[cisco-nas] 7206 PPPoE Customers can not get authenticated

Oumar Sagnang omar.sagnang at sentoo.sn
Thu Feb 2 20:08:54 EST 2006 

Hi,
I have a Cisco 7206 VXR that is acting as a NAS..it handles the PPPoE sessions from CPE...

Version : c7200-js-mz.122-14.S

After we enable the AAA , 12hours or 1 day later customers can not get authenticated...
our configuration:

aaa authentication ppp default group radius
aaa authorization network default none
aaa accounting network default start-stop group radius

vpdn-group xxxxx
 accept-dialin
  protocol pppoe
  virtual-template 1
 pppoe limit per-mac 500
 pppoe limit per-vlan 800

interface GigabitEthernet0/1
 no ip redirects
 no ip mroute-cache
 load-interval 30
 duplex full
 speed auto
 media-type rj45
 no negotiation auto
 pppoe enable
!
interface GigabitEthernet0/1.15
 encapsulation dot1Q 15
 pppoe enable
!
interface GigabitEthernet0/1.16
 encapsulation dot1Q 16
 pppoe enable
!
interface GigabitEthernet0/1.17
 encapsulation dot1Q 17
 pppoe enable
!
interface Virtual-Template1
 ip unnumbered Loopback0
 ip mtu 1492
 no ip route-cache cef
 timeout absolute 720 0
 peer default ip address pool adsl
 ppp authentication chap pap
!

.......
When the customers  fail to authenticate we seen when we do : sh ppp queues

Proc #0   pid=118
        authens =40713 avg=100s.
        per-user=111215 avg=86 s.
        preauth =0    avg=0  s.
        authors =0    avg=0  s.
queue len=489 max len=2453
Vi319                CHAP_RRESPONSE  (0x63EDB6F8) id=116 148s. busy/0
Vi233                AAA_PER_USER    (0x64216934) LCP_DOWN 148s.
Vi379                AAA_PER_USER    (0x642169A0) LCP_DOWN 148s.
Vi4                  CHAP_RRESPONSE  (0x63B30458) id=51  148s.
Vi86                 AAA_PER_USER    (0x64406778) LCP_DOWN 146s.
Vi63                 AAA_PER_USER    (0x63E8C124) LCP_DOWN 146s.
Vi379                AAA_PER_USER    (0x63E8D8EC) LCP_DOWN 146s.
Vi101                AAA_PER_USER    (0x63DA56EC) LCP_DOWN 146s.
Vi294                CHAP_RRESPONSE  (0x63DA8D40) id=230 145s.
Vi86                 AAA_PER_USER    (0x63D739D0) LCP_DOWN 144s.
Vi274                CHAP_RRESPONSE  (0x641B7DD4) id=24  144s.
Vi63                 AAA_PER_USER    (0x638DC5DC) LCP_DOWN 144s.
Vi101                AAA_PER_USER    (0x638DC648) LCP_DOWN 144s.
Vi4                  AAA_PER_USER    (0x6419AA4C) LCP_DOWN 144s.
Vi55                 AAA_PER_USER    (0x63FBD4F4) LCP_DOWN 144s.
Vi415                CHAP_RRESPONSE  (0x63AB4664) id=48  143s.
Vi410                AAA_PER_USER    (0x63AB46D0) LCP_DOWN 143s.
Vi173                AAA_PER_USER    (0x63C3E2AC) LCP_DOWN 143s.
Vi295                CHAP_RRESPONSE  (0x63A42708) id=71  143s.
Vi249                CHAP_RRESPONSE  (0x63DEDD40) id=51  142s.
Vi4                  AAA_PER_USER    (0x63F6F4C0) LCP_DOWN 142s.
Vi378                CHAP_RRESPONSE  (0x63E167C0) id=14  142s.
Vi294                AAA_PER_USER    (0x63DA7F8C) LCP_DOWN 142s.
Vi55                 AAA_PER_USER    (0x63F62C98) LCP_DOWN 142s.
Vi413                CHAP_RRESPONSE  (0x639DF9C0) id=118 141s.
Vi410                AAA_PER_USER    (0x6394A0B8) LCP_DOWN 141s.
Vi216                CHAP_RRESPONSE  (0x63BFC9FC) id=31  141s.
Vi173                AAA_PER_USER    (0x640857D8) LCP_DOWN 141s.
...........etc.

We think that the problem is not the communication between the Router and the Radius server...it in
the Router itself....

Anybody can help......Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-nas/attachments/20060203/fbaf88b1/attachment.html

More information about the cisco-nas mailing list