set an ip unnumbered from radius

Unanswered Question
Nov 10th, 2009

Hi all,

I was reading a lot documentation and testing a lot of scenarios but i can not set template configuration from RADIUS…

This it my configuration,

aaa new-model

!

!

aaa authentication login admin local

aaa authentication ppp default local group radius

aaa authorization template

aaa authorization network default group radius local

aaa accounting delay-start

aaa accounting update newinfo

aaa accounting network default start-stop group radius

!

!

bba-group pppoe pruebavrf

virtual-template 33

sessions per-mac limit 48

sessions per-vlan limit 1400

!

interface Loopback10

ip address 192.168.44.1 255.255.255.0

!

interface FastEthernet0/0.8

description PRUEBAS

encapsulation dot1Q 8

pppoe enable group pruebavrf

!

interface Virtual-Template33

no ip address

no ip redirects

no ip unreachables

ip mtu 1480

ip tcp adjust-mss 1400

peer default ip address pool pool_local

ppp authentication pap chap

!

radius-server attribute 44 extend-with-addr

radius-server attribute 8 include-in-access-req

radius-server attribute nas-port format d

radius-server configure-nas

radius-server host X.X.X.X auth-port 1812 acct-port 1813 key xxxx

radius-server retransmit 2

radius-server timeout 6

radius-server vsa send accounting

radius-server vsa send authentication

ip local pool pool_local x.x.x.x

And this is RADIUS configuration

[email protected] Auth-Type := local, User-Password == "xxxx"

Service-Type = Framed-User,

cisco-avpair += "template:ip-unnumbered=Loopback 10",

Framed-Protocol = PPP

I think that with this configuration virtual-access would be take the ip of Loopback 10 as unnumbered but doesn't work.

Router#sh int Vi2.1

Virtual-Access2.1 is up, line protocol is up

Hardware is Virtual Access interface

MTU 1492 bytes, BW 100000 Kbit/sec, DLY 100000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation PPP, LCP Open

PPPoE vaccess, cloned from Virtual-Template33

Vaccess status 0x0

Keepalive set (10 sec)

128 packets input, 1803 bytes

128 packets output, 1799 bytes

Last clearing of "show interface" counters never

This is the RADIUS debug,

.Nov 10 12:38:42: RADIUS(000E4E19): Send Access-Request to x.x.x.x:1812 id 1645/79, len 135

.Nov 10 12:38:42: RADIUS: authenticator 3C 22 8C 1E AE 21 20 82 - B9 58 57 E3 16 6D C9 8B

.Nov 10 12:38:42: RADIUS: Vendor, Cisco [26] 41

.Nov 10 12:38:42: RADIUS: Cisco AVpair [1] 35 "client-mac-address=xxxx"

.Nov 10 12:38:42: RADIUS: Framed-Protocol [7] 6 PPP [1]

.Nov 10 12:38:42: RADIUS: User-Name [1] 17 "[email protected]"

.Nov 10 12:38:42: RADIUS: User-Password [2] 18 *

.Nov 10 12:38:42: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]

.Nov 10 12:38:42: RADIUS: NAS-Port [5] 6 8

.Nov 10 12:38:42: RADIUS: NAS-Port-Id [87] 9 "0/0/0/8"

.Nov 10 12:38:42: RADIUS: Service-Type [6] 6 Framed [2]

.Nov 10 12:38:42: RADIUS: NAS-IP-Address [4] 6 x.x.x.x

.Nov 10 12:38:42: RADIUS: Received from id 1645/79 x.x.x.x:1812, Access-Accept, len 74

.Nov 10 12:38:42: RADIUS: authenticator E5 D8 63 D4 D5 EE EC C8 - F7 BB 4A B9 6A C8 60 F6

.Nov 10 12:38:42: RADIUS: Service-Type [6] 6 Framed [2]

.Nov 10 12:38:42: RADIUS: Vendor, Cisco [26] 42

.Nov 10 12:38:42: RADIUS: Cisco AVpair [1] 36 "template:ip-unnumbered=Loopback 10"

.Nov 10 12:38:42: RADIUS: Framed-Protocol [7] 6 PPP [1]

.Nov 10 12:38:42: RADIUS(000E4E19): Received from id 1645/79

Somebody can help me?

Thank you in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion