[nsp] AS53xx Problem

Jan Czmok czmok at gatel.net
Fri Jan 3 17:22:52 EST 2003


I have a slight problem.

We are running 2 AS5300 servers, one productive, one "testing". 
Both are using the SAME CiscoSecure tacacs auth.

Productive AS5300 has: System image file is "flash:c5300-is-mz.112-17.P"
testing AS5300 has: System image file is "flash:c5300-jk2s-mz.120-7.T2.bin"

basically the same configuration, BUT:

while dialin in on productive, ppp multilink works
while dialin on the new system, ppp multilink does NOT work.

in the debug i see:

Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR/LCP (529578110): Port='Serial0:0' list='' service=NET
Jan  3 17:17:47 CET: AAA/AUTHOR/LCP: Se0:0 (529578110) user='gat-uk-lan'
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR/LCP (529578110): send AV service=ppp
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR/LCP (529578110): send AV protocol=lcp
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR/LCP (529578110): found list "default"
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR/LCP (529578110): Method=tacacs+ (tacacs+)
Jan  3 17:17:47 CET: AAA/AUTHOR/TAC+: (529578110): user=gat-uk-lan
Jan  3 17:17:47 CET: AAA/AUTHOR/TAC+: (529578110): send AV service=ppp
Jan  3 17:17:47 CET: AAA/AUTHOR/TAC+: (529578110): send AV protocol=lcp
Jan  3 17:17:47 CET: TAC+: (529578110): received author response status = PASS_ADD
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR (529578110): Post authorization status = PASS_ADD
Jan  3 17:17:47 CET: Se0:0 PAP: O AUTH-ACK id 155 len 5
Jan  3 17:17:47 CET: Se0:0 MLP: Multilink up event pending
Jan  3 17:17:47 CET: Se0:0 PPP: Phase is VIRTUALIZED
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR/MLP (3004975741): Port='Serial0:0' list='' service=NET
Jan  3 17:17:47 CET: AAA/AUTHOR/MLP: Se0:0 (3004975741) user='gat-uk-lan'
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR/MLP (3004975741): send AV service=ppp
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR/MLP (3004975741): send AV protocol=multilink
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR/MLP (3004975741): found list "default"
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR/MLP (3004975741): Method=tacacs+ (tacacs+)
Jan  3 17:17:47 CET: AAA/AUTHOR/TAC+: (3004975741): user=gat-uk-lan
Jan  3 17:17:47 CET: AAA/AUTHOR/TAC+: (3004975741): send AV service=ppp
Jan  3 17:17:47 CET: AAA/AUTHOR/TAC+: (3004975741): send AV protocol=multilink
Jan  3 17:17:47 CET: Se0:0 CDPCP: Packet buffered while building MLP bundle interface
Jan  3 17:17:47 CET: Se0:0 IPCP: Packet buffered while building MLP bundle interface
Jan  3 17:17:47 CET: TAC+: (3004975741): received author response status = FAIL
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR (3004975741): Post authorization status = FAIL
Jan  3 17:17:47 CET: Se0:0 MLP: Bundle failed authorization
Jan  3 17:17:47 CET: Se0:0 MLP: 692998960, multilink not up
Jan  3 17:17:47 CET: Se0:0 PPP: Pending ncpQ size is 2
Jan  3 17:17:47 CET: Se0:0 CDPCP: Interface down, free pending packet
Jan  3 17:17:47 CET: Se0:0 IPCP: Interface down, free pending packet
Jan  3 17:17:47 CET: Se0:0 PPP: Phase is TERMINATING
Jan  3 17:17:47 CET: Se0:0 LCP: O TERMREQ [Open] id 132 len 4
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR/PER-USER: Event LCP_DOWN
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR: LCP_DOWN
Jan  3 17:17:47 CET: Se0:0 LCP: I TERMACK [TERMsent] id 132 len 4
Jan  3 17:17:47 CET: Se0:0 AAA/AUTHOR/FSM: (0): LCP succeeds trivially
Jan  3 17:17:47 CET: Se0:0 LCP: State is Closed
Jan  3 17:17:47 CET: Se0:0 PPP: Phase is DOWN
Jan  3 17:17:47 CET: Se0:0 PPP: Phase is ESTABLISHING, Passive Open
Jan  3 17:17:47 CET: Se0:0 LCP: State is Listen


see the : "MLP: Bundle failed authorization"


searching through cisco does not help :-( if somebody would be helpful
...

--jan

i can provide config for checking ...



-- 
     Jan Ahrent Czmok - Senior Network Engineer - Access Networks
Global Access Telecommunications, Inc. - Stephanstr. 3 - 60313 Frankfurt
voice: +49 69 299896-35 - fax: +49 69 299896-66 - email: czmok@gatel.de


More information about the cisco-nsp mailing list