[cisco-nas] WG: LNS - vpdn dialout question with cisco ACS

Steger, Christian christian.steger at upc.at
Thu Oct 22 06:50:27 EDT 2009


hi again,

still not resolved that problem.. any suggestions?

many thanks!

chris

* -----Ursprüngliche Nachricht-----
* Von: cisco-nas-bounces at puck.nether.net [mailto:cisco-nas-
* bounces at puck.nether.net] Im Auftrag von Steger, Christian
* Gesendet: Montag, 19. Oktober 2009 10:44
* An: cisco-nas at puck.nether.net
* Betreff: [cisco-nas] LNS - vpdn dialout question with cisco ACS
* 
* 
* hello there,
* 
* i am trying to setup an szenaria where my LNS should created
* dynamically an l2tp tunnel
* while requesting the tunnel parameters from the ACS for an specific
* group of users. (Service-Type Outbound!)
* 
* the IOS will be used is "c7200p-advipservicesk9-mz.124-4.XD10.bin"
* 
* as you can see below i have setup the required tunnel parameters:
* (received while doing an "debug aaa author")
* 
* Oct 19 06:41:05.848 MET-DST: ppp1599 AAA/AUTHOR/LCP: Authorization
* succeeds trivially
* Oct 19 06:41:06.872 MET-DST: ppp1599 PPP/AAA: Check Attr: service-type
* Oct 19 06:41:06.872 MET-DST: ppp1599 PPP/AAA: Check Attr: tunnel-type
* Oct 19 06:41:06.872 MET-DST: ppp1599 PPP/AAA: Check Attr: tunnel-
* medium-type
* Oct 19 06:41:06.872 MET-DST: ppp1599 PPP/AAA: Check Attr: tunnel-
* server-endpoint
* Oct 19 06:41:06.872 MET-DST: ppp1599 PPP/AAA: Check Attr: tunnel-
* password
* Oct 19 06:41:06.872 MET-DST: ppp1599 PPP/AAA: Check Attr: vpdn-group
* Oct 19 06:41:06.872 MET-DST: ppp1599 PPP/AAA: Check Attr: addr
* Oct 19 06:41:06.876 MET-DST: AAA/BIND(001E59C9): Bind i/f Virtual-
* Access3.634
* Oct 19 06:41:06.876 MET-DST: Vi3.634 AAA/AUTHOR/LCP: Process Author
* Oct 19 06:41:06.876 MET-DST: Vi3.634 AAA/AUTHOR/LCP: Process Attr:
* service-type
* Oct 19 06:41:06.876 MET-DST: Vi3.634 AAA/AUTHOR/LCP: Unsupported
* Service-Type: 5. No supported types found.
* 
* i actually did not find any reasons where the problem could be. - i
* guess the "unsupported service-type" means
* the "Outbound" call - what is the problem that he cannot setup an l2tp
* tunnel?
* 
* here is the output from the "debug radius auth":
* 
* Oct 19 06:46:58.504 MET-DST: RADIUS(001E5A06): Send Access-Request to
* xxx.xxx.xxx.42:1645 id 1645/19, len 149
* Oct 19 06:46:58.504 MET-DST: RADIUS:  authenticator ED ED 36 23 9F AD
* 5C 0B - D2 1B FB 6D 7F 03 5E DD
* Oct 19 06:46:58.504 MET-DST: RADIUS:  Framed-Protocol     [7]   6   PPP
* [1]
* Oct 19 06:46:58.504 MET-DST: RADIUS:  User-Name           [1]   23
* "xxx at xxx.net"
* Oct 19 06:46:58.504 MET-DST: RADIUS:  User-Password       [2]   18  *
* Oct 19 06:46:58.504 MET-DST: RADIUS:  NAS-Port            [5]   6   76
* Oct 19 06:46:58.504 MET-DST: RADIUS:  NAS-Port-Id         [87]  16
* "Uniq-Sess-ID76"
* Oct 19 06:46:58.504 MET-DST: RADIUS:  Calling-Station-Id  [31]  14
* "43xxxxxxxxxxx"
* Oct 19 06:46:58.504 MET-DST: RADIUS:  Called-Station-Id   [30]  19
* "i_am_the_nas"
* Oct 19 06:46:58.504 MET-DST: RADIUS:  Connect-Info        [77]  9
* "8640000"
* Oct 19 06:46:58.504 MET-DST: RADIUS:  NAS-Port-Type       [61]  6
* Virtual                   [5]
* Oct 19 06:46:58.504 MET-DST: RADIUS:  Service-Type        [6]   6
* Framed                    [2]
* Oct 19 06:46:58.504 MET-DST: RADIUS:  NAS-IP-Address      [4]   6
* xxx.xxx.48.202
* Oct 19 06:46:58.512 MET-DST: RADIUS: Received from id 1646/173
* xxx.xxx.xxx.42:1646, Accounting-response, len 20
* Oct 19 06:46:58.516 MET-DST: RADIUS: Received from id 1645/19
* xxx.xxx.xxx.42:1645, Access-Accept, len 123
* Oct 19 06:46:58.516 MET-DST: RADIUS:  authenticator 9F 8E 66 16 EE 4F
* E4 AD - BA B9 09 CF 67 4C 23 9D
* Oct 19 06:46:58.516 MET-DST: RADIUS:  Service-Type        [6]   6
* Outbound                  [5]
* Oct 19 06:46:58.516 MET-DST: RADIUS:  Tunnel-Type         [64]  6
* 01:L2TP                   [3]
* Oct 19 06:46:58.516 MET-DST: RADIUS:  Tunnel-Medium-Type  [65]  6
* 01:IPv4                   [1]
* Oct 19 06:46:58.516 MET-DST: RADIUS:  Tunnel-Server-Endpoi[67]  15
* 01:"xxx.xxx.48.140"
* Oct 19 06:46:58.516 MET-DST: RADIUS:  Tunnel-Password     [69]  21
* 01:*
* Oct 19 06:46:58.516 MET-DST: RADIUS:  Tunnel-Assignment-Id[82]  12
* 01:"LAC_xxxx"
* Oct 19 06:46:58.516 MET-DST: RADIUS:  Framed-IP-Address   [8]   6
* xxx.xxx.100.5
* Oct 19 06:46:58.516 MET-DST: RADIUS:  Class               [25]  31
* 
* thanks for any help. - of course an static setup would be work fine,
* but i´d like to prefer an dynamic setup.
* 
* thanks for any answers/suggestions
* 
* chris
This e-mail is confidential and may well also be legally privileged. If you have received it in error, you are on notice of its status. Please notify us immediately by reply e-mail and then delete this message from your system. Please do not copy it or use it for any purposes, or disclose its contents to any other person: to do so could be a breach of confidence. Thank you for your cooperation.
Information pursuant to paragraph 14 Austrian Companies Code: UPC Austria GmbH; Registered Office: Wolfganggasse 58-60, 1120 Vienna Company Register Number: FN 189858d at the Commercial Court of Vienna


More information about the cisco-nas mailing list