Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

radius-server attribute 61 extended on ASR1004

Hello colegaues,

We faced with problem after upgrade ASR from 12(2) 33 XNE2.

I know that this is an old XE release but our Radius deny authization from ASR with more new XE version.

Here is our radius attribute configuretion:

!

radius-server attribute 44 include-in-access-req

radius-server attribute nas-port format d

radius-server host x.x.x.x auth-port 1812 acct-port 1813 non-standard

radius-server key 7 <removed>

radius-server vsa send accounting

radius-server vsa send authentication

!

And this is correct authorization on Radius with NAS-Port-Type = VPDN:

Thread 4 handling request 36, (4 handled so far) at Tue Nov  8 05:11:36 2011

        Framed-Protocol = PPP

        User-Name = "29567"

        CHAP-Password = 01:d0:63:d9:7f:01:bd:2c:73:67:b8:5b:0b:53:78:7b:3b

        Connect-Info = "57600"

        NAS-Port-Type = VPDN

        NAS-Port-Id = 6177

        Attr-87 = "Uniq-Sess-ID6177"

        Service-Type = Framed-User

        NAS-IP-Address = 83.167.66.16

        Acct-Session-Id = "0093A035"

modcall: entering group authorize

This is wrong authorization with NAS-Port-Type = Sync:

Thread 132 handling request 233017, (8312 handled so far) at Wed Nov  9 06:34:34 2011
        Framed-Protocol = PPP
        User-Name = "denisvpn"
        CHAP-Password = 01:7c:6a:e2:dc:28:37:8b:ec:8a:df:15:2d:1d:60:d7:87
        Connect-Info = "54000000"
        NAS-Port-Type = Sync
        NAS-Port-Id = 12734
        Attr-87 = "Uniq-Sess-ID2734"
        Service-Type = Framed-User
        NAS-IP-Address = 83.167.66.16
        Acct-Session-Id = "00010687"
modcall: entering group authorize
  modcall[authorize]: module "voip" returns reject

How can I add in my configuration that ASR send necesserry NAS-Port-Type - VPDN

I couldn't found out any info ((( for radius-server attribute 61 extended

Wbr,

Konstantin.

Everyone's tags (1)
1 REPLY
New Member

radius-server attribute 61 extended on ASR1004

Can we change radius attribute to send

NAS-Port-Type - VPDN from ASR?

407
Views
0
Helpful
1
Replies
CreatePlease login to create content