I have upgraded the IOS from 11.3 to 12.1 on AS 5800 and since then the ppp authentication is not happening. I am using Merit Radius 4.2.2E application for authentication. Please suggest what the problem would be.
Note: the IOS 11.3 was working fine in the same setup
I can try and help but need some more information. Which 12.1 revision did you move to and what debugs can you provide? Is there a 12.1 feature you need? Bugfinder shows a number of AAA bugs on some 12.1 releases so that might be the best place to start.
U first need to understand how AAA works. AAA process (triple A) consists of Authentication, Authorisation & Accounting. First u need to know at which of the above point your connection is dropped. To do this enable following debugging on your NAS (Access Server) : debug AAA authentication , debug AAA authorisation , debug AAA acounting, debug radius, debug PPP negotiation. Then telnet to the NAS & enable the telnet session to capture the NAS log to a file. Then dial into the NAS (make sure u setup NAS as well as the radius server to use PAP authentication.)Then examine the log generated & trace down where exactly the connection is dropped.Locate the error mesasage & search the cisco site for an explaination of the error. Also examine the Access-accept or Access-reject responses from the Radius server ie the attributes in the response messages. Best of luck
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...