Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Cisco: NAS
FW: Asynchronous callback problems - update
 

Index | Next | Previous | View Flat


andris.zarins at microlink

Jul 14, 2005, 8:35 AM


Views: 839
Permalink
FW: Asynchronous callback problems - update

UPDATE - callback itself is working now. If user is meant to be called
back - it is called back succesfuly. Problems are with users who should
not be called back - normal dial-in users - if 'ppp callback accept' is
configured on group-async interface - problem arise, if that command
isnt there - non-callback users can call in, but callback isnt working.





If I try to call-in as non-callback user, Windows says that "PPP Link
Control Protocol was terminated by remote side" and it says that I
should enable LCP extensions (its done and ON by default also) and try
to allow unsecured password (what is also allowed).



Any ideas where to go next ?









________________________________

From: Andris Zarins
Sent: Thursday, July 14, 2005 6:10 PM
To: cisco-nas [at] puck
Cc: Andris Zarins
Subject: Asynchronous callback problems



Hi all,



I'm trying to configure callback from 3640 (E1) to WindowsXP PC (async
line). There are several types of users callin to that NAS - Cisco
routers using ISDN, async modem users who shouldnt be called back, and
now there should be async modem users who should be called back. This is
why I need per user AAA what is done using RADIUS. Below is RADIUS
profile configuration.





NAS (3640) has numerous mica-midems installed. Dial-in without callback
is working fine, as AAA is done using RADIUS server, so configuration
for vaccess interfaces comes also from vtemplate + RADIUS part.



Here is configuration from NAS:



interface Group-Async1

description Dial-in modem pool

ip unnumbered Loopback2

encapsulation ppp

no ip route-cache cef

no ip route-cache

ip tcp header-compression

no ip mroute-cache

dialer in-band

dialer idle-timeout 9000

dialer-group 1

async mode dedicated

peer default ip address pool dial-up

no fair-queue

ppp authentication chap modem

no clns route-cache

group-range 33 56



And here is profile from RADIUS for involved user:



Profile="callback"

Framed-Protocol = PPP

Service-Type = Framed-User

cisco-avpair = "lcp:interface-config=ppp callback accept"

cisco-avpair = "lcp:interface-config=ip unnumbered lo2"

cisco-avpair = "lcp:interface-config=peer default ip address
pool dial-up"

cisco-avpair = "lcp:interface-config=encaps ppp"

cisco-avpair = "lcp:interface-config=ppp multilink"





What I'm worried about is command "ppp callback accept". As far as I
know - it should be configured on group-async interface, but if I do it
- nobody is able to call-in in any manner (with callback or without).
"debug aaa authentication" says that user isn't authorized for callback
and AAA procedure exits at that moment (or maybe I'm not doin enough
debugging, so Im missin something).



Any ideas how to proceed and what to troubleshoot? Maybe anyone has got
working configuration for callback? Any ideas what to debug? I
understand that there might be not enough information, if you need
something else to give some comments - I'll do it :-)



Andris

Subject User Time
FW: Asynchronous callback problems - update andris.zarins at microlink Jul 14, 2005, 8:35 AM

  Index | Next | Previous | View Flat
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.