[nsp] VPDN

Srdjan Simic srdjan at sezampro.yu
Thu Jul 24 18:42:12 EDT 2003


   Hello everybody,

   We are trying to deply a LAC/LNS system where LAC is CVX and LNS are
Cisco 3640 with 12.2(8)T. When we turn on ppp multilink option in
virtual-template some users get authenticated without authorisation. AAA
does NOT send RADIUS start and STOP record and user gets free connection.

   We determined that this is hapeinng when an user turns on multilink optin
in win2k and Cisco command aaa accounting delay-start is on. All other users
(non multilink) are ok. And what is more funny, this is not happeing all the
time (in 25% cases).


aaa authentication login default local
aaa authentication ppp default group radius local
aaa authorization network default group radius local none
aaa accounting delay-start
aaa accounting network default start-stop group radius
aaa session-id unique

interface Virtual-Template1
 mtu 1448
 ip unnumbered Ethernet0/0
 no ip redirects
 no ip proxy-arp
 no logging event link-status
 no keepalive
 peer default ip address pool SMIN
 ppp authentication pap
 ppp chap refuse
 hold-queue 100 out

   Regards Srdjan Simic
   CTO
   SezamPro On-Line
   http://www.sezampro.yu
   Tel&Fax: +381 11 3227-231





More information about the cisco-nsp mailing list