[rbak-nsp] PPPoE authentication

Golem golem at mtm-info.pl
Sat May 18 06:40:16 EDT 2013 

Hi

I have problem with authentication for pppoe subscribers. Current goal
is  clips  +  pppoe  on  single  vlan. Clips working but pppoe reports
problem while authenticating.
[local]Redback(config)#May 18 12:19:36: [2/1:511:63:31/6/2/2]: %AAA-3-ERR: aaa_idx 1000000a: Unable to find authenticating context for subscriber. Username: golem, Remote Agent Id: Unknown, Agent Circuit Id: Unknown, Circuit description: 2/1 vlan-id 55 pppoe 9

How  to  point  subscriber  authenticating on same radius server where
clips is already working ?

This is my config:

context routerek
 domain pvc55 advertise
 domain routerek30.pl
!
 no ip domain-lookup
!
 ip nat pool NAT_pool napt multibind
  address 178.214.2.193/32 port-block 1 to 15
!
 nat policy NAT_policy
! Default class
  pool NAT_pool routerek
  timeout tcp 18000
  endpoint-independent filtering udp
  icmp-notification
!
 interface ge1 multibind
  ip address 192.168.30.1/24
  dhcp server interface
!
 interface pppoe multibind
  ip address 192.168.31.1/24
  ip pool 192.168.31.0/24
!
 interface wan
  ip address 178.214.0.23/27
 no logging console
!
 aaa authentication administrator local
 aaa authentication administrator maximum sessions 1
 aaa authentication subscriber radius
!
 radius server 178.214.0.27 encrypted-key **********
!
 subscriber default
   nat policy-name NAT_policy
   dhcp max-addrs 1
!
 ip route 0.0.0.0/0 178.214.0.1
!
 dhcp server policy
   nak-on-subnet-deletion
   option subnet-mask 255.255.255.0
   option domain-name-server 178.214.0.16 178.214.0.14
   option domain-name routerek30.pl
   offer-lease-time 300
   default-lease-time 43200
   maximum-lease-time 43200
   subnet 192.168.30.0/24
     option subnet-mask 255.255.255.0
     option router 192.168.30.1
!
!
!

port ethernet 2/1
 no shutdown
 encapsulation dot1q
 dot1q pvc 55 encapsulation multi
  bind interface ge1 routerek
  service clips dhcp maximum 10 context routerek
  circuit protocol pppoe
   bind authentication chap maximum 100
!
port ethernet 2/10
 no shutdown
 bind interface wan routerek



  

-- 
Best regards,
 Ozga Rafal                          mailto:golem at mtm-info.pl

More information about the redback-nsp mailing list