Hi all,
I'm trying to configure callback from 3640 (E1) to WindowsXP PC (async line). There are several types of users callin to that NAS - Cisco routers using ISDN, async modem users who shouldnt be called back, and now there should be async modem users who should be called back. This is why I need per user AAA what is done using RADIUS. Below is RADIUS profile configuration.
NAS (3640) has numerous mica-midems installed. Dial-in without callback is working fine, as AAA is done using RADIUS server, so configuration for vaccess interfaces comes also from vtemplate + RADIUS part. š
Here is configuration from NAS:
interface Group-Async1
šdescription Dial-in modem pool
šip unnumbered Loopback2
šencapsulation ppp
šno ip route-cache cef
šno ip route-cache
šip tcp header-compression
šno ip mroute-cache
šdialer in-band
šdialer idle-timeout 9000
šdialer-group 1
šasync mode dedicated
špeer default ip address pool dial-up
šno fair-queue
šppp authentication chap modem
šno clns route-cache
šgroup-range 33 56
And here is profile from RADIUS for involved user:
Profile="callback"
ššššššššššš Framed-Protocol = PPP
ššššššššššš Service-Type = Framed-User
ššššššššššš cisco-avpair = "lcp:interface-config=ppp callback accept"
ššššššššššš cisco-avpair = "lcp:interface-config=ip unnumbered lo2"
ššššššššššš cisco-avpair = "lcp:interface-config=peer default ip address pool dial-up"
ššššššššššš cisco-avpair = "lcp:interface-config=encaps ppp"
ššššššššššš cisco-avpair = "lcp:interface-config=ppp multilink"
What I'm worried about is command "ppp callback accept". As far as I know - it should be configured on group-async interface, but if I do it - nobody is able to call-in in any manner (with callback or without). "debug aaa authentication" says that user isn't authorized for callback and AAA procedure exits at that moment (or maybe I'm not doin enough debugging, so Im missin something).
Any ideas how to proceed and what to troubleshoot? Maybe anyone has got working configuration for callback? Any ideas what to debug? I understand that there might be not enough information, if you need something else to give some comments - I'll do it :-)
Andris
I'm trying to configure callback from 3640 (E1) to WindowsXP PC (async line). There are several types of users callin to that NAS - Cisco routers using ISDN, async modem users who shouldnt be called back, and now there should be async modem users who should be called back. This is why I need per user AAA what is done using RADIUS. Below is RADIUS profile configuration.
NAS (3640) has numerous mica-midems installed. Dial-in without callback is working fine, as AAA is done using RADIUS server, so configuration for vaccess interfaces comes also from vtemplate + RADIUS part. š
Here is configuration from NAS:
interface Group-Async1
šdescription Dial-in modem pool
šip unnumbered Loopback2
šencapsulation ppp
šno ip route-cache cef
šno ip route-cache
šip tcp header-compression
šno ip mroute-cache
šdialer in-band
šdialer idle-timeout 9000
šdialer-group 1
šasync mode dedicated
špeer default ip address pool dial-up
šno fair-queue
šppp authentication chap modem
šno clns route-cache
šgroup-range 33 56
And here is profile from RADIUS for involved user:
Profile="callback"
ššššššššššš Framed-Protocol = PPP
ššššššššššš Service-Type = Framed-User
ššššššššššš cisco-avpair = "lcp:interface-config=ppp callback accept"
ššššššššššš cisco-avpair = "lcp:interface-config=ip unnumbered lo2"
ššššššššššš cisco-avpair = "lcp:interface-config=peer default ip address pool dial-up"
ššššššššššš cisco-avpair = "lcp:interface-config=encaps ppp"
ššššššššššš cisco-avpair = "lcp:interface-config=ppp multilink"
What I'm worried about is command "ppp callback accept". As far as I know - it should be configured on group-async interface, but if I do it - nobody is able to call-in in any manner (with callback or without). "debug aaa authentication" says that user isn't authorized for callback and AAA procedure exits at that moment (or maybe I'm not doin enough debugging, so Im missin something).
Any ideas how to proceed and what to troubleshoot? Maybe anyone has got working configuration for callback? Any ideas what to debug? I understand that there might be not enough information, if you need something else to give some comments - I'll do it :-)
Andris