Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Cisco>
  3. BBA
Only work with 7 user (client)
tom at hostwebase
Nov 22, 2006, 1:08 AM
Post #1 of 6 (4532 views)
Permalink
Would you guys help me out with this issues again please.
I am having the same problem as before. The Cisco 7204
won't seem to accept any more than 7 users. What am I
missing here?



Here is my 7204 configuration:

aaa new-model
aaa authentication login default local
aaa authentication login console enable
aaa authentication login telnet line
aaa authentication login localauth local
aaa authentication ppp default group radius local
aaa authorization network default group radius local
aaa accounting delay-start
aaa accounting nested
aaa accounting exec default start-stop group radius
aaa accounting network default start-stop group radius



interface Loopback2
ip address 16.10.172.1 255.255.255.128
!
!
interface Virtual-Template1
mtu 1492
ip unnumbered Loopback2
peer default ip address pool DSLCustomer
ppp authentication chap callin



Thanks so much

Tom










---- Original message ----
>Date: Thu, 05 Oct 2006 19:23:24 -0700
>From: Mark Johnson <mljohnso@cisco.com>
>Subject: RE: [cisco-bba] Only work with 5 user (client)
>To: tom@hostwebase.com, gabriel.grissett@gmail.com
>Cc: cisco-bba@puck.nether.net
>
>At 04:31 PM 10/5/2006 -0400, Tom Miller wrote:
>>Guys,
>>
>>It seems to be working fine. The system is currently
>>excepted up to 7 users without any issues. Can you guy
>>enlighten me why it fix with the loopback interface? Is
>>this a bug?
>
>IOS will not allow more than 6 interfaces with the same
>static ip address. Without IP unnumbered, each virtual-
>access interface is cloned with the same IP address as
>the virtual-template, thus you'll fail on the 6th user
>(the VT counts as 1).
>
>mark
>
>
>>Thank you so much for your advices.
>>
>>Tom
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>---- Original message ----
>> >Date: Wed, 4 Oct 2006 14:38:18 -0500
>> >From: "Gabriel Grissett" <gabriel.grissett@gmail.com>
>> >Subject: RE: [cisco-bba] Only work with 5 user (client)
>> >To: <tom@hostwebase.com>
>> >
>> >Use a loopback interface ...
>> >
>> >Interface loopback 2
>> > ip address 192.168.172.1 255.255.255.128
>> >
>> >then change your virtual-template to...
>> >
>> >interface Virtual-Template1
>> > mtu 1492
>> > ip unnumbered loopback 2
>> >...
>> >...
>> >...
>> >
>> >This should be in the archives...
>> >
>> >> -----Original Message-----
>> >> From: cisco-bba-bounces@puck.nether.net [mailto:cisco-
bba-
>> >> bounces@puck.nether.net] On Behalf Of Tom Miller
>> >> Sent: Wednesday, October 04, 2006 2:28 PM
>> >> To: cisco-bba@puck.nether.net
>> >> Subject: [cisco-bba] Only work with 5 user (client)
>> >>
>> >> I have a 7204 (12.0(22)S1) terminating DSL L2TP VPDN
and
>> >> freeradius ( 1.0.4)
>> >>
>> >> I am having problem when number of users (clients)
>> >> increase from 6 and up.
>> >>
>> >> It worked fine when I have only 5 users (clients) using
>> >> the system.
>> >>
>> >> The Cisco 7204 sending missing informationn to the
radius
>> >> server when the user # 6 try to connect. Information
such
>> >> as Tunnel-Server-Endpoint and Tunnel-Client-Endpoint
>> >>
>> >>
>> >> I must have a missing value within my Cisco
configuration.
>> >> However, I don't know what it is.
>> >>
>> >> Would you guys help me out please.
>> >>
>> >>
>> >> Here is my cisco 7204 configuration:
>> >>
>> >> > aaa new-model
>> >> > aaa authentication login default local
>> >> > aaa authentication login console enable
>> >> > aaa authentication login telnet line
>> >> > aaa authentication login localauth local
>> >> > aaa authentication ppp default group radius local
>> >> > aaa authorization network default group radius local
>> >> > aaa accounting delay-start
>> >> > aaa accounting nested
>> >> > aaa accounting exec default start-stop group radius
>> >> > aaa accounting network default start-stop group
radius
>> >> >
>> >> >
>> >> > !
>> >> > vpdn enable
>> >> > vpdn aaa override-server 172.17.17.17
>> >> > !
>> >> > vpdn-group 1
>> >> > accept-dialin
>> >> > protocol l2tp
>> >> > virtual-template 1
>> >> > terminate-from hostname aaaabbbr.ca.AADS
>> >> > local name abc123456789cha
>> >> > lcp renegotiation always
>> >> > l2tp tunnel password 7 xxxxxxxxxxxxxxxx
>> >> > !
>> >> >
>> >> > radius-server host 172.17.17.17 auth-port 1645 acct-
port
>> >> 1646
>> >> >
>> >> >
>> >> > !
>> >> > interface Virtual-Template1
>> >> > mtu 1492
>> >> > ip address 192.168.172.1 255.255.255.128
>> >> > peer default ip address pool DSLCustomer
>> >> > ppp authentication chap callin
>> >> > !
>> >> > ip local pool DSLCustomer 192.168.172.51
192.168.172.125
>> >>
>> >>
>> >> Thank you,
>> >>
>> >> Tom
>> >>
>> >> _______________________________________________
>> >> cisco-bba mailing list
>> >> cisco-bba@puck.nether.net
>> >> https://puck.nether.net/mailman/listinfo/cisco-bba
>> >
>
_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba
Re: Only work with 7 user (client) [ In reply to ]
mljohnso at cisco
Nov 22, 2006, 6:34 AM
Post #2 of 6 (4350 views)
Permalink
At 04:08 AM 11/22/2006 -0500, Tom Miller wrote:
>Would you guys help me out with this issues again please.
>I am having the same problem as before. The Cisco 7204
>won't seem to accept any more than 7 users. What am I
>missing here?

This must be a different problem. Capture <debug ppp neg>
for the 8th user attempting to connect; if you don't see
any debug output, then the problem is VPDN and you want to
have a look at

debug vpdn error
debug vpdn l2x-event
debug vpdn l2x-error
debug vtemplate

mark



>Here is my 7204 configuration:
>
>aaa new-model
>aaa authentication login default local
>aaa authentication login console enable
>aaa authentication login telnet line
>aaa authentication login localauth local
>aaa authentication ppp default group radius local
>aaa authorization network default group radius local
>aaa accounting delay-start
>aaa accounting nested
>aaa accounting exec default start-stop group radius
>aaa accounting network default start-stop group radius
>
>
>
>interface Loopback2
> ip address 16.10.172.1 255.255.255.128
>!
>!
>interface Virtual-Template1
> mtu 1492
> ip unnumbered Loopback2
> peer default ip address pool DSLCustomer
> ppp authentication chap callin
>
>
>
>Thanks so much
>
>Tom
>
>
>
>
>
>
>
>
>
>
>---- Original message ----
> >Date: Thu, 05 Oct 2006 19:23:24 -0700
> >From: Mark Johnson <mljohnso@cisco.com>
> >Subject: RE: [cisco-bba] Only work with 5 user (client)
> >To: tom@hostwebase.com, gabriel.grissett@gmail.com
> >Cc: cisco-bba@puck.nether.net
> >
> >At 04:31 PM 10/5/2006 -0400, Tom Miller wrote:
> >>Guys,
> >>
> >>It seems to be working fine. The system is currently
> >>excepted up to 7 users without any issues. Can you guy
> >>enlighten me why it fix with the loopback interface? Is
> >>this a bug?
> >
> >IOS will not allow more than 6 interfaces with the same
> >static ip address. Without IP unnumbered, each virtual-
> >access interface is cloned with the same IP address as
> >the virtual-template, thus you'll fail on the 6th user
> >(the VT counts as 1).
> >
> >mark
> >
> >
> >>Thank you so much for your advices.
> >>
> >>Tom
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>---- Original message ----
> >> >Date: Wed, 4 Oct 2006 14:38:18 -0500
> >> >From: "Gabriel Grissett" <gabriel.grissett@gmail.com>
> >> >Subject: RE: [cisco-bba] Only work with 5 user (client)
> >> >To: <tom@hostwebase.com>
> >> >
> >> >Use a loopback interface ...
> >> >
> >> >Interface loopback 2
> >> > ip address 192.168.172.1 255.255.255.128
> >> >
> >> >then change your virtual-template to...
> >> >
> >> >interface Virtual-Template1
> >> > mtu 1492
> >> > ip unnumbered loopback 2
> >> >...
> >> >...
> >> >...
> >> >
> >> >This should be in the archives...
> >> >
> >> >> -----Original Message-----
> >> >> From: cisco-bba-bounces@puck.nether.net [mailto:cisco-
>bba-
> >> >> bounces@puck.nether.net] On Behalf Of Tom Miller
> >> >> Sent: Wednesday, October 04, 2006 2:28 PM
> >> >> To: cisco-bba@puck.nether.net
> >> >> Subject: [cisco-bba] Only work with 5 user (client)
> >> >>
> >> >> I have a 7204 (12.0(22)S1) terminating DSL L2TP VPDN
>and
> >> >> freeradius ( 1.0.4)
> >> >>
> >> >> I am having problem when number of users (clients)
> >> >> increase from 6 and up.
> >> >>
> >> >> It worked fine when I have only 5 users (clients) using
> >> >> the system.
> >> >>
> >> >> The Cisco 7204 sending missing informationn to the
>radius
> >> >> server when the user # 6 try to connect. Information
>such
> >> >> as Tunnel-Server-Endpoint and Tunnel-Client-Endpoint
> >> >>
> >> >>
> >> >> I must have a missing value within my Cisco
>configuration.
> >> >> However, I don't know what it is.
> >> >>
> >> >> Would you guys help me out please.
> >> >>
> >> >>
> >> >> Here is my cisco 7204 configuration:
> >> >>
> >> >> > aaa new-model
> >> >> > aaa authentication login default local
> >> >> > aaa authentication login console enable
> >> >> > aaa authentication login telnet line
> >> >> > aaa authentication login localauth local
> >> >> > aaa authentication ppp default group radius local
> >> >> > aaa authorization network default group radius local
> >> >> > aaa accounting delay-start
> >> >> > aaa accounting nested
> >> >> > aaa accounting exec default start-stop group radius
> >> >> > aaa accounting network default start-stop group
>radius
> >> >> >
> >> >> >
> >> >> > !
> >> >> > vpdn enable
> >> >> > vpdn aaa override-server 172.17.17.17
> >> >> > !
> >> >> > vpdn-group 1
> >> >> > accept-dialin
> >> >> > protocol l2tp
> >> >> > virtual-template 1
> >> >> > terminate-from hostname aaaabbbr.ca.AADS
> >> >> > local name abc123456789cha
> >> >> > lcp renegotiation always
> >> >> > l2tp tunnel password 7 xxxxxxxxxxxxxxxx
> >> >> > !
> >> >> >
> >> >> > radius-server host 172.17.17.17 auth-port 1645 acct-
>port
> >> >> 1646
> >> >> >
> >> >> >
> >> >> > !
> >> >> > interface Virtual-Template1
> >> >> > mtu 1492
> >> >> > ip address 192.168.172.1 255.255.255.128
> >> >> > peer default ip address pool DSLCustomer
> >> >> > ppp authentication chap callin
> >> >> > !
> >> >> > ip local pool DSLCustomer 192.168.172.51
>192.168.172.125
> >> >>
> >> >>
> >> >> Thank you,
> >> >>
> >> >> Tom
> >> >>
> >> >> _______________________________________________
> >> >> cisco-bba mailing list
> >> >> cisco-bba@puck.nether.net
> >> >> https://puck.nether.net/mailman/listinfo/cisco-bba
> >> >
> >

_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba
Re: Only work with 7 user (client) [ In reply to ]
tom at hostwebase
Nov 25, 2006, 7:32 AM
Post #3 of 6 (4333 views)
Permalink
Mark,

I have the debug on but it didn't show me anything.
I think I miss a command to tell it to display all the
debug messages. I don't remember what it is thought.

debug ppp neg
debug vpdn error
debug vpdn l2x-event
debug vpdn l2x-error
debug vtemplate

terminal monitor

sh debug

PPP:
PPP protocol negotiation debugging is on
VPN:
L2X protocol events debugging is on
L2X protocol errors debugging is on
VPDN errors debugging is on
VTEMPLATE:
Virtual Template debugging is on




********begining of the show log ************

23:44:56 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access8, changed state
to up
*Nov 25 00:00:03 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access8, changed state to down
*Nov 25 00:00:04 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access8, changed state
to down
*Nov 25 00:00:08 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to up
*Nov 25 00:00:09 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to up
*Nov 25 00:00:14 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to down
*Nov 25 00:00:15 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to down
*Nov 25 00:00:19 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access8, changed state to up
*Nov 25 00:00:20 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access8, changed state
to up
*Nov 25 00:48:38 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access8, changed state to down
*Nov 25 00:48:39 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access8, changed state
to down
*Nov 25 00:48:44 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to up
*Nov 25 00:48:45 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to up
*Nov 25 00:49:10 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to down
*Nov 25 00:49:11 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to down
*Nov 25 00:49:14 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access8, changed state to up
*Nov 25 00:49:15 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access8, changed state
to up
*Nov 25 01:01:03 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access9, changed state to down
*Nov 25 01:01:04 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access9, changed state
to down
*Nov 25 01:01:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to up
*Nov 25 01:01:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to up
*Nov 25 03:26:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to down
*Nov 25 03:26:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to down
*Nov 25 03:26:49 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access9, changed state to up
*Nov 25 03:26:50 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access9, changed state
to up
*Nov 25 04:46:33 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access9, changed state to down
*Nov 25 04:46:34 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access9, changed state
to down
*Nov 25 04:48:04 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to up
*Nov 25 04:48:05 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to up
*Nov 25 04:58:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to down
*Nov 25 04:58:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to down
*Nov 25 04:58:50 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access9, changed state to up
*Nov 25 04:58:51 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access9, changed state
to up
*Nov 25 05:22:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access9, changed state to down
*Nov 25 05:22:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access9, changed state
to down
*Nov 25 05:22:54 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to up
*Nov 25 05:23:05 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to up
*Nov 25 05:35:23 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to down
*Nov 25 05:35:24 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to down
*Nov 25 05:35:29 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access9, changed state to up
*Nov 25 05:35:30 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access9, changed state
to up
*Nov 25 06:20:42 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access9, changed state to down
*Nov 25 06:20:43 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access9, changed state
to down
*Nov 25 06:20:44 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to up
*Nov 25 06:20:45 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to up
*Nov 25 12:24:42 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to down
*Nov 25 12:24:43 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to down
*Nov 25 12:24:45 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access9, changed state to up
*Nov 25 12:24:46 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access9, changed state
to up
*Nov 25 13:24:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access9, changed state to down
*Nov 25 13:24:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access9, changed state
to down
*Nov 25 13:26:05 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to up
*Nov 25 13:26:09 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to up
*Nov 25 13:33:45 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to down
*Nov 25 13:33:46 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to down
*Nov 25 13:36:30 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access9, changed state to up
*Nov 25 13:36:41 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access9, changed state
to up
*Nov 25 13:38:53 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access9, changed state to down
*Nov 25 13:38:54 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access9, changed state
to down
*Nov 25 13:43:19 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to up
*Nov 25 13:43:48 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to down
*Nov 25 13:46:53 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access9, changed state to up
*Nov 25 13:47:26 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access9, changed state to down
*Nov 25 13:57:51 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to up
*Nov 25 13:57:55 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to up
*Nov 25 13:59:13 UTC: %LINK-3-UPDOWN: Interface Virtual-
Access5, changed state to down
*Nov 25 13:59:14 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Virtual-Access5, changed state
to down










---- Original message ----
>Date: Wed, 22 Nov 2006 06:34:50 -0800
>From: Mark Johnson <mljohnso@cisco.com>
>Subject: Re: Only work with 7 user (client)
>To: tom@hostwebase.com, gabriel.grissett@gmail.com
>Cc: cisco-bba@puck.nether.net
>
>At 04:08 AM 11/22/2006 -0500, Tom Miller wrote:
>>Would you guys help me out with this issues again please.
>>I am having the same problem as before. The Cisco 7204
>>won't seem to accept any more than 7 users. What am I
>>missing here?
>
>This must be a different problem. Capture <debug ppp neg>
>for the 8th user attempting to connect; if you don't see
>any debug output, then the problem is VPDN and you want to
>have a look at
>
>debug vpdn error
>debug vpdn l2x-event
>debug vpdn l2x-error
>debug vtemplate
>
>mark
>
>
>
>>Here is my 7204 configuration:
>>
>>aaa new-model
>>aaa authentication login default local
>>aaa authentication login console enable
>>aaa authentication login telnet line
>>aaa authentication login localauth local
>>aaa authentication ppp default group radius local
>>aaa authorization network default group radius local
>>aaa accounting delay-start
>>aaa accounting nested
>>aaa accounting exec default start-stop group radius
>>aaa accounting network default start-stop group radius
>>
>>
>>
>>interface Loopback2
>> ip address 16.10.172.1 255.255.255.128
>>!
>>!
>>interface Virtual-Template1
>> mtu 1492
>> ip unnumbered Loopback2
>> peer default ip address pool DSLCustomer
>> ppp authentication chap callin
>>
>>
>>
>>Thanks so much
>>
>>Tom
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>---- Original message ----
>> >Date: Thu, 05 Oct 2006 19:23:24 -0700
>> >From: Mark Johnson <mljohnso@cisco.com>
>> >Subject: RE: [cisco-bba] Only work with 5 user (client)
>> >To: tom@hostwebase.com, gabriel.grissett@gmail.com
>> >Cc: cisco-bba@puck.nether.net
>> >
>> >At 04:31 PM 10/5/2006 -0400, Tom Miller wrote:
>> >>Guys,
>> >>
>> >>It seems to be working fine. The system is currently
>> >>excepted up to 7 users without any issues. Can you guy
>> >>enlighten me why it fix with the loopback interface? Is
>> >>this a bug?
>> >
>> >IOS will not allow more than 6 interfaces with the same
>> >static ip address. Without IP unnumbered, each virtual-
>> >access interface is cloned with the same IP address as
>> >the virtual-template, thus you'll fail on the 6th user
>> >(the VT counts as 1).
>> >
>> >mark
>> >
>> >
>> >>Thank you so much for your advices.
>> >>
>> >>Tom
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>---- Original message ----
>> >> >Date: Wed, 4 Oct 2006 14:38:18 -0500
>> >> >From: "Gabriel Grissett" <gabriel.grissett@gmail.com>
>> >> >Subject: RE: [cisco-bba] Only work with 5 user
(client)
>> >> >To: <tom@hostwebase.com>
>> >> >
>> >> >Use a loopback interface ...
>> >> >
>> >> >Interface loopback 2
>> >> > ip address 192.168.172.1 255.255.255.128
>> >> >
>> >> >then change your virtual-template to...
>> >> >
>> >> >interface Virtual-Template1
>> >> > mtu 1492
>> >> > ip unnumbered loopback 2
>> >> >...
>> >> >...
>> >> >...
>> >> >
>> >> >This should be in the archives...
>> >> >
>> >> >> -----Original Message-----
>> >> >> From: cisco-bba-bounces@puck.nether.net
[mailto:cisco-
>>bba-
>> >> >> bounces@puck.nether.net] On Behalf Of Tom Miller
>> >> >> Sent: Wednesday, October 04, 2006 2:28 PM
>> >> >> To: cisco-bba@puck.nether.net
>> >> >> Subject: [cisco-bba] Only work with 5 user (client)
>> >> >>
>> >> >> I have a 7204 (12.0(22)S1) terminating DSL L2TP VPDN
>>and
>> >> >> freeradius ( 1.0.4)
>> >> >>
>> >> >> I am having problem when number of users (clients)
>> >> >> increase from 6 and up.
>> >> >>
>> >> >> It worked fine when I have only 5 users (clients)
using
>> >> >> the system.
>> >> >>
>> >> >> The Cisco 7204 sending missing informationn to the
>>radius
>> >> >> server when the user # 6 try to connect.
Information
>>such
>> >> >> as Tunnel-Server-Endpoint and Tunnel-Client-
Endpoint
>> >> >>
>> >> >>
>> >> >> I must have a missing value within my Cisco
>>configuration.
>> >> >> However, I don't know what it is.
>> >> >>
>> >> >> Would you guys help me out please.
>> >> >>
>> >> >>
>> >> >> Here is my cisco 7204 configuration:
>> >> >>
>> >> >> > aaa new-model
>> >> >> > aaa authentication login default local
>> >> >> > aaa authentication login console enable
>> >> >> > aaa authentication login telnet line
>> >> >> > aaa authentication login localauth local
>> >> >> > aaa authentication ppp default group radius local
>> >> >> > aaa authorization network default group radius
local
>> >> >> > aaa accounting delay-start
>> >> >> > aaa accounting nested
>> >> >> > aaa accounting exec default start-stop group
radius
>> >> >> > aaa accounting network default start-stop group
>>radius
>> >> >> >
>> >> >> >
>> >> >> > !
>> >> >> > vpdn enable
>> >> >> > vpdn aaa override-server 172.17.17.17
>> >> >> > !
>> >> >> > vpdn-group 1
>> >> >> > accept-dialin
>> >> >> > protocol l2tp
>> >> >> > virtual-template 1
>> >> >> > terminate-from hostname aaaabbbr.ca.AADS
>> >> >> > local name abc123456789cha
>> >> >> > lcp renegotiation always
>> >> >> > l2tp tunnel password 7 xxxxxxxxxxxxxxxx
>> >> >> > !
>> >> >> >
>> >> >> > radius-server host 172.17.17.17 auth-port 1645
acct-
>>port
>> >> >> 1646
>> >> >> >
>> >> >> >
>> >> >> > !
>> >> >> > interface Virtual-Template1
>> >> >> > mtu 1492
>> >> >> > ip address 192.168.172.1 255.255.255.128
>> >> >> > peer default ip address pool DSLCustomer
>> >> >> > ppp authentication chap callin
>> >> >> > !
>> >> >> > ip local pool DSLCustomer 192.168.172.51
>>192.168.172.125
>> >> >>
>> >> >>
>> >> >> Thank you,
>> >> >>
>> >> >> Tom
>> >> >>
>> >> >> _______________________________________________
>> >> >> cisco-bba mailing list
>> >> >> cisco-bba@puck.nether.net
>> >> >> https://puck.nether.net/mailman/listinfo/cisco-bba
>> >> >
>> >
>
_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba
Re: Only work with 7 user (client) [ In reply to ]
tom at hostwebase
Nov 25, 2006, 9:27 AM
Post #4 of 6 (4370 views)
Permalink
Mark,

I am on the console and it did not show me anything.
I did turn the terminal monitor off? Am I missing
something?

terminial no monitor

Thanks,
Tom


>
>Mark,
>
>I have the debug on but it didn't show me anything.
>I think I miss a command to tell it to display all the
>debug messages. I don't remember what it is thought.
>
>debug ppp neg
>debug vpdn error
>debug vpdn l2x-event
>debug vpdn l2x-error
>debug vtemplate
>
>terminal monitor
>
>sh debug
>
>PPP:
> PPP protocol negotiation debugging is on
>VPN:
> L2X protocol events debugging is on
> L2X protocol errors debugging is on
> VPDN errors debugging is on
>VTEMPLATE:
> Virtual Template debugging is on
>
>
>
>
>********begining of the show log ************
>
> 23:44:56 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access8, changed state
> to up
>*Nov 25 00:00:03 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access8, changed state to down
>*Nov 25 00:00:04 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access8, changed state
> to down
>*Nov 25 00:00:08 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to up
>*Nov 25 00:00:09 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to up
>*Nov 25 00:00:14 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to down
>*Nov 25 00:00:15 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to down
>*Nov 25 00:00:19 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access8, changed state to up
>*Nov 25 00:00:20 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access8, changed state
> to up
>*Nov 25 00:48:38 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access8, changed state to down
>*Nov 25 00:48:39 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access8, changed state
> to down
>*Nov 25 00:48:44 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to up
>*Nov 25 00:48:45 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to up
>*Nov 25 00:49:10 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to down
>*Nov 25 00:49:11 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to down
>*Nov 25 00:49:14 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access8, changed state to up
>*Nov 25 00:49:15 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access8, changed state
> to up
>*Nov 25 01:01:03 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access9, changed state to down
>*Nov 25 01:01:04 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access9, changed state
> to down
>*Nov 25 01:01:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to up
>*Nov 25 01:01:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to up
>*Nov 25 03:26:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to down
>*Nov 25 03:26:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to down
>*Nov 25 03:26:49 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access9, changed state to up
>*Nov 25 03:26:50 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access9, changed state
> to up
>*Nov 25 04:46:33 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access9, changed state to down
>*Nov 25 04:46:34 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access9, changed state
> to down
>*Nov 25 04:48:04 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to up
>*Nov 25 04:48:05 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to up
>*Nov 25 04:58:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to down
>*Nov 25 04:58:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to down
>*Nov 25 04:58:50 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access9, changed state to up
>*Nov 25 04:58:51 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access9, changed state
> to up
>*Nov 25 05:22:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access9, changed state to down
>*Nov 25 05:22:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access9, changed state
> to down
>*Nov 25 05:22:54 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to up
>*Nov 25 05:23:05 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to up
>*Nov 25 05:35:23 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to down
>*Nov 25 05:35:24 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to down
>*Nov 25 05:35:29 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access9, changed state to up
>*Nov 25 05:35:30 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access9, changed state
> to up
>*Nov 25 06:20:42 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access9, changed state to down
>*Nov 25 06:20:43 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access9, changed state
> to down
>*Nov 25 06:20:44 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to up
>*Nov 25 06:20:45 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to up
>*Nov 25 12:24:42 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to down
>*Nov 25 12:24:43 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to down
>*Nov 25 12:24:45 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access9, changed state to up
>*Nov 25 12:24:46 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access9, changed state
> to up
>*Nov 25 13:24:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access9, changed state to down
>*Nov 25 13:24:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access9, changed state
> to down
>*Nov 25 13:26:05 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to up
>*Nov 25 13:26:09 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to up
>*Nov 25 13:33:45 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to down
>*Nov 25 13:33:46 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to down
>*Nov 25 13:36:30 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access9, changed state to up
>*Nov 25 13:36:41 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access9, changed state
> to up
>*Nov 25 13:38:53 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access9, changed state to down
>*Nov 25 13:38:54 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access9, changed state
> to down
>*Nov 25 13:43:19 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to up
>*Nov 25 13:43:48 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to down
>*Nov 25 13:46:53 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access9, changed state to up
>*Nov 25 13:47:26 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access9, changed state to down
>*Nov 25 13:57:51 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to up
>*Nov 25 13:57:55 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to up
>*Nov 25 13:59:13 UTC: %LINK-3-UPDOWN: Interface Virtual-
>Access5, changed state to down
>*Nov 25 13:59:14 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>Interface Virtual-Access5, changed state
> to down
>
>
>
>
>
>
>
>
>
>
>---- Original message ----
>>Date: Wed, 22 Nov 2006 06:34:50 -0800
>>From: Mark Johnson <mljohnso@cisco.com>
>>Subject: Re: Only work with 7 user (client)
>>To: tom@hostwebase.com, gabriel.grissett@gmail.com
>>Cc: cisco-bba@puck.nether.net
>>
>>At 04:08 AM 11/22/2006 -0500, Tom Miller wrote:
>>>Would you guys help me out with this issues again please.
>>>I am having the same problem as before. The Cisco 7204
>>>won't seem to accept any more than 7 users. What am I
>>>missing here?
>>
>>This must be a different problem. Capture <debug ppp neg>
>>for the 8th user attempting to connect; if you don't see
>>any debug output, then the problem is VPDN and you want to
>>have a look at
>>
>>debug vpdn error
>>debug vpdn l2x-event
>>debug vpdn l2x-error
>>debug vtemplate
>>
>>mark
>>
>>
>>
>>>Here is my 7204 configuration:
>>>
>>>aaa new-model
>>>aaa authentication login default local
>>>aaa authentication login console enable
>>>aaa authentication login telnet line
>>>aaa authentication login localauth local
>>>aaa authentication ppp default group radius local
>>>aaa authorization network default group radius local
>>>aaa accounting delay-start
>>>aaa accounting nested
>>>aaa accounting exec default start-stop group radius
>>>aaa accounting network default start-stop group radius
>>>
>>>
>>>
>>>interface Loopback2
>>> ip address 16.10.172.1 255.255.255.128
>>>!
>>>!
>>>interface Virtual-Template1
>>> mtu 1492
>>> ip unnumbered Loopback2
>>> peer default ip address pool DSLCustomer
>>> ppp authentication chap callin
>>>
>>>
>>>
>>>Thanks so much
>>>
>>>Tom
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>---- Original message ----
>>> >Date: Thu, 05 Oct 2006 19:23:24 -0700
>>> >From: Mark Johnson <mljohnso@cisco.com>
>>> >Subject: RE: [cisco-bba] Only work with 5 user (client)
>>> >To: tom@hostwebase.com, gabriel.grissett@gmail.com
>>> >Cc: cisco-bba@puck.nether.net
>>> >
>>> >At 04:31 PM 10/5/2006 -0400, Tom Miller wrote:
>>> >>Guys,
>>> >>
>>> >>It seems to be working fine. The system is currently
>>> >>excepted up to 7 users without any issues. Can you guy
>>> >>enlighten me why it fix with the loopback interface?
Is
>>> >>this a bug?
>>> >
>>> >IOS will not allow more than 6 interfaces with the same
>>> >static ip address. Without IP unnumbered, each virtual-
>>> >access interface is cloned with the same IP address as
>>> >the virtual-template, thus you'll fail on the 6th user
>>> >(the VT counts as 1).
>>> >
>>> >mark
>>> >
>>> >
>>> >>Thank you so much for your advices.
>>> >>
>>> >>Tom
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>---- Original message ----
>>> >> >Date: Wed, 4 Oct 2006 14:38:18 -0500
>>> >> >From: "Gabriel Grissett" <gabriel.grissett@gmail.com>
>>> >> >Subject: RE: [cisco-bba] Only work with 5 user
>(client)
>>> >> >To: <tom@hostwebase.com>
>>> >> >
>>> >> >Use a loopback interface ...
>>> >> >
>>> >> >Interface loopback 2
>>> >> > ip address 192.168.172.1 255.255.255.128
>>> >> >
>>> >> >then change your virtual-template to...
>>> >> >
>>> >> >interface Virtual-Template1
>>> >> > mtu 1492
>>> >> > ip unnumbered loopback 2
>>> >> >...
>>> >> >...
>>> >> >...
>>> >> >
>>> >> >This should be in the archives...
>>> >> >
>>> >> >> -----Original Message-----
>>> >> >> From: cisco-bba-bounces@puck.nether.net
>[mailto:cisco-
>>>bba-
>>> >> >> bounces@puck.nether.net] On Behalf Of Tom Miller
>>> >> >> Sent: Wednesday, October 04, 2006 2:28 PM
>>> >> >> To: cisco-bba@puck.nether.net
>>> >> >> Subject: [cisco-bba] Only work with 5 user (client)
>>> >> >>
>>> >> >> I have a 7204 (12.0(22)S1) terminating DSL L2TP
VPDN
>>>and
>>> >> >> freeradius ( 1.0.4)
>>> >> >>
>>> >> >> I am having problem when number of users (clients)
>>> >> >> increase from 6 and up.
>>> >> >>
>>> >> >> It worked fine when I have only 5 users (clients)
>using
>>> >> >> the system.
>>> >> >>
>>> >> >> The Cisco 7204 sending missing informationn to the
>>>radius
>>> >> >> server when the user # 6 try to connect.
>Information
>>>such
>>> >> >> as Tunnel-Server-Endpoint and Tunnel-Client-
>Endpoint
>>> >> >>
>>> >> >>
>>> >> >> I must have a missing value within my Cisco
>>>configuration.
>>> >> >> However, I don't know what it is.
>>> >> >>
>>> >> >> Would you guys help me out please.
>>> >> >>
>>> >> >>
>>> >> >> Here is my cisco 7204 configuration:
>>> >> >>
>>> >> >> > aaa new-model
>>> >> >> > aaa authentication login default local
>>> >> >> > aaa authentication login console enable
>>> >> >> > aaa authentication login telnet line
>>> >> >> > aaa authentication login localauth local
>>> >> >> > aaa authentication ppp default group radius local
>>> >> >> > aaa authorization network default group radius
>local
>>> >> >> > aaa accounting delay-start
>>> >> >> > aaa accounting nested
>>> >> >> > aaa accounting exec default start-stop group
>radius
>>> >> >> > aaa accounting network default start-stop group
>>>radius
>>> >> >> >
>>> >> >> >
>>> >> >> > !
>>> >> >> > vpdn enable
>>> >> >> > vpdn aaa override-server 172.17.17.17
>>> >> >> > !
>>> >> >> > vpdn-group 1
>>> >> >> > accept-dialin
>>> >> >> > protocol l2tp
>>> >> >> > virtual-template 1
>>> >> >> > terminate-from hostname aaaabbbr.ca.AADS
>>> >> >> > local name abc123456789cha
>>> >> >> > lcp renegotiation always
>>> >> >> > l2tp tunnel password 7 xxxxxxxxxxxxxxxx
>>> >> >> > !
>>> >> >> >
>>> >> >> > radius-server host 172.17.17.17 auth-port 1645
>acct-
>>>port
>>> >> >> 1646
>>> >> >> >
>>> >> >> >
>>> >> >> > !
>>> >> >> > interface Virtual-Template1
>>> >> >> > mtu 1492
>>> >> >> > ip address 192.168.172.1 255.255.255.128
>>> >> >> > peer default ip address pool DSLCustomer
>>> >> >> > ppp authentication chap callin
>>> >> >> > !
>>> >> >> > ip local pool DSLCustomer 192.168.172.51
>>>192.168.172.125
>>> >> >>
>>> >> >>
>>> >> >> Thank you,
>>> >> >>
>>> >> >> Tom
>>> >> >>
>>> >> >> _______________________________________________
>>> >> >> cisco-bba mailing list
>>> >> >> cisco-bba@puck.nether.net
>>> >> >> https://puck.nether.net/mailman/listinfo/cisco-bba
>>> >> >
>>> >
>>
_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba
Re: Only work with 7 user (client) [ In reply to ]
oboehmer at cisco
Nov 25, 2006, 10:16 AM
Post #5 of 6 (4339 views)
Permalink
enable "logging console debugging", but don't forget to turn it off
afterwards. better to telnet into the box and do "term moni", logging
too much onto the console can make problems.

oli

cisco-bba-bounces@puck.nether.net <> wrote on Saturday, November 25,
2006 6:27 PM:

> Mark,
>
> I am on the console and it did not show me anything.
> I did turn the terminal monitor off? Am I missing
> something?
>
> terminial no monitor
>
> Thanks,
> Tom
>
>
>>
>> Mark,
>>
>> I have the debug on but it didn't show me anything.
>> I think I miss a command to tell it to display all the
>> debug messages. I don't remember what it is thought.
>>
>> debug ppp neg
>> debug vpdn error
>> debug vpdn l2x-event
>> debug vpdn l2x-error
>> debug vtemplate
>>
>> terminal monitor
>>
>> sh debug
>>
>> PPP:
>> PPP protocol negotiation debugging is on
>> VPN:
>> L2X protocol events debugging is on
>> L2X protocol errors debugging is on
>> VPDN errors debugging is on
>> VTEMPLATE:
>> Virtual Template debugging is on
>>
>>
>>
>>
>> ********begining of the show log ************
>>
>> 23:44:56 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access8, changed state
>> to up
>> *Nov 25 00:00:03 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access8, changed state to down
>> *Nov 25 00:00:04 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access8, changed state
>> to down
>> *Nov 25 00:00:08 UTC: %LINK-3-UPDOWN: Interface Virtual- Access5,
>> changed state to up
>> *Nov 25 00:00:09 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to up
>> *Nov 25 00:00:14 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access5, changed state to down
>> *Nov 25 00:00:15 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to down
>> *Nov 25 00:00:19 UTC: %LINK-3-UPDOWN: Interface Virtual- Access8,
>> changed state to up
>> *Nov 25 00:00:20 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access8, changed state
>> to up
>> *Nov 25 00:48:38 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access8, changed state to down
>> *Nov 25 00:48:39 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access8, changed state
>> to down
>> *Nov 25 00:48:44 UTC: %LINK-3-UPDOWN: Interface Virtual- Access5,
>> changed state to up
>> *Nov 25 00:48:45 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to up
>> *Nov 25 00:49:10 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access5, changed state to down
>> *Nov 25 00:49:11 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to down
>> *Nov 25 00:49:14 UTC: %LINK-3-UPDOWN: Interface Virtual- Access8,
>> changed state to up
>> *Nov 25 00:49:15 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access8, changed state
>> to up
>> *Nov 25 01:01:03 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access9, changed state to down
>> *Nov 25 01:01:04 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access9, changed state
>> to down
>> *Nov 25 01:01:43 UTC: %LINK-3-UPDOWN: Interface Virtual- Access5,
>> changed state to up
>> *Nov 25 01:01:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to up
>> *Nov 25 03:26:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access5, changed state to down
>> *Nov 25 03:26:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to down
>> *Nov 25 03:26:49 UTC: %LINK-3-UPDOWN: Interface Virtual- Access9,
>> changed state to up
>> *Nov 25 03:26:50 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access9, changed state
>> to up
>> *Nov 25 04:46:33 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access9, changed state to down
>> *Nov 25 04:46:34 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access9, changed state
>> to down
>> *Nov 25 04:48:04 UTC: %LINK-3-UPDOWN: Interface Virtual- Access5,
>> changed state to up
>> *Nov 25 04:48:05 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to up
>> *Nov 25 04:58:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access5, changed state to down
>> *Nov 25 04:58:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to down
>> *Nov 25 04:58:50 UTC: %LINK-3-UPDOWN: Interface Virtual- Access9,
>> changed state to up
>> *Nov 25 04:58:51 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access9, changed state
>> to up
>> *Nov 25 05:22:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access9, changed state to down
>> *Nov 25 05:22:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access9, changed state
>> to down
>> *Nov 25 05:22:54 UTC: %LINK-3-UPDOWN: Interface Virtual- Access5,
>> changed state to up
>> *Nov 25 05:23:05 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to up
>> *Nov 25 05:35:23 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access5, changed state to down
>> *Nov 25 05:35:24 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to down
>> *Nov 25 05:35:29 UTC: %LINK-3-UPDOWN: Interface Virtual- Access9,
>> changed state to up
>> *Nov 25 05:35:30 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access9, changed state
>> to up
>> *Nov 25 06:20:42 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access9, changed state to down
>> *Nov 25 06:20:43 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access9, changed state
>> to down
>> *Nov 25 06:20:44 UTC: %LINK-3-UPDOWN: Interface Virtual- Access5,
>> changed state to up
>> *Nov 25 06:20:45 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to up
>> *Nov 25 12:24:42 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access5, changed state to down
>> *Nov 25 12:24:43 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to down
>> *Nov 25 12:24:45 UTC: %LINK-3-UPDOWN: Interface Virtual- Access9,
>> changed state to up
>> *Nov 25 12:24:46 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access9, changed state
>> to up
>> *Nov 25 13:24:43 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access9, changed state to down
>> *Nov 25 13:24:44 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access9, changed state
>> to down
>> *Nov 25 13:26:05 UTC: %LINK-3-UPDOWN: Interface Virtual- Access5,
>> changed state to up
>> *Nov 25 13:26:09 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to up
>> *Nov 25 13:33:45 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access5, changed state to down
>> *Nov 25 13:33:46 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to down
>> *Nov 25 13:36:30 UTC: %LINK-3-UPDOWN: Interface Virtual- Access9,
>> changed state to up
>> *Nov 25 13:36:41 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access9, changed state
>> to up
>> *Nov 25 13:38:53 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access9, changed state to down
>> *Nov 25 13:38:54 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access9, changed state
>> to down
>> *Nov 25 13:43:19 UTC: %LINK-3-UPDOWN: Interface Virtual- Access5,
>> changed state to up
>> *Nov 25 13:43:48 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access5, changed state to down
>> *Nov 25 13:46:53 UTC: %LINK-3-UPDOWN: Interface Virtual- Access9,
>> changed state to up
>> *Nov 25 13:47:26 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access9, changed state to down
>> *Nov 25 13:57:51 UTC: %LINK-3-UPDOWN: Interface Virtual- Access5,
>> changed state to up
>> *Nov 25 13:57:55 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to up
>> *Nov 25 13:59:13 UTC: %LINK-3-UPDOWN: Interface Virtual-
>> Access5, changed state to down
>> *Nov 25 13:59:14 UTC: %LINEPROTO-5-UPDOWN: Line protocol on
>> Interface Virtual-Access5, changed state
>> to down
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> ---- Original message ----
>>> Date: Wed, 22 Nov 2006 06:34:50 -0800
>>> From: Mark Johnson <mljohnso@cisco.com>
>>> Subject: Re: Only work with 7 user (client)
>>> To: tom@hostwebase.com, gabriel.grissett@gmail.com
>>> Cc: cisco-bba@puck.nether.net
>>>
>>> At 04:08 AM 11/22/2006 -0500, Tom Miller wrote:
>>>> Would you guys help me out with this issues again please.
>>>> I am having the same problem as before. The Cisco 7204
>>>> won't seem to accept any more than 7 users. What am I
>>>> missing here?
>>>
>>> This must be a different problem. Capture <debug ppp neg>
>>> for the 8th user attempting to connect; if you don't see
>>> any debug output, then the problem is VPDN and you want to have a
>>> look at
>>>
>>> debug vpdn error
>>> debug vpdn l2x-event
>>> debug vpdn l2x-error
>>> debug vtemplate
>>>
>>> mark
>>>
>>>
>>>
>>>> Here is my 7204 configuration:
>>>>
>>>> aaa new-model
>>>> aaa authentication login default local
>>>> aaa authentication login console enable
>>>> aaa authentication login telnet line
>>>> aaa authentication login localauth local
>>>> aaa authentication ppp default group radius local
>>>> aaa authorization network default group radius local
>>>> aaa accounting delay-start
>>>> aaa accounting nested
>>>> aaa accounting exec default start-stop group radius
>>>> aaa accounting network default start-stop group radius
>>>>
>>>>
>>>>
>>>> interface Loopback2
>>>> ip address 16.10.172.1 255.255.255.128
>>>> !
>>>> !
>>>> interface Virtual-Template1
>>>> mtu 1492
>>>> ip unnumbered Loopback2
>>>> peer default ip address pool DSLCustomer
>>>> ppp authentication chap callin
>>>>
>>>>
>>>>
>>>> Thanks so much
>>>>
>>>> Tom
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ---- Original message ----
>>>>> Date: Thu, 05 Oct 2006 19:23:24 -0700
>>>>> From: Mark Johnson <mljohnso@cisco.com>
>>>>> Subject: RE: [cisco-bba] Only work with 5 user (client)
>>>>> To: tom@hostwebase.com, gabriel.grissett@gmail.com
>>>>> Cc: cisco-bba@puck.nether.net
>>>>>
>>>>> At 04:31 PM 10/5/2006 -0400, Tom Miller wrote:
>>>>>> Guys,
>>>>>>
>>>>>> It seems to be working fine. The system is currently
>>>>>> excepted up to 7 users without any issues. Can you guy
>>>>>> enlighten me why it fix with the loopback interface? Is
>>>>>> this a bug?
>>>>>
>>>>> IOS will not allow more than 6 interfaces with the same
>>>>> static ip address. Without IP unnumbered, each virtual-
>>>>> access interface is cloned with the same IP address as
>>>>> the virtual-template, thus you'll fail on the 6th user (the VT
>>>>> counts as 1).
>>>>>
>>>>> mark
>>>>>
>>>>>
>>>>>> Thank you so much for your advices.
>>>>>>
>>>>>> Tom
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ---- Original message ----
>>>>>>> Date: Wed, 4 Oct 2006 14:38:18 -0500
>>>>>>> From: "Gabriel Grissett" <gabriel.grissett@gmail.com>
>>>>>>> Subject: RE: [cisco-bba] Only work with 5 user (client) To:
>>>>>>> <tom@hostwebase.com>
>>>>>>>
>>>>>>> Use a loopback interface ...
>>>>>>>
>>>>>>> Interface loopback 2
>>>>>>> ip address 192.168.172.1 255.255.255.128
>>>>>>>
>>>>>>> then change your virtual-template to...
>>>>>>>
>>>>>>> interface Virtual-Template1
>>>>>>> mtu 1492
>>>>>>> ip unnumbered loopback 2
>>>>>>> ...
>>>>>>> ...
>>>>>>> ...
>>>>>>>
>>>>>>> This should be in the archives...
>>>>>>>
>>>>>>>> -----Original Message-----
>>>>>>>> From: cisco-bba-bounces@puck.nether.net [mailto:cisco- bba-
>>>>>>>> bounces@puck.nether.net] On Behalf Of Tom Miller
>>>>>>>> Sent: Wednesday, October 04, 2006 2:28 PM
>>>>>>>> To: cisco-bba@puck.nether.net
>>>>>>>> Subject: [cisco-bba] Only work with 5 user (client)
>>>>>>>>
>>>>>>>> I have a 7204 (12.0(22)S1) terminating DSL L2TP VPDN and
>>>>>>>> freeradius ( 1.0.4)
>>>>>>>>
>>>>>>>> I am having problem when number of users (clients)
>>>>>>>> increase from 6 and up.
>>>>>>>>
>>>>>>>> It worked fine when I have only 5 users (clients) using the
>>>>>>>> system.
>>>>>>>>
>>>>>>>> The Cisco 7204 sending missing informationn to the radius
>>>>>>>> server when the user # 6 try to connect. Information such
>>>>>>>> as Tunnel-Server-Endpoint and Tunnel-Client- Endpoint
>>>>>>>>
>>>>>>>>
>>>>>>>> I must have a missing value within my Cisco configuration.
>>>>>>>> However, I don't know what it is.
>>>>>>>>
>>>>>>>> Would you guys help me out please.
>>>>>>>>
>>>>>>>>
>>>>>>>> Here is my cisco 7204 configuration:
>>>>>>>>
>>>>>>>>> aaa new-model
>>>>>>>>> aaa authentication login default local
>>>>>>>>> aaa authentication login console enable
>>>>>>>>> aaa authentication login telnet line
>>>>>>>>> aaa authentication login localauth local
>>>>>>>>> aaa authentication ppp default group radius local
>>>>>>>>> aaa authorization network default group radius local aaa
>>>>>>>>> accounting delay-start aaa accounting nested
>>>>>>>>> aaa accounting exec default start-stop group radius
>>>>>>>>> aaa accounting network default start-stop group radius
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> !
>>>>>>>>> vpdn enable
>>>>>>>>> vpdn aaa override-server 172.17.17.17
>>>>>>>>> !
>>>>>>>>> vpdn-group 1
>>>>>>>>> accept-dialin
>>>>>>>>> protocol l2tp
>>>>>>>>> virtual-template 1
>>>>>>>>> terminate-from hostname aaaabbbr.ca.AADS
>>>>>>>>> local name abc123456789cha
>>>>>>>>> lcp renegotiation always
>>>>>>>>> l2tp tunnel password 7 xxxxxxxxxxxxxxxx
>>>>>>>>> !
>>>>>>>>>
>>>>>>>>> radius-server host 172.17.17.17 auth-port 1645
>> acct-
>>>> port
>>>>>>>> 1646
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> !
>>>>>>>>> interface Virtual-Template1
>>>>>>>>> mtu 1492
>>>>>>>>> ip address 192.168.172.1 255.255.255.128
>>>>>>>>> peer default ip address pool DSLCustomer
>>>>>>>>> ppp authentication chap callin
>>>>>>>>> !
>>>>>>>>> ip local pool DSLCustomer 192.168.172.51 192.168.172.125
>>>>>>>>
>>>>>>>>
>>>>>>>> Thank you,
>>>>>>>>
>>>>>>>> Tom
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> cisco-bba mailing list
>>>>>>>> cisco-bba@puck.nether.net
>>>>>>>> https://puck.nether.net/mailman/listinfo/cisco-bba
>>>>>>>
>>>>>
>>>
> _______________________________________________
> cisco-bba mailing list
> cisco-bba@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba

_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba
Re: Only work with 7 user (client) [ In reply to ]
tom at hostwebase
Nov 25, 2006, 3:51 PM
Post #6 of 6 (4325 views)
Permalink
Mark,

I forget to turn on the logging console. I got the log to
display via the console.
I will look for the error and keep you update.

Thanks much,

Tom


---- Original message ----
>Date: Wed, 22 Nov 2006 06:34:50 -0800
>From: Mark Johnson <mljohnso@cisco.com>
>Subject: Re: Only work with 7 user (client)
>To: tom@hostwebase.com, gabriel.grissett@gmail.com
>Cc: cisco-bba@puck.nether.net
>
>At 04:08 AM 11/22/2006 -0500, Tom Miller wrote:
>>Would you guys help me out with this issues again please.
>>I am having the same problem as before. The Cisco 7204
>>won't seem to accept any more than 7 users. What am I
>>missing here?
>
>This must be a different problem. Capture <debug ppp neg>
>for the 8th user attempting to connect; if you don't see
>any debug output, then the problem is VPDN and you want to
>have a look at
>
>debug vpdn error
>debug vpdn l2x-event
>debug vpdn l2x-error
>debug vtemplate
>
>mark
>
>
>
>>Here is my 7204 configuration:
>>
>>aaa new-model
>>aaa authentication login default local
>>aaa authentication login console enable
>>aaa authentication login telnet line
>>aaa authentication login localauth local
>>aaa authentication ppp default group radius local
>>aaa authorization network default group radius local
>>aaa accounting delay-start
>>aaa accounting nested
>>aaa accounting exec default start-stop group radius
>>aaa accounting network default start-stop group radius
>>
>>
>>
>>interface Loopback2
>> ip address 16.10.172.1 255.255.255.128
>>!
>>!
>>interface Virtual-Template1
>> mtu 1492
>> ip unnumbered Loopback2
>> peer default ip address pool DSLCustomer
>> ppp authentication chap callin
>>
>>
>>
>>Thanks so much
>>
>>Tom
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>---- Original message ----
>> >Date: Thu, 05 Oct 2006 19:23:24 -0700
>> >From: Mark Johnson <mljohnso@cisco.com>
>> >Subject: RE: [cisco-bba] Only work with 5 user (client)
>> >To: tom@hostwebase.com, gabriel.grissett@gmail.com
>> >Cc: cisco-bba@puck.nether.net
>> >
>> >At 04:31 PM 10/5/2006 -0400, Tom Miller wrote:
>> >>Guys,
>> >>
>> >>It seems to be working fine. The system is currently
>> >>excepted up to 7 users without any issues. Can you guy
>> >>enlighten me why it fix with the loopback interface? Is
>> >>this a bug?
>> >
>> >IOS will not allow more than 6 interfaces with the same
>> >static ip address. Without IP unnumbered, each virtual-
>> >access interface is cloned with the same IP address as
>> >the virtual-template, thus you'll fail on the 6th user
>> >(the VT counts as 1).
>> >
>> >mark
>> >
>> >
>> >>Thank you so much for your advices.
>> >>
>> >>Tom
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>---- Original message ----
>> >> >Date: Wed, 4 Oct 2006 14:38:18 -0500
>> >> >From: "Gabriel Grissett" <gabriel.grissett@gmail.com>
>> >> >Subject: RE: [cisco-bba] Only work with 5 user
(client)
>> >> >To: <tom@hostwebase.com>
>> >> >
>> >> >Use a loopback interface ...
>> >> >
>> >> >Interface loopback 2
>> >> > ip address 192.168.172.1 255.255.255.128
>> >> >
>> >> >then change your virtual-template to...
>> >> >
>> >> >interface Virtual-Template1
>> >> > mtu 1492
>> >> > ip unnumbered loopback 2
>> >> >...
>> >> >...
>> >> >...
>> >> >
>> >> >This should be in the archives...
>> >> >
>> >> >> -----Original Message-----
>> >> >> From: cisco-bba-bounces@puck.nether.net
[mailto:cisco-
>>bba-
>> >> >> bounces@puck.nether.net] On Behalf Of Tom Miller
>> >> >> Sent: Wednesday, October 04, 2006 2:28 PM
>> >> >> To: cisco-bba@puck.nether.net
>> >> >> Subject: [cisco-bba] Only work with 5 user (client)
>> >> >>
>> >> >> I have a 7204 (12.0(22)S1) terminating DSL L2TP VPDN
>>and
>> >> >> freeradius ( 1.0.4)
>> >> >>
>> >> >> I am having problem when number of users (clients)
>> >> >> increase from 6 and up.
>> >> >>
>> >> >> It worked fine when I have only 5 users (clients)
using
>> >> >> the system.
>> >> >>
>> >> >> The Cisco 7204 sending missing informationn to the
>>radius
>> >> >> server when the user # 6 try to connect.
Information
>>such
>> >> >> as Tunnel-Server-Endpoint and Tunnel-Client-
Endpoint
>> >> >>
>> >> >>
>> >> >> I must have a missing value within my Cisco
>>configuration.
>> >> >> However, I don't know what it is.
>> >> >>
>> >> >> Would you guys help me out please.
>> >> >>
>> >> >>
>> >> >> Here is my cisco 7204 configuration:
>> >> >>
>> >> >> > aaa new-model
>> >> >> > aaa authentication login default local
>> >> >> > aaa authentication login console enable
>> >> >> > aaa authentication login telnet line
>> >> >> > aaa authentication login localauth local
>> >> >> > aaa authentication ppp default group radius local
>> >> >> > aaa authorization network default group radius
local
>> >> >> > aaa accounting delay-start
>> >> >> > aaa accounting nested
>> >> >> > aaa accounting exec default start-stop group
radius
>> >> >> > aaa accounting network default start-stop group
>>radius
>> >> >> >
>> >> >> >
>> >> >> > !
>> >> >> > vpdn enable
>> >> >> > vpdn aaa override-server 172.17.17.17
>> >> >> > !
>> >> >> > vpdn-group 1
>> >> >> > accept-dialin
>> >> >> > protocol l2tp
>> >> >> > virtual-template 1
>> >> >> > terminate-from hostname aaaabbbr.ca.AADS
>> >> >> > local name abc123456789cha
>> >> >> > lcp renegotiation always
>> >> >> > l2tp tunnel password 7 xxxxxxxxxxxxxxxx
>> >> >> > !
>> >> >> >
>> >> >> > radius-server host 172.17.17.17 auth-port 1645
acct-
>>port
>> >> >> 1646
>> >> >> >
>> >> >> >
>> >> >> > !
>> >> >> > interface Virtual-Template1
>> >> >> > mtu 1492
>> >> >> > ip address 192.168.172.1 255.255.255.128
>> >> >> > peer default ip address pool DSLCustomer
>> >> >> > ppp authentication chap callin
>> >> >> > !
>> >> >> > ip local pool DSLCustomer 192.168.172.51
>>192.168.172.125
>> >> >>
>> >> >>
>> >> >> Thank you,
>> >> >>
>> >> >> Tom
>> >> >>
>> >> >> _______________________________________________
>> >> >> cisco-bba mailing list
>> >> >> cisco-bba@puck.nether.net
>> >> >> https://puck.nether.net/mailman/listinfo/cisco-bba
>> >> >
>> >
>
_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal