Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

configuration of raduis and router to router connection

Hi

i have 3640 which is our network access point for all dialin users using microsoft clients. Our dial in clients then get authenticated on to our Microsoft IAS server. This side all works fine. using isdn 30 connection

THe problem i have is i want to setup a remote site with 5 users. with cisco 1600 router using isdn bri. i want this to dial up our main 3640 which is mentioned above . the problem is i having Microsoft authentication faiures from cisco 1600 to microsoft IAS server which our reseller tells me it not supported as microsoft clients can only use microsoft ias server not routers.

so What i would like to do is router to router configuration where current users are not affected using the same raduis box but when cisco 1600 dials into 3640 it uses the local database. i know this possible but cant find the relevant documentation on it

i got it working with creating 2 dialer interfaces but on the physical int i can only assign to 1 dialer rotarry group number here the config to explain what i am talking about

ignore dialer 2 and dialer pool stuff that me playing not knowing if i am on the right track

Building configuration...

Current configuration : 4165 bytes

!

version 12.2

service timestamps debug datetime

service timestamps log datetime

service password-encryption

!

hostname BRIREMOTEDIAL

!

logging buffered 4096 debugging

aaa new-model

aaa authentication login default group radius local

aaa authentication login NO_AUTHEN none

aaa authentication login VTYLINE enable

aaa authentication ppp default group radius local

aaa authorization network defaut group radius if-authenticated

!

username admin callback-dialstring "" password 7 15010E19173E2E36

username newham\darvin1 password 7 110D1817011B055D

username FAIRPLAY password 7 03227A22343F0D6D77

memory-size iomem 15

clock timezone gmt 0

ip subnet-zero

!

!

ip name-server 151.133.103.30

!

async-bootp dns-server 151.133.103.30

async-bootp nbns-server 151.133.75.200

isdn switch-type primary-net5

chat-script offhook "" "ATH1" OK

chat-script callback ABORT ERROR ABORT BUSY "" "ATZ" OK "AT" OK "ATDT \T" TIMEOUT 60 CONNECT \c

call rsvp-sync

!

!

!

!

!

!

controller E1 0/0

pri-group timeslots 1-31

!

controller E1 0/1

pri-group timeslots 1-8,16

!

!

!

interface Serial0/0:15

no ip address

encapsulation ppp

dialer rotary-group 1

isdn switch-type primary-net5

isdn incoming-voice modem

no cdp enable

ppp multilink

!

interface Serial0/1:15

no ip address

encapsulation ppp

dialer pool-member 1

dialer pool-member 2

isdn switch-type primary-net5

isdn incoming-voice modem

no cdp enable

ppp multilink

!

interface FastEthernet3/0

ip address 151.133.101.1 255.255.240.0

duplex auto

speed auto

no cdp enable

!

interface Group-Async0

ip unnumbered FastEthernet3/0

encapsulation ppp

async mode interactive

peer default ip address pool dhcpclient

ppp callback accept

ppp authentication ms-chap chap

group-range 33 62

!

interface Group-Async1

ip unnumbered FastEthernet3/0

encapsulation ppp

async mode interactive

peer default ip address pool dhcpclient

ppp callback accept

ppp authentication ms-chap chap

group-range 65 94

!

interface Dialer1

ip unnumbered FastEthernet3/0

encapsulation ppp

dialer in-band

dialer idle-timeout 3000

dialer load-threshold 1 outbound

peer default ip address pool dhcpclient

no cdp enable

ppp callback accept

ppp authentication ms-chap chap

ppp multilink

!

interface Dialer2

no ip address

dialer pool 2

no cdp enable

!

ip local pool dhcpclient 151.133.101.5 151.133.101.254

ip classless

ip route 0.0.0.0 0.0.0.0 151.133.103.1

ip http server

ip pim bidir-enable

!

cdp timer 90

no cdp run

snmp-server community newham-cpqmgmnt RO

radius-server host 151.133.101.2 auth-port 1645 acct-port 1646 key 7 15010E01053A232B3A36

radius-server retransmit 1

!

1 REPLY
New Member

Re: configuration of raduis and router to router connection

I guess you can achieve this by using dialer profiles (dialer pools) rather than using rotary groups.

Configure the serial int to be member of two pools (1&2). and also configure two dialer interfaces each configured for different pools, say pool1 & pool2.

84
Views
0
Helpful
1
Replies