[rbak-nsp] problem of authentification on last-resort interface
Alireza Soltanian
soltanian at gmail.com
Sat Apr 17 06:26:25 EDT 2010
Hi,
We solved this solution by defining a normal multiband and a lastresort
multiband interface and define another IP Pool, for the specific subscriber
the name of desired IP Pool is sent via RADIUS,
----------------------------------------------------------------------
Message: 1
Date: Fri, 16 Apr 2010 12:22:01 -0400
From: "Greg GOUDOU" <greg.goudou at gmail.com>
To: <redback-nsp at puck.nether.net>
Subject: [rbak-nsp] problem of authentification on last-resort
interface
Message-ID: <4bc88eab.0e67f10a.4504.ffffb071 at mx.google.com>
Content-Type: text/plain; charset="us-ascii"
Hi,
I meet a problem about a configuration. I cannot create in a same context,
2 multibind last-resort interfaces.
But, I already have a PPPoE client connected in this context (we will
called "context A"). Below, his configuration:
Context A vpn-rd XXXX:6
interface Loop_client1 loopback
ip address A.B.C.D/32 with A.B.C.D/32 is a public IP address
interface PPP-client1 multibind lastresort
ip unnumbered Loop_client1
the second client is configured as defined below :
Context A vpn-rd XXXX:6
interface Loop_client2 loopback
ip address A.B.F.G/32 with A.B.F.G/32 is a public IP address
interface PPP-client2 multibind
ip unnumbered Loop_client2
when we verify the state of the connection of the clients, we notice :
For client 1:
client1 at realm.xx
Agent Remote ID "client1"
Circuit 4/8 vlan-id 426 pppoe 21240
Internal Circuit 4/8:1023:63/6/2/44395
Interface bound PPP-client1
Current port-limit unlimited
context-name A (applied)
dns primary X.X.X.X (applied)
dns secondary Y.Y.Y.Y (applied)
ip address A.B.C.D (applied)
forward policy in FORWARD_FIRSTBOOT (applied)
For client2, I receive this state of connection:
client2 at realm.xx
Agent Remote ID "Client2"
Circuit 4/8 vlan-id 401 pppoe 16731
Internal Circuit 4/8:1023:63/6/2/34556
Interface bound PPP-client1
Current port-limit unlimited
context-name A (applied)
dns primary X.X.X.X (applied)
dns secondary Y.Y.Y.Y (applied)
ip address A.B.F.G (applied)
forward policy in FORWARD_FIRSTBOOT (applied)
Therefore, I would like these clients have each of them, a public IP address
and pass through their own interface bound.
If somebody have a solution, let me know.
Regards,
gOOdman
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://puck.nether.net/pipermail/redback-nsp/attachments/20100416/32cfaa95
/attachment-0001.html>
------------------------------
Message: 2
Date: Sat, 17 Apr 2010 04:21:14 -0400
From: Denis Mikhaylovskiy <denis.mikhaylovskiy at ericsson.com>
To: "'greg.goudou at gmail.com'" <greg.goudou at gmail.com>,
"'redback-nsp at puck.nether.net'" <redback-nsp at puck.nether.net>
Subject: Re: [rbak-nsp] problem of authentification on last-resort
interface
Message-ID:
<2B6B8CA0ACA1B243820A777B0DBA53255007D5F86E at EUSAACMS0703.eamcs.ericsson.se>
Content-Type: text/plain; charset="utf-8"
Hi,
It is not possible to have more than one last-resort interface by design in
context.
Actually SmartEdge doesn't pass clients through multibind interfaces at all
:).
As per 'show subs active' output I can conclude that both clients got fixed
ip assignment by raidus. And I do not understand what is the problem.
/denis
________________________________
From: redback-nsp-bounces at puck.nether.net
To: redback-nsp at puck.nether.net
Sent: Fri Apr 16 11:22:01 2010
Subject: [rbak-nsp] problem of authentification on last-resort interface
Hi,
I meet a problem about a configuration. I cannot create in a same context,
2 multibind last-resort interfaces.
But, I already have a PPPoE client connected in this context (we will
called ?context A?). Below, his configuration:
Context A vpn-rd XXXX:6
interface Loop_client1 loopback
ip address A.B.C.D/32 with A.B.C.D/32 is a public IP address
interface PPP-client1 multibind lastresort
ip unnumbered Loop_client1
the second client is configured as defined below :
Context A vpn-rd XXXX:6
interface Loop_client2 loopback
ip address A.B.F.G/32 with A.B.F.G/32 is a public IP address
interface PPP-client2 multibind
ip unnumbered Loop_client2
when we verify the state of the connection of the clients, we notice :
For client 1:
client1 at realm.xx<mailto:client1 at realm.xx>
Agent Remote ID "client1"
Circuit 4/8 vlan-id 426 pppoe 21240
Internal Circuit 4/8:1023:63/6/2/44395
Interface bound PPP-client1
Current port-limit unlimited
context-name A (applied)
dns primary X.X.X.X (applied)
dns secondary Y.Y.Y.Y (applied)
ip address A.B.C.D (applied)
forward policy in FORWARD_FIRSTBOOT (applied)
For client2, I receive this state of connection:
client2 at realm.xx<mailto:client2 at realm.xx>
Agent Remote ID "Client2"
Circuit 4/8 vlan-id 401 pppoe 16731
Internal Circuit 4/8:1023:63/6/2/34556
Interface bound PPP-client1
Current port-limit unlimited
context-name A (applied)
dns primary X.X.X.X (applied)
dns secondary Y.Y.Y.Y (applied)
ip address A.B.F.G (applied)
forward policy in FORWARD_FIRSTBOOT (applied)
Therefore, I would like these clients have each of them, a public IP address
and pass through their own interface bound.
If somebody have a solution, let me know.
Regards,
gOOdman
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://puck.nether.net/pipermail/redback-nsp/attachments/20100417/f06d6acd
/attachment.html>
------------------------------
_______________________________________________
redback-nsp mailing list
redback-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/redback-nsp
End of redback-nsp Digest, Vol 28, Issue 12
*******************************************
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4999 (20100404) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4999 (20100404) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4999 (20100404) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
More information about the redback-nsp
mailing list