Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Cisco>
  3. NAS
local user with static ip
achatz at forthnet
Mar 23, 2004, 12:03 PM
Post #1 of 5 (1196 views)
Permalink
I'm using the following config (some non-important parts are missing) for a dialup scenario:

5300 (12.2(15)T9)
!--------------------------------------------------------
!
username testuser password 0 testpass
!
virtual-profile if-needed
virtual-profile virtual-template 1
!
controller E1 0
clock source line primary
pri-group timeslots 1-31
!
interface Virtual-Template1
ip unnumbered Loopback0
peer default ip address pool test
ppp authentication pap chap callin RADIUS-AAA
ppp authorization RADIUS-AAA
ppp accounting RADIUS-AAA
!
interface Serial0:15
ip unnumbered Loopback0
encapsulation ppp
dialer rotary-group 1
dialer-group 1
isdn switch-type primary-net5
isdn incoming-voice modem
!
interface Group-Async1
ip unnumbered Loopback0
encapsulation ppp
async dynamic routing
async mode interactive
peer default ip address pool test
ppp authentication pap chap callin RADIUS-AAA
ppp authorization RADIUS-AAA
ppp accounting RADIUS-AAA
group-range 1 30
!
interface Dialer1
ip unnumbered Loopback0
encapsulation ppp
dialer in-band
dialer idle-timeout 1200 either
dialer-group 1
peer default ip address pool test
ppp authentication pap chap callin RADIUS-AAA
ppp authorization RADIUS-AAA
ppp accounting RADIUS-AAA
!
ip local pool test x.x.x.x y.y.y.y
!
dialer-list 1 protocol ip list 101
access-list 101 permit ip any any
!--------------------------------------------------------

aaa method "RADIUS-AAA" does local aaa first and then radius aaa.


I'm trying to make the local defined user "testuser" to get a static ip (10.10.10.10)
whenever he calls into this router (he gets a dynamic instead). I suppose this needs a
"dialer map" configuration under "dialer 1", but i would like your help here.
Is this possible without affecting all the other (dynamic/static) users?


--
***************************************
Chatzithomaoglou Anastasios
Network Design & Development Department
FORTHnet S.A.
<achatz@forthnet.gr>
***************************************
Re: local user with static ip [ In reply to ]
Aaron at Cisco
Mar 23, 2004, 12:07 PM
Post #2 of 5 (1197 views)
Permalink
I'd recommend that you do this with a dialer profile.

interface dialer 2
ip unnumbered loopback 0
peer default ip address 10.10.10.10
dialer remote-name testuser
dialer pool 1
ppp authentication pap chap callin
interface dialer 3
ip unnumbered loopback 0
peer default ip address 10.10.10.11
dialer remote-name DUMMY
dialer pool 1
ppp authentication pap chap callin
interface serial 0:15
dialer pool-member 3
ppp authentication pap chap callin RADIUS-AAA
ppp authorization RADIUS-AAA
ppp accounting RADIUS-AAA
no virtual-profile if-needed

So the users that need static addresses can get dialer profiles, while
the rest of the users will get virtual profiles.

Why did I configure the dummy dialer profile? Because, if you have
exactly one dialer profile, then all calls into the corresponding
dialer pool-members will bind to that dialer profile, rather than
to the virtual template.

Aaron

---

> I'm using the following config (some non-important parts are missing) for a dialup scenario:

> 5300 (12.2(15)T9)
> !--------------------------------------------------------
> !
> username testuser password 0 testpass
> !
> virtual-profile if-needed
> virtual-profile virtual-template 1
> !
> controller E1 0
> clock source line primary
> pri-group timeslots 1-31
> !
> interface Virtual-Template1
> ip unnumbered Loopback0
> peer default ip address pool test
> ppp authentication pap chap callin RADIUS-AAA
> ppp authorization RADIUS-AAA
> ppp accounting RADIUS-AAA
> !
> interface Serial0:15
> ip unnumbered Loopback0
> encapsulation ppp
> dialer rotary-group 1
> dialer-group 1
> isdn switch-type primary-net5
> isdn incoming-voice modem
> !
> interface Group-Async1
> ip unnumbered Loopback0
> encapsulation ppp
> async dynamic routing
> async mode interactive
> peer default ip address pool test
> ppp authentication pap chap callin RADIUS-AAA
> ppp authorization RADIUS-AAA
> ppp accounting RADIUS-AAA
> group-range 1 30
> !
> interface Dialer1
> ip unnumbered Loopback0
> encapsulation ppp
> dialer in-band
> dialer idle-timeout 1200 either
> dialer-group 1
> peer default ip address pool test
> ppp authentication pap chap callin RADIUS-AAA
> ppp authorization RADIUS-AAA
> ppp accounting RADIUS-AAA
> !
> ip local pool test x.x.x.x y.y.y.y
> !
> dialer-list 1 protocol ip list 101
> access-list 101 permit ip any any
> !--------------------------------------------------------

> aaa method "RADIUS-AAA" does local aaa first and then radius aaa.


> I'm trying to make the local defined user "testuser" to get a static ip (10.10.10.10)
> whenever he calls into this router (he gets a dynamic instead). I suppose this needs a
> "dialer map" configuration under "dialer 1", but i would like your help here.
> Is this possible without affecting all the other (dynamic/static) users?


> --
> ***************************************
> Chatzithomaoglou Anastasios
> Network Design & Development Department
> FORTHnet S.A.
> <achatz@forthnet.gr>
> ***************************************

> _______________________________________________
> cisco-nas mailing list
> cisco-nas@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nas
Re: local user with static ip [ In reply to ]
mljohnso at cisco
Mar 23, 2004, 12:24 PM
Post #3 of 5 (1183 views)
Permalink
At 11:07 AM 3/23/2004 -0800, Aaron Leonard wrote:

>Why did I configure the dummy dialer profile? Because, if you have
>exactly one dialer profile, then all calls into the corresponding
>dialer pool-members will bind to that dialer profile, rather than
>to the virtual template.

This problem, for those who care, is CSCdu05390.

mark
Re: local user with static ip [ In reply to ]
achatz at forthnet
Mar 23, 2004, 12:51 PM
Post #4 of 5 (1180 views)
Permalink
Does this (dialer pool-member) mean i have to remove "dialer rotary-group 1" from "int
Serial0:15" ?


Aaron Leonard wrote:

> I'd recommend that you do this with a dialer profile.
>
> interface dialer 2
> ip unnumbered loopback 0
> peer default ip address 10.10.10.10
> dialer remote-name testuser
> dialer pool 1
> ppp authentication pap chap callin
> interface dialer 3
> ip unnumbered loopback 0
> peer default ip address 10.10.10.11
> dialer remote-name DUMMY dialer pool 1 ppp authentication pap chap
> callin
> interface serial 0:15
> dialer pool-member 3
> ppp authentication pap chap callin RADIUS-AAA
> ppp authorization RADIUS-AAA
> ppp accounting RADIUS-AAA
> no virtual-profile if-needed
>
> So the users that need static addresses can get dialer profiles, while
> the rest of the users will get virtual profiles.
>
> Why did I configure the dummy dialer profile? Because, if you have
> exactly one dialer profile, then all calls into the corresponding
> dialer pool-members will bind to that dialer profile, rather than
> to the virtual template.
>
> Aaron
>
> ---
>
>> I'm using the following config (some non-important parts are missing)
>> for a dialup scenario:
>
>
>> 5300 (12.2(15)T9)
>> !--------------------------------------------------------
>> !
>> username testuser password 0 testpass
>> !
>> virtual-profile if-needed
>> virtual-profile virtual-template 1
>> !
>> controller E1 0
>> clock source line primary
>> pri-group timeslots 1-31
>> !
>> interface Virtual-Template1
>> ip unnumbered Loopback0
>> peer default ip address pool test
>> ppp authentication pap chap callin RADIUS-AAA
>> ppp authorization RADIUS-AAA
>> ppp accounting RADIUS-AAA
>> !
>> interface Serial0:15
>> ip unnumbered Loopback0
>> encapsulation ppp
>> dialer rotary-group 1
>> dialer-group 1
>> isdn switch-type primary-net5
>> isdn incoming-voice modem
>> !
>> interface Group-Async1
>> ip unnumbered Loopback0
>> encapsulation ppp
>> async dynamic routing
>> async mode interactive
>> peer default ip address pool test
>> ppp authentication pap chap callin RADIUS-AAA
>> ppp authorization RADIUS-AAA
>> ppp accounting RADIUS-AAA
>> group-range 1 30
>> !
>> interface Dialer1
>> ip unnumbered Loopback0
>> encapsulation ppp
>> dialer in-band
>> dialer idle-timeout 1200 either
>> dialer-group 1
>> peer default ip address pool test
>> ppp authentication pap chap callin RADIUS-AAA
>> ppp authorization RADIUS-AAA
>> ppp accounting RADIUS-AAA
>> !
>> ip local pool test x.x.x.x y.y.y.y
>> !
>> dialer-list 1 protocol ip list 101
>> access-list 101 permit ip any any
>> !--------------------------------------------------------
>
>
>> aaa method "RADIUS-AAA" does local aaa first and then radius aaa.
>
>
>
>> I'm trying to make the local defined user "testuser" to get a static
>> ip (10.10.10.10)
>> whenever he calls into this router (he gets a dynamic instead). I
>> suppose this needs a
>> "dialer map" configuration under "dialer 1", but i would like your
>> help here.
>> Is this possible without affecting all the other (dynamic/static) users?
>
>
>
>> --
>> ***************************************
>> Chatzithomaoglou Anastasios
>> Network Design & Development Department
>> FORTHnet S.A.
>> <achatz@forthnet.gr>
>> ***************************************
>
>
>> _______________________________________________
>> cisco-nas mailing list
>> cisco-nas@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nas
>
>

--
***************************************
Chatzithomaoglou Anastasios
Network Design & Development Department
FORTHnet S.A.
<achatz@forthnet.gr>
***************************************
RE: local user with static ip [ In reply to ]
oboehmer at cisco
Mar 24, 2004, 2:21 AM
Post #5 of 5 (1183 views)
Permalink
> Does this (dialer pool-member) mean i have to remove "dialer
> rotary-group 1" from "int Serial0:15" ?

yes. and Aaron's config should rather say "dialer pool-member 1" on the
physical, I guess the "3" in his mail was a typo...

oli


>
> Aaron Leonard wrote:
>
> > I'd recommend that you do this with a dialer profile.
> >
> > interface dialer 2
> > ip unnumbered loopback 0
> > peer default ip address 10.10.10.10
> > dialer remote-name testuser
> > dialer pool 1
> > ppp authentication pap chap callin
> > interface dialer 3
> > ip unnumbered loopback 0
> > peer default ip address 10.10.10.11
> > dialer remote-name DUMMY dialer pool 1 ppp authentication pap
> chap callin
> > interface serial 0:15
> > dialer pool-member 3
> > ppp authentication pap chap callin RADIUS-AAA
> > ppp authorization RADIUS-AAA
> > ppp accounting RADIUS-AAA
> > no virtual-profile if-needed
> >
> > So the users that need static addresses can get dialer profiles,
> > while the rest of the users will get virtual profiles.
> >
> > Why did I configure the dummy dialer profile? Because, if you have
> > exactly one dialer profile, then all calls into the corresponding
> > dialer pool-members will bind to that dialer profile, rather than
> > to the virtual template.
> >
> > Aaron
> >
> > ---
> >
> > > I'm using the following config (some non-important parts are
> > > missing) for a dialup scenario:
> >
> >
> > > 5300 (12.2(15)T9)
> > > !-------------------------------------------------------- !
> > > username testuser password 0 testpass
> > > !
> > > virtual-profile if-needed
> > > virtual-profile virtual-template 1
> > > !
> > > controller E1 0
> > > clock source line primary
> > > pri-group timeslots 1-31
> > > !
> > > interface Virtual-Template1
> > > ip unnumbered Loopback0
> > > peer default ip address pool test
> > > ppp authentication pap chap callin RADIUS-AAA
> > > ppp authorization RADIUS-AAA
> > > ppp accounting RADIUS-AAA
> > > !
> > > interface Serial0:15
> > > ip unnumbered Loopback0
> > > encapsulation ppp
> > > dialer rotary-group 1
> > > dialer-group 1
> > > isdn switch-type primary-net5
> > > isdn incoming-voice modem
> > > !
> > > interface Group-Async1
> > > ip unnumbered Loopback0
> > > encapsulation ppp
> > > async dynamic routing
> > > async mode interactive
> > > peer default ip address pool test
> > > ppp authentication pap chap callin RADIUS-AAA
> > > ppp authorization RADIUS-AAA
> > > ppp accounting RADIUS-AAA
> > > group-range 1 30
> > > !
> > > interface Dialer1
> > > ip unnumbered Loopback0
> > > encapsulation ppp
> > > dialer in-band
> > > dialer idle-timeout 1200 either
> > > dialer-group 1
> > > peer default ip address pool test
> > > ppp authentication pap chap callin RADIUS-AAA
> > > ppp authorization RADIUS-AAA
> > > ppp accounting RADIUS-AAA
> > > !
> > > ip local pool test x.x.x.x y.y.y.y
> > > !
> > > dialer-list 1 protocol ip list 101
> > > access-list 101 permit ip any any
> > > !--------------------------------------------------------
> >
> >
> > > aaa method "RADIUS-AAA" does local aaa first and then radius aaa.
> >
> >
> >
> > > I'm trying to make the local defined user "testuser" to get a
> > > static ip (10.10.10.10) whenever he calls into this router (he
> > > gets a dynamic instead). I suppose this needs a "dialer map"
> > > configuration under "dialer 1", but i would like your help here.
> > > Is this possible without affecting all the other (dynamic/static)
> > > users?
> >
> >
> >
> > > --
> > > ***************************************
> > > Chatzithomaoglou Anastasios
> > > Network Design & Development Department
> > > FORTHnet S.A.
> > > <achatz@forthnet.gr>
> > > ***************************************
> >
> >
> > > _______________________________________________
> > > cisco-nas mailing list
> > > cisco-nas@puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-nas

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal