[nsp] CISCO 3600 + RADIUS

Rafa Marín López rafa at dif.um.es
Fri Mar 21 16:21:26 EST 2003 

Hello Chris

Chris Parker escribió:

> At 02:56 PM 3/21/2003 +0100, Rafa Marín López wrote:
>
>> Hello all.
>>
>> Has someone configured a CISCO 3600 in order to send router 
>> advertisement through a virtual-access cloned from virtual-template 
>> through a RADIUS server?
>>
>> You will see , my radius server is freeradius and I have an user as 
>> it is following written :
>>
>> rafa  Auth-Type := Local, User-Password == "wilma"
>>       Service-Type = Framed-User,
>>       Framed-Protocol = PPP,
>>       Framed-MTU = 1480,
>>       cisco-avpair = "ipv6:prefix=3ffe:ffff:1::/64 onlink autoconfig",
>>       cisco-avpair = "ipv6:route#1=3ffe:ffff:1::/64"
>
>
> You should make sure that you are getting both VS attributes back from
> the FreeRADIUS server. 

The respose obtained in CISCO router is :
authenticator A7 C7 C5 05 CC C7 21 6A - 11 3A 1B D2 35 55 8F CE
22:52:48: RADIUS:  Framed-Protocol     [7]   6   
PPP                       [1]
22:52:48: RADIUS:  User-Name           [1]   13  "rafa at umu.es"
22:52:48: RADIUS:  CHAP-Password       [3]   19  *
22:52:48: RADIUS:  NAS-Port-Type       [61]  6   
Virtual                   [5]
22:52:48: RADIUS:  NAS-Port            [5]   6   0                        
22:52:48: RADIUS:  Service-Type        [6]   6   
Framed                    [2]
22:52:48: RADIUS:  NAS-IP-Address      [4]   6   155.54.95.1              
22:52:48: RADIUS: Received from id 21645/25 155.54.95.11:1812, 
Access-Accept, len 100
22:52:48: RADIUS:  authenticator DD BA 41 F2 6C B3 E9 BB - A8 1E FD F9 
15 80 72 AF
22:52:48: RADIUS:  Service-Type        [6]   6   
Framed                    [2]
22:52:48: RADIUS:  Framed-Protocol     [7]   6   
PPP                       [1]
22:52:48: RADIUS:  Framed-MTU          [12]  6   1480                     
22:52:48: RADIUS:  Vendor, Cisco       [26]  62 
22:52:48: RADIUS:   Cisco AVpair       [1]   56  
"ipv6:prefix#3+=2001:800:40:2C61::/64 onlink autoconfig"
22:52:48: RADIUS(0000001B): Received from id 21645/25
22:52:49: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to up
22:52:50: %LINEPROTO-5-UPDOWN: Line protocol on Interface 
Virtual-Access3, changed state to up

However , it does not send the prefix in router advertisement... :(





>
>
> For multiple attributes to be sent you should used the '+=' operator
> instead of the '=' operator for your cisco-avpair reply-items.
>
> As for the cisco side, not sure what else to suggest.
>
> -Chris
>
> -- 
>    \\\|||///  \          StarNet Inc.      \         Chris Parker
>    \ ~   ~ /   \       WX *is* Wireless!    \   Director, Engineering
>    | @   @ |    \   http://www.starnetwx.net \      (847) 963-0116
> oOo---(_)---oOo--\------------------------------------------------------
>                   \ Wholesale Internet Services - http://www.megapop.net
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>

-- 
------------------------------------------------------
Rafael Marin Lopez
Faculty of Computer Science-University of Murcia
30071 Murcia - Spain
Telf: +34968364644	e-mail: rafa at dif.um.es
------------------------------------------------------

More information about the cisco-nsp mailing list