Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

RADIUS pointing to an address pool

A dial-in client should get an ip address from an address pool called DIAL-IN which is configured localy on a 2600er Router.

The address pool should be selected by the radius access accept answer from a radius server.

Everything is working fine: The dial-in clients requests 0.0.0.0 via IPCP and the router asks the address pool DIAL-IN. The pool returns an ip address, which is definitly from the address pool DIAL-IN.

But at this point the router reports: Attributes addr and addr-pool are mutally exclusive and IPCP is terminating.

Has anybody an idea whats going wrong?

Thanks

Edgar

4 REPLIES
Cisco Employee

Re: RADIUS pointing to an address pool

I assume that you want to allocated the ip address from one of the ip pool defined on the router but name of the pool from which ip address to be allocated should come from radius server during authorization..Right??

You need to turn on authorization thru radius for ppp users and use av-pair attribute for per user or under group config(for multiple users)

av-pair will be

ip:addr-pool=name

Where name is the ip pool defined on router..

New Member

Re: RADIUS pointing to an address pool

That is exactly what I have done. The Access Accept message from the radius server includes the pool name and the router uses this pool.

But suddenly the debug aaa authorization reports: attributes addr and addr-pool mutaually ...

Cisco Employee

Re: RADIUS pointing to an address pool

Pl. post following debug to investigate more in this case.

debug ppp nego

debug aaa per

debug aaa authorization

debug radius

New Member

Re: RADIUS pointing to an address pool

Sorry, I could not answer in a timely manner, because I spend some time at the customer site.

The required debugs are not available at the moment. I have solved the problem using pools defined on the ACS.

Nevertheless, I hope that I can offer the debugs during the next days. I still have used those debugs and I can confirm that the ACS sends an access accept, which includes the attribute pointing to a local pool on the NAS.

Edgar

103
Views
0
Helpful
4
Replies
CreatePlease login to create content