Hello group,
I' am presently working on a remote access solution for our network. We have decided to use a Cisco 3620 with a Fastethernet for LAN connexion and PRI/E1 module for WAN connection. The router is running IOS version 12.2(4)T3. This access server is configured to allow analog connexions and ISDN connexions, callback is also allowed. The remote users connecting are authenticated by a RADIUS Server (Steelbelt). The RADIUS server is also supposed to return values to the remote client: -Framed-IP-Address -Framed-IP-Netmask -Famed-Protocol -Framed-route -Callback-number -Cisco-client-Primary-DNS -Cisco-client-Secondary-DNS We are currently testing this solution and it's no working properly. The remote user is not getting the appropriate RADIUS attributs. We only have the Framed-IP-Address right, the other attribut are retrieved by the router. Do you have an idea on how to force the router to get those specific attributs ? Please find attached the configuration of the router. Any information is welcome. Thank you. Rock BASSOLE > version 12.2 service nagle service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption ! hostname ! logging buffered 40000 debugging aaa new-model ! ! aaa authentication login default group radius line aaa authentication enable default none aaa authentication ppp default group radius local aaa authorization network default group radius local enable secret password aaa session-id common ! clock timezone GMT+01 1 clock summer-time GMT+01 recurring last Sun Mar 1:00 last Sun Oct 2:00 ip subnet-zero no ip source-route ! ! ip telnet source-interface Loopback0 no ip domain-lookup ! no ip bootp server isdn switch-type primary-net5 chat-script offhook "" "ATH1" OK chat-script callback ABORT ERROR ABORT BUSY "" "ATZ" OK "ATDT \T" TIMEOUT 30 CONNECT \c ! controller E1 1/0 framing NO-CRC4 pri-group timeslots 1-31 ! controller E1 1/1 ! ! ! interface Loopback0 description Interface Loopback NAS ip address X.X.X.X 255.255.255.255 no ip redirects no ip directed-broadcast no ip proxy-arp no ip mroute-cache ! interface FastEthernet1/0 description Interface FastEthernet VLAN_10.21_RAS ip address X.X.X.X 255.255.128.0 no ip redirects no ip directed-broadcast no ip proxy-arp speed 100 full-duplex no cdp enable ! interface Serial1/0:15 description canal D pour le controller E1 no ip address no ip redirects no ip directed-broadcast no ip proxy-arp encapsulation ppp dialer rotary-group 0 dialer-group 1 isdn switch-type primary-net5 isdn incoming-voice modem no fair-queue compress mppc no cdp enable ! interface Group-Async1 description Interface de connexion RTC ip unnumbered Loopback0 encapsulation ppp no ip mroute-cache no ip redirects no ip directed-broadcast no ip proxy-arp async mode dedicated no peer default ip address compress mppc ppp callback accept ppp authentication chap group-range 1 30 ! interface Dialer0 description Intercace de connexion ISDN ip unnumbered Loopback0 encapsulation ppp no ip mroute-cache no ip redirects no ip directed-broadcast no ip proxy-arp dialer in-band dialer aaa dialer enable-timeout 5 dialer hold-queue 20 dialer-group 1 no peer default ip address no fair-queue compress mppc no cdp enable ppp callback accept ppp authentication chap callin ppp multilink ! router rip passive-interface Dialer0 network 10.0.0.0 ! ip classless no ip http server ip pim bidir-enable ! ip radius source-interface Loopback0 logging source-interface Loopback0 logging logging access-list 23 remark *** VTY Access *** dialer-list 1 protocol ip permit no cdp run snmp-server community community RO 23 snmp-server community community RW 23 snmp-server trap-source Loopback0 snmp-server host-ip-add password snmp-server host-ip-add password snmp-server tftp-server-list 23 radius-server host-ip address auth-port 1645 acct-port 1646 radius-server retransmit 3 radius-server key key banner login ^C ################################################################ # # # UNAUTHORIZED ACCESS IS PROHIBITED # # AND MAY BE SUBJECT TO CIVIL AND/OR CRIMINAL PENALTIES # # # ################################################################ ^C ! line con 0 exec-timeout 5 0 password password line 1 30 script modem-off-hook offhook script callback callback modem InOut modem autoconfigure type mica transport preferred none transport input all transport output none autoselect during-login autoselect ppp callback forced-wait 5 stopbits 1 flowcontrol hardware line aux 0 exec-timeout 5 0 password password line vty 0 4 access-class 23 in exec-timeout 5 0 password password transport input telnet transport output none ! ntp clock-period 17208202 ntp source Loopback0 ntp server X.X.X.X prefer ntp server X.X.X.X no scheduler allocate ! end Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=45924&t=45924 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
