Hi, everybody
today i have a problem with my network to authenticate, user connected on A vlan and using PPPOE access.
The configuration PPPOE is on cisco router, and users list with their ip address are in Radius.
What I want is the cisco to forward request authentication to radius, and if success give acces to network with the ip address provided by Radius.
Here is the debug accounting
bras#Debug radius accounting
*Dec 16 13:36:45.296: RADIUS/ENCODE(00000363):Orig. component type = PPoE
*Dec 16 13:36:45.296: RADIUS(00000363): Config NAS IP: 172.16.0.1
*Dec 16 13:36:45.296: RADIUS/ENCODE: No idb found! Framed IP Addr might not be included
*Dec 16 13:36:45.296: RADIUS(00000363): Config NAS IP: 172.16.0.1
*Dec 16 13:36:45.300: RADIUS: Received from id 1645/232 10.0.0.2:1812, Access-Accept, len 113
*Dec 16 13:36:45.308: %LINK-3-UPDOWN: Interface Virtual-Access4, changed state to up
*Dec 16 13:36:45.580: %LINK-3-UPDOWN: Interface Virtual-Access4, changed state to down
You can see that th virtual access goes up then down.
I see that the termination is asked by cisco router, under this you can see the trace.
86 13:59:36.982906 Cisco_85:43:31 Usi_10:ef:0f PPP LCP Termination Request
here is the radius debug in cisco.
*Dec 16 13:43:36.520: RADIUS/ENCODE(00000364):Orig. component type = PPoE
*Dec 16 13:43:36.520: RADIUS: AAA Unsupported Attr: client-mac-address[49] 14
*Dec 16 13:43:36.520: RADIUS: 30 30 32 34 2E 37 65 31 30 2E 65 66 [0024.7e10.ef]
*Dec 16 13:43:36.520: RADIUS: AAA Unsupported Attr: interface [175] 7
*Dec 16 13:43:36.520: RADIUS: 30 2F 30 2F 31 [0/0/1]
*Dec 16 13:43:36.520: RADIUS(00000364): Config NAS IP: 172.16.0.1
*Dec 16 13:43:36.520: RADIUS/ENCODE: No idb found! Framed IP Addr might not be included
*Dec 16 13:43:36.520: RADIUS/ENCODE(00000364): acct_session_id: 931
*Dec 16 13:43:36.520: RADIUS(00000364): Config NAS IP: 172.16.0.1
*Dec 16 13:43:36.520: RADIUS(00000364): sending
*Dec 16 13:43:36.520: RADIUS(00000364): Send Access-Request to 10.0.0.2:1812 id 1645/233, len 120
*Dec 16 13:43:36.520: RADIUS: authenticator 60 72 2E C2 98 37 C4 99 – 01 0B 8D 4F 9B 0B 24 42
*Dec 16 13:43:36.520: RADIUS: Framed-Protocol [7] 6 PPP [1]
*Dec 16 13:43:36.520: RADIUS: User-Name [1] 8 “akabou”
*Dec 16 13:43:36.520: RADIUS: CHAP-Password [3] 19 *
*Dec 16 13:43:36.520: RADIUS: NAS-Port-Type [61] 6 Virtual [5]
*Dec 16 13:43:36.520: RADIUS: NAS-Port [5] 6 0
*Dec 16 13:43:36.520: RADIUS: NAS-Port-Id [87] 9 “0/0/1/2”
*Dec 16 13:43:36.520: RADIUS: Service-Type [6] 6 Framed [2]
*Dec 16 13:43:36.520: RADIUS: NAS-IP-Address [4] 6 172.16.0.1
*Dec 16 13:43:36.520: RADIUS: Acct-Session-Id [44] 18 “0A000001000003A3”
*Dec 16 13:43:36.524: RADIUS: Nas-Identifier [32] 16 “cisco.domain.com”
*Dec 16 13:43:36.524: RADIUS: Received from id 1645/233 10.0.0.2:1812, Access-Accept, len 113
*Dec 16 13:43:36.524: RADIUS: authenticator D0 5B 66 9F 40 D2 28 0F – 15 89 28 66 47 F5 2D B6
*Dec 16 13:43:36.524: RADIUS: Service-Type [6] 6 Framed [2]
*Dec 16 13:43:36.524: RADIUS: Framed-Protocol [7] 6 PPP [1]
*Dec 16 13:43:36.524: RADIUS: Framed-IP-Address [8] 6 172.16.0.2
*Dec 16 13:43:36.524: RADIUS: Framed-IP-Netmask [9] 6 255.255.255.255
*Dec 16 13:43:36.524: RADIUS: Framed-Routing [10] 6 3
*Dec 16 13:43:36.524: RADIUS: Framed-Route [22] 42 “172.16.0.1 255.255.255.255 172.16.0.2 10”
*Dec 16 13:43:36.524: RADIUS: Filter-Id [11] 9
*Dec 16 13:43:36.524: RADIUS: 73 74 64 2E 70 70 70 [std.ppp]
*Dec 16 13:43:36.524: RADIUS: Framed-MTU [12] 6 1492
*Dec 16 13:43:36.524: RADIUS: Framed-Compression [13] 6 VJ TCP/IP Header Compressi[1]
*Dec 16 13:43:36.524: RADIUS(00000364): Received from id 1645/233
*Dec 16 13:43:36.532: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to up
*Dec 16 13:43:37.576: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to down
If someone has an idea.