[cisco-nas] Problem with PPPOE dialin + aaa new-model

Tue Nov 15 10:04:01 EST 2005

Hello list,

I have got a problem with a Cisco 871, IOS 12.4(2)T1.

With "no aaa new-model" my PPPOE-connection comes up and is running. But 
when I enter "aaa new-model" it doesn't work.

I want to use the "aaa username..." to define VPN-users via EasyVPN server.
I am using CHAP for authentication of my DSL connection.

this is the only aaa configuration so far:

aaa new-model
aaa authentication login CONSOLE none
aaa session-id common

and that is my dialer0 configuration:

interface Dialer0
  description DSL-Dialer Interface
  ip address negotiated
  ip access-group 101 in
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip inspect DEFAULT100 out
  ip nat outside
  ip virtual-reassembly
  encapsulation ppp
  ip route-cache flow
  dialer pool 1
  dialer-group 1
  no cdp enable
  ppp authentication chap callin
  ppp chap hostname ***#netuse at interdsl-6.de
  ppp chap password PASS
!

with "aaa"-config
debug ppp negotiation:

000101: *Mar  1 06:12:16.643 PCTime: %DIALER-6-BIND: Interface Vi1 bound 
to profile Di0
000102: *Mar  1 06:12:16.643 PCTime: Vi1 PPP: Phase is DOWN, Setup
000103: *Mar  1 06:12:16.643 PCTime: Vi1 PPP: Using dialer call direction
000104: *Mar  1 06:12:16.643 PCTime: Vi1 PPP: Treating connection as a 
callout
000105: *Mar  1 06:12:16.643 PCTime: Vi1 PPP: Session handle[7F000038] 
Session id[0]
000106: *Mar  1 06:12:16.643 PCTime: Vi1 PPP: Phase is ESTABLISHING, 
Active Open
000107: *Mar  1 06:12:16.643 PCTime: Vi1 PPP: No remote authentication 
for call-out
000108: *Mar  1 06:12:16.643 PCTime: Vi1 LCP: O CONFREQ [Closed] id 1 len 10
000109: *Mar  1 06:12:16.643 PCTime: Vi1 LCP:    MagicNumber 0x1568EAB4 
(0x05061568EAB4)
000110: *Mar  1 06:12:16.647 PCTime: %LINK-3-UPDOWN: Interface 
Virtual-Access1, changed state to up
000111: *Mar  1 06:12:16.775 PCTime: Vi1 LCP: I CONFREQ [REQsent] id 98 
len 18
000112: *Mar  1 06:12:16.775 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000113: *Mar  1 06:12:16.775 PCTime: Vi1 LCP:    AuthProto PAP (0x0304C023)
000114: *Mar  1 06:12:16.775 PCTime: Vi1 LCP:    MagicNumber 0x456C1CDB 
(0x0506456C1CDB)
000115: *Mar  1 06:12:16.775 PCTime: Vi1 LCP: O CONFNAK [REQsent] id 98 
len 8
000116: *Mar  1 06:12:16.775 PCTime: Vi1 LCP:    MRU 1500 (0x010405DC)
000117: *Mar  1 06:12:16.775 PCTime: Vi1 LCP: I CONFACK [REQsent] id 1 
len 10
000118: *Mar  1 06:12:16.775 PCTime: Vi1 LCP:    MagicNumber 0x1568EAB4 
(0x05061568EAB4)
000119: *Mar  1 06:12:16.815 PCTime: Vi1 LCP: I CONFREQ [ACKrcvd] id 99 
len 18
000120: *Mar  1 06:12:16.815 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000121: *Mar  1 06:12:16.815 PCTime: Vi1 LCP:    AuthProto PAP (0x0304C023)
000122: *Mar  1 06:12:16.815 PCTime: Vi1 LCP:    MagicNumber 0x456C1CDB 
(0x0506456C1CDB)
000123: *Mar  1 06:12:16.815 PCTime: Vi1 LCP: O CONFNAK [ACKrcvd] id 99 
len 8
000124: *Mar  1 06:12:16.819 PCTime: Vi1 LCP:    MRU 1500 (0x010405DC)
000125: *Mar  1 06:12:16.855 PCTime: Vi1 LCP: I CONFREQ [ACKrcvd] id 100 
len 18
000126: *Mar  1 06:12:16.855 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000127: *Mar  1 06:12:16.855 PCTime: Vi1 LCP:    AuthProto PAP (0x0304C023)
000128: *Mar  1 06:12:16.855 PCTime: Vi1 LCP:    MagicNumber 0x456C1CDB 
(0x0506456C1CDB)
000129: *Mar  1 06:12:16.855 PCTime: Vi1 LCP: O CONFNAK [ACKrcvd] id 100 
len 8
000130: *Mar  1 06:12:16.855 PCTime: Vi1 LCP:    MRU 1500 (0x010405DC)
000131: *Mar  1 06:12:16.895 PCTime: Vi1 LCP: I CONFREQ [ACKrcvd] id 101 
len 18
000132: *Mar  1 06:12:16.895 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000133: *Mar  1 06:12:16.895 PCTime: Vi1 LCP:    AuthProto PAP (0x0304C023)
000134: *Mar  1 06:12:16.895 PCTime: Vi1 LCP:    MagicNumber 0x456C1CDB 
(0x0506456C1CDB)
000135: *Mar  1 06:12:16.899 PCTime: Vi1 LCP: O CONFNAK [ACKrcvd] id 101 
len 8
000136: *Mar  1 06:12:16.899 PCTime: Vi1 LCP:    MRU 1500 (0x010405DC)
000137: *Mar  1 06:12:16.939 PCTime: Vi1 LCP: I CONFREQ [ACKrcvd] id 102 
len 18
000138: *Mar  1 06:12:16.939 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000139: *Mar  1 06:12:16.939 PCTime: Vi1 LCP:    AuthProto PAP (0x0304C023)
000140: *Mar  1 06:12:16.939 PCTime: Vi1 LCP:    MagicNumber 0x456C1CDB 
(0x0506456C1CDB)
000141: *Mar  1 06:12:16.939 PCTime: Vi1 LCP: O CONFNAK [ACKrcvd] id 102 
len 8
000142: *Mar  1 06:12:16.939 PCTime: Vi1 LCP:    MRU 1500 (0x010405DC)
000143: *Mar  1 06:12:16.979 PCTime: Vi1 LCP: I CONFREQ [ACKrcvd] id 103 
len 18
000144: *Mar  1 06:12:16.979 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000145: *Mar  1 06:12:16.979 PCTime: Vi1 LCP:    AuthProto PAP (0x0304C023)
000146: *Mar  1 06:12:16.979 PCTime: Vi1 LCP:    MagicNumber 0x456C1CDB 
(0x0506456C1CDB)
000147: *Mar  1 06:12:16.979 PCTime: Vi1 LCP: O CONFREJ [ACKrcvd] id 103 
len 8
000148: *Mar  1 06:12:16.979 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000149: *Mar  1 06:12:17.019 PCTime: Vi1 LCP: I CONFREQ [ACKrcvd] id 104 
len 14
000150: *Mar  1 06:12:17.019 PCTime: Vi1 LCP:    AuthProto PAP (0x0304C023)
000151: *Mar  1 06:12:17.019 PCTime: Vi1 LCP:    MagicNumber 0x456C1CDB 
(0x0506456C1CDB)
000152: *Mar  1 06:12:17.019 PCTime: Vi1 LCP: O CONFACK [ACKrcvd] id 104 
len 14
000153: *Mar  1 06:12:17.019 PCTime: Vi1 LCP:    AuthProto PAP (0x0304C023)
000154: *Mar  1 06:12:17.019 PCTime: Vi1 LCP:    MagicNumber 0x456C1CDB 
(0x0506456C1CDB)
000155: *Mar  1 06:12:17.019 PCTime: Vi1 LCP: State is Open
000156: *Mar  1 06:12:17.019 PCTime: Vi1 PPP: Phase is AUTHENTICATING, 
by the peer
000157: *Mar  1 06:12:17.023 PCTime: Vi1 PPP: Sending Acct Event[Down] 
id[14]
000158: *Mar  1 06:12:17.023 PCTime: Vi1 PPP: Phase is TERMINATING
000159: *Mar  1 06:12:17.023 PCTime: Vi1 LCP: O TERMREQ [Open] id 2 len 4
000160: *Mar  1 06:12:17.063 PCTime: Vi1 LCP: I TERMACK [TERMsent] id 2 
len 4
000161: *Mar  1 06:12:17.063 PCTime: Vi1 LCP: State is Closed
000162: *Mar  1 06:12:17.063 PCTime: Vi1 PPP: Phase is DOWN
000163: *Mar  1 06:12:17.063 PCTime: %DIALER-6-UNBIND: Interface Vi1 
unbound from profile Di0
000164: *Mar  1 06:12:17.067 PCTime: %LINK-3-UPDOWN: Interface 
Virtual-Access1, changed state to down

without "aaa"-config
debug ppp negotiation:

000178: *Mar  1 06:13:48.055 PCTime: %DIALER-6-BIND: Interface Vi1 bound 
to profile Di0
000179: *Mar  1 06:13:48.055 PCTime: Vi1 PPP: Phase is DOWN, Setup
000180: *Mar  1 06:13:48.055 PCTime: Vi1 PPP: Using dialer call direction
000181: *Mar  1 06:13:48.055 PCTime: Vi1 PPP: Treating connection as a 
callout
000182: *Mar  1 06:13:48.059 PCTime: Vi1 PPP: Session handle[D8000044] 
Session id[0]
000183: *Mar  1 06:13:48.059 PCTime: Vi1 PPP: Phase is ESTABLISHING, 
Active Open
000184: *Mar  1 06:13:48.059 PCTime: Vi1 PPP: No remote authentication 
for call-out
000185: *Mar  1 06:13:48.059 PCTime: Vi1 LCP: O CONFREQ [Closed] id 1 len 10
000186: *Mar  1 06:13:48.059 PCTime: Vi1 LCP:    MagicNumber 0x156A4FD0 
(0x0506156A4FD0)
000187: *Mar  1 06:13:48.059 PCTime: %LINK-3-UPDOWN: Interface 
Virtual-Access1, changed state to up
000188: *Mar  1 06:13:48.243 PCTime: Vi1 LCP: I CONFREQ [REQsent] id 76 
len 18
000189: *Mar  1 06:13:48.243 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000190: *Mar  1 06:13:48.243 PCTime: Vi1 LCP:    AuthProto PAP (0x0304C023)
000191: *Mar  1 06:13:48.247 PCTime: Vi1 LCP:    MagicNumber 0x6D0EDC69 
(0x05066D0EDC69)
000192: *Mar  1 06:13:48.247 PCTime: Vi1 LCP: O CONFNAK [REQsent] id 76 
len 13
000193: *Mar  1 06:13:48.247 PCTime: Vi1 LCP:    MRU 1500 (0x010405DC)
000194: *Mar  1 06:13:48.247 PCTime: Vi1 LCP:    AuthProto CHAP 
(0x0305C22305)
000195: *Mar  1 06:13:48.247 PCTime: Vi1 LCP: I CONFACK [REQsent] id 1 
len 10
000196: *Mar  1 06:13:48.247 PCTime: Vi1 LCP:    MagicNumber 0x156A4FD0 
(0x0506156A4FD0)
000197: *Mar  1 06:13:48.291 PCTime: Vi1 LCP: I CONFREQ [ACKrcvd] id 77 
len 19
000198: *Mar  1 06:13:48.291 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000199: *Mar  1 06:13:48.291 PCTime: Vi1 LCP:    AuthProto CHAP 
(0x0305C22305)
000200: *Mar  1 06:13:48.291 PCTime: Vi1 LCP:    MagicNumber 0x6D0EDC69 
(0x05066D0EDC69)
000201: *Mar  1 06:13:48.291 PCTime: Vi1 LCP: O CONFNAK [ACKrcvd] id 77 
len 8
000202: *Mar  1 06:13:48.291 PCTime: Vi1 LCP:    MRU 1500 (0x010405DC)
000203: *Mar  1 06:13:48.331 PCTime: Vi1 LCP: I CONFREQ [ACKrcvd] id 78 
len 19
000204: *Mar  1 06:13:48.331 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000205: *Mar  1 06:13:48.331 PCTime: Vi1 LCP:    AuthProto CHAP 
(0x0305C22305)
000206: *Mar  1 06:13:48.331 PCTime: Vi1 LCP:    MagicNumber 0x6D0EDC69 
(0x05066D0EDC69)
000207: *Mar  1 06:13:48.335 PCTime: Vi1 LCP: O CONFNAK [ACKrcvd] id 78 
len 8
000208: *Mar  1 06:13:48.335 PCTime: Vi1 LCP:    MRU 1500 (0x010405DC)
000209: *Mar  1 06:13:48.383 PCTime: Vi1 LCP: I CONFREQ [ACKrcvd] id 79 
len 19
000210: *Mar  1 06:13:48.383 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000211: *Mar  1 06:13:48.383 PCTime: Vi1 LCP:    AuthProto CHAP 
(0x0305C22305)
000212: *Mar  1 06:13:48.383 PCTime: Vi1 LCP:    MagicNumber 0x6D0EDC69 
(0x05066D0EDC69)
000213: *Mar  1 06:13:48.383 PCTime: Vi1 LCP: O CONFNAK [ACKrcvd] id 79 
len 8
000214: *Mar  1 06:13:48.383 PCTime: Vi1 LCP:    MRU 1500 (0x010405DC)
000215: *Mar  1 06:13:48.427 PCTime: Vi1 LCP: I CONFREQ [ACKrcvd] id 80 
len 19
000216: *Mar  1 06:13:48.427 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000217: *Mar  1 06:13:48.427 PCTime: Vi1 LCP:    AuthProto CHAP 
(0x0305C22305)
000218: *Mar  1 06:13:48.431 PCTime: Vi1 LCP:    MagicNumber 0x6D0EDC69 
(0x05066D0EDC69)
000219: *Mar  1 06:13:48.431 PCTime: Vi1 LCP: O CONFNAK [ACKrcvd] id 80 
len 8
000220: *Mar  1 06:13:48.431 PCTime: Vi1 LCP:    MRU 1500 (0x010405DC)
000221: *Mar  1 06:13:48.471 PCTime: Vi1 LCP: I CONFREQ [ACKrcvd] id 81 
len 19
000222: *Mar  1 06:13:48.471 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000223: *Mar  1 06:13:48.471 PCTime: Vi1 LCP:    AuthProto CHAP 
(0x0305C22305)
000224: *Mar  1 06:13:48.471 PCTime: Vi1 LCP:    MagicNumber 0x6D0EDC69 
(0x05066D0EDC69)
000225: *Mar  1 06:13:48.471 PCTime: Vi1 LCP: O CONFREJ [ACKrcvd] id 81 
len 8
000226: *Mar  1 06:13:48.471 PCTime: Vi1 LCP:    MRU 1492 (0x010405D4)
000227: *Mar  1 06:13:48.511 PCTime: Vi1 LCP: I CONFREQ [ACKrcvd] id 82 
len 15
000228: *Mar  1 06:13:48.511 PCTime: Vi1 LCP:    AuthProto CHAP 
(0x0305C22305)
000229: *Mar  1 06:13:48.511 PCTime: Vi1 LCP:    MagicNumber 0x6D0EDC69 
(0x05066D0EDC69)
000230: *Mar  1 06:13:48.511 PCTime: Vi1 LCP: O CONFACK [ACKrcvd] id 82 
len 15
000231: *Mar  1 06:13:48.515 PCTime: Vi1 LCP:    AuthProto CHAP 
(0x0305C22305)
000232: *Mar  1 06:13:48.515 PCTime: Vi1 LCP:    MagicNumber 0x6D0EDC69 
(0x05066D0EDC69)
000233: *Mar  1 06:13:48.515 PCTime: Vi1 LCP: State is Open
000234: *Mar  1 06:13:48.515 PCTime: Vi1 PPP: Phase is AUTHENTICATING, 
by the peer
000235: *Mar  1 06:13:48.563 PCTime: Vi1 CHAP: I CHALLENGE id 117 len 41 
from "KIEX42-erx"
000236: *Mar  1 06:13:48.563 PCTime: Vi1 CHAP: Using hostname from 
interface CHAP
000237: *Mar  1 06:13:48.567 PCTime: Vi1 CHAP: Using password from 
interface CHAP
000238: *Mar  1 06:13:48.567 PCTime: Vi1 CHAP: O RESPONSE id 117 len 50 
from "adsltest#netuse at interdsl-6.de"
000239: *Mar  1 06:13:49.103 PCTime: Vi1 LCP: I CONFREQ [Open] id 1 len 19
000240: *Mar  1 06:13:49.103 PCTime: Vi1 LCP:    MRU 1452 (0x010405AC)
000241: *Mar  1 06:13:49.103 PCTime: Vi1 LCP:    AuthProto CHAP 
(0x0305C22305)
000242: *Mar  1 06:13:49.103 PCTime: Vi1 LCP:    MagicNumber 0x602CBD8E 
(0x0506602CBD8E)
000243: *Mar  1 06:13:49.103 PCTime: Vi1 PPP: Phase is TERMINATING
000244: *Mar  1 06:13:49.103 PCTime: Vi1 PPP: No remote authentication 
for call-out
000245: *Mar  1 06:13:49.103 PCTime: Vi1 PPP: Phase is ESTABLISHING
000246: *Mar  1 06:13:49.103 PCTime: Vi1 LCP: O CONFREQ [Open] id 2 len 10
000247: *Mar  1 06:13:49.103 PCTime: Vi1 LCP:    MagicNumber 0x156A53E5 
(0x0506156A53E5)
000248: *Mar  1 06:13:49.103 PCTime: Vi1 LCP: O CONFNAK [Open] id 1 len 8
000249: *Mar  1 06:13:49.103 PCTime: Vi1 LCP:    MRU 1500 (0x010405DC)
000250: *Mar  1 06:13:49.151 PCTime: Vi1 LCP: I CONFACK [REQsent] id 2 
len 10
000251: *Mar  1 06:13:49.151 PCTime: Vi1 LCP:    MagicNumber 0x156A53E5 
(0x0506156A53E5)
000252: *Mar  1 06:13:49.155 PCTime: Vi1 LCP: I CONFREQ [ACKrcvd] id 2 
len 19
000253: *Mar  1 06:13:49.155 PCTime: Vi1 LCP:    MRU 1500 (0x010405DC)
000254: *Mar  1 06:13:49.155 PCTime: Vi1 LCP:    AuthProto CHAP 
(0x0305C22305)
000255: *Mar  1 06:13:49.155 PCTime: Vi1 LCP:    MagicNumber 0x602CBD8E 
(0x0506602CBD8E)
000256: *Mar  1 06:13:49.155 PCTime: Vi1 LCP: O CONFACK [ACKrcvd] id 2 
len 19
000257: *Mar  1 06:13:49.155 PCTime: Vi1 LCP:    MRU 1500 (0x010405DC)
000258: *Mar  1 06:13:49.155 PCTime: Vi1 LCP:    AuthProto CHAP 
(0x0305C22305)
000259: *Mar  1 06:13:49.155 PCTime: Vi1 LCP:    MagicNumber 0x602CBD8E 
(0x0506602CBD8E)
000260: *Mar  1 06:13:49.159 PCTime: Vi1 LCP: State is Open
000261: *Mar  1 06:13:49.159 PCTime: Vi1 PPP: Phase is AUTHENTICATING, 
by the peer
000262: *Mar  1 06:13:49.203 PCTime: Vi1 CHAP: I CHALLENGE id 118 len 31 
from "netuse-dsl"
000263: *Mar  1 06:13:49.203 PCTime: Vi1 CHAP: Using hostname from 
interface CHAP
000264: *Mar  1 06:13:49.207 PCTime: Vi1 CHAP: Using password from 
interface CHAP
000265: *Mar  1 06:13:49.207 PCTime: Vi1 CHAP: O RESPONSE id 118 len 50 
from "***#netuse at interdsl-6.de"
000266: *Mar  1 06:13:49.319 PCTime: Vi1 CHAP: I SUCCESS id 118 len 4
000267: *Mar  1 06:13:49.319 PCTime: Vi1 PPP: Phase is FORWARDING, 
Attempting Forward
000268: *Mar  1 06:13:49.319 PCTime: Vi1 PPP: Queue IPCP code[1] id[1]
000269: *Mar  1 06:13:49.319 PCTime: Vi1 PPP: Phase is ESTABLISHING, 
Finish LCP
000270: *Mar  1 06:13:49.319 PCTime: Vi1 PPP: Phase is UP
000271: *Mar  1 06:13:49.319 PCTime: Vi1 IPCP: O CONFREQ [Closed] id 1 
len 10
000272: *Mar  1 06:13:49.323 PCTime: Vi1 IPCP:    Address 0.0.0.0 
(0x030600000000)
000273: *Mar  1 06:13:49.323 PCTime: Vi1 PPP: Process pending ncp packets
000274: *Mar  1 06:13:49.323 PCTime: Vi1 IPCP: Redirect packet to Vi1
000275: *Mar  1 06:13:49.323 PCTime: Vi1 IPCP: I CONFREQ [REQsent] id 1 
len 10
000276: *Mar  1 06:13:49.323 PCTime: Vi1 IPCP:    Address 195.244.255.50 
(0x0306C3F4FF32)
000277: *Mar  1 06:13:49.323 PCTime: Vi1 IPCP: O CONFACK [REQsent] id 1 
len 10
000278: *Mar  1 06:13:49.323 PCTime: Vi1 IPCP:    Address 195.244.255.50 
(0x0306C3F4FF32)
000279: *Mar  1 06:13:49.367 PCTime: Vi1 IPCP: I CONFNAK [ACKsent] id 1 
len 10
000280: *Mar  1 06:13:49.367 PCTime: Vi1 IPCP:    Address 195.244.254.34 
(0x0306C3F4FE22)
000281: *Mar  1 06:13:49.367 PCTime: Vi1 IPCP: O CONFREQ [ACKsent] id 2 
len 10
000282: *Mar  1 06:13:49.367 PCTime: Vi1 IPCP:    Address 195.244.254.34 
(0x0306C3F4FE22)
000283: *Mar  1 06:13:49.415 PCTime: Vi1 IPCP: I CONFACK [ACKsent] id 2 
len 10
000284: *Mar  1 06:13:49.415 PCTime: Vi1 IPCP:    Address 195.244.254.34 
(0x0306C3F4FE22)
000285: *Mar  1 06:13:49.415 PCTime: Vi1 IPCP: State is Open
000286: *Mar  1 06:13:49.415 PCTime: Di0 IPCP: Install negotiated IP 
interface address 195.244.254.34
000287: *Mar  1 06:13:49.419 PCTime: Di0 IPCP: Install route to 
195.244.255.50
000288: *Mar  1 06:13:49.419 PCTime: Vi1 IPCP: Add link info for cef 
entry 195.244.255.50
000289: *Mar  1 06:13:50.319 PCTime: %LINEPROTO-5-UPDOWN: Line protocol 
on Interface Virtual-Access1, changed state to up

-- 
Joerg Schmuetz
NetUSE AG
Dr.-Hell-Strasse, D-24107 Kiel, Germany
Telefon: +49 431 2390 400 --  Telefax: +49 431 2390 499