Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Cisco>
  3. NAS
Re: X.75 (LAPB-TA) - get ISDN port into Radius Acct?
gert at greenie
Jul 12, 2011, 3:21 AM
Post #1 of 6 (6400 views)
Permalink
Hi,

coming back to an ooold thread... :-)

I'm using an AS5300 and a 3640 to terminate incoming X.75 and modem calls,
and relay them via "telnet" to a unix box that does "server things"
(provides files for zmodem download).

This works nicely (except for slow interface buffer leaks that can be
handled by rebooting once a week).

For reference, the config is like this (only the most important bits):

aaa authentication login DIALIN none
aaa authorization exec DIALIN none
aaa accounting exec DIALIN start-stop group radius
aaa accounting connection DIALIN start-stop group radius

interface BRI1/1
description Mailbox-Einwahl
no ip address
encapsulation hdlc
autodetect encapsulation lapb-ta
isdn incoming-voice modem 64
hold-queue 500 in
hold-queue 500 out

line 65 89
location TTY lines for modem callers
no exec-banner
authorization exec DIALIN
accounting connection DIALIN
accounting exec DIALIN
login authentication DIALIN
modem Dialin
autocommand telnet myserver 8023
special-character-bits 8
escape-character NONE

line vty 5 30
location VTYs for LAPB-TA (X.75) callers
no exec-banner
authorization exec DIALIN
accounting connection DIALIN
accounting exec DIALIN
login authentication DIALIN
autocommand telnet myserver 8023
special-character-bits 8
transport input lapb-ta
escape-character NONE

radius-server host myserver auth-port 1812 acct-port 1813 key mykey
radius-server vsa send cisco-nas-port
radius-server vsa send accounting



What I'm missing today is to be able to correlate incoming connections
on the server to specific phone lines on the 3640. Like "User fred calls
the hotline and complaining about frequent disconnects - where did
fred's calls terminate?".

So I thought I'd use Radius Accounting to get me that, but of course
there's a catch...

Attributes:
Acct-Session-Id: 0000010A
Login-Service: Telnet
Login-IP-Host: 192.168.41.7
Login-TCP-Port: 8023
Acct-Authentic: Local
Acct-Terminate-Cause: User-Request
Acct-Session-Time: 14
Acct-Status-Type: Stop
Calling-Station-Id: 008912007738
Called-Station-Id: 691
NAS-Port: 79
NAS-Port-Id: tty79
NAS-Port-Type: Async
Connect-Info: 31200 V34+/V42bis/LAPM
Service-Type: NAS-Prompt-User
NAS-IP-Address: 192.168.41.175
Acct-Delay-Time: 0
VSA for vendor 9
Cisco-AVPair: disc-cause-ext=TS User Exit\|connect-progress=Estab\'d Telnet Conn\|nas-tx-speed=31200\|nas-rx-speed=31200
Cisco-NAS-Port: tty79

... for modem calls, I get the tty number that corresponds to the modem
being used, and for ISDN X.75 calls, I get the "first free" vty number
(usually tty135 = vty 5) where the call terminated.


Now the question: is there a trick to get the "hardware port" (BRI1/2:2)
into the Radius records for X.75/LABP-TA or Modem calls?

If Radius is not the tool I want, is there anything else (in a 3640)
that will give me the data?

I have syslog, of course, but that's missing all the other goodies, like
"connect-info" or bytes/packets transferred...


thanks in advance :)

gert

--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert@greenie.muc.de
fax: +49-89-35655025 gert@net.informatik.tu-muenchen.de
Re: X.75 (LAPB-TA) - get ISDN port into Radius Acct? [ In reply to ]
gert at greenie
Jul 12, 2011, 3:23 AM
Post #2 of 6 (6221 views)
Permalink
Hi,

On Tue, Jul 12, 2011 at 12:21:09PM +0200, Gert Doering wrote:
> I'm using an AS5300 and a 3640 to terminate incoming X.75 and modem calls,
> and relay them via "telnet" to a unix box that does "server things"
> (provides files for zmodem download).

Forgot the most important bit - on the 3640, I run c3640-is-mz.124-25.bin

The AS5300 is running 12.3(26), but that's more a secondary target - as
most of the smaller setups have ISDN BRI, the 3640 will be the primary
focus.

gert


--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert@greenie.muc.de
fax: +49-89-35655025 gert@net.informatik.tu-muenchen.de
Re: X.75 (LAPB-TA) - get ISDN port into Radius Acct? [ In reply to ]
Aaron at cisco
Jul 13, 2011, 10:33 AM
Post #3 of 6 (6206 views)
Permalink
Gert,

I think you can use "aaa accounting connection" to get the ISDN
signaling information, which you could then correlate back to to the
X.75 calls.

Best,

Aaron

--------------------------------------------------------------------------

On 7/12/2011 3:21 AM, gert@greenie.muc.de (Gert Doering) wrote:
> Hi,
>
> coming back to an ooold thread... :-)
>
> I'm using an AS5300 and a 3640 to terminate incoming X.75 and modem calls,
> and relay them via "telnet" to a unix box that does "server things"
> (provides files for zmodem download).
>
> This works nicely (except for slow interface buffer leaks that can be
> handled by rebooting once a week).
>
> For reference, the config is like this (only the most important bits):
>
> aaa authentication login DIALIN none
> aaa authorization exec DIALIN none
> aaa accounting exec DIALIN start-stop group radius
> aaa accounting connection DIALIN start-stop group radius
>
> interface BRI1/1
> description Mailbox-Einwahl
> no ip address
> encapsulation hdlc
> autodetect encapsulation lapb-ta
> isdn incoming-voice modem 64
> hold-queue 500 in
> hold-queue 500 out
>
> line 65 89
> location TTY lines for modem callers
> no exec-banner
> authorization exec DIALIN
> accounting connection DIALIN
> accounting exec DIALIN
> login authentication DIALIN
> modem Dialin
> autocommand telnet myserver 8023
> special-character-bits 8
> escape-character NONE
>
> line vty 5 30
> location VTYs for LAPB-TA (X.75) callers
> no exec-banner
> authorization exec DIALIN
> accounting connection DIALIN
> accounting exec DIALIN
> login authentication DIALIN
> autocommand telnet myserver 8023
> special-character-bits 8
> transport input lapb-ta
> escape-character NONE
>
> radius-server host myserver auth-port 1812 acct-port 1813 key mykey
> radius-server vsa send cisco-nas-port
> radius-server vsa send accounting
>
>
>
> What I'm missing today is to be able to correlate incoming connections
> on the server to specific phone lines on the 3640. Like "User fred calls
> the hotline and complaining about frequent disconnects - where did
> fred's calls terminate?".
>
> So I thought I'd use Radius Accounting to get me that, but of course
> there's a catch...
>
> Attributes:
> Acct-Session-Id: 0000010A
> Login-Service: Telnet
> Login-IP-Host: 192.168.41.7
> Login-TCP-Port: 8023
> Acct-Authentic: Local
> Acct-Terminate-Cause: User-Request
> Acct-Session-Time: 14
> Acct-Status-Type: Stop
> Calling-Station-Id: 008912007738
> Called-Station-Id: 691
> NAS-Port: 79
> NAS-Port-Id: tty79
> NAS-Port-Type: Async
> Connect-Info: 31200 V34+/V42bis/LAPM
> Service-Type: NAS-Prompt-User
> NAS-IP-Address: 192.168.41.175
> Acct-Delay-Time: 0
> VSA for vendor 9
> Cisco-AVPair: disc-cause-ext=TS User Exit\|connect-progress=Estab\'d Telnet Conn\|nas-tx-speed=31200\|nas-rx-speed=31200
> Cisco-NAS-Port: tty79
>
> ... for modem calls, I get the tty number that corresponds to the modem
> being used, and for ISDN X.75 calls, I get the "first free" vty number
> (usually tty135 = vty 5) where the call terminated.
>
>
> Now the question: is there a trick to get the "hardware port" (BRI1/2:2)
> into the Radius records for X.75/LABP-TA or Modem calls?
>
> If Radius is not the tool I want, is there anything else (in a 3640)
> that will give me the data?
>
> I have syslog, of course, but that's missing all the other goodies, like
> "connect-info" or bytes/packets transferred...
>
>
> thanks in advance :)
>
> gert
>
_______________________________________________
cisco-nas mailing list
cisco-nas@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nas
Re: X.75 (LAPB-TA) - get ISDN port into Radius Acct? [ In reply to ]
gert at greenie
Jul 13, 2011, 11:45 AM
Post #4 of 6 (6214 views)
Permalink
Hi,

On Wed, Jul 13, 2011 at 10:33:24AM -0700, Aaron Leonard wrote:
> I think you can use "aaa accounting connection" to get the ISDN
> signaling information, which you could then correlate back to to the
> X.75 calls.

That's already in there...

aaa accounting connection DIALIN start-stop group radius

... and indeed I get multiple start/stop records:

Connect:

Code: Accounting-Request
Attributes:
Acct-Session-Id: 0000015A
Acct-Authentic: Local
Acct-Status-Type: Start
NAS-Port: 135
NAS-Port-Id: tty135
NAS-Port-Type: Virtual
Calling-Station-Id: 008912003682
Called-Station-Id: 691
Service-Type: NAS-Prompt-User
NAS-IP-Address: 192.168.41.175
Acct-Delay-Time: 0
VSA for vendor 9
Cisco-NAS-Port: tty135


Code: Accounting-Request
Attributes:
Acct-Session-Id: 0000015A
Login-Service: Telnet
Login-IP-Host: 192.168.41.7
Login-TCP-Port: 8023
Acct-Authentic: Local
Acct-Status-Type: Start
NAS-Port: 135
NAS-Port-Id: tty135
NAS-Port-Type: Virtual
Calling-Station-Id: 008912003682
Called-Station-Id: 691
Service-Type: Login-User
NAS-IP-Address: 192.168.41.175
Acct-Delay-Time: 0
VSA for vendor 9
Cisco-AVPair: connect-progress=Estab\'d Telnet Conn
Cisco-NAS-Port: tty135


Disconnect:

Code: Accounting-Request
Attributes:
Acct-Session-Id: 0000015A
Login-Service: Telnet
Login-IP-Host: 192.168.41.7
Login-TCP-Port: 8023
Acct-Input-String: 260
Acct-Output-String: 40
Acct-Input-Packets: 14
Acct-Output-Packets: 22
Acct-Authentic: Local
Acct-Session-Time: 88
Acct-Terminate-Cause: User-Request
Acct-Status-Type: Stop
NAS-Port: 135
NAS-Port-Id: tty135
NAS-Port-Type: Virtual
Calling-Station-Id: 008912003682
Called-Station-Id: 691
Service-Type: Login-User
NAS-IP-Address: 192.168.41.175
Acct-Delay-Time: 0
VSA for vendor 9
Cisco-AVPair: connect-progress=Estab\'d Telnet Conn\|disc-cause-ext=TS User Exit


Code: Accounting-Request
Attributes:
Acct-Session-Id: 0000015A
Login-Service: Telnet
Login-IP-Host: 192.168.41.7
Login-TCP-Port: 8023
Acct-Authentic: Local
Acct-Terminate-Cause: User-Request
Acct-Session-Time: 88
Acct-Status-Type: Stop
NAS-Port: 135
NAS-Port-Id: tty135
NAS-Port-Type: Virtual
Calling-Station-Id: 008912003682
Called-Station-Id: 691
Service-Type: NAS-Prompt-User
NAS-IP-Address: 192.168.41.175
Acct-Delay-Time: 0
VSA for vendor 9
Cisco-AVPair: disc-cause-ext=TS User Exit\|connect-progress=Estab\'d Telnet Conn
Cisco-NAS-Port: tty135


... but the hardware interface used isn't there :(

I've experimented with different "radius-server attribute nas-port"
settings but couldn't find one that had the desired effect - it changed
the numbers from "135" to "something else" but the Cisco-NAS-Port
and the NAS-Port-Id always staid at "tty135" (for ISDN calls).


Your post made me curious, though, so I tried "aaa accounting resource ...",
but that didn't make any effect at all :-(

gert

--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert@greenie.muc.de
fax: +49-89-35655025 gert@net.informatik.tu-muenchen.de
Re: X.75 (LAPB-TA) - get ISDN port into Radius Acct? [ In reply to ]
Aaron at cisco
Jul 13, 2011, 5:36 PM
Post #5 of 6 (6224 views)
Permalink
Actually, it *was* resource accounting ("aaa accounting resource") not
connection accounting ("aaa accounting connection") that I was thinking
of, that *should* show the ISDN B channel and caller/called number.

So you say that this is not showing anything for your X.75 calls? I
thought that all Q.931 calls, of whatever call type, would generate
resource accounting records ...

--------------------------------------------------------------------------

On 7/13/2011 11:45 AM, gert@greenie.muc.de (Gert Doering) wrote:
> Hi,
>
> On Wed, Jul 13, 2011 at 10:33:24AM -0700, Aaron Leonard wrote:
>> I think you can use "aaa accounting connection" to get the ISDN
>> signaling information, which you could then correlate back to to the
>> X.75 calls.
> That's already in there...
>
> aaa accounting connection DIALIN start-stop group radius
>
> ... and indeed I get multiple start/stop records:
>
> Connect:
>
> Code: Accounting-Request
> Attributes:
> Acct-Session-Id: 0000015A
> Acct-Authentic: Local
> Acct-Status-Type: Start
> NAS-Port: 135
> NAS-Port-Id: tty135
> NAS-Port-Type: Virtual
> Calling-Station-Id: 008912003682
> Called-Station-Id: 691
> Service-Type: NAS-Prompt-User
> NAS-IP-Address: 192.168.41.175
> Acct-Delay-Time: 0
> VSA for vendor 9
> Cisco-NAS-Port: tty135
>
>
> Code: Accounting-Request
> Attributes:
> Acct-Session-Id: 0000015A
> Login-Service: Telnet
> Login-IP-Host: 192.168.41.7
> Login-TCP-Port: 8023
> Acct-Authentic: Local
> Acct-Status-Type: Start
> NAS-Port: 135
> NAS-Port-Id: tty135
> NAS-Port-Type: Virtual
> Calling-Station-Id: 008912003682
> Called-Station-Id: 691
> Service-Type: Login-User
> NAS-IP-Address: 192.168.41.175
> Acct-Delay-Time: 0
> VSA for vendor 9
> Cisco-AVPair: connect-progress=Estab\'d Telnet Conn
> Cisco-NAS-Port: tty135
>
>
> Disconnect:
>
> Code: Accounting-Request
> Attributes:
> Acct-Session-Id: 0000015A
> Login-Service: Telnet
> Login-IP-Host: 192.168.41.7
> Login-TCP-Port: 8023
> Acct-Input-String: 260
> Acct-Output-String: 40
> Acct-Input-Packets: 14
> Acct-Output-Packets: 22
> Acct-Authentic: Local
> Acct-Session-Time: 88
> Acct-Terminate-Cause: User-Request
> Acct-Status-Type: Stop
> NAS-Port: 135
> NAS-Port-Id: tty135
> NAS-Port-Type: Virtual
> Calling-Station-Id: 008912003682
> Called-Station-Id: 691
> Service-Type: Login-User
> NAS-IP-Address: 192.168.41.175
> Acct-Delay-Time: 0
> VSA for vendor 9
> Cisco-AVPair: connect-progress=Estab\'d Telnet Conn\|disc-cause-ext=TS User Exit
>
>
> Code: Accounting-Request
> Attributes:
> Acct-Session-Id: 0000015A
> Login-Service: Telnet
> Login-IP-Host: 192.168.41.7
> Login-TCP-Port: 8023
> Acct-Authentic: Local
> Acct-Terminate-Cause: User-Request
> Acct-Session-Time: 88
> Acct-Status-Type: Stop
> NAS-Port: 135
> NAS-Port-Id: tty135
> NAS-Port-Type: Virtual
> Calling-Station-Id: 008912003682
> Called-Station-Id: 691
> Service-Type: NAS-Prompt-User
> NAS-IP-Address: 192.168.41.175
> Acct-Delay-Time: 0
> VSA for vendor 9
> Cisco-AVPair: disc-cause-ext=TS User Exit\|connect-progress=Estab\'d Telnet Conn
> Cisco-NAS-Port: tty135
>
>
> ... but the hardware interface used isn't there :(
>
> I've experimented with different "radius-server attribute nas-port"
> settings but couldn't find one that had the desired effect - it changed
> the numbers from "135" to "something else" but the Cisco-NAS-Port
> and the NAS-Port-Id always staid at "tty135" (for ISDN calls).
>
>
> Your post made me curious, though, so I tried "aaa accounting resource ...",
> but that didn't make any effect at all :-(
>
> gert
>
_______________________________________________
cisco-nas mailing list
cisco-nas@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nas
Re: X.75 (LAPB-TA) - get ISDN port into Radius Acct? [ In reply to ]
gert at greenie
Jul 14, 2011, 8:58 AM
Post #6 of 6 (6224 views)
Permalink
Hi,

On Wed, Jul 13, 2011 at 05:36:40PM -0700, Aaron Leonard wrote:
> Actually, it *was* resource accounting ("aaa accounting resource") not
> connection accounting ("aaa accounting connection") that I was thinking
> of, that *should* show the ISDN B channel and caller/called number.
>
> So you say that this is not showing anything for your X.75 calls? I
> thought that all Q.931 calls, of whatever call type, would generate
> resource accounting records ...

... and so it does, *iff* configured properly. Based on your hint, I
found this document:

http://www.cisco.com/en/US/docs/ios/12_1t/12_1t3/feature/guide/dt_aaara.html

and that suggests I should use "default", not a named AAA list, so I
configured:

aaa accounting resource default start-stop-failure group radius

now (default instead of "DIALIN"), and here we gooo...


Code: Accounting-Request
Attributes:
Acct-Session-Id: 000001E8
Acct-Status-Type: Start
NAS-Port: 30202
NAS-Port-Id: BRI1/2:2
NAS-Port-Type: ISDN
Calling-Station-Id: 008912003682
Called-Station-Id: 691
NAS-IP-Address: 192.168.41.175
Acct-Delay-Time: 0
VSA for vendor 9
Cisco-AVPair: connect-progress=No Progress
Cisco-NAS-Port: BRI1/2:2

Attributes:
Acct-Session-Id: 000001E9
Acct-Authentic: Local
Acct-Status-Type: Start
NAS-Port: 135
NAS-Port-Id: tty135
NAS-Port-Type: Virtual
Calling-Station-Id: 008912003682
Called-Station-Id: 691
Service-Type: NAS-Prompt-User
NAS-IP-Address: 192.168.41.175
Acct-Delay-Time: 0
VSA for vendor 9
Cisco-NAS-Port: tty135

Attributes:
Acct-Session-Id: 000001E9
Login-Service: Telnet
Login-IP-Host: 192.168.41.7
Login-TCP-Port: 8023
Acct-Authentic: Local
Acct-Status-Type: Start
NAS-Port: 135
NAS-Port-Id: tty135
NAS-Port-Type: Virtual
Calling-Station-Id: 008912003682
Called-Station-Id: 691
Service-Type: Login-User
NAS-IP-Address: 192.168.41.175
Acct-Delay-Time: 0
VSA for vendor 9
Cisco-AVPair: connect-progress=Estab\'d Telnet Conn
Cisco-NAS-Port: tty135


(and similar on disconnect).

Interesting enough, for ISDN/X.75 dialups (as above), I get two different
"Acct-Session-Id:" values, while for ISDN/*modem* dialups, I get the
same Id (so correlation is easier):

Attributes:
Acct-Session-Id: 000001EA
Acct-Status-Type: Start
NAS-Port: 30202
NAS-Port-Id: BRI1/2:2
...
Attributes:
Acct-Session-Id: 000001EA
Acct-Authentic: Local
Acct-Status-Type: Start
...
NAS-Port-Id: tty75
NAS-Port-Type: Async
Connect-Info: 31200 V34+/V42bis/LAPM
...
Attributes:
Acct-Session-Id: 000001EA
Login-Service: Telnet
Login-IP-Host: 192.168.41.7



--- but however, I think everything I need is here now :-) - I just need
to hack together some radius-side scripting to correlate the data into
something more terse :-)

Thanks a lot for that pointer!

(... if you happen to be in Munich one day, I owe you a beer :-) ).

gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert@greenie.muc.de
fax: +49-89-35655025 gert@net.informatik.tu-muenchen.de

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal