[c-nsp] 7200 PPPoE disconnecting users
Matt Addison
maddison at iquest.net
Mon Aug 22 19:38:47 EDT 2005
Found a way in the CLI as well after poking around a bit more:
clear interface virtual-access <vi>
Where <vi> is the virt interface number. Verified that it does send
radius Accounting-Stop commands so that works perfect for us right now.
I'll keep the RADIUS packet o' death in mind in the future though for
automated/script based disconnects.
Thanks to everyone that replied on and off list.
~Matt
-----Original Message-----
From: Ryan O'Connell [mailto:ryan at complicity.co.uk]
Sent: Monday, August 22, 2005 6:32 PM
To: Matt Addison
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] 7200 PPPoE disconnecting users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 23/08/2005 00:24, Matt Addison wrote:
| Anyone know a way to disconnect PPPoE users from a 7200 configured to
| terminate PPPoE sessions? Preferably over the console although known
| methods using RADIUS/SNMP would also be welcomed. Not finding anything
| about doing this on Google so far...
|
| Note, this is not for automatic session/idle disconnects, looking for
| a way the provider can initiate a disconnect of a user.
|
| Using "IOS (tm) 7200 Software (C7200-IK9S-M), Version 12.2(31),
| RELEASE SOFTWARE (fc2)"
RADIUS "packet of death" should do this. (It's called "packet of
disconnect" in the official documentation, but I found earlier
references to "packet of death" and I think once it was officially
released rather than a hidden command it was renamed to something
acceptable.)
In the router global config, you need something like:
aaa pod server auth-type any server-key ThisIsMyKey
And from a handy server, you can then do:
echo "User-Name=<blah> | radclient <router-ip>:1700 disconnect
ThisIsMyKey
I'm using radclient from freeradius 1.0.4, I don't think there are
(m)any other RADIUS server packages that come with an appropriate RADIUS
client that can send disconnect packets although IIRC radiator might.
- --
~ Ryan O'Connell - CCIE #8174
<ryan at complicity.co.uk> - http://www.complicity.co.uk
I'm not losing my mind, no I'm not changing my lines, I'm just learning
new things with the passage of time -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDCmBtoaLhvISWLh0RAu3lAJ92TKZX+r/8Jv/BEV6Qx912dcnW2QCfcOc/
d0wpRtw197fKSkGKC2HEQug=
=6XDp
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list