Hi, This query is related to Cisco-7206 equipment behavior.
We have a Cisco 7206(IOS12.2(33)) equipment associated with freeRadius server2.1.10. Upon PPPOE client start, dynamic IP is assigned from the IP-Pool to the PPPOE client. However this IP address, is not included in the Frame-IP-Address AVP sent in the Access-Request message from the NAS. Request to provide your inputs on this, as this is reported across other forums(unfortunately, no answers available there :)) I have enabled this AVP inclusion with the NAS command, radius-server attribute 8 include-in-access-req Also find the configuration which I have used for your info: Current configuration : 3420 bytes ! version 12.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname CISCOBRAS ! boot-start-marker boot-end-marker ! enable secret 5 $1$NS9k$AMTl8utX2OqwQbWtVsNQX0 enable password abcd ! aaa new-model ! ! aaa group server radius bsnl server 172.31.113.137 auth-port 1812 acct-port 1813 ! aaa group server radius gsds server 172.31.113.135 auth-port 1812 acct-port 1813 ! aaa authentication ppp default group radius aaa authorization network default group radius aaa authorization subscriber-service default local aaa accounting network default start-stop broadcast group bsnl group gsds ! ! ! ! aaa server radius dynamic-author client 172.31.113.135 server-key testing123 server-key testing123 auth-type any ignore session-key ! aaa session-id common ip subnet-zero ! ! ! ip cef ip host gsds 172.31.113.135 ip host bsnl 172.31.113.137 ip host isp 172.31.113.137 ip address-pool local ! ! service-policy type control L2_ACCESS redirect server-group GSDS_SRV server ip 172.31.113.135 port 80 ! redirect server-group ISP_SRV server ip 172.31.113.136 port 80 ! multilink bundle-name authenticated no call rsvp-sync ! ! ! ! ! ! ! username abcd password 0 abcd ! class-map type traffic match-any PPP_SESSION_TRAFFIC_GRAS match access-group input name ACL_GRAS_USER ! class-map type traffic match-any PPP_SESSION_TRAFFIC match access-group input name ACL_BSNL_USER ! class-map type control match-all GRASBERG match unauthenticated-domain gsds ! class-map type control match-all PPP_SESSION match protocol ppp ! policy-map type service SVC_GSDS service local class type traffic PPP_SESSION_TRAFFIC_GRAS redirect to group GSDS_SRV ! ! policy-map type service SVC_GSDS_TO_INTERNET service local class type traffic PPP_SESSION_TRAFFIC_GRAS redirect to group ISP_SRV ! ! policy-map type control L2_ACCESS class type control PPP_SESSION event session-start 1 collect identifier unauthenticated-domain 2 service-policy type control DOMAIN_BASED_ACCESS ! ! policy-map type control DOMAIN_BASED_ACCESS class type control GRASBERG event session-start 1 authenticate aaa list default 2 service-policy type service name SVC_GSDS ! ! ! ! ! ! ! bba-group pppoe BSNL_BBA_GROUP virtual-template 1 ! ! interface FastEthernet1/0 ip address 172.31.113.150 255.255.255.0 no ip route-cache cef no ip route-cache duplex full ! interface FastEthernet1/1 description PPPoE ip address 10.10.10.4 255.255.255.0 no ip route-cache cef no ip route-cache duplex full pppoe enable group BSNL_BBA_GROUP ! interface Virtual-Template1 ip unnumbered FastEthernet1/1 peer default ip address pool GRAS_IP_POOL ppp authentication chap callin ! ip local pool GRAS_IP_POOL 10.10.10.20 ip default-gateway 10.10.10.4 ip classless ! ! no ip http server no ip http secure-server ! ip access-list standard ACL_GRAS_USER permit 10.10.10.0 0.0.0.255 ! ! ! radius-server attribute 8 include-in-access-req radius-server attribute 11 default direction in radius-server host 172.31.113.137 auth-port 1812 acct-port 1813 radius-server host 172.31.113.135 auth-port 1812 acct-port 1813 radius-server key testing123 radius-server vsa send accounting radius-server vsa send authentication ! control-plane ! ! dial-peer cor custom ! ! ! ! gatekeeper shutdown ! ! line con 0 stopbits 1 line aux 0 stopbits 1 line vty 0 4 password cisco ! end thanks, Raj ________________________________ "DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html