06-28-2002 02:28 PM - edited 03-01-2019 11:09 PM
I have analog and ISDN users dialing into a 3640 with PRI ISDN and DMM's. I authentcate with RSA ACE Server and Authorise with Cisco ACS. All analog users are set up for roaming dial-back. This works fine unless a user decides not to use dial-back and cancels at the phone-number prompt. The line is then disconnected. If the user is set in ACS for dial-in only this works OK. All the ISDN users are dial-in only and work OK.
---------------------x----------------------
Current configuration : 2541 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname GMAC_RAS
!
logging buffered 26144 debugging
no logging console
aaa new-model
aaa authentication login default group tacacs+
aaa authentication ppp default group tacacs+
aaa authorization exec default group tacacs+
aaa authorization network default group tacacs+
aaa accounting exec default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
enable password voyager
!
username root privilege 15 password 0 use_acs
clock timezone GMT 1
clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 2:00
modem country mica united-kingdom
ip subnet-zero
!
!
!
async-bootp dns-server 172.20.4.47
async-bootp nbns-server 172.20.4.47
vty-async
vty-async keepalive 0
isdn switch-type primary-net5
chat-script offhook "" "ATH1" OK \c
chat-script CALLBACK ABORT ERROR ABORT BUSY "" "AT" OK "ATDT \T" TIMEOUT 30 CONN
ECT \c
call rsvp-sync
!
!
!
!
!
!
controller E1 0/0
pri-group timeslots 1-30
!
!
!
interface FastEthernet0/0
ip address 172.20.4.253 255.255.254.0
speed 100
full-duplex
no cdp enable
!
interface Serial0/0:15
no ip address
encapsulation ppp
dialer rotary-group 1
autodetect encapsulation ppp v120
isdn switch-type primary-net5
isdn incoming-voice modem
no cdp enable
ppp authentication pap
!
interface Group-Async1
ip unnumbered FastEthernet0/0
encapsulation ppp
ip tcp header-compression passive
no ip mroute-cache
async mode interactive
no peer default ip address
ppp callback accept
ppp authentication pap
group-range 33 62
!
interface Dialer0
ip unnumbered FastEthernet0/0
encapsulation ppp
ip tcp header-compression passive
dialer pool 1
dialer-group 1
no peer default ip address
pulse-time 0
no cdp enable
ppp authentication pap
!
interface Dialer1
ip unnumbered FastEthernet0/0
encapsulation ppp
dialer-group 1
no peer default ip address
no cdp enable
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.20.4.254
ip http server
ip pim bidir-enable
!
dialer-list 1 protocol ip permit
no cdp run
tacacs-server host 172.20.4.173
tacacs-server key voyager
!
dial-peer cor custom
!
!
!
!
line con 0
login authentication no_tacacs
line 33 62
script modem-off-hook offhook
script callback CALLBACK
modem InOut
modem autoconfigure type mica
autocommand ppp
transport preferred none
transport input all
transport output none
autoselect ppp
flowcontrol hardware
line aux 0
line vty 0 4
password voyager
!
ntp server 172.20.4.47
end
06-28-2002 02:28 PM
You need to use "ppp callback permit"
instead of "ppp callback accept".
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide