[nsp] AS53xx Problem
Jan Czmok
czmok at gatel.net
Fri Jan 3 17:22:52 EST 2003
I have a slight problem.
We are running 2 AS5300 servers, one productive, one "testing".
Both are using the SAME CiscoSecure tacacs auth.
Productive AS5300 has: System image file is "flash:c5300-is-mz.112-17.P"
testing AS5300 has: System image file is "flash:c5300-jk2s-mz.120-7.T2.bin"
basically the same configuration, BUT:
while dialin in on productive, ppp multilink works
while dialin on the new system, ppp multilink does NOT work.
in the debug i see:
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR/LCP (529578110): Port='Serial0:0' list='' service=NET
Jan 3 17:17:47 CET: AAA/AUTHOR/LCP: Se0:0 (529578110) user='gat-uk-lan'
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR/LCP (529578110): send AV service=ppp
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR/LCP (529578110): send AV protocol=lcp
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR/LCP (529578110): found list "default"
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR/LCP (529578110): Method=tacacs+ (tacacs+)
Jan 3 17:17:47 CET: AAA/AUTHOR/TAC+: (529578110): user=gat-uk-lan
Jan 3 17:17:47 CET: AAA/AUTHOR/TAC+: (529578110): send AV service=ppp
Jan 3 17:17:47 CET: AAA/AUTHOR/TAC+: (529578110): send AV protocol=lcp
Jan 3 17:17:47 CET: TAC+: (529578110): received author response status = PASS_ADD
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR (529578110): Post authorization status = PASS_ADD
Jan 3 17:17:47 CET: Se0:0 PAP: O AUTH-ACK id 155 len 5
Jan 3 17:17:47 CET: Se0:0 MLP: Multilink up event pending
Jan 3 17:17:47 CET: Se0:0 PPP: Phase is VIRTUALIZED
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR/MLP (3004975741): Port='Serial0:0' list='' service=NET
Jan 3 17:17:47 CET: AAA/AUTHOR/MLP: Se0:0 (3004975741) user='gat-uk-lan'
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR/MLP (3004975741): send AV service=ppp
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR/MLP (3004975741): send AV protocol=multilink
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR/MLP (3004975741): found list "default"
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR/MLP (3004975741): Method=tacacs+ (tacacs+)
Jan 3 17:17:47 CET: AAA/AUTHOR/TAC+: (3004975741): user=gat-uk-lan
Jan 3 17:17:47 CET: AAA/AUTHOR/TAC+: (3004975741): send AV service=ppp
Jan 3 17:17:47 CET: AAA/AUTHOR/TAC+: (3004975741): send AV protocol=multilink
Jan 3 17:17:47 CET: Se0:0 CDPCP: Packet buffered while building MLP bundle interface
Jan 3 17:17:47 CET: Se0:0 IPCP: Packet buffered while building MLP bundle interface
Jan 3 17:17:47 CET: TAC+: (3004975741): received author response status = FAIL
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR (3004975741): Post authorization status = FAIL
Jan 3 17:17:47 CET: Se0:0 MLP: Bundle failed authorization
Jan 3 17:17:47 CET: Se0:0 MLP: 692998960, multilink not up
Jan 3 17:17:47 CET: Se0:0 PPP: Pending ncpQ size is 2
Jan 3 17:17:47 CET: Se0:0 CDPCP: Interface down, free pending packet
Jan 3 17:17:47 CET: Se0:0 IPCP: Interface down, free pending packet
Jan 3 17:17:47 CET: Se0:0 PPP: Phase is TERMINATING
Jan 3 17:17:47 CET: Se0:0 LCP: O TERMREQ [Open] id 132 len 4
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR/PER-USER: Event LCP_DOWN
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR: LCP_DOWN
Jan 3 17:17:47 CET: Se0:0 LCP: I TERMACK [TERMsent] id 132 len 4
Jan 3 17:17:47 CET: Se0:0 AAA/AUTHOR/FSM: (0): LCP succeeds trivially
Jan 3 17:17:47 CET: Se0:0 LCP: State is Closed
Jan 3 17:17:47 CET: Se0:0 PPP: Phase is DOWN
Jan 3 17:17:47 CET: Se0:0 PPP: Phase is ESTABLISHING, Passive Open
Jan 3 17:17:47 CET: Se0:0 LCP: State is Listen
see the : "MLP: Bundle failed authorization"
searching through cisco does not help :-( if somebody would be helpful
...
--jan
i can provide config for checking ...
--
Jan Ahrent Czmok - Senior Network Engineer - Access Networks
Global Access Telecommunications, Inc. - Stephanstr. 3 - 60313 Frankfurt
voice: +49 69 299896-35 - fax: +49 69 299896-66 - email: czmok@gatel.de
More information about the cisco-nsp
mailing list