[cisco-voip] aaa problem

Ýsmail CAN ismailcan_net at yahoo.com
Tue Jul 6 10:28:31 EDT 2004 

Hello,
 
I have a problem with my as5350 gateway. I work gateway-to-gateway. I dont`use gatekeeper. I try to terminate calls. My scenario is:
 
 
GW1------>myGW---controller e1------------>GSM Channel Bank
                   |
                   |
               freeradius
 
If a call comes from GW1 to myGW, first I want to authenticate and authorize call based on the ip address of GW1 via freeradius. Then account. I can only send accounting request to radius. I can not send authenticating and authorizing request to radius. Can you help me?
My config is:  
Current configuration : 10036 bytes
!
! Last configuration change at 13:17:29 GMT Sat Jan 1 2000 by shrntrsn
!
version 12.2
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router
!
no boot startup-test
aaa new-model
!
!
aaa authentication login default group radius
aaa authentication login h323 group radius
aaa authentication ppp default group radius
aaa authentication ppp h323 group radius
aaa authorization exec h323 group radius if-authenticated
aaa authorization network default group radius if-authenticated
aaa accounting update newinfo
aaa accounting network h323 start-stop group radius
aaa accounting connection h323 start-stop group radius
aaa accounting resource h323 start-stop group radius
aaa session-id common
!
!
resource-pool disable
clock timezone GMT 0
clock calendar-valid
spe country turkey
!
!
!
!
!
ip subnet-zero
ip cef
!
class-map match-all deneme
  match none
!
!
policy-map deneme
!
voice call send-alert
voice rtp send-recv
!
voice service pots
!
voice class codec 312
 codec preference 1 g729r8
!
voice class codec 99
 codec preference 1 g729r8
 codec preference 2 g723r63
!
voice class codec 80
 codec preference 1 g729r8
!
!
!
voice class h323 1
  call start fast
!
voice class h323 99
  call start fast
!
voice class h323 80
 h225 timeout tcp establish 10
  call start fast
!
!
!
!
!
fax interface-type fax-mail
mta receive maximum-recipients 0
!
controller E1 3/0
 shutdown
!
controller E1 3/1
 shutdown
!
controller E1 3/2
 ds0-group 1 timeslots 1-15 type r2-digital
 ds0-group 2 timeslots 17-31 type r2-digital
 ds0 busyout 28-31 hard
!
controller E1 3/3
 shutdown
!
gw-accounting h323
gw-accounting h323 vsa
gw-accounting voip
!
!
interface FastEthernet0/0
  ip address x.x.x.x y.y.y.y
 ip access-group h323 in
 duplex auto
 speed auto
 no cdp enable
 h323-gateway voip bind srcaddr x.x.x.x
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
  speed auto
!
interface Serial0/0
shutdown 
no ip address
 no ip mroute-cache
 clockrate 2000000
!
interface Serial0/1
 no ip address
 shutdown
 clockrate 2000000
!
interface Async1/00
 no ip address
!
interface Async1/01
 no ip address
!
interface Async1/02
 no ip address
ip classless
ip route 0.0.0.0 0.0.0.0 y.y.y.y
no ip http server
snmp-server community aaaaa RO
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps calltracker
snmp-server enable traps tty
snmp-server enable traps modem-health
snmp-server enable traps ds0-busyout
snmp-server enable traps ds1-loopback
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
snmp-server enable traps isdn chan-not-avail
snmp-server enable traps fru-ctrl
snmp-server enable traps hsrp
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps envmon
snmp-server enable traps aaa_server
snmp-server enable traps bgp
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-messa
ge
snmp-server enable traps ipmulticast
snmp-server enable traps msdp
snmp-server enable traps rsvp
snmp-server enable traps frame-relay
snmp-server enable traps rtr
snmp-server enable traps syslog
snmp-server enable traps dlsw
snmp-server enable traps dial
snmp-server enable traps dsp card-status
snmp-server enable traps voice poor-qov
snmp-server enable traps dnis
snmp-server enable traps xgcp
snmp ifmib ifalias long
!
!
radius-server host qqqq auth-port 1812 acct-port 1813
radius-server retransmit 3
radius-server attribute 8 include-in-access-req
radius-server key 222222222
radius-server vsa send accounting
radius-server vsa send authentication
call rsvp-sync
!
voice-port 3/2:1
 input gain 6
 echo-cancel coverage 16
 compand-type a-law
 cptone TR
 timeouts interdigit 2
 timeouts ringing infinity
 bearer-cap Speech
!
voice-port 3/2:2
 input gain 6
 echo-cancel coverage 16
 compand-type a-law
 cptone TR
 timeouts interdigit 2
 timeouts ringing infinity
 bearer-cap Speech
!
voice-class aaa 1
authentication method h323
authorization method h323
accounting method h323
mgcp profile default
!
dial-peer cor custom
!
!
!
dial-peer voice 99 voip
 incoming called-number ssss
 voice-class codec 99
 voice-class h323 99
 dtmf-relay h245-signal h245-alphanumeric
!
dial-peer voice 1 pots
 max-conn 20
 destination-pattern T
 port 3/2:1
 forward-digits 11
 prefix ,
voice class aaa 1
!
dial-peer voice 2 pots
 max-conn 20
 destination-pattern 
 forward-digit 11 
port 3/2:2
 prefix ,


		
---------------------------------
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20040706/60fc9cd6/attachment.html

More information about the cisco-voip mailing list