxxx authorization network group TEST
> >> >>aaa dnis map xxxx accounting network none
> >> >
> >> >
> >> >>Does this mean they are hidden? Should i worry about them not
> >> working as expected?
> >> >
> >> >
> >> >
> >> >>_______________________________________________
> >> >>cisco-nas mailing list
> >> >>cisco-nas at puck.nether.net
> >> >>https://puck.nether.net/mailman/listinfo/cisco-nas
> >
> >

> --
> ***************************************
>          Tassos Chatzithomaoglou
> Network Design & Development Department
>               FORTHnet S.A.
>           <achatz at forthnet.gr>
> ***************************************


More information about the cisco-nas mailing list