[c-nsp] PPPoE and FreeRadius - yet again

William Jackson wjackson at sapphire.gi
Wed Oct 18 10:49:08 EDT 2006 

Hi I'm stuck and need some guidance:

 

I have the following setup:

 

A router acting as a PPPoE server and authentication against a
freeradius box.

I have trolled the web and lists and this is where I am at now:

 

Router config:

*****************************************************************

aaa authentication ppp default group radius local

aaa authorization network default group radius none 

aaa accounting network default start-stop group radius

!

aaa nas port extended

aaa session-id common

!

ip host-routing

!         

vpdn enable

vpdn logging

!

!

bba-group pppoe global

 virtual-template 1

 sessions per-mac limit 2

!

!

interface Loopback0

 ip address 85.xxx.xxx.6 255.255.255.255

 

interface FastEthernet0

 description PPPoE Interface

 no ip address

 no ip unreachables

 duplex auto

 speed auto

 pppoe enable

!

interface FastEthernet1

 description normal connection

 ip address 85.xxx.xxx.75 255.255.255.192

 duplex auto

 speed auto

!

 

 

interface Virtual-Template1 

 mtu 1492

 no ip address

 ppp authentication pap

!         

ip radius source-interface Loopback0 

!

!

!

radius-server attribute nas-port format d

radius-server host 85.115.130.27 auth-port 1812 acct-port 1813 key 7
072C285F4D06

radius-server vsa send authentication

 

*****************************************************************

 

Freeradius user section:

 

pppoe   Auth-Type := Local, User-Password == "xxx", Huntgroup-Name ==
"pppoe"

        Service-Type = Framed-User,

        Framed-Protocol = PPP,

        Framed-IP-Address = 85.xxx.xxx.12,

        Framed-IP-Netmask = 255.255.255.255,

        Framed-Routing = Broadcast-Listen,

        Framed-Compression = Van-Jacobson-TCP-IP

 

*****************************************************************

 

Freeradius returned reply packet:

 

Packet-Type = Access-Accept

Wed Oct 18 16:26:26 2006

        Service-Type = Framed-User

        Framed-Protocol = PPP

        Framed-IP-Address = 85.xxx.xxx.12

        Framed-IP-Netmask = 255.255.255.255

        Framed-Routing = Broadcast-Listen

        Framed-Compression = Van-Jacobson-TCP-IP

 

*****************************************************************

 

Router debug output:

 

*Oct 18 14:36:49.918: PPPoE 0: I PADI  R:0001.4a07.3cd7 L:ffff.ffff.ffff
Fa0

*Oct 18 14:36:49.918:  Service tag: NULL Tag

*Oct 18 14:36:49.918: PPPoE 0: O PADO, R:0016.c789.fe42 L:0001.4a07.3cd7
Fa0

*Oct 18 14:36:49.918:  Service tag: NULL Tag

*Oct 18 14:36:49.918: PPPoE 0: I PADR  R:0001.4a07.3cd7 L:0016.c789.fe42
Fa0

*Oct 18 14:36:49.918:  Service tag: NULL Tag

*Oct 18 14:36:49.918: PPPoE : encap string prepared

*Oct 18 14:36:49.918: [74]PPPoE 74: Access IE handle allocated

*Oct 18 14:36:49.918: [74]PPPoE 74: pppoe SSS switch updated

*Oct 18 14:36:49.918: [74]PPPoE 74: AAA get retrieved attrs

*Oct 18 14:36:49.918: [74]PPPoE 74: AAA get nas port details

*Oct 18 14:36:49.922: [74]PPPoE 74: AAA get dynamic attrs

*Oct 18 14:36:49.922: [74]PPPoE 74: AAA get dynamic attrs

*Oct 18 14:36:49.922: [74]PPPoE 74: AAA unique ID allocated

*Oct 18 14:36:49.922: [74]PPPoE 74: AAA method list  set

*Oct 18 14:36:49.922: [74]PPPoE 74: Service request sent to SSS

*Oct 18 14:36:49.922: [74]PPPoE 74: Created, Service: None
R:0016.c789.fe42 L:0001.4a07.3cd7 Fa0

*Oct 18 14:36:49.922: [74]PPPoE 74: State NAS_PORT_POLICY_INQUIRY
Event MORE_KEYS

*Oct 18 14:36:49.922: [74]PPPoE 74: O PADS  R:0001.4a07.3cd7
L:0016.c789.fe42 Fa0

*Oct 18 14:36:49.922: [74]PPPoE 74: State PPP_START    Event DYN_BIND

*Oct 18 14:36:49.922: [74]PPPoE 74: data path set to PPP

*Oct 18 14:36:50.038: [74]PPPoE 74: State LCP_NEGOTIATION    Event
PPP_LOCAL

*Oct 18 14:36:50.038: PPPoE 74: Can not use sub-interface

*Oct 18 14:36:50.042: [74]PPPoE 74: State VACCESS_REQUESTED    Event
VA_RESP

*Oct 18 14:36:50.042: [74]PPPoE 74: Vi3 interface obtained

*Oct 18 14:36:50.042: [74]PPPoE 74: State PTA_BINDING    Event STAT_BIND

*Oct 18 14:36:50.042: [74]PPPoE 74: data path set to Virtual Acess

*Oct 18 14:36:50.042: [74]PPPoE 74: Connected PTA

*Oct 18 14:36:50.046: %LINK-3-UPDOWN: Interface Virtual-Access3, changed
state to up

*Oct 18 14:36:50.046: [74]PPPoE 74: AAA get dynamic attrs

*Oct 18 14:36:50.046: [74]PPPoE 74: AAA get dynamic attrs

*Oct 18 14:36:50.046: [74]PPPoE 74: AAA get dynamic attrs

*Oct 18 14:36:50.046: [74]PPPoE 74: AAA get dynamic attrs

*Oct 18 14:36:50.046: [74]PPPoE 74: AAA get dynamic attrs

*Oct 18 14:36:50.046: [74]PPPoE 74: AAA get dynamic attrs

*Oct 18 14:36:50.058: [74]PPPoE 74: State LOCALLY_TERMINATED    Event
PPP_DISCNCT

*Oct 18 14:36:50.058: [74]PPPoE 74: O PADT  R:0001.4a07.3cd7
L:0016.c789.fe42 Fa0

*Oct 18 14:36:50.058: [74]PPPoE 74: Destroying  R:0001.4a07.3cd7
L:0016.c789.fe42 Fa0

*Oct 18 14:36:50.058: PPPoE: Returning Vaccess Virtual-Access3

*Oct 18 14:36:50.058: [74]PPPoE 74: AAA account stopped

*Oct 18 14:36:50.058: PPPoE 74: I PADT  R:0001.4a07.3cd7
L:0016.c789.fe42 Fa0

*Oct 18 14:36:50.062: %LINK-3-UPDOWN: Interface Virtual-Access3, changed
state to down

 

 

*****************************************************************

 

It seems that the router isn't receiving the attributes?

 

I cannot seem to find a single decent guide on this, any ideas on where
to look next?

 

!

More information about the cisco-nsp mailing list