Mailing List Archive

It's our new way of tagging VPDN sessions in 12.2(13)T and
later. There might not be a virtual-access interface for the user
anymore since we support sub-interfaces, and even then the full/sub
interface is not known at the time of authentication, so we send the
Unique-Sess-ID which is seen in "show vpdn" and "show sss session".

Dennis

Anastassios Chatzithomaoglou [achatz@forthnet.gr] wrote:
> Any idea why i'm getting "Uniq-Sess-IDxxx" as Cisc-Nas-Port on 12.3 routers?
>
> Jul 8 14:10:06.011: RADIUS: NAS-Port-Type [61] 6 Virtual
> [5]
> Jul 8 14:10:06.011: RADIUS: Vendor, Cisco [26] 22
> Jul 8 14:10:06.011: RADIUS: cisco-nas-port [2] 16 "Uniq-Sess-ID64"
> Jul 8 14:10:06.011: RADIUS: NAS-Port [5] 6 64
>
> --
> ***********************************
> Chatzithomaoglou Anastasios
> Network Design & Operations Center
> FORTHnet S.A.
> <achatz@forthnet.gr>
> ***********************************
>
>
> _______________________________________________
> cisco-nas mailing list
> cisco-nas@puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nas

--
-------------------------------------------------------------------------
|| || Dennis Peng
|| || Cisco Systems, Inc. Escalation Engineer
|||| |||| 170 West Tasman Drive Phone: (408) 526-6143
..:||||||:..:||||||:.. San Jose, CA 95134 Fax: (408) 232-2343
Cisco Systems Inc. dpeng@cisco.com
-------------------------------------------------------------------------

Is there a way i can have "cisco-nas-port" or "NAS-port" represent the Virtual-Access
number of the user?
So, when the user is in VirtualAccess50, the cisco-nas-port/Nas-Port will be "50".

Dennis Peng wrote:

> It's our new way of tagging VPDN sessions in 12.2(13)T and
> later. There might not be a virtual-access interface for the user
> anymore since we support sub-interfaces, and even then the full/sub
> interface is not known at the time of authentication, so we send the
> Unique-Sess-ID which is seen in "show vpdn" and "show sss session".
>
> Dennis
>
> Anastassios Chatzithomaoglou [achatz@forthnet.gr] wrote:
>
>>Any idea why i'm getting "Uniq-Sess-IDxxx" as Cisc-Nas-Port on 12.3 routers?
>>
>>Jul 8 14:10:06.011: RADIUS: NAS-Port-Type [61] 6 Virtual
>>[5]
>>Jul 8 14:10:06.011: RADIUS: Vendor, Cisco [26] 22
>>Jul 8 14:10:06.011: RADIUS: cisco-nas-port [2] 16 "Uniq-Sess-ID64"
>>Jul 8 14:10:06.011: RADIUS: NAS-Port [5] 6 64
>>
>>--
>>***********************************
>> Chatzithomaoglou Anastasios
>>Network Design & Operations Center
>> FORTHnet S.A.
>> <achatz@forthnet.gr>
>>***********************************
>>
>>
>>_______________________________________________
>>cisco-nas mailing list
>>cisco-nas@puck.nether.net
>>http://puck.nether.net/mailman/listinfo/cisco-nas
>
>

--
***********************************
Chatzithomaoglou Anastasios
Network Design & Operations Center
FORTHnet S.A.
<achatz@forthnet.gr>
***********************************

Anastassios Chatzithomaoglou [achatz@forthnet.gr] wrote:
> Is there a way i can have "cisco-nas-port" or "NAS-port" represent the
> Virtual-Access number of the user?
> So, when the user is in VirtualAccess50, the cisco-nas-port/Nas-Port will
> be "50".

No, not at this time. If this is important for you, can you describe
why you need it? As I indicated earlier, the vaccess
interface/subinterface is not known at the time of authentication,
therefore the NAS-Port attribute cannot reflect that.

Dennis

> Dennis Peng wrote:
>
> >It's our new way of tagging VPDN sessions in 12.2(13)T and
> >later. There might not be a virtual-access interface for the user
> >anymore since we support sub-interfaces, and even then the full/sub
> >interface is not known at the time of authentication, so we send the
> >Unique-Sess-ID which is seen in "show vpdn" and "show sss session".
> >
> >Dennis
> >
> >Anastassios Chatzithomaoglou [achatz@forthnet.gr] wrote:
> >
> >>Any idea why i'm getting "Uniq-Sess-IDxxx" as Cisc-Nas-Port on 12.3
> >>routers?
> >>
> >>Jul 8 14:10:06.011: RADIUS: NAS-Port-Type [61] 6 Virtual
> >>[5]
> >>Jul 8 14:10:06.011: RADIUS: Vendor, Cisco [26] 22
> >>Jul 8 14:10:06.011: RADIUS: cisco-nas-port [2] 16
> >>"Uniq-Sess-ID64"
> >>Jul 8 14:10:06.011: RADIUS: NAS-Port [5] 6 64
> >>
> >>--
> >>***********************************
> >> Chatzithomaoglou Anastasios
> >>Network Design & Operations Center
> >> FORTHnet S.A.
> >> <achatz@forthnet.gr>
> >>***********************************
> >>
> >>
> >>_______________________________________________
> >>cisco-nas mailing list
> >>cisco-nas@puck.nether.net
> >>http://puck.nether.net/mailman/listinfo/cisco-nas
> >
> >
>
> --
> ***********************************
> Chatzithomaoglou Anastasios
> Network Design & Operations Center
> FORTHnet S.A.
> <achatz@forthnet.gr>
> ***********************************

--
-------------------------------------------------------------------------
|| || Dennis Peng
|| || Cisco Systems, Inc. Escalation Engineer
|||| |||| 170 West Tasman Drive Phone: (408) 526-6143
..:||||||:..:||||||:.. San Jose, CA 95134 Fax: (408) 232-2343
Cisco Systems Inc. dpeng@cisco.com
-------------------------------------------------------------------------

Dennis Peng wrote:

> Anastassios Chatzithomaoglou [achatz@forthnet.gr] wrote:
>
>>Is there a way i can have "cisco-nas-port" or "NAS-port" represent the
>>Virtual-Access number of the user?
>>So, when the user is in VirtualAccess50, the cisco-nas-port/Nas-Port will
>>be "50".
>
>
> No, not at this time. If this is important for you, can you describe
> why you need it? As I indicated earlier, the vaccess
> interface/subinterface is not known at the time of authentication,
> therefore the NAS-Port attribute cannot reflect that.
>
Even if i use vtemplate pre-cloning, the router can't know the vaccess interface?

The reason i'm asking for this, is that i used to have "Async50" or "Serial0:14" as
cisco-nas-port for my pstn/isdn customers ("50" or "20014" as NAS-port) and that was an
easy way to find in what interface my customer was on.
Now with virtual-interfaces there is no easy way of finding such info.

And i can't find a way to use "radius-server attribute nas-port format e" in order to
distinguish easily customers on vaccess interfaces.

> Dennis
>
>
>>Dennis Peng wrote:
>>
>>
>>>It's our new way of tagging VPDN sessions in 12.2(13)T and
>>>later. There might not be a virtual-access interface for the user
>>>anymore since we support sub-interfaces, and even then the full/sub
>>>interface is not known at the time of authentication, so we send the
>>>Unique-Sess-ID which is seen in "show vpdn" and "show sss session".
>>>
>>>Dennis
>>>
>>>Anastassios Chatzithomaoglou [achatz@forthnet.gr] wrote:
>>>
>>>
>>>>Any idea why i'm getting "Uniq-Sess-IDxxx" as Cisc-Nas-Port on 12.3
>>>>routers?
>>>>
>>>>Jul 8 14:10:06.011: RADIUS: NAS-Port-Type [61] 6 Virtual
>>>>[5]
>>>>Jul 8 14:10:06.011: RADIUS: Vendor, Cisco [26] 22
>>>>Jul 8 14:10:06.011: RADIUS: cisco-nas-port [2] 16
>>>>"Uniq-Sess-ID64"
>>>>Jul 8 14:10:06.011: RADIUS: NAS-Port [5] 6 64
>>>>
>>>>--
>>>>***********************************
>>>> Chatzithomaoglou Anastasios
>>>>Network Design & Operations Center
>>>> FORTHnet S.A.
>>>> <achatz@forthnet.gr>
>>>>***********************************
>>>>
>>>>
>>>>_______________________________________________
>>>>cisco-nas mailing list
>>>>cisco-nas@puck.nether.net
>>>>http://puck.nether.net/mailman/listinfo/cisco-nas
>>>
>>>
>>--
>>***********************************
>> Chatzithomaoglou Anastasios
>>Network Design & Operations Center
>> FORTHnet S.A.
>> <achatz@forthnet.gr>
>>***********************************
>
>

--
***********************************
Chatzithomaoglou Anastasios
Network Design & Operations Center
FORTHnet S.A.
<achatz@forthnet.gr>
***********************************