help-gnu-radius
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Help-gnu-radius] Assign network informations

From: Frank Matthias
Subject: [Help-gnu-radius] Assign network informations
Date: Wed, 31 Oct 2001 11:08:07 +0000
User-agent: Mutt/1.2.5i 
Hi there,
we have some problems assigning network informations over the NAS to
the windows clients.

My users file looks like that:
foo    Auth-Type = Local,
        Password = "foo"
                Service-Type = Framed,
                Framed-Protocol = PPP,
                Cisco-AVPair="ip:addr-pool = access1",
                Cisco-AVPair="ip:dns-servers = 146.254.160.30",
            Cisco-AVPair="ip:wins-servers = 146.254.168.201"

As you can see on the user profile, we use a cisco as NAS. 
Is it's possible to assign those informations with gnu-radius? As I
can see in the packets on the network, it should be possible, but what's wrong.

My feeling tells me, there's only a little mistake. 
I also tried to change the protocol in the Cisco-AVPair's from ip to
ppp, but nothing happens.

Any hints are welcome.

Regards
Matthias


Here comes the cisco config and some debug informations

!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname NAS-Ralf-Test
!
aaa new-model
aaa authentication ppp ralf-ppp group radius
aaa authorization network ralf-ppp group radius
aaa accounting network ralf-ppp start-stop group radius
aaa nas port extended
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
ip address-pool local
isdn switch-type basic-net3
!
!
!
interface FastEthernet0/0
ip address 10.1.9.20 255.255.255.0
duplex auto
speed auto
no cdp enable
!
interface BRI0/0
ip unnumbered FastEthernet0/0
encapsulation ppp
no keepalive
dialer-group 1
isdn switch-type basic-net3
no peer default ip address
no cdp enable
ppp authentication pap ralf-ppp
ppp authorization ralf-ppp
ppp multilink
!
interface Dialer1
no ip address
no cdp enable
!
ip local pool access1 10.1.9.31 10.1.9.32
ip local pool access2 10.1.9.41 10.1.9.42
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.9.1
ip http server
ip pim bidir-enable
!
dialer-list 1 protocol ip permit
no cdp run
radius-server configure-nas
radius-server host 146.254.160.26 auth-port 1645 acct-port 1646 non-standard
radius-server retransmit 3
radius-server key xxxxx
radius-server vsa send accounting
radius-server vsa send authentication
!
line con 0
line aux 0
line vty 0 4
!
no scheduler allocate
! end 

NAS-Ralf-Test#sh debug
PPP:
  PPP protocol negotiation debugging is on
  PPP packet display debugging is on
Radius protocol debugging is on
NAS-Ralf-Test#
01:48:27930347428: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up
01:48:27917287397: BR0/0:1 PPP: Treating connection as a callin
01:48:27927896660: BR0/0:1 PPP: Phase is ESTABLISHING, Passive Open [0 sess, 0 l
oad]
01:48:27930347836: BR0/0:1 LCP: State is Listen
01:48:06: BR0/0:1 PPP: I pkt type 0xC021, datagramsize 45
01:48:06: BR0/0:1 LCP: I CONFREQ [Listen] id 0 len 41
01:48:06: BR0/0:1 LCP:    MagicNumber 0x55873513 (0x050655873513)
01:48:06: BR0/0:1 LCP:    PFC (0x0702)
01:48:06: BR0/0:1 LCP:    ACFC (0x0802)
01:48:06: BR0/0:1 LCP:    MRRU 1614 (0x1104064E)
01:48:06: BR0/0:1 LCP:    EndpointDisc 1 Local
01:48:06: BR0/0:1 LCP:     (0x131701296838860B43440380E55FEF6A)
01:48:06: BR0/0:1 LCP:     (0x86893D00000000)
01:48:06: BR0/0:1 LCP: O CONFREQ [Listen] id 16 len 34
01:48:06: BR0/0:1 LCP:    AuthProto PAP (0x0304C023)
01:48:06: BR0/0:1 LCP:    MagicNumber 0x01A5F25C (0x050601A5F25C)
01:48:06: BR0/0:1 LCP:    MRRU 1524 (0x110405F4)
01:48:06: BR0/0:1 LCP:    EndpointDisc 1 NAS-Ralf-Test (0x1310014E41532D52616C66
2D54657374)
01:48:06: BR0/0:1 LCP: O CONFACK [Listen] id 0 len 41
01:48:06: BR0/0:1 LCP:    MagicNumber 0x55873513 (0x050655873513)
01:48:06: BR0/0:1 LCP:    PFC (0x0702)
01:48:06: BR0/0:1 LCP:    ACFC (0x0802)
01:48:06: BR0/0:1 LCP:    MRRU 1614 (0x1104064E)
01:48:06: BR0/0:1 LCP:    EndpointDisc 1 Local
01:48:06: BR0/0:1 LCP:     (0x131701296838860B43440380E55FEF6A)
01:48:06: BR0/0:1 LCP:     (0x86893D00000000)
01:48:06: BR0/0:1 PPP: I pkt type 0xC021, datagramsize 38
01:48:06: BR0/0:1 LCP: I CONFACK [ACKsent] id 16 len 34
01:48:06: BR0/0:1 LCP:    AuthProto PAP (0x0304C023)
01:48:06: BR0/0:1 LCP:    MagicNumber 0x01A5F25C (0x050601A5F25C)
01:48:06: BR0/0:1 LCP:    MRRU 1524 (0x110405F4)
01:48:06: BR0/0:1 LCP:    EndpointDisc 1 NAS-Ralf-Test (0x1310014E41532D52616C66
2D54657374)
01:48:06: BR0/0:1 PPP: I pkt type 0xC023, datagramsize 18
01:48:06: BR0/0:1 LCP: State is Open
01:48:06: BR0/0:1 PPP: Phase is AUTHENTICATING, by this end [0 sess, 0 load]
01:48:06: BR0/0:1 PAP: I AUTH-REQ id 9 len 14 from "ralf"
01:48:06: BR0/0:1 PAP: Authenticating peer ralf
01:48:06: RADIUS: ustruct sharecount=2
01:48:06: Radius: radius_port_info() success=1 radius_nas_port=1
01:48:06: RADIUS: added cisco VSA 2 len 9 "BRI0/0:1*"
01:48:06: RADIUS: Initial Transmit BRI0/0:1* id 10 146.254.160.26:1645, Access-R
equest, len 123
01:48:06:         Attribute 4 6 0A010914
01:48:06:         Attribute 5 6 00007531
01:48:06:         Attribute 26 17 00000009020B4252
01:48:06:         Attribute 61 6 00000002
01:48:06:         Attribute 1 6 72616C66
01:48:06:         Attribute 30 8 38393732
01:48:06:         Attribute 31 12 39313331
01:48:06:         Attribute 2 18 D61F1236
01:48:06:         Attribute 6 6 00000002
01:48:06:         Attribute 7 6 00000001
01:48:06: RADIUS: Received from id 10 146.254.160.26:1645, Access-Accept, len 32

01:48:06:         Attribute 6 6 00000002
01:48:06:         Attribute 7 6 00000001
01:48:06: RADIUS: saved authorization data for user 80F95B98 at 80F95D78
01:48:06: BR0/0:1 PAP: O AUTH-ACK id 9 len 5
01:48:06: BR0/0:1 PPP: Phase is VIRTUALIZED [0 sess, 0 load]
01:48:06: Vi1 PPP: Phase is DOWN, Setup [0 sess, 0 load]
01:48:06: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
01:48:06: Vi1 PPP: Treating connection as a callin
01:48:06: Vi1 PPP: Phase is ESTABLISHING, Passive Open [0 sess, 0 load]
01:48:06: Vi1 LCP: State is Listen
01:48:06: Vi1 PPP: Phase is UP [0 sess, 0 load]
01:48:06: Vi1 IPCP: O CONFREQ [Closed] id 1 len 10
01:48:06: Vi1 IPCP:    Address 10.1.9.20 (0x03060A010914)
01:48:06: Vi1 MLP: Added first link BR0/0:1 to bundle ralf
01:48:06: BR0/0:1 PPP: I pkt type 0x80FD, datagramsize 14
01:48:06: Vi1 PPP: I pkt type 0x80FD, datagramsize 14
01:48:06: Vi1 PPP: I pkt type 0x80FD, datagramsize 14
01:48:06: Vi1 CCP: I CONFREQ [Not negotiated] id 1 len 10
01:48:06: Vi1 CCP:    MS-PPC supported bits 0x00000001 (0x120600000001)
01:48:06: Vi1 LCP: O PROTREJ [Open] id 1 len 16 protocol CCP (0x80FD0101000A1206
00000001)
01:48:06: BR0/0:1 PPP: I pkt type 0x8021, datagramsize 44
01:48:06: Vi1 PPP: I pkt type 0x8021, datagramsize 44
01:48:06: Vi1 PPP: I pkt type 0x8021, datagramsize 44
01:48:06: Vi1 IPCP: I CONFREQ [REQsent] id 2 len 40
01:48:06: BR0/0:1 PPP: I pkt type 0x8021, datagramsize 14
01:48:06: Vi1 PPP: I pkt type 0x8021, datagramsize 14
01:48:06: Vi1 PPP: I pkt type 0x8021, datagramsize 14
01:48:06: Vi1 IPCP:    CompressType VJ 15 slots CompressSlotID (0x0206002D0F01)
01:48:06: Vi1 IPCP:    Address 0.0.0.0 (0x030600000000)
01:48:06: Vi1 IPCP:    PrimaryDNS 0.0.0.0 (0x810600000000)
01:48:06: Vi1 IPCP:    PrimaryWINS 0.0.0.0 (0x820600000000)
01:48:06: Vi1 IPCP:    SecondaryDNS 0.0.0.0 (0x830600000000)
01:48:06: Vi1 IPCP:    SecondaryWINS 0.0.0.0 (0x840600000000)
01:48:06: Vi1 AAA/AUTHOR/IPCP: Start.  Her address 0.0.0.0, we want 0.0.0.0
01:48:06: Vi1 AAA/AUTHOR/IPCP: Done.  Her address 0.0.0.0, we want 0.0.0.0
01:48:06: Vi1 IPCP: No peer address configured
01:48:06: Vi1 IPCP: Neither side knows remote address
01:48:06: Vi1 IPCP: O CONFREJ [REQsent] id 2 len 40
01:48:06: Vi1 IPCP:    CompressType VJ 15 slots CompressSlotID (0x0206002D0F01)
01:48:06: Vi1 IPCP:    Address 0.0.0.0 (0x030600000000)
01:48:06: Vi1 IPCP:    PrimaryDNS 0.0.0.0 (0x810600000000)
01:48:06: Vi1 IPCP:    PrimaryWINS 0.0.0.0 (0x820600000000)
01:48:06: Vi1 IPCP:    SecondaryDNS 0.0.0.0 (0x830600000000)
01:48:06: Vi1 IPCP:    SecondaryWINS 0.0.0.0 (0x840600000000)
01:48:06: Vi1 IPCP: I CONFACK [REQsent] id 1 len 10
01:48:06: Vi1 IPCP:    Address 10.1.9.20 (0x03060A010914)
01:48:06: BR0/0:1 PPP: I pkt type 0x8021, datagramsize 14
01:48:06: Vi1 PPP: I pkt type 0x8021, datagramsize 14
01:48:06: Vi1 PPP: I pkt type 0x8021, datagramsize 14
01:48:06: Vi1 IPCP: I CONFREQ [ACKrcvd] id 3 len 10
01:48:06: Vi1 IPCP:    Address 0.0.0.0 (0x030600000000)
01:48:06: Vi1 AAA/AUTHOR/IPCP: Start.  Her address 0.0.0.0, we want 0.0.0.0
01:48:06: Vi1 AAA/AUTHOR/IPCP: Done.  Her address 0.0.0.0, we want 0.0.0.0
01:48:06: Vi1 IPCP: No peer address configured
01:48:06: Vi1 IPCP: Neither side knows remote address
01:48:06: Vi1 IPCP: Neither side knows remote address
01:48:06: Vi1 IPCP:    Address 0.0.0.0 (0x030600000000)
01:48:06: BR0/0:1 PPP: I pkt type 0x8021, datagramsize 20
01:48:06: Vi1 PPP: I pkt type 0x8021, datagramsize 20
01:48:06: Vi1 PPP: I pkt type 0x8021, datagramsize 20
01:48:06: Vi1 IPCP: I TERMREQ [ACKrcvd] id 4 len 16 (0x55873513003CCD74000002E2)

01:48:06: Vi1 IPCP: O TERMACK [ACKrcvd] id 4 len 4
01:48:06: BR0/0:1 PPP: I pkt type 0xC021, datagramsize 20
01:48:06: Vi1 PPP: I pkt type 0xC021, datagramsize 20
01:48:06: BR0/0:1 LCP: I TERMREQ [Open] id 5 len 16 (0x55873513003CCD7400000000)

01:48:06: BR0/0:1 LCP: O TERMACK [Open] id 5 len 4
01:48:06: BR0/0:1 PPP: Phase is TERMINATING [0 sess, 0 load]
01:48:06: Vi1 IPCP: State is Closed
01:48:06: %ISDN-6-CONNECT: Interface BRI0/0:1 is now connected to 9131897245 ral
f
01:48:06: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to down
01:48:06: BR0/0:1 LCP: State is Closed
01:48:06: BR0/0:1 PPP: Phase is DOWN [0 sess, 0 load]
01:48:08: Vi1 LCP: Missed link down notification
01:48:08: Vi1 PPP: Phase is TERMINATING [0 sess, 0 load]
01:48:08: Vi1 LCP: State is Closed
01:48:08: Vi1 PPP: Phase is DOWN [0 sess, 0 load]
reply via email to
[Prev in Thread] Current Thread [Next in Thread]