[c-nsp] assigning Dialin IP adresses
Florian Prester
Florian.Prester at rrze.uni-erlangen.de
Thu Feb 10 04:15:16 EST 2005
Hi,
I am using an cisco 3725 as an Access-Server with IOS (tm) 3700 Software
(C3725-IPBASE-M), Version 12.3(10), RELEASE SOFTWARE (fc3).
I have two scenarios:
1.) The users dial in and the authentication/authorization is handeled
by a radius server. This Server is telling the accessserver which
ip-address the user should get. -> works fine!
2.) If the Radius is down or the network unreachable, one dedicated user
should be able to dialin at least to the accessserver, obtaining the ip
address from the access server. DOES NOT WORK!?!
Here is my config:
controller E1 1/0
pri-group timeslots 1-31
!
!
interface Loopback0
ip address 192.44.86.6 255.255.255.255
!
interface FastEthernet0/1
ip address 192.44.86.36 255.255.255.224
ip access-group 101 out
ip mask-reply
ip directed-broadcast 3
no ip proxy-arp
ip pim sparse-dense-mode
ip multicast ttl-threshold 16
no ip route-cache cef
no ip route-cache
ip cgmp
no ip mroute-cache
ip ospf cost 1
duplex auto
speed auto
!
interface Serial1/0:15
ip unnumbered Loopback0
ip pim sparse-mode
encapsulation ppp
dialer idle-timeout 6000
dialer-group 1
isdn switch-type primary-net5
isdn incoming-voice modem
isdn skip-async-callerid-check
## -----------> Does not this tell the router to obtain the ip address
from the named pool if not given otherwise (e.g. RADIUS)
peer default ip address pool setup-pool
no keepalive
no cdp enable
ppp authentication pap
ppp multilink
!
interface Virtual-Template1
ip unnumbered Loopback0
## -----------> Does not this tell the router to obtain the ip address
from the named pool if not given otherwise (e.g. RADIUS)
peer default ip address pool setup_pool
ppp authentication pap
!
interface Group-Async0
ip unnumbered Loopback0
encapsulation ppp
ip tcp header-compression
dialer in-band
dialer idle-timeout 6000
async mode interactive
## -----------> Does not this tell the router to obtain the ip address
from the named pool if not given otherwise (e.g. RADIUS)
peer default ip address pool setup_pool
ppp authentication pap
group-range 65 94
!
router ospf 1
log-adjacency-changes
redistribute connected subnets
redistribute static subnets
network 10.8.0.0 0.0.255.255 area 0.0.0.0
network 192.44.86.32 0.0.0.31 area 0.0.0.0
!
## ------> Isn´t this the pool the access server should take the ip
address from if the radius is not responding??
ip local pool setup-pool 172.16.21.1 172.16.21.30
The authentication and authorization is working fine, I am just not able
to convince the server to tell the dialin user which IP address he/she
should take, if not by RADIUS!
Thanks
florian
--
--------------------------------------------------------------
Dipl. Inf. Florian Prester
Network Administration
Regionales RechenZentrum Erlangen
Universitaet Erlangen-Nuernberg
Germany
Tel.: +499131 8527813
More information about the cisco-nsp
mailing list