Cette astuce technique explique comment mettre en oeuvre des délais d'attente par utilisateur sur les serveurs d'accès Cisco. Pour que les délais d'attente par utilisateur fonctionnent correctement, vous devez exécuter Cisco IOS version 11.3(8)T ou ultérieure. Si vous exécutez une version antérieure de Cisco IOS, les minuteurs peuvent fonctionner uniquement dans certaines configurations de base, telles que asynchrone uniquement sans profil virtuel.
Ce document couvre la configuration du serveur d'accès au réseau (NAS) et du serveur AAA (Authentication, Authorization and Accounting). Il fournit également la sortie de la commande show et debug afin que vous puissiez confirmer si vos périphériques fonctionnent correctement, et ainsi vous pouvez déboguer tout problème.
Aucune spécification déterminée n'est requise pour ce document.
Les informations contenues dans ce document sont basées sur les versions de matériel et de logiciel suivantes :
Cisco IOS version 11.3(8)T ou ultérieure
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Pour plus d'informations sur les conventions des documents, référez-vous aux Conventions utilisées pour les conseils techniques de Cisco.
Avant de discuter des délais d'attente par utilisateur, qui apportent d'autres variables comme la configuration AAA et les serveurs RADIUS/TACACS+, nous allons examiner comment configurer un serveur d'accès pour les délais d'attente fixes, c'est-à-dire les délais d'attente qui sont appliqués sur une base globale et sont appliqués à tous ceux qui composent le numéro.
Les principales commandes de Cisco IOS sont dialer idle-timeout et timeout absolute. Ces deux commandes sont des commandes de configuration d’interface. Nous aborderons également une troisième commande, ppp timeout idle, qui est utilisée sur les interfaces vaccess.
dialer idle-timeout <x>
Cette commande peut être configurée sur n'importe quelle interface de numérotation et contrôle la durée d'inactivité de la connexion (en secondes) avant qu'elle ne soit interrompue. Vous trouverez ci-dessous quatre points à noter à propos de cette commande :
Cette commande ne peut être appliquée qu'aux interfaces compatibles avec le numéroteur. Par défaut, toutes les interfaces RNIS (BRI et PRI) sont compatibles avec le numéroteur. L’ajout de cette commande n’est donc pas un problème. Les interfaces asynchrones (y compris les interfaces de groupe-asynchrones) ne sont pas compatibles avec le numéroteur par défaut, vous devez les rendre compatibles en entrant la commande dialer in-band. Ce n'est qu'après avoir entré la commande dialer in-band sur l'interface asynchrone que vous pouvez configurer dialer idle-timeout. Remarque
Remarque : les vtemplate (et donc les interfaces vaccess) ne sont pas compatibles avec le numéroteur (ils sont point à point uniquement) et ne peuvent donc pas utiliser cette commande.
Sur une interface de numérotation (RNIS ou asynchrone avec numéroteur intrabande), la valeur par défaut est dialer idle-timeout 120 (secondes). En règle générale, ce délai est trop court dans un environnement de FAI. Vous devez donc presque toujours l’augmenter.
Le délai d'inactivité du numéroteur par défaut n'est réinitialisé que sur le trafic sortant (trafic vers l'utilisateur) qui correspond à la liste de numérotation (c'est-à-dire qu'il est considéré comme intéressant). Il est également possible de le réinitialiser pour le trafic entrant intéressant en ajoutant l'un des mots clés à la fin de la commande (c'est-à-dire dialer idle-timeout 600).
Le trafic considéré comme intéressant est défini par la commande dialer-list <n>, où <n> correspond au numéro de votre commande dialer-group <n>.
délai absolu <x> <y>
Cette commande peut être configurée sur n'importe quelle interface WAN, y compris les interfaces asynchrones, les interfaces RNIS, les interfaces de numérotation et les interfaces vtemplate. Il contrôle la durée pendant laquelle la connexion peut être active avant d'être interrompue. Notez que la syntaxe est <x> <y> où <x> est en minutes et <y> en secondes.
ppp timeout idle <x>
Cette commande ne peut être configurée que sur les interfaces vtemplate (et est même masquée dans l'analyseur) et contrôle la durée d'inactivité de la connexion (en secondes) avant qu'elle ne soit interrompue. Sa fonction est très similaire à celle de la commande dialer idle-timeout sur les interfaces de numérotation, seul ppp timeout idle est pour les interfaces vtemplate/vaccess. Comme elle est utilisée spécifiquement sur les interfaces vtemplate/vaccess, cette commande est appropriée pour les configurations de profil virtuel (où une interface vaccess est toujours créée pour un utilisateur) et les passerelles d'accueil VPDN (Virtual Private Dial-up Network) (où les interfaces projetées sont toujours terminées sur une interface vaccess). Contrairement à la commande dialer idle-timeout, il n'y a pas de concept de trafic intéressant, et donc tout le trafic utilisateur réinitialisera le compteur d'inactivité. Le trafic non-utilisateur, tel que les paquets LCP (Link Control Protocol) et NCP (Network Control Protocol), ne réinitialise pas le compteur.
Cette section vous fournit des informations pour configurer les fonctionnalités décrites dans ce document.
Remarque : Pour en savoir plus sur les commandes utilisées dans le présent document, utilisez l’outil de recherche de commandes (clients inscrits seulement).
Ce document utilise les configurations suivantes :
À des fins d'apprentissage, nous allons utiliser une configuration de base telle que celle ci-dessous. La fonction Virtual-Profile n'est pas activée.
Configuration de base |
---|
! version 11.3 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname access-3 ! aaa new-model aaa authentication login default tacacs+ local aaa authentication login console none aaa authentication login use-radius local radius aaa authentication enable default enable aaa authentication ppp default if-needed local tacacs+ aaa authentication ppp use-radius if-needed local radius aaa authentication arap default local aaa authorization exec default tacacs+ local aaa authorization exec console none aaa authorization exec use-radius local radius if-authenticated aaa authorization network default local tacacs+ if-authenticated aaa authorization network use-radius local radius if-authenticated aaa accounting exec default stop-only tacacs+ aaa accounting network default stop-only tacacs+ aaa accounting system default start-stop tacacs+ enable secret 5 $1$oMKx$kPcop1zxkpxa8fkxXBWp21 ! modem call-record terse modem buffer-size 250 no ip finger ! isdn switch-type primary-5ess clock timezone PST -8 clock summer-time PDT recurring ! controller T1 0 framing esf clock source line primary linecode b8zs pri-group timeslots 1-24 ! interface Loopback0 ip address 10.1.1.1 255.255.255.0 no ip directed-broadcast ! interface Ethernet0 ip address 172.16.1.1 255.255.255.0 no ip directed-broadcast ! interface Virtual-Template1 ip unnumbered Loopback0 no ip directed-broadcast no keepalive peer default ip address pool default ppp authentication chap pap use-radius ppp multilink ! interface Serial0:23 ip unnumbered Loopback0 no ip directed-broadcast encapsulation ppp no logging event link-status no keepalive dialer-group 1 autodetect encapsulation ppp v120 isdn switch-type primary-5ess isdn incoming-voice modem peer default ip address pool default no fair-queue no cdp enable ppp max-bad-auth 3 ppp authentication chap pap use-radius ppp multilink ! ! interface Group-Async1 ip unnumbered Loopback0 no ip directed-broadcast encapsulation ppp no logging event link-status async mode interactive peer default ip address pool default no fair-queue no cdp enable ppp max-bad-auth 3 ppp authentication chap pap use-radius ppp multilink group-range 1 96 hold-queue 10 in ! ip local pool default 10.1.1.2 10.1.1.200 ip classless ip route 0.0.0.0 0.0.0.0 172.16.1.254 ! no logging console dialer-list 1 protocol ip permit tacacs-server host 172.16.1.201 tacacs-server key cisco radius-server host 172.16.1.202 auth-port 1645 acct-port 1646 key cisco ! line con 0 exec-timeout 0 0 authorization exec console login authentication console transport input none line 1 96 autoselect during-login autoselect ppp modem Dialin escape-character BREAK authorization exec use-radius login authentication use-radius line aux 0 line vty 0 4 exec-timeout 60 0 ! end |
Dans l'exemple suivant, nous allons imposer un délai d'inactivité de 30 minutes (1 800 secondes) et un délai absolu de trois heures (180 minutes) aux utilisateurs. La modification de configuration delta qui active les délais d'attente ppp globaux sera la suivante :
interface Serial0:23 dialer idle-timeout 1800 timeout absolute 180 ! ! interface Group=Async1 dialer in-band dialer idle-timeout 1800 dialer-group 1 timeout absolute 180
Si vous n'avez pas de liste de numérotation 1, vous devez en définir une. Le plus simple serait dialer-list 1 protocol ip permit.
Si vous utilisiez des profils virtuels, votre configuration peut être plus simple car vous pouvez simplement définir le délai d'attente sur l'interface virtual-template, comme indiqué ci-dessous :
interface Virtual-Template1 ppp timeout idle 1800 timeout absolute 180
Maintenant que nous avons travaillé sur les délais d'attente globaux, nous allons étendre cette connaissance aux délais d'attente par utilisateur. Vos valeurs de minuteur par utilisateur seront désactivées lors de l'autorisation réseau. Par conséquent, la commande aaa Authorization network doit être configurée selon la méthode que vous utilisez, à savoir RADIUS ou TACACS+. Notez également que les compteurs par utilisateur remplaceront toujours toutes les valeurs globales préconfigurées sur le NAS. La façon dont les temporisateurs par utilisateur fonctionnent est que lorsque le serveur d'accès reçoit les attributs de délai d'attente pendant la phase d'autorisation du réseau, il traduira ces attributs en un ensemble de commandes de configuration qui seront entrées dans l'interface à laquelle l'utilisateur sera connecté. Ces commandes de configuration entrées dans l'interface par un processus en arrière-plan sont temporaires ; ils sont supprimés lorsque l'utilisateur se déconnecte.
Voici quelques exemples de profils utilisateur sur le serveur :
Profils RADIUS
timeout-absolute-ppp Password = "cisco" Service-Type = Framed, Framed-Protocol = PPP, Framed-IP-Address = 255.255.255.254, Session-Timeout = 600 timeout-idle-ppp Password = "cisco" Service-Type = Framed, Framed-Protocol = PPP Framed-IP-Address = 255.255.255.254, Idle-Timeout = 300 timeout-both-ppp Password = "cisco" Service-Type = Framed, Framed-Protocol = PPP, Framed-IP-Address = 255.255.255.254, Session-Timeout = 600, Idle-Timeout = 300
Remarque : Votre syntaxe peut varier selon la configuration de votre dictionnaire.
Profils TACACS+
user = timeout-absolute-ppp { chap = cleartext cisco service = ppp protocol = lcp { timeout = 10 } service = ppp protocol = ip { addr-pool = "default" } } user = timeout-idle-ppp { chap = cleartext cisco service = ppp protocol = lcp { idletime = 5 } service = ppp protocol = ip { addr-pool = "default" } } user = timeout-both-ppp { chap = cleartext cisco service = ppp protocol = lcp { timeout = 10 idletime = 5 } service = ppp protocol = multilink { } service = ppp protocol = ip { addr-pool = "default" } }
Si vous n'utilisez que des connexions asynchrones (sans RNIS) et que vous n'utilisez pas de profils virtuels, tant que vous avez un numéroteur intrabande configuré sur les interfaces asynchrones (ou asynchrones de groupe), les temporisateurs par utilisateur doivent fonctionner. Le processus d'arrière-plan insère les compteurs sur l'interface asynchrone, en utilisant les commandes dialer idle-timeout et timeout absolute avec les valeurs transmises de RADIUS/TACACS+, et les retire lorsque l'utilisateur se déconnecte.
Si vous utilisez uniquement des profils asynchrones (pas de RNIS) et virtuels, vous n'avez pas besoin de numéroteur intrabande configuré sur l'interface asynchrone (ou group-async). Ça devrait marcher. Le processus d'arrière-plan insère les temporisateurs sur l'interface vaccess, en utilisant les commandes ppp timeout idle et timeout absolute avec les valeurs transmises de RADIUS/TACACS+, et les retire lorsque l'utilisateur se déconnecte.
Si vous avez des utilisateurs RNIS et que vous devez effectuer des temporisateurs par utilisateur, vous devrez peut-être utiliser des profils virtuels. La raison en est que le processus d’arrière-plan que nous avons évoqué précédemment ne fonctionne pas pour les interfaces RNIS ; autrement dit, vous ne pouvez pas configurer le canal B auquel l'utilisateur est connecté. La seule chose que vous pouvez configurer est le canal D qui affecte tout le monde. Cependant, si un utilisateur négocie une liaison multiple sur une session, le serveur d'accès créera automatiquement une interface d'accès virtuel qui agit comme interface d'offre groupée pour l'utilisateur. Le processus d'arrière-plan fonctionne sur les interfaces d'accès virtuel, mais il ne fonctionne pas sur un appel RNIS non multiliaison où il n'y a pas d'interface d'accès virtuel. Par conséquent, si vous comptez des utilisateurs B-channel uniques qui ne négocient pas le multiliaison et que vous voulez installer des délais d'attente par utilisateur pour eux, vous devez activer les profils virtuels. L'activation des profils virtuels force la création d'une interface vaccess pour tous les utilisateurs (pas seulement les utilisateurs multiliens) et le processus en arrière-plan peut insérer avec succès les commandes ppp timeout idle et timeout absolute. Si vous choisissez de ne pas activer les profils virtuels, les utilisateurs asynchrones et les utilisateurs RNIS multiliaisons pourront se voir appliquer des délais d'attente par utilisateur. Mais les utilisateurs RNIS non multiliaison ne peuvent pas se voir appliquer des délais d’attente par utilisateur. Seuls les délais d'attente globaux configurés de manière statique sur l'interface (le cas échéant) s'appliquent. Si vous essayez d'appliquer des délais d'attente par utilisateur à un utilisateur RNIS non multiliaison et que vous n'activez pas de profils virtuels, la connexion utilisateur échouera car le serveur d'accès n'a pas pu traiter les attributs de délai d'attente obligatoires par utilisateur.
En outre, une fonctionnalité a été ajoutée à Cisco IOS 11.3(8.1)T et versions ultérieures, ce qui permet d'appliquer des délais d'attente par utilisateur aux utilisateurs RNIS non multiliaison. Il contourne essentiellement le mode de configuration du processus d'arrière-plan généralement utilisé et définit les temporisateurs directement sur le canal B sans utiliser l'interface de ligne de commande.
Pour résumer cette configuration complexe, vous pouvez suivre deux règles :
Si vous n'utilisez pas de profils virtuels, configurez le numéroteur intrabande sur les interfaces asynchrones et exécutez Cisco IOS 11.3(8.1)T ou version ultérieure. Si vous exécutez Cisco IOS 11.3(8)T, sachez que les utilisateurs RNIS non multiliaison ne peuvent pas se voir appliquer des délais d'expiration par utilisateur, sinon ils ne pourront pas se connecter.
Si vous utilisez des profils virtuels, Cisco IOS 11.3(8)T ou version ultérieure fonctionne correctement.
Aucune procédure de vérification n'est disponible pour cette configuration.
Cette section fournit des informations que vous pouvez utiliser pour dépanner votre configuration. Pour les besoins du débogage, six exemples de sortie d'appel sont inclus. Pour accéder directement à une section particulière, sélectionnez l'un des liens ci-dessous :
Certaines commandes show sont prises en charge par l'Output Interpreter Tool (clients enregistrés uniquement), qui vous permet de voir une analyse de la sortie de la commande show.
Remarque : avant d'émettre des commandes debug, reportez-vous à Informations importantes sur les commandes de débogage.
Remarque : pour afficher les commandes et les résultats présentés ci-dessous, vous devez exécuter Cisco IOS version 11.3AA ou version 12.0T.
Voici un appel asynchrone avec des profils virtuels. Le profil installe un délai d'attente absolu de 90 secondes et un délai d'inactivité de 60 secondes. Dans cet exemple, nous ne laisserons pas la connexion inactive. Voir les commentaires dans le résultat ci-dessous pour plus de détails. Les commentaires sont mis en surbrillance et en italique.
!--- ISDN setup message comes in. *Mar 4 19:21:47.772: ISDN Se0:23: RX <- SETUP pd = 8 callref = 0x09 *Mar 4 19:21:47.772: Bearer Capability i = 0x9090A2 *Mar 4 19:21:47.772: Channel ID i = 0xA98393 *Mar 4 19:21:47.772: Called Party Number i = 0xC1, '4085703932' *Mar 4 19:21:47.776: ISDN Se0:23: TX -> CALL_PROC pd = 8 callref = 0x8009 *Mar 4 19:21:47.776: Channel ID i = 0xA98393 *Mar 4 19:21:47.776: ISDN Se0:23: TX -> ALERTING pd = 8 callref = 0x8009 !--- Modem is allocated. *Mar 4 19:21:47.776: EVENT_FROM_ISDN::dchan_idb=0x6122CFCC, call_id=0x3D, ces=0x1 bchan=0x12, event=0x1, cause=0x0 *Mar 4 19:21:47.776: VDEV_ALLOCATE: slot 1 and port 28 is allocated. *Mar 4 19:21:47.776: EVENT_FROM_ISDN:(003D): DEV_INCALL at slot 1 and port 28 *Mar 4 19:21:47.776: CSM_PROC_IDLE: CSM_EVENT_ISDN_CALL at slot 1, port 28 *Mar 4 19:21:47.776: Mica Modem(1/28): Configure(0x1 = 0x0) *Mar 4 19:21:47.776: Mica Modem(1/28): Configure(0x23 = 0x0) *Mar 4 19:21:47.776: Mica Modem(1/28): Call Setup *Mar 4 19:21:47.932: Mica Modem(1/28): State Transition to Call Setup !--- Modem goes offhook. *Mar 4 19:21:47.932: Mica Modem(1/28): Went offhook *Mar 4 19:21:47.932: CSM_PROC_IC1_RING: CSM_EVENT_MODEM_OFFHOOK at slot 1, port 28 *Mar 4 19:21:47.932: ISDN Se0:23: TX -> CONNECT pd = 8 callref = 0x8009 *Mar 4 19:21:47.996: ISDN Se0:23: RX <- CONNECT_ACK pd = 8 callref = 0x09 !--- DS0 is cut-through. *Mar 4 19:21:47.996: EVENT_FROM_ISDN::dchan_idb=0x6122CFCC, call_id=0x3D, ces=0x1 bchan=0x12, event=0x4, cause=0x0 *Mar 4 19:21:47.996: EVENT_FROM_ISDN:(003D): DEV_CONNECTED at slot 1 and port 28 *Mar 4 19:21:47.996: CSM_PROC_IC4_WAIT_FOR_CARRIER: CSM_EVENT_ISDN_CONNECTED at slot 1, port 28 !--- Modem training starts. *Mar 4 19:21:47.996: Mica Modem(1/28): Link Initiate *Mar 4 19:21:49.140: Mica Modem(1/28): State Transition to Connect *Mar 4 19:21:54.276: Mica Modem(1/28): State Transition to Link *Mar 4 19:22:05.828: Mica Modem(1/28): State Transition to Trainup *Mar 4 19:22:09.028: Mica Modem(1/28): State Transition to EC Negotiating *Mar 4 19:22:09.568: Mica Modem(1/28): State Transition to Steady State !--- Modem training completes. *Mar 4 19:22:10.128: AAA: parse NAME=tty53 idb TYPE=10 tty=53 *Mar 4 19:22:10.128: AAA: NAME=tty53 flags=0x11 TYPE=4 shelf=0 slot=0 adapter=0 port=53 channel=0 *Mar 4 19:22:10.128: AAA: parse NAME=Serial0:18 idb TYPE=12 tty=-1 *Mar 4 19:22:10.128: AAA: NAME=Serial0:18 flags=0x51 TYPE=1 shelf=0 slot=0 adapter=0 port=0 channel=18 !--- PPP begins negotiation. *Mar 4 19:22:11.332: As53 LCP: Lower layer not up, Fast Starting *Mar 4 19:22:11.332: As53 PPP: Treating connection as a dedicated line *Mar 4 19:22:11.332: As53 AAA/AUTHOR/FSM: (0): LCP succeeds trivially !--- LCP negotiation completes, authentication begins. *Mar 4 19:22:13.556: As53 PPP: Phase is AUTHENTICATING, by this end *Mar 4 19:22:13.556: As53 CHAP: O CHALLENGE id 1 len 26 from "STACK" *Mar 4 19:22:16.016: As53 AUTH: Started process 0 pid 45 *Mar 4 19:22:16.016: As53 AAA/AUTHOR/PER-USER: Event LCP_DOWN *Mar 4 19:22:16.208: As53 PPP: Phase is AUTHENTICATING, by this end *Mar 4 19:22:16.208: As53 CHAP: O CHALLENGE id 2 len 26 from "STACK" !--- CHAP response received from client. *Mar 4 19:22:16.304: As53 CHAP: I RESPONSE id 2 len 30 from "timeout" *Mar 4 19:22:16.304: AAA: parse NAME=Async53 idb TYPE=10 tty=53 *Mar 4 19:22:16.304: AAA: NAME=Async53 flags=0x11 TYPE=4 shelf=0 slot=0 adapter=0 port=53 channel=0 *Mar 4 19:22:16.304: AAA: parse NAME=Serial0:18 idb TYPE=12 tty=-1 *Mar 4 19:22:16.304: AAA: NAME=Serial0:18 flags=0x51 TYPE=1 shelf=0 slot=0 adapter=0 port=0 channel=18 !--- Send RADIUS query. *Mar 4 19:22:16.304: RADIUS: ustruct sharecount=1 *Mar 4 19:22:16.304: RADIUS: Initial Transmit Async53 id 0 172.16.24.117:1645, Access-Request, len 92 *Mar 4 19:22:16.304: Attribute 4 6 AC101874 *Mar 4 19:22:16.304: Attribute 5 6 00000035 *Mar 4 19:22:16.304: Attribute 61 6 00000000 *Mar 4 19:22:16.304: Attribute 1 11 74696D65 *Mar 4 19:22:16.304: Attribute 30 12 34303835 *Mar 4 19:22:16.304: Attribute 3 19 0283D0F9 *Mar 4 19:22:16.308: Attribute 6 6 00000002 *Mar 4 19:22:16.308: Attribute 7 6 00000001 !--- Received RADIUS response, note attribute 27 (Session-Timeout -> absolute timeout) !--- is 0x5A (90) and attribute 28 (Idle-Timeout) is 0x3C (60). *Mar 4 19:22:16.316: RADIUS: Received from id 0 172.16.24.117:1645, Access-Accept, len 50 *Mar 4 19:22:16.316: Attribute 6 6 00000002 *Mar 4 19:22:16.320: Attribute 7 6 00000001 *Mar 4 19:22:16.320: Attribute 8 6 FFFFFFFE *Mar 4 19:22:16.320: Attribute 27 6 0000005A *Mar 4 19:22:16.320: Attribute 28 6 0000003C !--- Start LCP authorization. *Mar 4 19:22:16.320: As53 AAA/AUTHOR/LCP: Authorize LCP *Mar 4 19:22:16.320: AAA/AUTHOR/LCP As53 (3506139973): Port='Async53' list='' service=NET *Mar 4 19:22:16.320: AAA/AUTHOR/LCP: As53 (3506139973) send AV service=ppp *Mar 4 19:22:16.320: AAA/AUTHOR/LCP: As53 (3506139973) send AV protocol=lcp *Mar 4 19:22:16.320: AAA/AUTHOR/LCP (3506139973) found list "default" *Mar 4 19:22:16.320: AAA/AUTHOR/LCP: As53 (3506139973) METHOD=RADIUS *Mar 4 19:22:16.320: AAA/AUTHOR (3506139973): Post authorization status = PASS_REPL !--- Gleaned per-user timeouts from user profile. *Mar 4 19:22:16.320: As53 AAA/AUTHOR/LCP: Processing AV service=ppp *Mar 4 19:22:16.320: As53 AAA/AUTHOR/LCP: Processing AV timeout=90 *Mar 4 19:22:16.320: As53 AAA/AUTHOR/LCP: Processing AV idletime=60 !--- Translate AAA attributes to interface configuration commands. !--- Since we are using virtual-profiles, we will use the "ppp timeout idle" !--- command instead of the "dialer in-band" command. Note that 90 second absolute timeout !--- translates to the command "timeout absolute 1 30" (1 minute and 30 seconds). *Mar 4 19:22:16.320: AAA/AUTHOR/LCP As53: Per-user interface config created: timeout absolute 1 30 ppp timeout idle 60 !--- PPP authentication succeeds. *Mar 4 19:22:16.320: As53 CHAP: O SUCCESS id 2 len 4 *Mar 4 19:22:16.320: AAA/ACCT/NET/START User timeout, Port Async53, List "" *Mar 4 19:22:16.320: AAA/ACCT/NET: Found list "default" !--- Create new vaccess interface. *Mar 4 19:22:16.416: VTEMPLATE: No unused vaccess, create new vaccess *Mar 4 19:22:16.416: Vi1 VTEMPLATE: Set default settings with no ip address, encap ppp *Mar 4 19:22:16.440: Vi1 VTEMPLATE: Hardware address 00e0.1e81.636c *Mar 4 19:22:16.440: Vi1 VTEMPLATE: Has a new cloneblk vtemplate, now it has vtemplate *Mar 4 19:22:16.440: Vi1 VTEMPLATE: ************* CLONE VACCESS1 ***************** *Mar 4 19:22:16.440: Vi1 VTEMPLATE: Clone from Virtual-Template1 interface Virtual-Access1 default ip address no ip address encap ppp ip unnumbered Loopback0 ip access-group 199 in ip helper-address 172.16.24.118 no ip directed-broadcast ip accounting output-packets ip nat inside no keepalive peer default ip address pool default compress mppc ppp callback accept ppp authentication chap pap ms-chap ppp multilink multilink max-links 2 end *Mar 4 19:22:16.504: Vi1 CCP: Re-Syncing history using legacy method !--- Now add the per-user timeouts we constructed for this user. *Mar 4 19:22:16.520: Vi1 VTEMPLATE: Has a new cloneblk AAA, now it has vtemplate/AAA *Mar 4 19:22:16.520: Vi1 VTEMPLATE: ************* CLONE VACCESS1 ***************** *Mar 4 19:22:16.520: Vi1 VTEMPLATE: Clone from AAA interface Virtual-Access1 timeout absolute 1 30 ppp timeout idle 60 end !--- LCP layer is finished, negotiate the appropriate NCPs. *Mar 4 19:22:16.532: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up *Mar 4 19:22:16.536: Vi1 PPP: Treating connection as a dedicated line *Mar 4 19:22:16.536: Vi1 AAA/AUTHOR/FSM: (0): LCP succeeds trivially *Mar 4 19:22:16.536: Vi1 AAA/AUTHOR/FSM: (0): Can we start IPCP? *Mar 4 19:22:16.536: AAA/AUTHOR/FSM Vi1 (1906691625): Port='Async53' list='' service=NET *Mar 4 19:22:16.536: AAA/AUTHOR/FSM: Vi1 (1906691625) send AV service=ppp *Mar 4 19:22:16.536: AAA/AUTHOR/FSM: Vi1 (1906691625) send AV protocol=ip *Mar 4 19:22:16.536: AAA/AUTHOR/FSM (1906691625) found list "default" *Mar 4 19:22:16.536: AAA/AUTHOR/FSM: Vi1 (1906691625) METHOD=RADIUS *Mar 4 19:22:16.536: RADIUS: Using NAS default peer *Mar 4 19:22:16.536: RADIUS: Authorize IP address 0.0.0.0 *Mar 4 19:22:16.536: AAA/AUTHOR (1906691625): Post authorization status = PASS_REPL *Mar 4 19:22:16.536: Vi1 AAA/AUTHOR/FSM: We can start IPCP *Mar 4 19:22:16.536: Vi1 AAA/AUTHOR/FSM: (0): Can we start CCP? *Mar 4 19:22:16.536: AAA/AUTHOR/FSM Vi1 (282953275): Port='Async53' list='' service=NET *Mar 4 19:22:16.536: AAA/AUTHOR/FSM: Vi1 (282953275) send AV service=ppp *Mar 4 19:22:16.536: AAA/AUTHOR/FSM: Vi1 (282953275) send AV protocol=ccp *Mar 4 19:22:16.536: AAA/AUTHOR/FSM (282953275) found list "default" *Mar 4 19:22:16.536: AAA/AUTHOR/FSM: Vi1 (282953275) METHOD=RADIUS *Mar 4 19:22:16.540: AAA/AUTHOR (282953275): Post authorization status = PASS_REPL *Mar 4 19:22:16.540: Vi1 AAA/AUTHOR/FSM: We can start CCP *Mar 4 19:22:16.540: Vi1 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 0.0.0.0 *Mar 4 19:22:16.540: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:22:16.540: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=0.0.0.0 *Mar 4 19:22:16.540: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:22:16.540: Vi1 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 0.0.0.0 *Mar 4 19:22:16.540: Vi1 AAA/AUTHOR/FSM: Check for unauthorized mandatory AV's *Mar 4 19:22:16.540: Vi1 AAA/AUTHOR/FSM: Processing AV service=ppp *Mar 4 19:22:16.540: Vi1 AAA/AUTHOR/FSM: Succeeded *Mar 4 19:22:16.656: Vi1 AAA/AUTHOR/FSM: Check for unauthorized mandatory AV's *Mar 4 19:22:16.656: Vi1 AAA/AUTHOR/FSM: Processing AV service=ppp *Mar 4 19:22:16.656: Vi1 AAA/AUTHOR/FSM: Succeeded *Mar 4 19:22:17.536: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up *Mar 4 19:22:19.516: Vi1 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 10.1.1.3 *Mar 4 19:22:19.516: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:22:19.516: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=0.0.0.0 *Mar 4 19:22:19.516: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:22:19.516: Vi1 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 10.1.1.3 *Mar 4 19:22:19.608: Vi1 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 10.1.1.3 *Mar 4 19:22:19.608: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:22:19.608: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=0.0.0.0 *Mar 4 19:22:19.608: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:22:19.612: Vi1 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 10.1.1.3 *Mar 4 19:22:19.704: Vi1 AAA/AUTHOR/IPCP: Start. Her address 10.1.1.3, we want 10.1.1.3 *Mar 4 19:22:19.704: AAA/AUTHOR/IPCP Vi1 (785695075): Port='Async53' list='' service=NET *Mar 4 19:22:19.708: AAA/AUTHOR/IPCP: Vi1 (785695075) send AV service=ppp *Mar 4 19:22:19.708: AAA/AUTHOR/IPCP: Vi1 (785695075) send AV protocol=ip *Mar 4 19:22:19.708: AAA/AUTHOR/IPCP: Vi1 (785695075) send AV addr*10.1.1.3 *Mar 4 19:22:19.708: AAA/AUTHOR/IPCP (785695075) found list "default" *Mar 4 19:22:19.708: AAA/AUTHOR/IPCP: Vi1 (785695075) METHOD=RADIUS *Mar 4 19:22:19.708: RADIUS: Using NAS default peer *Mar 4 19:22:19.708: RADIUS: Authorize IP address 10.1.1.3 *Mar 4 19:22:19.708: AAA/AUTHOR (785695075): Post authorization status = PASS_REPL *Mar 4 19:22:19.708: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:22:19.708: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=10.1.1.3 *Mar 4 19:22:19.708: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:22:19.708: Vi1 AAA/AUTHOR/IPCP: Done. Her address 10.1.1.3, we want 10.1.1.3 *Mar 4 19:22:19.708: Vi1 AAA/AUTHOR/PER-USER: Event IP_UP *Mar 4 19:22:19.708: Vi1 AAA/PER-USER: processing author params. !--- PPP negotiation finished, user is connected. !--- User is connected on line 53, async interface 53 and vaccess 1. The "show caller" !--- command shows active time and idle time for this user in Cisco IOS 11.3(8.1)AA or later. access-3#show caller Active Idle Line User Service Time Time tty 53 timeout Async 00:00:20 00:00:02 As53 timeout PPP 00:00:13 00:00:02 Vi1 timeout PPP VDP 00:00:13 00:00:11 !--- The "show caller timeout" command shows the installed absolute and idle timeout as well !--- as how much time before the user is disconnected by any timeouts. Note the timeouts !--- only show up on the vaccess interface. access-3#show caller timeouts Session Idle Disconnect Line User Timeout Timeout User in tty 53 timeout - - - As53 timeout - - - Vi1 timeout 00:01:30 00:01:00 00:00:43 !--- The "show caller user" command gives more detailed information about the user as well as !--- providing a breakdown of the active and idle time, absolute and idle timeout, !--- and time to disconnect for both idle and absolute timeout. access-3#show caller user timeout User: timeout, line tty 53, service Async Active time 00:00:31, Idle time 00:00:12 Timeouts: Absolute Idle Idle Session Exec Limits: - - 00:10:00 Disconnect in: - - - TTY: Line 53, running PPP on As53 Location: MICA V.90 modems Line: Baud rate (TX/RX) is 115200/115200, no parity, 1 stopbits, 8 databits Status: Ready, Active, No Exit Banner, Async Interface Active HW PPP Support Active Capabilities: No Flush-at-Activation, Hardware Flowcontrol In Hardware Flowcontrol Out, Modem Callout, Modem RI is CD Line usable as async interface, ARAP Permitted Integrated Modem Modem State: Ready User: timeout, line As53, service PPP Active time 00:00:23, Idle time 00:00:12 Timeouts: Absolute Idle Limits: - - Disconnect in: - - PPP: LCP Open, multilink Closed, CHAP (<- AAA) IP: Local 10.1.1.1 Counts: 35 packets input, 820 bytes, 0 no buffer 0 input errors, 0 CRC, 0 frame, 0 overrun 22 packets output, 517 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets User: timeout, line Vi1, service PPP VDP Active time 00:00:24, Idle time 00:00:22 Timeouts: Absolute Idle Limits: 00:01:30 00:01:00 Disconnect in: 00:01:05 00:00:37 PPP: LCP Open, multilink Closed, CHAP (<- none), IPCP, CCP Idle timer 60 secs, idle 22 secs IP: Local 10.1.1.1, remote 10.1.1.3 Access list (I/O) is 199/not set Counts: 24 packets input, 542 bytes, 0 no buffer 0 input errors, 0 CRC, 0 frame, 0 overrun 19 packets output, 167 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets access-3#show caller timeout Session Idle Disconnect Line User Timeout Timeout User in tty 53 timeout - - - As53 timeout - - - Vi1 timeout 00:01:30 00:01:00 00:00:35 access-3#show caller Active Idle Line User Service Time Time tty 53 timeout Async 00:00:45 00:00:27 As53 timeout PPP 00:00:38 00:00:27 Vi1 timeout PPP VDP 00:00:38 00:00:36 !--- User has been idle for 36 seconds and will be disconnected in 24 seconds. Let's !--- ping the user to see what happens. access-3#ping 10.1.1.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 92/108/132 ms !--- Now the idle timer has been reset, so we won't disconnect the user for another !--- 58 seconds. access-3#show caller timeout Session Idle Disconnect Line User Timeout Timeout User in tty 53 timeout - - - As53 timeout - - - Vi1 timeout 00:01:30 00:01:00 00:00:58 !--- Ping again to reset the idle timer. access-3#ping 10.1.1.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 96/98/108 ms !--- But note, the disconnect timer did not go back to 1 minute. The reason is because the !--- absolute timer is going to start soon. access-3#show caller timeout Session Idle Disconnect Line User Timeout Timeout User in tty 53 timeout - - - As53 timeout - - - Vi1 timeout 00:01:30 00:01:00 00:00:24 access-3#show caller user timeout User: timeout, line tty 53, service Async Active time 00:01:23, Idle time 00:00:11 Timeouts: Absolute Idle Idle Session Exec Limits: - - 00:10:00 Disconnect in: - - - TTY: Line 53, running PPP on As53 Location: MICA V.90 modems Line: Baud rate (TX/RX) is 115200/115200, no parity, 1 stopbits, 8 databits Status: Ready, Active, No Exit Banner, Async Interface Active HW PPP Support Active Capabilities: No Flush-at-Activation, Hardware Flowcontrol In Hardware Flowcontrol Out, Modem Callout, Modem RI is CD Line usable as async interface, ARAP Permitted Integrated Modem Modem State: Ready User: timeout, line As53, service PPP Active time 00:01:15, Idle time 00:00:11 Timeouts: Absolute Idle Limits: - - Disconnect in: - - PPP: LCP Open, multilink Closed, CHAP (<- AAA) IP: Local 10.1.1.1 Counts: 45 packets input, 1161 bytes, 0 no buffer 0 input errors, 0 CRC, 0 frame, 0 overrun 32 packets output, 897 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets User: timeout, line Vi1, service PPP VDP Active time 00:01:16, Idle time 00:00:12 Timeouts: Absolute Idle Limits: 00:01:30 00:01:00 Disconnect in: 00:00:13 00:00:47 PPP: LCP Open, multilink Closed, CHAP (<- none), IPCP, CCP Idle timer 60 secs, idle 12 secs IP: Local 10.1.1.1, remote 10.1.1.3 Access list (I/O) is 199/not set Counts: 34 packets input, 883 bytes, 0 no buffer 0 input errors, 0 CRC, 0 frame, 0 overrun 39 packets output, 547 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets !--- User is disconnected. *Mar 4 19:23:47.536: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down *Mar 4 19:23:47.536: Vi1 VTEMPLATE: Free vaccess *Mar 4 19:23:47.540: As53 AAA/ACCT: non-ISDN xmit 50000 recv 28800 hwidb 613307E0 ttynum 53 !--- Send accounting stop record, includes disc-cause 5 (session-timeout) and !--- disc-cause-ext 1100 (session-timeout). *Mar 4 19:23:47.540: AAA/ACCT/NET/STOP User timeout, Port Async53: task_id=9 timezone=PST service=ppp protocol=ip addr=10.1.1.3 disc-cause=5 disc-cause-ext=1100 pre-bytes-in=184 pre-bytes-out=330 pre-paks-in=7 pre-paks-out=11 bytes_in=950 bytes_out=567 paks_in=37 paks_out=21 pre-session-time=5 elapsed_time=91 nas-rx-speed=28800 nas-tx-speed=50000 *Mar 4 19:23:47.540: Vi1 AAA/AUTHOR/PER-USER: Event IP_DOWN *Mar 4 19:23:47.540: Vi1 AAA/AUTHOR/PER-USER: Event LCP_DOWN !--- Modem hangs up. *Mar 4 19:23:47.580: Mica Modem(1/28): State Transition to Terminating *Mar 4 19:23:47.640: Mica Modem(1/28): State Transition to Idle *Mar 4 19:23:47.640: Mica Modem(1/28): Went onhook *Mar 4 19:23:47.640: CSM_PROC_IC5_OC6_CONNECTED: CSM_EVENT_MODEM_ONHOOK at slot 1, port 28 *Mar 4 19:23:47.640: VDEV_DEALLOCATE: slot 1 and port 28 is deallocated *Mar 4 19:23:47.640: ISDN Se0:23: Event: Hangup call to call id 0x3D !--- ISDN call is terminated. *Mar 4 19:23:47.640: ISDN Se0:23: TX -> DISCONNECT pd = 8 callref = 0x8009 *Mar 4 19:23:47.640: Cause i = 0x8090 - Normal call clearing *Mar 4 19:23:47.688: ISDN Se0:23: RX <- RELEASE pd = 8 callref = 0x09 *Mar 4 19:23:47.696: ISDN Se0:23: TX -> RELEASE_COMP pd = 8 callref = 0x8009 *Mar 4 19:23:47.744: TAC+: (866083896): received acct response status = SUCCESS !--- Per-user timeouts are taken off the vaccess interface. *Mar 4 19:23:48.140: VTEMPLATE: Clean up dirty vaccess queue, size 1 *Mar 4 19:23:48.140: Vi1 VTEMPLATE: Found a dirty vaccess clone with vtemplate/AAA *Mar 4 19:23:48.140: Vi1 VTEMPLATE: ************ UNCLONE VACCESS1 ************** *Mar 4 19:23:48.140: Vi1 VTEMPLATE: Unclone to-be-freed command#2 interface Virtual-Access1 default ppp timeout idle 60 default timeout absolute 1 30 end !--- vaccess interface is cleaned up. *Mar 4 19:23:48.160: Vi1 VTEMPLATE: Set default settings with no ip address *Mar 4 19:23:48.176: Vi1 VTEMPLATE: Remove cloneblk AAA with vtemplate/AAA *Mar 4 19:23:48.180: Vi1 VTEMPLATE: ************ UNCLONE VACCESS1 ************** *Mar 4 19:23:48.180: Vi1 VTEMPLATE: Unclone to-be-freed command#15 interface Virtual-Access1 default multilink max-links 2 default ppp multilink default ppp authentication chap pap ms-chap default ppp callback accept default compress mppc default peer default ip address pool default default keepalive default ip nat inside default ip accounting output-packets default ip directed-broadcast default ip helper-address 172.16.24.118 default ip access-group 199 in default ip unnumbered Loopback0 default encap ppp default ip address end *Mar 4 19:23:48.264: Vi1 VTEMPLATE: Set default settings with no ip address *Mar 4 19:23:48.284: Vi1 VTEMPLATE: Remove cloneblk vtemplate with vtemplate/AAA *Mar 4 19:23:48.284: Vi1 VTEMPLATE: Add vaccess to recycle queue, queue SIZE=1 !--- Here is the call record for the user. Note the disconnect reason is Session-Timeout !--- (absolute timeout). *Mar 4 19:23:48.300: %CALLRECORD-3-MICA_TERSE_CALL_REC: DS0 slot/contr/chan=2/0/18, slot/port=1/28, call_id=3D, userid=timeout, ip=10.1.1.3, calling=(n/a), called=4085703932, std=K56Flx, prot=LAP-M, comp=V.42bis both, init-rx/tx b-rate=28800/50000, finl-rx/tx b-rate=28800/50000, rbs=0, d-pad=6 dB, retr=0, sq=3, snr=32, rx/tx chars=1274/1477, bad=4, rx/tx ec=45/61, bad=3, time=118, finl-state=Steady, disc(radius)=Session Timeout/Session Timeout, disc(modem)=DF03 Tx (host to line) data flushing - OK/Requested by host/DTR dropped *Mar 4 19:23:48.536: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to down *Mar 4 19:23:49.536: As53 AAA/AUTHOR/PER-USER: Event LCP_DOWN
Voici un appel asynchrone avec des profils virtuels. Il a le même nom d'utilisateur que l'exemple ci-dessus. Le profil installe un délai d'attente absolu de 90 secondes et un délai d'inactivité de 60 secondes. Dans cet exemple, nous allons laisser la connexion inactive. Il n'y a pas de commentaires ci-dessous, mais un résultat important a été mis en évidence.
*Mar 4 19:24:38.768: ISDN Se0:23: RX <- SETUP pd = 8 callref = 0x0A *Mar 4 19:24:38.768: Bearer Capability i = 0x9090A2 *Mar 4 19:24:38.768: Channel ID i = 0xA98393 *Mar 4 19:24:38.768: Called Party Number i = 0xC1, '4085703932' *Mar 4 19:24:38.772: ISDN Se0:23: TX -> CALL_PROC pd = 8 callref = 0x800A *Mar 4 19:24:38.772: Channel ID i = 0xA98393 *Mar 4 19:24:38.772: ISDN Se0:23: TX -> ALERTING pd = 8 callref = 0x800A *Mar 4 19:24:38.772: EVENT_FROM_ISDN::dchan_idb=0x6122CFCC, call_id=0x3E, ces=0x1 bchan=0x12, event=0x1, cause=0x0 *Mar 4 19:24:38.772: VDEV_ALLOCATE: slot 1 and port 29 is allocated. *Mar 4 19:24:38.772: EVENT_FROM_ISDN:(003E): DEV_INCALL at slot 1 and port 29 *Mar 4 19:24:38.772: CSM_PROC_IDLE: CSM_EVENT_ISDN_CALL at slot 1, port 29 *Mar 4 19:24:38.772: Mica Modem(1/29): Configure(0x1 = 0x0) *Mar 4 19:24:38.772: Mica Modem(1/29): Configure(0x23 = 0x0) *Mar 4 19:24:38.772: Mica Modem(1/29): Call Setup *Mar 4 19:24:38.908: Mica Modem(1/29): State Transition to Call Setup *Mar 4 19:24:38.908: Mica Modem(1/29): Went offhook *Mar 4 19:24:38.908: CSM_PROC_IC1_RING: CSM_EVENT_MODEM_OFFHOOK at slot 1, port 29 *Mar 4 19:24:38.912: ISDN Se0:23: TX -> CONNECT pd = 8 callref = 0x800A *Mar 4 19:24:38.972: ISDN Se0:23: RX <- CONNECT_ACK pd = 8 callref = 0x0A *Mar 4 19:24:38.976: EVENT_FROM_ISDN::dchan_idb=0x6122CFCC, call_id=0x3E, ces=0x1 bchan=0x12, event=0x4, cause=0x0 *Mar 4 19:24:38.976: EVENT_FROM_ISDN:(003E): DEV_CONNECTED at slot 1 and port 29 *Mar 4 19:24:38.976: CSM_PROC_IC4_WAIT_FOR_CARRIER: CSM_EVENT_ISDN_CONNECTED at slot 1, port 29 *Mar 4 19:24:38.976: Mica Modem(1/29): Link Initiate *Mar 4 19:24:40.060: Mica Modem(1/29): State Transition to Connect *Mar 4 19:24:45.256: Mica Modem(1/29): State Transition to Link *Mar 4 19:24:56.796: Mica Modem(1/29): State Transition to Trainup *Mar 4 19:24:59.996: Mica Modem(1/29): State Transition to EC Negotiating *Mar 4 19:25:00.532: Mica Modem(1/29): State Transition to Steady State *Mar 4 19:25:01.340: AAA: parse NAME=tty54 idb TYPE=10 tty=54 *Mar 4 19:25:01.340: AAA: NAME=tty54 flags=0x11 TYPE=4 shelf=0 slot=0 adapter=0 port=54 channel=0 *Mar 4 19:25:01.340: AAA: parse NAME=Serial0:18 idb TYPE=12 tty=-1 *Mar 4 19:25:01.340: AAA: NAME=Serial0:18 flags=0x51 TYPE=1 shelf=0 slot=0 adapter=0 port=0 channel=18 *Mar 4 19:25:02.544: As54 LCP: Lower layer not up, Fast Starting *Mar 4 19:25:02.544: As54 PPP: Treating connection as a dedicated line *Mar 4 19:25:02.544: As54 AAA/AUTHOR/FSM: (0): LCP succeeds trivially *Mar 4 19:25:04.744: As54 PPP: Phase is AUTHENTICATING, by this end *Mar 4 19:25:04.744: As54 CHAP: O CHALLENGE id 1 len 26 from "STACK" *Mar 4 19:25:06.628: As54 AAA/AUTHOR/PER-USER: Event LCP_DOWN *Mar 4 19:25:06.820: As54 PPP: Phase is AUTHENTICATING, by this end *Mar 4 19:25:06.820: As54 CHAP: O CHALLENGE id 2 len 26 from "STACK" *Mar 4 19:25:06.916: As54 CHAP: I RESPONSE id 2 len 30 from "timeout" *Mar 4 19:25:06.916: AAA: parse NAME=Async54 idb TYPE=10 tty=54 *Mar 4 19:25:06.916: AAA: NAME=Async54 flags=0x11 TYPE=4 shelf=0 slot=0 adapter=0 port=54 channel=0 *Mar 4 19:25:06.916: AAA: parse NAME=Serial0:18 idb TYPE=12 tty=-1 *Mar 4 19:25:06.916: AAA: NAME=Serial0:18 flags=0x51 TYPE=1 shelf=0 slot=0 adapter=0 port=0 channel=18 *Mar 4 19:25:06.916: RADIUS: ustruct sharecount=1 *Mar 4 19:25:06.916: RADIUS: Initial Transmit Async54 id 1 172.16.24.117:1645, Access-Request, len 92 *Mar 4 19:25:06.916: Attribute 4 6 AC101874 *Mar 4 19:25:06.916: Attribute 5 6 00000036 *Mar 4 19:25:06.916: Attribute 61 6 00000000 *Mar 4 19:25:06.916: Attribute 1 11 74696D65 *Mar 4 19:25:06.916: Attribute 30 12 34303835 *Mar 4 19:25:06.916: Attribute 3 19 024525C7 *Mar 4 19:25:06.916: Attribute 6 6 00000002 *Mar 4 19:25:06.916: Attribute 7 6 00000001 *Mar 4 19:25:06.924: RADIUS: Received from id 1 172.16.24.117:1645, Access-Accept, len 50 *Mar 4 19:25:06.924: Attribute 6 6 00000002 *Mar 4 19:25:06.924: Attribute 7 6 00000001 *Mar 4 19:25:06.924: Attribute 8 6 FFFFFFFE *Mar 4 19:25:06.924: Attribute 27 6 0000005A *Mar 4 19:25:06.928: Attribute 28 6 0000003C *Mar 4 19:25:06.928: As54 AAA/AUTHOR/LCP: Authorize LCP *Mar 4 19:25:06.928: AAA/AUTHOR/LCP As54 (2013841092): Port='Async54' list='' service=NET *Mar 4 19:25:06.928: AAA/AUTHOR/LCP: As54 (2013841092) send AV service=ppp *Mar 4 19:25:06.928: AAA/AUTHOR/LCP: As54 (2013841092) send AV protocol=lcp *Mar 4 19:25:06.928: AAA/AUTHOR/LCP (2013841092) found list "default" *Mar 4 19:25:06.928: AAA/AUTHOR/LCP: As54 (2013841092) METHOD=RADIUS *Mar 4 19:25:06.928: AAA/AUTHOR (2013841092): Post authorization status = PASS_REPL *Mar 4 19:25:06.928: As54 AAA/AUTHOR/LCP: Processing AV service=ppp *Mar 4 19:25:06.928: As54 AAA/AUTHOR/LCP: Processing AV timeout=90 *Mar 4 19:25:06.928: As54 AAA/AUTHOR/LCP: Processing AV idletime=60 *Mar 4 19:25:06.928: AAA/AUTHOR/LCP As54: Per-user interface config created: timeout absolute 1 30 ppp timeout idle 60 *Mar 4 19:25:06.928: As54 CHAP: O SUCCESS id 2 len 4 *Mar 4 19:25:06.928: AAA/ACCT/NET/START User timeout, Port Async54, List "" *Mar 4 19:25:06.928: AAA/ACCT/NET: Found list "default" *Mar 4 19:25:07.028: Vi1 VTEMPLATE: Reuse Vi1, recycle queue size 0 *Mar 4 19:25:07.028: Vi1 VTEMPLATE: Hardware address 00e0.1e81.636c *Mar 4 19:25:07.028: Vi1 VTEMPLATE: Has a new cloneblk vtemplate, now it has vtemplate *Mar 4 19:25:07.028: Vi1 VTEMPLATE: ************* CLONE VACCESS1 ***************** *Mar 4 19:25:07.028: Vi1 VTEMPLATE: Clone from Virtual-Template1 interface Virtual-Access1 default ip address no ip address encap ppp ip unnumbered Loopback0 ip access-group 199 in ip helper-address 172.16.24.118 no ip directed-broadcast ip accounting output-packets ip nat inside no keepalive peer default ip address pool default compress mppc ppp callback accept ppp authentication chap pap ms-chap ppp multilink multilink max-links 2 end *Mar 4 19:25:07.092: Vi1 CCP: Re-Syncing history using legacy method *Mar 4 19:25:07.108: Vi1 VTEMPLATE: Has a new cloneblk AAA, now it has vtemplate/AAA *Mar 4 19:25:07.108: Vi1 VTEMPLATE: ************* CLONE VACCESS1 ***************** *Mar 4 19:25:07.108: Vi1 VTEMPLATE: Clone from AAA interface Virtual-Access1 timeout absolute 1 30 ppp timeout idle 60 end *Mar 4 19:25:07.120: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up *Mar 4 19:25:07.124: Vi1 PPP: Treating connection as a dedicated line *Mar 4 19:25:07.124: Vi1 AAA/AUTHOR/FSM: (0): LCP succeeds trivially *Mar 4 19:25:07.124: Vi1 AAA/AUTHOR/FSM: (0): Can we start IPCP? *Mar 4 19:25:07.124: AAA/AUTHOR/FSM Vi1 (3979277251): Port='Async54' list='' service=NET *Mar 4 19:25:07.124: AAA/AUTHOR/FSM: Vi1 (3979277251) send AV service=ppp *Mar 4 19:25:07.124: AAA/AUTHOR/FSM: Vi1 (3979277251) send AV protocol=ip *Mar 4 19:25:07.124: AAA/AUTHOR/FSM (3979277251) found list "default" *Mar 4 19:25:07.124: AAA/AUTHOR/FSM: Vi1 (3979277251) METHOD=RADIUS *Mar 4 19:25:07.124: RADIUS: Using NAS default peer *Mar 4 19:25:07.124: RADIUS: Authorize IP address 0.0.0.0 *Mar 4 19:25:07.124: AAA/AUTHOR (3979277251): Post authorization status = PASS_REPL *Mar 4 19:25:07.124: Vi1 AAA/AUTHOR/FSM: We can start IPCP *Mar 4 19:25:07.124: Vi1 AAA/AUTHOR/FSM: (0): Can we start CCP? *Mar 4 19:25:07.124: AAA/AUTHOR/FSM Vi1 (1524934880): Port='Async54' list='' service=NET *Mar 4 19:25:07.124: AAA/AUTHOR/FSM: Vi1 (1524934880) send AV service=ppp *Mar 4 19:25:07.124: AAA/AUTHOR/FSM: Vi1 (1524934880) send AV protocol=ccp *Mar 4 19:25:07.128: AAA/AUTHOR/FSM (1524934880) found list "default" *Mar 4 19:25:07.128: AAA/AUTHOR/FSM: Vi1 (1524934880) METHOD=RADIUS *Mar 4 19:25:07.128: AAA/AUTHOR (1524934880): Post authorization status = PASS_REPL *Mar 4 19:25:07.128: Vi1 AAA/AUTHOR/FSM: We can start CCP *Mar 4 19:25:07.128: Vi1 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 0.0.0.0 *Mar 4 19:25:07.128: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:25:07.128: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=0.0.0.0 *Mar 4 19:25:07.128: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:25:07.128: Vi1 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 0.0.0.0 *Mar 4 19:25:07.128: Vi1 AAA/AUTHOR/FSM: Check for unauthorized mandatory AV's *Mar 4 19:25:07.128: Vi1 AAA/AUTHOR/FSM: Processing AV service=ppp *Mar 4 19:25:07.128: Vi1 AAA/AUTHOR/FSM: Succeeded *Mar 4 19:25:07.236: Vi1 AAA/AUTHOR/FSM: Check for unauthorized mandatory AV's *Mar 4 19:25:07.236: Vi1 AAA/AUTHOR/FSM: Processing AV service=ppp *Mar 4 19:25:07.236: Vi1 AAA/AUTHOR/FSM: Succeeded *Mar 4 19:25:08.120: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up *Mar 4 19:25:10.124: Vi1 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 10.1.1.3 *Mar 4 19:25:10.124: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:25:10.124: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=0.0.0.0 *Mar 4 19:25:10.124: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:25:10.124: Vi1 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 10.1.1.3 *Mar 4 19:25:10.220: Vi1 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 10.1.1.3 *Mar 4 19:25:10.220: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:25:10.220: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=0.0.0.0 *Mar 4 19:25:10.220: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:25:10.220: Vi1 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 10.1.1.3 *Mar 4 19:25:10.316: Vi1 AAA/AUTHOR/IPCP: Start. Her address 10.1.1.3, we want 10.1.1.3 *Mar 4 19:25:10.316: AAA/AUTHOR/IPCP Vi1 (2714455877): Port='Async54' list='' service=NET *Mar 4 19:25:10.316: AAA/AUTHOR/IPCP: Vi1 (2714455877) send AV service=ppp *Mar 4 19:25:10.316: AAA/AUTHOR/IPCP: Vi1 (2714455877) send AV protocol=ip *Mar 4 19:25:10.316: AAA/AUTHOR/IPCP: Vi1 (2714455877) send AV addr*10.1.1.3 *Mar 4 19:25:10.316: AAA/AUTHOR/IPCP (2714455877) found list "default" *Mar 4 19:25:10.316: AAA/AUTHOR/IPCP: Vi1 (2714455877) METHOD=RADIUS *Mar 4 19:25:10.316: RADIUS: Using NAS default peer *Mar 4 19:25:10.320: RADIUS: Authorize IP address 10.1.1.3 *Mar 4 19:25:10.320: AAA/AUTHOR (2714455877): Post authorization status = PASS_REPL *Mar 4 19:25:10.320: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:25:10.320: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=10.1.1.3 *Mar 4 19:25:10.320: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:25:10.320: Vi1 AAA/AUTHOR/IPCP: Done. Her address 10.1.1.3, we want 10.1.1.3 *Mar 4 19:25:10.320: Vi1 AAA/AUTHOR/PER-USER: Event IP_UP *Mar 4 19:25:10.320: Vi1 AAA/PER-USER: processing author params. access-3#show caller Active Idle Line User Service Time Time tty 54 timeout Async 00:00:17 00:00:01 As54 timeout PPP 00:00:10 00:00:01 Vi1 timeout PPP VDP 00:00:10 00:00:08 access-3#show caller Active Idle Line User Service Time Time tty 54 timeout Async 00:00:27 00:00:11 As54 timeout PPP 00:00:20 00:00:11 Vi1 timeout PPP VDP 00:00:20 00:00:18 access-3#show caller user timeout User: timeout, line tty 54, service Async Active time 00:00:49, Idle time 00:00:34 Timeouts: Absolute Idle Idle Session Exec Limits: - - 00:10:00 Disconnect in: - - - TTY: Line 54, running PPP on As54 Location: MICA V.90 modems Line: Baud rate (TX/RX) is 115200/115200, no parity, 1 stopbits, 8 databits Status: Ready, Active, No Exit Banner, Async Interface Active HW PPP Support Active Capabilities: No Flush-at-Activation, Hardware Flowcontrol In Hardware Flowcontrol Out, Modem Callout, Modem RI is CD Line usable as async interface, ARAP Permitted Integrated Modem Modem State: Ready User: timeout, line As54, service PPP Active time 00:00:43, Idle time 00:00:34 Timeouts: Absolute Idle Limits: - - Disconnect in: - - PPP: LCP Open, multilink Closed, CHAP (<- AAA) IP: Local 10.1.1.1 Counts: 35 packets input, 824 bytes, 0 no buffer 0 input errors, 0 CRC, 0 frame, 0 overrun 22 packets output, 517 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets User: timeout, line Vi1, service PPP VDP Active time 00:00:43, Idle time 00:00:41 Timeouts: Absolute Idle Limits: 00:01:30 00:01:00 Disconnect in: 00:00:45 00:00:18 PPP: LCP Open, multilink Closed, CHAP (<- none), IPCP, CCP Idle timer 60 secs, idle 41 secs IP: Local 10.1.1.1, remote 10.1.1.3 Access list (I/O) is 199/not set Counts: 24 packets input, 546 bytes, 0 no buffer 0 input errors, 0 CRC, 0 frame, 0 overrun 19 packets output, 167 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets access-3#show caller timeouts Session Idle Disconnect Line User Timeout Timeout User in tty 54 timeout - - - As54 timeout - - - Vi1 timeout 00:01:30 00:01:00 00:00:05 *Mar 4 19:26:10.320: Vi1 PPP: Idle timeout, dropping connection *Mar 4 19:26:10.320: As54 AAA/ACCT: non-ISDN xmit 50000 recv 28800 hwidb 613360C8 ttynum 54 *Mar 4 19:26:10.320: AAA/ACCT/NET/STOP User timeout, Port Async54: task_id=10 timezone=PST service=ppp protocol=ip addr=10.1.1.3 disc-cause=4 disc-cause-ext=1021 pre-bytes-in=184 pre-bytes-out=330 pre-paks-in=7 pre-paks-out=11 bytes_in=613 bytes_out=187 paks_in=27 paks_out=11 pre-session-time=4 elapsed_time=63 nas-rx-speed=28800 nas-tx-speed=50000 *Mar 4 19:26:10.320: Vi1 AAA/AUTHOR/PER-USER: Event IP_DOWN *Mar 4 19:26:10.324: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down *Mar 4 19:26:10.324: Vi1 VTEMPLATE: Free vaccess *Mar 4 19:26:10.328: Vi1 AAA/AUTHOR/PER-USER: Event LCP_DOWN *Mar 4 19:26:10.376: Mica Modem(1/29): State Transition to Terminating *Mar 4 19:26:10.436: Mica Modem(1/29): State Transition to Idle *Mar 4 19:26:10.436: Mica Modem(1/29): Went onhook *Mar 4 19:26:10.436: CSM_PROC_IC5_OC6_CONNECTED: CSM_EVENT_MODEM_ONHOOK at slot 1, port 29 *Mar 4 19:26:10.440: VDEV_DEALLOCATE: slot 1 and port 29 is deallocated *Mar 4 19:26:10.440: ISDN Se0:23: Event: Hangup call to call id 0x3E *Mar 4 19:26:10.440: ISDN Se0:23: TX -> DISCONNECT pd = 8 callref = 0x800A *Mar 4 19:26:10.440: Cause i = 0x8090 - Normal call clearing *Mar 4 19:26:10.488: ISDN Se0:23: RX <- RELEASE pd = 8 callref = 0x0A *Mar 4 19:26:10.496: ISDN Se0:23: TX -> RELEASE_COMP pd = 8 callref = 0x800A *Mar 4 19:26:10.528: TAC+: (2047544826): received acct response status = SUCCESS *Mar 4 19:26:11.180: VTEMPLATE: Clean up dirty vaccess queue, size 1 *Mar 4 19:26:11.180: Vi1 VTEMPLATE: Found a dirty vaccess clone with vtemplate/AAA *Mar 4 19:26:11.180: Vi1 VTEMPLATE: ************ UNCLONE VACCESS1 ************** *Mar 4 19:26:11.180: Vi1 VTEMPLATE: Unclone to-be-freed command#2 interface Virtual-Access1 default ppp timeout idle 60 default timeout absolute 1 30 end *Mar 4 19:26:11.200: Vi1 VTEMPLATE: Set default settings with no ip address *Mar 4 19:26:11.216: Vi1 VTEMPLATE: Remove cloneblk AAA with vtemplate/AAA *Mar 4 19:26:11.216: Vi1 VTEMPLATE: ************ UNCLONE VACCESS1 ************** *Mar 4 19:26:11.216: Vi1 VTEMPLATE: Unclone to-be-freed command#15 interface Virtual-Access1 default multilink max-links 2 default ppp multilink default ppp authentication chap pap ms-chap default ppp callback accept default compress mppc default peer default ip address pool default default keepalive default ip nat inside default ip accounting output-packets default ip directed-broadcast default ip helper-address 172.16.24.118 default ip access-group 199 in default ip unnumbered Loopback0 default encap ppp default ip address end *Mar 4 19:26:11.304: Vi1 VTEMPLATE: Set default settings with no ip address *Mar 4 19:26:11.324: Vi1 VTEMPLATE: Remove cloneblk vtemplate with vtemplate/AAA *Mar 4 19:26:11.324: Vi1 VTEMPLATE: Add vaccess to recycle queue, queue SIZE=1 *Mar 4 19:26:11.324: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to down *Mar 4 19:26:11.460: Mica Modem(1/29): State Transition to Terminating *Mar 4 19:26:11.520: Mica Modem(1/29): State Transition to Idle *Mar 4 19:26:12.200: %CALLRECORD-3-MICA_TERSE_CALL_REC: DS0 slot/contr/chan=2/0/18, slot/port=1/29, call_id=3E, userid=timeout, ip=10.1.1.3, calling=(n/a), called=4085703932, std=K56Flx, prot=LAP-M, comp=V.42bis both, init-rx/tx b-rate=28800/50000, finl-rx/tx b-rate=28800/50000, rbs=0, d-pad=6 dB, retr=0, sq=3, snr=34, rx/tx chars=918/1138, bad=5, rx/tx ec=35/47, bad=0, time=90, finl-state=Steady, disc(radius)=Idle Timeout/Idle Timeout, disc(modem)=DF03 Tx (host to line) data flushing - OK/Requested by host/DTR dropped *Mar 4 19:26:12.320: As54 AAA/AUTHOR/PER-USER: Event LCP_DOWN
Vous trouverez ci-dessous un appel asynchrone sans profils virtuels activés. Notez que la commande dialer idle-timeout est utilisée au lieu de la commande ppp timeout idle car nous n'utilisons pas de profils virtuels et il n'y a pas d'interface vaccess. Vous verrez également que nous créons la commande par utilisateur timeout et, en même temps, la version no des commandes. Les commandes du minuteur par utilisateur sont installées immédiatement, tandis que la version no des commandes est mise en file d'attente vers l'interface à traiter lorsque l'utilisateur se déconnecte.
*Mar 4 19:30:28.420: ISDN Se0:23: RX <- SETUP pd = 8 callref = 0x06 *Mar 4 19:30:28.420: Bearer Capability i = 0x9090A2 *Mar 4 19:30:28.420: Channel ID i = 0xA98393 *Mar 4 19:30:28.420: Called Party Number i = 0xC1, '4085703932' *Mar 4 19:30:28.420: ISDN Se0:23: TX -> CALL_PROC pd = 8 callref = 0x8006 *Mar 4 19:30:28.420: Channel ID i = 0xA98393 *Mar 4 19:30:28.424: ISDN Se0:23: TX -> ALERTING pd = 8 callref = 0x8006 *Mar 4 19:30:28.424: EVENT_FROM_ISDN::dchan_idb=0x6122CFCC, call_id=0x40, ces=0x1 bchan=0x12, event=0x1, cause=0x0 *Mar 4 19:30:28.424: VDEV_ALLOCATE: slot 1 and port 2 is allocated. *Mar 4 19:30:28.424: EVENT_FROM_ISDN:(0040): DEV_INCALL at slot 1 and port 2 *Mar 4 19:30:28.424: CSM_PROC_IDLE: CSM_EVENT_ISDN_CALL at slot 1, port 2 *Mar 4 19:30:28.424: Mica Modem(1/2): Configure(0x1 = 0x0) *Mar 4 19:30:28.424: Mica Modem(1/2): Configure(0x23 = 0x0) *Mar 4 19:30:28.424: Mica Modem(1/2): Call Setup *Mar 4 19:30:28.552: Mica Modem(1/2): State Transition to Call Setup *Mar 4 19:30:28.552: Mica Modem(1/2): Went offhook *Mar 4 19:30:28.552: CSM_PROC_IC1_RING: CSM_EVENT_MODEM_OFFHOOK at slot 1, port 2 *Mar 4 19:30:28.552: ISDN Se0:23: TX -> CONNECT pd = 8 callref = 0x8006 *Mar 4 19:30:28.604: ISDN Se0:23: RX <- CONNECT_ACK pd = 8 callref = 0x06 *Mar 4 19:30:28.604: EVENT_FROM_ISDN::dchan_idb=0x6122CFCC, call_id=0x40, ces=0x1 bchan=0x12, event=0x4, cause=0x0 *Mar 4 19:30:28.604: EVENT_FROM_ISDN:(0040): DEV_CONNECTED at slot 1 and port 2 *Mar 4 19:30:28.604: CSM_PROC_IC4_WAIT_FOR_CARRIER: CSM_EVENT_ISDN_CONNECTED at slot 1, port 2 *Mar 4 19:30:28.604: Mica Modem(1/2): Link Initiate *Mar 4 19:30:29.692: Mica Modem(1/2): State Transition to Connect *Mar 4 19:30:34.888: Mica Modem(1/2): State Transition to Link *Mar 4 19:30:46.408: Mica Modem(1/2): State Transition to Trainup *Mar 4 19:30:49.612: Mica Modem(1/2): State Transition to EC Negotiating *Mar 4 19:30:50.156: Mica Modem(1/2): State Transition to Steady State *Mar 4 19:30:50.592: AAA: parse NAME=tty27 idb TYPE=10 tty=27 *Mar 4 19:30:50.592: AAA: NAME=tty27 flags=0x11 TYPE=4 shelf=0 slot=0 adapter=0 port=27 channel=0 *Mar 4 19:30:50.592: AAA: parse NAME=Serial0:18 idb TYPE=12 tty=-1 *Mar 4 19:30:50.592: AAA: NAME=Serial0:18 flags=0x51 TYPE=1 shelf=0 slot=0 adapter=0 port=0 channel=18 *Mar 4 19:30:51.792: As27 LCP: Lower layer not up, Fast Starting *Mar 4 19:30:51.792: As27 PPP: Treating connection as a callin *Mar 4 19:30:51.792: As27 AAA/AUTHOR/FSM: (0): LCP succeeds trivially *Mar 4 19:30:57.468: As27 PPP: Phase is AUTHENTICATING, by this end *Mar 4 19:30:57.468: As27 CHAP: O CHALLENGE id 1 len 26 from "STACK" *Mar 4 19:30:57.564: As27 CHAP: I RESPONSE id 1 len 30 from "timeout" *Mar 4 19:30:57.564: AAA: parse NAME=Async27 idb TYPE=10 tty=27 *Mar 4 19:30:57.564: AAA: NAME=Async27 flags=0x11 TYPE=4 shelf=0 slot=0 adapter=0 port=27 channel=0 *Mar 4 19:30:57.564: AAA: parse NAME=Serial0:18 idb TYPE=12 tty=-1 *Mar 4 19:30:57.564: AAA: NAME=Serial0:18 flags=0x51 TYPE=1 shelf=0 slot=0 adapter=0 port=0 channel=18 *Mar 4 19:30:57.564: RADIUS: ustruct sharecount=1 *Mar 4 19:30:57.564: RADIUS: Initial Transmit Async27 id 3 172.16.24.117:1645, Access-Request, len 92 *Mar 4 19:30:57.564: Attribute 4 6 AC101874 *Mar 4 19:30:57.564: Attribute 5 6 0000001B *Mar 4 19:30:57.564: Attribute 61 6 00000000 *Mar 4 19:30:57.564: Attribute 1 11 74696D65 *Mar 4 19:30:57.564: Attribute 30 12 34303835 *Mar 4 19:30:57.564: Attribute 3 19 01E5C3F6 *Mar 4 19:30:57.564: Attribute 6 6 00000002 *Mar 4 19:30:57.564: Attribute 7 6 00000001 *Mar 4 19:30:57.572: RADIUS: Received from id 3 172.16.24.117:1645, Access-Accept, len 50 *Mar 4 19:30:57.572: Attribute 6 6 00000002 *Mar 4 19:30:57.572: Attribute 7 6 00000001 *Mar 4 19:30:57.572: Attribute 8 6 FFFFFFFE *Mar 4 19:30:57.572: Attribute 27 6 0000005A *Mar 4 19:30:57.572: Attribute 28 6 0000003C *Mar 4 19:30:57.572: As27 AAA/AUTHOR/LCP: Authorize LCP *Mar 4 19:30:57.572: AAA/AUTHOR/LCP As27 (1969884263): Port='Async27' list='' service=NET *Mar 4 19:30:57.572: AAA/AUTHOR/LCP: As27 (1969884263) send AV service=ppp *Mar 4 19:30:57.572: AAA/AUTHOR/LCP: As27 (1969884263) send AV protocol=lcp *Mar 4 19:30:57.572: AAA/AUTHOR/LCP (1969884263) found list "default" *Mar 4 19:30:57.572: AAA/AUTHOR/LCP: As27 (1969884263) METHOD=RADIUS *Mar 4 19:30:57.572: AAA/AUTHOR (1969884263): Post authorization status = PASS_REPL *Mar 4 19:30:57.572: As27 AAA/AUTHOR/LCP: Processing AV service=ppp *Mar 4 19:30:57.572: As27 AAA/AUTHOR/LCP: Processing AV timeout=90 *Mar 4 19:30:57.572: As27 AAA/AUTHOR: Parse 'interface Async27' *Mar 4 19:30:57.576: As27 AAA/AUTHOR: Parse returned ok (0) *Mar 4 19:30:57.576: As27 AAA/AUTHOR: Parse 'timeout absolute 1 30' *Mar 4 19:30:57.580: As27 AAA/AUTHOR: Parse returned ok (0) *Mar 4 19:30:57.580: As27 AAA/AUTHOR: enqueue peruser LCP txt=interface Async27 no timeout absolute *Mar 4 19:30:57.580: As27 AAA/AUTHOR/LCP: Processing AV idletime=60 *Mar 4 19:30:57.580: As27 AAA/AUTHOR: Parse 'interface Async27' *Mar 4 19:30:57.584: As27 AAA/AUTHOR: Parse returned ok (0) *Mar 4 19:30:57.584: As27 AAA/AUTHOR: Parse 'dialer idle-timeout 60' *Mar 4 19:30:57.588: As27 AAA/AUTHOR: Parse returned ok (0) *Mar 4 19:30:57.588: As27 AAA/AUTHOR: enqueue peruser LCP txt=interface Async27 no dialer idle-timeout *Mar 4 19:30:57.588: As27 CHAP: O SUCCESS id 1 len 4 *Mar 4 19:30:57.588: AAA/ACCT/NET/START User timeout, Port Async27, List "" *Mar 4 19:30:57.588: AAA/ACCT/NET: Found list "default" *Mar 4 19:30:57.692: As27 AAA/AUTHOR/FSM: (0): Can we start IPCP? *Mar 4 19:30:57.692: AAA/AUTHOR/FSM As27 (2088523207): Port='Async27' list='' service=NET *Mar 4 19:30:57.692: AAA/AUTHOR/FSM: As27 (2088523207) send AV service=ppp *Mar 4 19:30:57.692: AAA/AUTHOR/FSM: As27 (2088523207) send AV protocol=ip *Mar 4 19:30:57.692: AAA/AUTHOR/FSM (2088523207) found list "default" *Mar 4 19:30:57.692: AAA/AUTHOR/FSM: As27 (2088523207) METHOD=RADIUS *Mar 4 19:30:57.692: RADIUS: Using NAS default peer *Mar 4 19:30:57.692: RADIUS: Authorize IP address 10.1.1.6 *Mar 4 19:30:57.692: AAA/AUTHOR (2088523207): Post authorization status = PASS_REPL *Mar 4 19:30:57.692: As27 AAA/AUTHOR/FSM: We can start IPCP *Mar 4 19:30:57.784: As27 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 10.1.1.6 *Mar 4 19:30:57.788: As27 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:30:57.788: As27 AAA/AUTHOR/IPCP: Processing AV addr=10.1.1.6 *Mar 4 19:30:57.788: As27 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:30:57.788: As27 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 10.1.1.6 *Mar 4 19:31:00.792: As27 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 10.1.1.6 *Mar 4 19:31:00.792: As27 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:31:00.792: As27 AAA/AUTHOR/IPCP: Processing AV addr=10.1.1.6 *Mar 4 19:31:00.792: As27 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:31:00.792: As27 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 10.1.1.6 *Mar 4 19:31:00.884: As27 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 10.1.1.6 *Mar 4 19:31:00.884: As27 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:31:00.884: As27 AAA/AUTHOR/IPCP: Processing AV addr=10.1.1.6 *Mar 4 19:31:00.884: As27 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:31:00.888: As27 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 10.1.1.6 *Mar 4 19:31:00.984: As27 AAA/AUTHOR/IPCP: Start. Her address 10.1.1.6, we want 10.1.1.6 *Mar 4 19:31:00.984: As27 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:31:00.984: As27 AAA/AUTHOR/IPCP: Processing AV addr=10.1.1.6 *Mar 4 19:31:00.984: As27 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:31:00.984: As27 AAA/AUTHOR/IPCP: Done. Her address 10.1.1.6, we want 10.1.1.6 *Mar 4 19:31:00.984: As27 AAA/AUTHOR/PER-USER: Event IP_UP *Mar 4 19:31:00.984: As27 AAA/PER-USER: processing author params. access-3#show caller Active Idle Line User Service Time Time tty 27 timeout Async 00:00:23 00:00:04 As27 timeout PPP 00:00:22 00:00:20 access-3#show caller user timeout User: timeout, line tty 27, service Async Active time 00:00:28, Idle time 00:00:08 Timeouts: Absolute Idle Idle Session Exec Limits: - - 00:10:00 Disconnect in: - - - TTY: Line 27, running PPP on As27 Location: MICA V.90 modems Line: Baud rate (TX/RX) is 115200/115200, no parity, 1 stopbits, 8 databits Status: Ready, Active, No Exit Banner, Async Interface Active HW PPP Support Active Capabilities: No Flush-at-Activation, Hardware Flowcontrol In Hardware Flowcontrol Out, Modem Callout, Modem RI is CD Line usable as async interface, ARAP Permitted Integrated Modem Modem State: Ready User: timeout, line As27, service PPP Active time 00:00:27, Idle time 00:00:25 Timeouts: Absolute Idle Limits: 00:01:30 00:01:00 Disconnect in: 00:01:09 00:00:34 PPP: LCP Open, multilink Closed, CHAP (<- AAA), IPCP Dialer: Connected, inbound Idle timer 60 secs, idle 25 secs Type is IN-BAND ASYNC, group Async27 IP: Local 10.1.1.1, remote 10.1.1.6 Counts: 31 packets input, 1642 bytes, 0 no buffer 0 input errors, 0 CRC, 0 frame, 0 overrun 15 packets output, 347 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets access-3#show caller timeouts Session Idle Disconnect Line User Timeout Timeout User in tty 27 timeout - - - As27 timeout 00:01:30 00:01:00 00:00:22 access-3#show caller timeouts Session Idle Disconnect Line User Timeout Timeout User in tty 27 timeout - - - As27 timeout 00:01:30 00:01:00 00:00:07 access-3# *Mar 4 19:31:53.824: Mica Modem(1/2): State Transition to Terminating *Mar 4 19:31:53.884: Mica Modem(1/2): State Transition to Idle *Mar 4 19:31:53.884: Mica Modem(1/2): Went onhook *Mar 4 19:31:53.884: CSM_PROC_IC5_OC6_CONNECTED: CSM_EVENT_MODEM_ONHOOK at slot 1, port 2 *Mar 4 19:31:53.884: VDEV_DEALLOCATE: slot 1 and port 2 is deallocated *Mar 4 19:31:53.888: ISDN Se0:23: Event: Hangup call to call id 0x40 *Mar 4 19:31:53.888: ISDN Se0:23: TX -> DISCONNECT pd = 8 callref = 0x8006 *Mar 4 19:31:53.888: Cause i = 0x8090 - Normal call clearing *Mar 4 19:31:53.940: ISDN Se0:23: RX <- RELEASE pd = 8 callref = 0x06 *Mar 4 19:31:53.952: ISDN Se0:23: TX -> RELEASE_COMP pd = 8 callref = 0x8006 *Mar 4 19:31:55.792: As27 AAA/ACCT: non-ISDN xmit 50000 recv 28800 hwidb 611CEBC0 ttynum 27 *Mar 4 19:31:55.792: AAA/ACCT/NET/STOP User timeout, Port Async27: task_id=12 timezone=PST service=ppp protocol=ip addr=10.1.1.6 disc-cause=4 disc-cause-ext=1021 pre-bytes-in=135 pre-bytes-out=176 pre-paks-in=5 pre-paks-out=6 bytes_in=1480 bytes_out=171 paks_in=25 paks_out=9 pre-session-time=6 elapsed_time=58 nas-rx-speed=28800 nas-tx-speed=50000 *Mar 4 19:31:55.792: As27 AAA/AUTHOR/PER-USER: Event IP_DOWN *Mar 4 19:31:55.792: As27 AAA/AUTHOR/PER-USER: Event LCP_DOWN *Mar 4 19:31:55.792: As27 AAA/AUTHOR: down_event: peruser LCP txt=interface Async27 no timeout absolute *Mar 4 19:31:55.796: As27 AAA/AUTHOR: Parse 'interface Async27' *Mar 4 19:31:55.800: As27 AAA/AUTHOR: Parse returned ok (0) *Mar 4 19:31:55.800: As27 AAA/AUTHOR: Parse 'no timeout absolute' *Mar 4 19:31:55.804: As27 AAA/AUTHOR: Parse returned ok (0) *Mar 4 19:31:55.804: As27 AAA/AUTHOR: free peruser LCP txt=interface Async27 no timeout absolute *Mar 4 19:31:55.804: As27 AAA/AUTHOR: down_event: peruser LCP txt=interface Async27 no dialer idle-timeout *Mar 4 19:31:55.804: As27 AAA/AUTHOR: Parse 'interface Async27' *Mar 4 19:31:55.808: As27 AAA/AUTHOR: Parse returned ok (0) *Mar 4 19:31:55.808: As27 AAA/AUTHOR: Parse 'no dialer idle-timeout' *Mar 4 19:31:55.812: As27 AAA/AUTHOR: Parse returned ok (0) *Mar 4 19:31:55.812: As27 AAA/AUTHOR: free peruser LCP txt=interface Async27 no dialer idle-timeout *Mar 4 19:31:56.016: TAC+: (3633056702): received acct response status = SUCCESS *Mar 4 19:32:00.308: %CALLRECORD-3-MICA_TERSE_CALL_REC: DS0 slot/contr/chan=2/0/18, slot/port=1/2, call_id=40, userid=timeout, ip=10.1.1.6, calling=(n/a), called=4085703932, std=K56Flx, prot=LAP-M, comp=V.42bis both, init-rx/tx b-rate=28800/50000, finl-rx/tx b-rate=28800/50000, rbs=0, d-pad=6 dB, retr=0, sq=3, snr=28, rx/tx chars=1727/995, bad=2, rx/tx ec=31/36, bad=0, time=84, finl-state=Steady, disc(radius)=Idle Timeout/Idle Timeout, disc(modem)=DF03 Tx (host to line) data flushing - OK/Requested by host/DTR dropped
Vous trouverez ci-dessous un appel RNIS multiliaison sans profils virtuels activés. Comme un appel multiliaison crée une interface vaccess, les compteurs peuvent être installés facilement.
*Mar 4 19:41:12.208: ISDN Se0:23: RX <- SETUP pd = 8 callref = 0x08 *Mar 4 19:41:12.212: Bearer Capability i = 0x8890 *Mar 4 19:41:12.212: Channel ID i = 0xA98393 *Mar 4 19:41:12.212: Calling Party Number i = '!', 0x80, '4085551200' *Mar 4 19:41:12.212: Called Party Number i = 0xA1, '4085703930' *Mar 4 19:41:12.212: ISDN Se0:23: TX -> CALL_PROC pd = 8 callref = 0x8008 *Mar 4 19:41:12.212: Channel ID i = 0xA98393 *Mar 4 19:41:12.224: ISDN Se0:23: TX -> CONNECT pd = 8 callref = 0x8008 *Mar 4 19:41:12.224: Channel ID i = 0xA98393 *Mar 4 19:41:12.296: ISDN Se0:23: RX <- CONNECT_ACK pd = 8 callref = 0x08 *Mar 4 19:41:12.536: Se0:18 PPP: Treating connection as a callin *Mar 4 19:41:12.536: Se0:18 AAA/AUTHOR/FSM: (0): LCP succeeds trivially *Mar 4 19:41:14.536: Se0:18 AAA/AUTHOR/FSM: (0): LCP succeeds trivially *Mar 4 19:41:14.552: Se0:18 PPP: Phase is AUTHENTICATING, by this end *Mar 4 19:41:14.552: Se0:18 CHAP: O CHALLENGE id 1 len 26 from "STACK" *Mar 4 19:41:14.584: Se0:18 CHAP: I RESPONSE id 1 len 30 from "timeout" *Mar 4 19:41:14.964: Se0:18 CHAP: I RESPONSE id 1 len 30 from "timeout" *Mar 4 19:41:14.964: AAA: parse NAME=Serial0:18 idb TYPE=12 tty=-1 *Mar 4 19:41:14.964: AAA: NAME=Serial0:18 flags=0x51 TYPE=1 shelf=0 slot=0 adapter=0 port=0 channel=18 *Mar 4 19:41:14.964: AAA: parse NAME= idb TYPE=-1 tty=-1 *Mar 4 19:41:14.964: RADIUS: ustruct sharecount=1 *Mar 4 19:41:14.964: RADIUS: Initial Transmit Serial0:18 id 4 172.16.24.117:1645, Access-Request, len 104 *Mar 4 19:41:14.964: Attribute 4 6 AC101874 *Mar 4 19:41:14.964: Attribute 5 6 00004E32 *Mar 4 19:41:14.964: Attribute 61 6 00000002 *Mar 4 19:41:14.964: Attribute 1 11 74696D65 *Mar 4 19:41:14.964: Attribute 30 12 34303835 *Mar 4 19:41:14.964: Attribute 31 12 34303835 *Mar 4 19:41:14.964: Attribute 3 19 012C4E14 *Mar 4 19:41:14.964: Attribute 6 6 00000002 *Mar 4 19:41:14.964: Attribute 7 6 00000001 *Mar 4 19:41:14.972: RADIUS: Received from id 4 172.16.24.117:1645, Access-Accept, len 50 *Mar 4 19:41:14.972: Attribute 6 6 00000002 *Mar 4 19:41:14.972: Attribute 7 6 00000001 *Mar 4 19:41:14.972: Attribute 8 6 FFFFFFFE *Mar 4 19:41:14.972: Attribute 27 6 0000005A *Mar 4 19:41:14.972: Attribute 28 6 0000003C *Mar 4 19:41:14.976: Se0:18 AAA/AUTHOR/LCP: Authorize LCP *Mar 4 19:41:14.976: AAA/AUTHOR/LCP Se0:18 (4039479425): Port='Serial0:18' list='' service=NET *Mar 4 19:41:14.976: AAA/AUTHOR/LCP: Se0:18 (4039479425) send AV service=ppp *Mar 4 19:41:14.976: AAA/AUTHOR/LCP: Se0:18 (4039479425) send AV protocol=lcp *Mar 4 19:41:14.976: AAA/AUTHOR/LCP (4039479425) found list "default" *Mar 4 19:41:14.976: AAA/AUTHOR/LCP: Se0:18 (4039479425) METHOD=RADIUS *Mar 4 19:41:14.976: AAA/AUTHOR (4039479425): Post authorization status = PASS_REPL *Mar 4 19:41:14.976: Se0:18 AAA/AUTHOR/LCP: Processing AV service=ppp *Mar 4 19:41:14.976: Se0:18 AAA/AUTHOR/LCP: Processing AV timeout=90 *Mar 4 19:41:14.976: Se0:18 AAA/AUTHOR/LCP: Processing AV idletime=60 *Mar 4 19:41:14.976: AAA/AUTHOR/LCP Se0:18: Per-user interface config created: timeout absolute 1 30 ppp timeout idle 60 *Mar 4 19:41:14.976: Se0:18 CHAP: O SUCCESS id 1 len 4 *Mar 4 19:41:14.976: AAA/ACCT/NET/START User timeout, Port Serial0:18, List "" *Mar 4 19:41:14.976: AAA/ACCT/NET: Found list "default" *Mar 4 19:41:14.976: AAA/AUTHOR/MLP Se0:18 (1966034416): Port='Serial0:18' list='' service=NET *Mar 4 19:41:14.976: AAA/AUTHOR/MLP: Se0:18 (1966034416) send AV service=ppp *Mar 4 19:41:14.976: AAA/AUTHOR/MLP: Se0:18 (1966034416) send AV protocol=multilink *Mar 4 19:41:14.976: AAA/AUTHOR/MLP (1966034416) found list "default" *Mar 4 19:41:14.976: AAA/AUTHOR/MLP: Se0:18 (1966034416) METHOD=RADIUS *Mar 4 19:41:14.976: AAA/AUTHOR (1966034416): Post authorization status = PASS_REPL *Mar 4 19:41:14.976: Vi1 VTEMPLATE: Reuse Vi1, recycle queue size 0 *Mar 4 19:41:14.980: Vi1 VTEMPLATE: Hardware address 00e0.1e81.636c *Mar 4 19:41:14.980: Vi1 VTEMPLATE: Has a new cloneblk dialer, now it has dialer *Mar 4 19:41:14.980: Vi1 VTEMPLATE: Has a new cloneblk AAA, now it has dialer/AAA *Mar 4 19:41:14.980: Vi1 VTEMPLATE: ************* CLONE VACCESS1 ***************** *Mar 4 19:41:14.980: Vi1 VTEMPLATE: Clone from AAA interface Virtual-Access1 timeout absolute 1 30 ppp timeout idle 60 end *Mar 4 19:41:14.996: Vi1 PPP: Treating connection as a callin *Mar 4 19:41:14.996: AAA/AUTHOR/MLP Vi1: Processing AV service=ppp *Mar 4 19:41:15.000: Vi1 AAA/AUTHOR/FSM: (0): Can we start IPCP? *Mar 4 19:41:15.000: AAA/AUTHOR/FSM Vi1 (921779905): Port='Serial0:18' list='' service=NET *Mar 4 19:41:15.000: AAA/AUTHOR/FSM: Vi1 (921779905) send AV service=ppp *Mar 4 19:41:15.000: AAA/AUTHOR/FSM: Vi1 (921779905) send AV protocol=ip *Mar 4 19:41:15.000: AAA/AUTHOR/FSM (921779905) found list "default" *Mar 4 19:41:15.000: AAA/AUTHOR/FSM: Vi1 (921779905) METHOD=RADIUS *Mar 4 19:41:15.000: RADIUS: Using NAS default peer *Mar 4 19:41:15.000: RADIUS: Authorize IP address 0.0.0.0 *Mar 4 19:41:15.000: AAA/AUTHOR (921779905): Post authorization status = PASS_REPL *Mar 4 19:41:15.000: Vi1 AAA/AUTHOR/FSM: We can start IPCP *Mar 4 19:41:15.000: Vi1 AAA/AUTHOR/FSM: (0): Can we start CDPCP? *Mar 4 19:41:15.000: AAA/AUTHOR/FSM Vi1 (3065122210): Port='Serial0:18' list='' service=NET *Mar 4 19:41:15.000: AAA/AUTHOR/FSM: Vi1 (3065122210) send AV service=ppp *Mar 4 19:41:15.000: AAA/AUTHOR/FSM: Vi1 (3065122210) send AV protocol=cdp *Mar 4 19:41:15.000: AAA/AUTHOR/FSM (3065122210) found list "default" *Mar 4 19:41:15.000: AAA/AUTHOR/FSM: Vi1 (3065122210) METHOD=RADIUS *Mar 4 19:41:15.000: AAA/AUTHOR (3065122210): Post authorization status = PASS_REPL *Mar 4 19:41:15.000: Vi1 AAA/AUTHOR/FSM: We can start CDPCP access-3#show caller Active Idle Line User Service Time Time Se0:18 timeout PPP 00:00:19 00:00:00 Vi1 timeout PPP Bundle 00:00:19 00:00:20 access-3#show caller user timeout User: timeout, line Se0:18, service PPP Active time 00:00:25, Idle time 00:00:00 Timeouts: Absolute Idle Limits: - - Disconnect in: - - PPP: LCP Open, multilink Open, CHAP (<- AAA) Dialer: Connected to 4085551200, inbound Type is ISDN, group Serial0:23 IP: Local 10.1.1.1 Access list (I/O) is 199/not set Bundle: Member of timeout/timeout, last input 00:00:00 Counts: 13 packets input, 279 bytes, 0 no buffer 11 input errors, 2 CRC, 3 frame, 0 overrun 23 packets output, 431 bytes, 0 underruns 0 output errors, 0 collisions, 40 interface resets User: timeout, line Vi1, service PPP Bundle Active time 00:00:25, Idle time 00:00:26 Timeouts: Absolute Idle Limits: 00:01:30 00:01:00 Disconnect in: 00:01:04 00:00:33 PPP: LCP Open, multilink Open Idle timer 60 secs, idle 26 secs Dialer: Connected to 4085551200, inbound Type is IN-BAND SYNC, group Serial0:23 IP: Local 10.1.1.1 Access list (I/O) is 199/not set Bundle: First link of timeout/timeout, 1 link, last input 00:00:27 Counts: 0 packets input, 0 bytes, 0 no buffer 0 input errors, 0 CRC, 0 frame, 0 overrun 13 packets output, 236 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets access-3#show caller timeout Session Idle Disconnect Line User Timeout Timeout User in Se0:18 timeout - - - Vi1 timeout 00:01:30 00:01:00 00:00:30 access-3# *Mar 4 19:42:14.996: Vi1 PPP: Idle timeout, dropping connection *Mar 4 19:42:14.996: Vi1 VTEMPLATE: Free vaccess *Mar 4 19:42:14.996: Se0:18 AAA/AUTHOR/PER-USER: Event LCP_DOWN *Mar 4 19:42:15.000: Vi1 AAA/AUTHOR/PER-USER: Event LCP_DOWN *Mar 4 19:42:15.004: Se0:18 AAA/ACCT: ISDN xmit 64000 recv 64000 hwidb 612048BC *Mar 4 19:42:15.004: AAA/ACCT/NET/STOP User timeout, Port Serial0:18: task_id=13 timezone=PST service=ppp mlp-links-max=1 mlp-links-current=1 mlp-sess-id=0 disc-cause=18 disc-cause-ext=1046 pre-bytes-in=125 pre-bytes-out=99 pre-paks-in=4 pre-paks-out=4 bytes_in=228 bytes_out=436 paks_in=15 paks_out=26 pre-session-time=3 elapsed_time=60 nas-rx-speed=64000 nas-tx-speed=64000 *Mar 4 19:42:15.008: ISDN Se0:23: TX -> DISCONNECT pd = 8 callref = 0x8008 *Mar 4 19:42:15.008: Cause i = 0x8090 - Normal call clearing *Mar 4 19:42:15.060: ISDN Se0:23: RX <- RELEASE pd = 8 callref = 0x08 *Mar 4 19:42:15.072: ISDN Se0:23: TX -> RELEASE_COMP pd = 8 callref = 0x8008 *Mar 4 19:42:15.212: TAC+: (2571416724): received acct response status = SUCCESS *Mar 4 19:42:15.500: VTEMPLATE: Clean up dirty vaccess queue, size 1 *Mar 4 19:42:15.500: Vi1 VTEMPLATE: Found a dirty vaccess clone with dialer/AAA *Mar 4 19:42:15.500: Vi1 VTEMPLATE: ************ UNCLONE VACCESS1 ************** *Mar 4 19:42:15.500: Vi1 VTEMPLATE: Unclone to-be-freed command#2 interface Virtual-Access1 default ppp timeout idle 60 default timeout absolute 1 30 end *Mar 4 19:42:15.516: Vi1 VTEMPLATE: Set default settings with no ip address *Mar 4 19:42:15.536: Vi1 VTEMPLATE: Remove cloneblk AAA with dialer/AAA *Mar 4 19:42:15.536: Vi1 VTEMPLATE: Remove cloneblk dialer with dialer/AAA *Mar 4 19:42:15.536: Vi1 VTEMPLATE: Add vaccess to recycle queue, queue SIZE=1
Vous trouverez ci-dessous un appel RNIS à un seul canal non multiliaison sans profils virtuels activés. Dans cet exemple, nous exécutons Cisco IOS 11.3(8.2)AA afin que ces compteurs puissent être installés correctement. Cependant, notez qu'aucune commande de configuration n'a été créée pour provoquer ceci ; les temporisateurs ont été définis en interne dans le code.
*Mar 4 19:43:00.404: ISDN Se0:23: RX <- SETUP pd = 8 callref = 0x0E *Mar 4 19:43:00.404: Bearer Capability i = 0x8890 *Mar 4 19:43:00.404: Channel ID i = 0xA98393 *Mar 4 19:43:00.404: Calling Party Number i = '!', 0x80, '4085551200' *Mar 4 19:43:00.404: Called Party Number i = 0xA1, '4085703930' *Mar 4 19:43:00.404: ISDN Se0:23: TX -> CALL_PROC pd = 8 callref = 0x800E *Mar 4 19:43:00.408: Channel ID i = 0xA98393 *Mar 4 19:43:00.416: ISDN Se0:23: TX -> CONNECT pd = 8 callref = 0x800E *Mar 4 19:43:00.416: Channel ID i = 0xA98393 *Mar 4 19:43:00.488: ISDN Se0:23: RX <- CONNECT_ACK pd = 8 callref = 0x0E *Mar 4 19:43:00.720: Se0:18 PPP: Treating connection as a callin *Mar 4 19:43:00.720: Se0:18 AAA/AUTHOR/FSM: (0): LCP succeeds trivially *Mar 4 19:43:02.744: Se0:18 PPP: Phase is AUTHENTICATING, by this end *Mar 4 19:43:02.744: Se0:18 CHAP: O CHALLENGE id 2 len 26 from "STACK" *Mar 4 19:43:02.776: Se0:18 CHAP: I RESPONSE id 2 len 30 from "timeout" *Mar 4 19:43:02.776: AAA: parse NAME=Serial0:18 idb TYPE=12 tty=-1 *Mar 4 19:43:02.776: AAA: NAME=Serial0:18 flags=0x51 TYPE=1 shelf=0 slot=0 adapter=0 port=0 channel=18 *Mar 4 19:43:02.776: AAA: parse NAME= idb TYPE=-1 tty=-1 *Mar 4 19:43:02.780: RADIUS: ustruct sharecount=1 *Mar 4 19:43:02.780: RADIUS: Initial Transmit Serial0:18 id 5 172.16.24.117:1645, Access-Request, len 104 *Mar 4 19:43:02.780: Attribute 4 6 AC101874 *Mar 4 19:43:02.780: Attribute 5 6 00004E32 *Mar 4 19:43:02.780: Attribute 61 6 00000002 *Mar 4 19:43:02.780: Attribute 1 11 74696D65 *Mar 4 19:43:02.780: Attribute 30 12 34303835 *Mar 4 19:43:02.780: Attribute 31 12 34303835 *Mar 4 19:43:02.780: Attribute 3 19 02AE5572 *Mar 4 19:43:02.780: Attribute 6 6 00000002 *Mar 4 19:43:02.780: Attribute 7 6 00000001 *Mar 4 19:43:02.784: RADIUS: Received from id 5 172.16.24.117:1645, Access-Accept, len 50 *Mar 4 19:43:02.784: Attribute 6 6 00000002 *Mar 4 19:43:02.784: Attribute 7 6 00000001 *Mar 4 19:43:02.784: Attribute 8 6 FFFFFFFE *Mar 4 19:43:02.784: Attribute 27 6 0000005A *Mar 4 19:43:02.784: Attribute 28 6 0000003C *Mar 4 19:43:02.788: Se0:18 AAA/AUTHOR/LCP: Authorize LCP *Mar 4 19:43:02.788: AAA/AUTHOR/LCP Se0:18 (900316608): Port='Serial0:18' list='' service=NET *Mar 4 19:43:02.788: AAA/AUTHOR/LCP: Se0:18 (900316608) send AV service=ppp *Mar 4 19:43:02.788: AAA/AUTHOR/LCP: Se0:18 (900316608) send AV protocol=lcp *Mar 4 19:43:02.788: AAA/AUTHOR/LCP (900316608) found list "default" *Mar 4 19:43:02.788: AAA/AUTHOR/LCP: Se0:18 (900316608) METHOD=RADIUS *Mar 4 19:43:02.788: AAA/AUTHOR (900316608): Post authorization status = PASS_REPL *Mar 4 19:43:02.788: Se0:18 AAA/AUTHOR/LCP: Processing AV service=ppp *Mar 4 19:43:02.788: Se0:18 AAA/AUTHOR/LCP: Processing AV timeout=90 *Mar 4 19:43:02.788: Se0:18 AAA/AUTHOR/LCP: Processing AV idletime=60 *Mar 4 19:43:02.788: Se0:18 CHAP: O SUCCESS id 2 len 4 *Mar 4 19:43:02.788: AAA/ACCT/NET/START User timeout, Port Serial0:18, List "" *Mar 4 19:43:02.788: AAA/ACCT/NET: Found list "default" *Mar 4 19:43:02.788: Se0:18 AAA/AUTHOR/FSM: (0): Can we start IPCP? *Mar 4 19:43:02.788: AAA/AUTHOR/FSM Se0:18 (3608739008): Port='Serial0:18' list='' service=NET *Mar 4 19:43:02.788: AAA/AUTHOR/FSM: Se0:18 (3608739008) send AV service=ppp *Mar 4 19:43:02.788: AAA/AUTHOR/FSM: Se0:18 (3608739008) send AV protocol=ip *Mar 4 19:43:02.788: AAA/AUTHOR/FSM (3608739008) found list "default" *Mar 4 19:43:02.788: AAA/AUTHOR/FSM: Se0:18 (3608739008) METHOD=RADIUS *Mar 4 19:43:02.788: RADIUS: Using NAS default peer *Mar 4 19:43:02.788: RADIUS: Authorize IP address 0.0.0.0 *Mar 4 19:43:02.788: AAA/AUTHOR (3608739008): Post authorization status = PASS_REPL *Mar 4 19:43:02.788: Se0:18 AAA/AUTHOR/FSM: We can start IPCP *Mar 4 19:43:02.788: Se0:18 AAA/AUTHOR/FSM: (0): Can we start CDPCP? *Mar 4 19:43:02.792: AAA/AUTHOR/FSM Se0:18 (3955392150): Port='Serial0:18' list='' service=NET *Mar 4 19:43:02.792: AAA/AUTHOR/FSM: Se0:18 (3955392150) send AV service=ppp *Mar 4 19:43:02.792: AAA/AUTHOR/FSM: Se0:18 (3955392150) send AV protocol=cdp *Mar 4 19:43:02.792: AAA/AUTHOR/FSM (3955392150) found list "default" *Mar 4 19:43:02.792: AAA/AUTHOR/FSM: Se0:18 (3955392150) METHOD=RADIUS *Mar 4 19:43:02.792: AAA/AUTHOR (3955392150): Post authorization status = PASS_REPL *Mar 4 19:43:02.792: Se0:18 AAA/AUTHOR/FSM: We can start CDPCP *Mar 4 19:43:02.804: Se0:18 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 0.0.0.0 *Mar 4 19:43:02.804: Se0:18 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:43:02.804: Se0:18 AAA/AUTHOR/IPCP: Processing AV addr=0.0.0.0 *Mar 4 19:43:02.804: Se0:18 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:43:02.804: Se0:18 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 0.0.0.0 *Mar 4 19:43:02.808: Se0:18 AAA/AUTHOR/FSM: Check for unauthorized mandatory AV's *Mar 4 19:43:02.808: Se0:18 AAA/AUTHOR/FSM: Processing AV service=ppp *Mar 4 19:43:02.808: Se0:18 AAA/AUTHOR/FSM: Succeeded *Mar 4 19:43:02.816: Se0:18 AAA/AUTHOR/IPCP: Start. Her address 10.1.1.3, we want 10.1.1.3 *Mar 4 19:43:02.816: AAA/AUTHOR/IPCP Se0:18 (2267743837): Port='Serial0:18' list='' service=NET *Mar 4 19:43:02.816: AAA/AUTHOR/IPCP: Se0:18 (2267743837) send AV service=ppp *Mar 4 19:43:02.816: AAA/AUTHOR/IPCP: Se0:18 (2267743837) send AV protocol=ip *Mar 4 19:43:02.816: AAA/AUTHOR/IPCP: Se0:18 (2267743837) send AV addr*10.1.1.3 *Mar 4 19:43:02.816: AAA/AUTHOR/IPCP (2267743837) found list "default" *Mar 4 19:43:02.816: AAA/AUTHOR/IPCP: Se0:18 (2267743837) METHOD=RADIUS *Mar 4 19:43:02.816: RADIUS: Using NAS default peer *Mar 4 19:43:02.816: RADIUS: Authorize IP address 10.1.1.3 *Mar 4 19:43:02.816: AAA/AUTHOR (2267743837): Post authorization status = PASS_REPL *Mar 4 19:43:02.816: Se0:18 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:43:02.820: Se0:18 AAA/AUTHOR/IPCP: Processing AV addr=10.1.1.3 *Mar 4 19:43:02.820: Se0:18 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:43:02.820: Se0:18 AAA/AUTHOR/IPCP: Done. Her address 10.1.1.3, we want 10.1.1.3 *Mar 4 19:43:02.824: Se0:18 AAA/AUTHOR/PER-USER: Event IP_UP *Mar 4 19:43:02.824: Se0:18 AAA/PER-USER: processing author params. access-3#show caller Active Idle Line User Service Time Time Se0:18 timeout PPP 00:00:19 00:00:19 access-3#show caller timeout Session Idle Disconnect Line User Timeout Timeout User in Se0:18 timeout 00:01:30 00:01:00 00:00:37 access-3#ping 10.1.1.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36 ms access-3#show caller timeout Session Idle Disconnect Line User Timeout Timeout User in Se0:18 timeout 00:01:30 00:01:00 00:00:57 access-3#show caller user timeout User: timeout, line Se0:18, service PPP Active time 00:00:38, Idle time 00:00:10 Timeouts: Absolute Idle Limits: 00:01:30 00:01:00 Disconnect in: 00:00:51 00:00:49 PPP: LCP Open, multilink Closed, CHAP (<- AAA), IPCP, CDPCP Dialer: Connected to 4085551200, inbound Idle timer 60 secs, idle 10 secs Type is ISDN, group Serial0:23 IP: Local 10.1.1.1, remote 10.1.1.3 Access list (I/O) is 199/not set Counts: 51 packets input, 2104 bytes, 0 no buffer 11 input errors, 2 CRC, 3 frame, 0 overrun 58 packets output, 2233 bytes, 0 underruns 0 output errors, 0 collisions, 45 interface resets access-3#show caller user timeout User: timeout, line Se0:18, service PPP Active time 00:00:45, Idle time 00:00:17 Timeouts: Absolute Idle Limits: 00:01:30 00:01:00 Disconnect in: 00:00:44 00:00:42 PPP: LCP Open, multilink Closed, CHAP (<- AAA), IPCP, CDPCP Dialer: Connected to 4085551200, inbound Idle timer 60 secs, idle 17 secs Type is ISDN, group Serial0:23 IP: Local 10.1.1.1, remote 10.1.1.3 Access list (I/O) is 199/not set Counts: 52 packets input, 2120 bytes, 0 no buffer 11 input errors, 2 CRC, 3 frame, 0 overrun 59 packets output, 2249 bytes, 0 underruns 0 output errors, 0 collisions, 45 interface resets access-3#ping 10.1.1.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/34/40 ms access-3#show caller user timeout User: timeout, line Se0:18, service PPP Active time 00:01:02, Idle time 00:00:04 Timeouts: Absolute Idle Limits: 00:01:30 00:01:00 Disconnect in: 00:00:27 00:00:55 PPP: LCP Open, multilink Closed, CHAP (<- AAA), IPCP, CDPCP Dialer: Connected to 4085551200, inbound Idle timer 60 secs, idle 4 secs Type is ISDN, group Serial0:23 IP: Local 10.1.1.1, remote 10.1.1.3 Access list (I/O) is 199/not set Counts: 60 packets input, 2688 bytes, 0 no buffer 11 input errors, 2 CRC, 3 frame, 0 overrun 67 packets output, 2817 bytes, 0 underruns 0 output errors, 0 collisions, 45 interface resets access-3#show caller timeout Session Idle Disconnect Line User Timeout Timeout User in Se0:18 timeout 00:01:30 00:01:00 00:00:21 access-3#show caller timeout Session Idle Disconnect Line User Timeout Timeout User in Se0:18 timeout 00:01:30 00:01:00 00:00:07 access-3# *Mar 4 19:44:33.788: ISDN Se0:23: TX -> DISCONNECT pd = 8 callref = 0x800E *Mar 4 19:44:33.788: Cause i = 0x8090 - Normal call clearing *Mar 4 19:44:33.840: ISDN Se0:23: RX <- RELEASE pd = 8 callref = 0x0E *Mar 4 19:44:33.852: Se0:18 AAA/ACCT: ISDN xmit 64000 recv 64000 hwidb 612048BC *Mar 4 19:44:33.852: AAA/ACCT/NET/STOP User timeout, Port Serial0:18: task_id=14 timezone=PST service=ppp protocol=ip addr=10.1.1.3 disc-cause=5 disc-cause-ext=1100 pre-bytes-in=101 pre-bytes-out=102 pre-paks-in=5 pre-paks-out=5 bytes_in=2258 bytes_out=2276 paks_in=38 paks_out=38 pre-session-time=2 elapsed_time=91 nas-rx-speed=64000 nas-tx-speed=64000 *Mar 4 19:44:33.852: ISDN Se0:23: TX -> RELEASE_COMP pd = 8 callref = 0x800E *Mar 4 19:44:33.856: Se0:18 AAA/AUTHOR/PER-USER: Event IP_DOWN *Mar 4 19:44:33.856: Se0:18 AAA/AUTHOR/PER-USER: Event LCP_DOWN *Mar 4 19:44:34.060: TAC+: (3492368360): received acct response status = SUCCESS
Ci-dessous se trouve le même utilisateur RNIS non multiliaison à un seul canal, mais cette fois avec des profils virtuels activés. Notez que l'interface vaccess est créée même si multilink n'est pas négocié et que nous créons les commandes de configuration pour installer les compteurs.
*Mar 4 19:45:00.480: ISDN Se0:23: RX <- SETUP pd = 8 callref = 0x0C *Mar 4 19:45:00.480: Bearer Capability i = 0x8890 *Mar 4 19:45:00.480: Channel ID i = 0xA98393 *Mar 4 19:45:00.480: Calling Party Number i = '!', 0x80, '4085551200' *Mar 4 19:45:00.480: Called Party Number i = 0xA1, '4085703930' *Mar 4 19:45:00.480: ISDN Se0:23: TX -> CALL_PROC pd = 8 callref = 0x800C *Mar 4 19:45:00.480: Channel ID i = 0xA98393 *Mar 4 19:45:00.492: ISDN Se0:23: TX -> CONNECT pd = 8 callref = 0x800C *Mar 4 19:45:00.492: Channel ID i = 0xA98393 *Mar 4 19:45:00.564: ISDN Se0:23: RX <- CONNECT_ACK pd = 8 callref = 0x0C *Mar 4 19:45:00.804: Se0:18 PPP: Treating connection as a callin *Mar 4 19:45:00.804: Se0:18 AAA/AUTHOR/FSM: (0): LCP succeeds trivially *Mar 4 19:45:02.804: Se0:18 AAA/AUTHOR/FSM: (0): LCP succeeds trivially *Mar 4 19:45:02.828: Se0:18 PPP: Phase is AUTHENTICATING, by this end *Mar 4 19:45:02.828: Se0:18 CHAP: O CHALLENGE id 3 len 26 from "STACK" *Mar 4 19:45:02.860: Se0:18 CHAP: I RESPONSE id 3 len 30 from "timeout" *Mar 4 19:45:02.860: AAA: parse NAME=Serial0:18 idb TYPE=12 tty=-1 *Mar 4 19:45:02.860: AAA: NAME=Serial0:18 flags=0x51 TYPE=1 shelf=0 slot=0 adapter=0 port=0 channel=18 *Mar 4 19:45:02.860: AAA: parse NAME= idb TYPE=-1 tty=-1 *Mar 4 19:45:02.860: RADIUS: ustruct sharecount=1 *Mar 4 19:45:02.860: RADIUS: Initial Transmit Serial0:18 id 6 172.16.24.117:1645, Access-Request, len 104 *Mar 4 19:45:02.860: Attribute 4 6 AC101874 *Mar 4 19:45:02.860: Attribute 5 6 00004E32 *Mar 4 19:45:02.860: Attribute 61 6 00000002 *Mar 4 19:45:02.864: Attribute 1 11 74696D65 *Mar 4 19:45:02.864: Attribute 30 12 34303835 *Mar 4 19:45:02.864: Attribute 31 12 34303835 *Mar 4 19:45:02.864: Attribute 3 19 03D4E134 *Mar 4 19:45:02.864: Attribute 6 6 00000002 *Mar 4 19:45:02.864: Attribute 7 6 00000001 *Mar 4 19:45:02.868: RADIUS: Received from id 6 172.16.24.117:1645, Access-Accept, len 50 *Mar 4 19:45:02.868: Attribute 6 6 00000002 *Mar 4 19:45:02.868: Attribute 7 6 00000001 *Mar 4 19:45:02.868: Attribute 8 6 FFFFFFFE *Mar 4 19:45:02.868: Attribute 27 6 0000005A *Mar 4 19:45:02.868: Attribute 28 6 0000003C *Mar 4 19:45:02.868: Se0:18 AAA/AUTHOR/LCP: Authorize LCP *Mar 4 19:45:02.868: AAA/AUTHOR/LCP Se0:18 (2825271150): Port='Serial0:18' list='' service=NET *Mar 4 19:45:02.868: AAA/AUTHOR/LCP: Se0:18 (2825271150) send AV service=ppp *Mar 4 19:45:02.868: AAA/AUTHOR/LCP: Se0:18 (2825271150) send AV protocol=lcp *Mar 4 19:45:02.868: AAA/AUTHOR/LCP (2825271150) found list "default" *Mar 4 19:45:02.868: AAA/AUTHOR/LCP: Se0:18 (2825271150) METHOD=RADIUS *Mar 4 19:45:02.872: AAA/AUTHOR (2825271150): Post authorization status = PASS_REPL *Mar 4 19:45:02.872: Se0:18 AAA/AUTHOR/LCP: Processing AV service=ppp *Mar 4 19:45:02.872: Se0:18 AAA/AUTHOR/LCP: Processing AV timeout=90 *Mar 4 19:45:02.872: Se0:18 AAA/AUTHOR/LCP: Processing AV idletime=60 *Mar 4 19:45:02.872: AAA/AUTHOR/LCP Se0:18: Per-user interface config created: timeout absolute 1 30 ppp timeout idle 60 *Mar 4 19:45:02.872: Se0:18 CHAP: O SUCCESS id 3 len 4 *Mar 4 19:45:02.872: AAA/ACCT/NET/START User timeout, Port Serial0:18, List "" *Mar 4 19:45:02.872: AAA/ACCT/NET: Found list "default" *Mar 4 19:45:02.872: Vi1 VTEMPLATE: Reuse Vi1, recycle queue size 0 *Mar 4 19:45:02.872: Vi1 VTEMPLATE: Hardware address 00e0.1e81.636c *Mar 4 19:45:02.872: Vi1 VTEMPLATE: Has a new cloneblk vtemplate, now it has vtemplate *Mar 4 19:45:02.872: Vi1 VTEMPLATE: ************* CLONE VACCESS1 ***************** *Mar 4 19:45:02.872: Vi1 VTEMPLATE: Clone from Virtual-Template1 interface Virtual-Access1 default ip address no ip address encap ppp ip unnumbered Loopback0 ip access-group 199 in ip helper-address 172.16.24.118 no ip directed-broadcast ip accounting output-packets ip nat inside no keepalive peer default ip address pool default compress mppc ppp callback accept ppp authentication chap pap ms-chap ppp multilink multilink max-links 2 end enabling payload compression on this interface. *Mar 4 19:45:02.952: Vi1 VTEMPLATE: Has a new cloneblk AAA, now it has vtemplate/AAA *Mar 4 19:45:02.952: Vi1 VTEMPLATE: ************* CLONE VACCESS1 ***************** *Mar 4 19:45:02.952: Vi1 VTEMPLATE: Clone from AAA interface Virtual-Access1 timeout absolute 1 30 ppp timeout idle 60 end *Mar 4 19:45:02.976: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up *Mar 4 19:45:02.976: Vi1 PPP: Treating connection as a dedicated line *Mar 4 19:45:02.976: Vi1 AAA/AUTHOR/FSM: (0): LCP succeeds trivially *Mar 4 19:45:02.980: Vi1 AAA/AUTHOR/FSM: (0): Can we start IPCP? *Mar 4 19:45:02.980: AAA/AUTHOR/FSM Vi1 (2657898442): Port='Serial0:18' list='' service=NET *Mar 4 19:45:02.980: AAA/AUTHOR/FSM: Vi1 (2657898442) send AV service=ppp *Mar 4 19:45:02.980: AAA/AUTHOR/FSM: Vi1 (2657898442) send AV protocol=ip *Mar 4 19:45:02.980: AAA/AUTHOR/FSM (2657898442) found list "default" *Mar 4 19:45:02.980: AAA/AUTHOR/FSM: Vi1 (2657898442) METHOD=RADIUS *Mar 4 19:45:02.980: RADIUS: Using NAS default peer *Mar 4 19:45:02.980: RADIUS: Authorize IP address 0.0.0.0 *Mar 4 19:45:02.980: AAA/AUTHOR (2657898442): Post authorization status = PASS_REPL *Mar 4 19:45:02.980: Vi1 AAA/AUTHOR/FSM: We can start IPCP *Mar 4 19:45:02.980: Vi1 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 0.0.0.0 *Mar 4 19:45:02.980: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:45:02.980: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=0.0.0.0 *Mar 4 19:45:02.980: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:45:02.980: Vi1 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 0.0.0.0 *Mar 4 19:45:02.996: Vi1 AAA/AUTHOR/IPCP: Start. Her address 10.1.1.3, we want 10.1.1.3 *Mar 4 19:45:02.996: AAA/AUTHOR/IPCP Vi1 (1804338759): Port='Serial0:18' list='' service=NET *Mar 4 19:45:02.996: AAA/AUTHOR/IPCP: Vi1 (1804338759) send AV service=ppp *Mar 4 19:45:02.996: AAA/AUTHOR/IPCP: Vi1 (1804338759) send AV protocol=ip *Mar 4 19:45:02.996: AAA/AUTHOR/IPCP: Vi1 (1804338759) send AV addr*10.1.1.3 *Mar 4 19:45:02.996: AAA/AUTHOR/IPCP (1804338759) found list "default" *Mar 4 19:45:02.996: AAA/AUTHOR/IPCP: Vi1 (1804338759) METHOD=RADIUS *Mar 4 19:45:02.996: RADIUS: Using NAS default peer *Mar 4 19:45:02.996: RADIUS: Authorize IP address 10.1.1.3 *Mar 4 19:45:02.996: AAA/AUTHOR (1804338759): Post authorization status = PASS_REPL *Mar 4 19:45:02.996: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp *Mar 4 19:45:02.996: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=10.1.1.3 *Mar 4 19:45:02.996: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded *Mar 4 19:45:02.996: Vi1 AAA/AUTHOR/IPCP: Done. Her address 10.1.1.3, we want 10.1.1.3 *Mar 4 19:45:03.004: Vi1 AAA/AUTHOR/PER-USER: Event IP_UP *Mar 4 19:45:03.004: Vi1 AAA/PER-USER: processing author params. *Mar 4 19:45:03.996: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up access-3#show caller Active Idle Line User Service Time Time Se0:18 timeout PPP 00:00:11 00:00:10 Vi1 timeout PPP VDP 00:00:11 00:00:10 access-3#show caller timeout User: timeout, line Se0:18, service PPP Active time 00:00:15, Idle time 00:00:15 Timeouts: Absolute Idle Limits: - - Disconnect in: - - PPP: LCP Open, multilink Closed, CHAP (<- AAA) Dialer: Connected to 4085551200, inbound Idle timer 60 secs, idle 15 secs Type is ISDN, group Serial0:23 IP: Local 10.1.1.1 Access list (I/O) is 199/not set Counts: 81 packets input, 3291 bytes, 0 no buffer 11 input errors, 2 CRC, 3 frame, 0 overrun 87 packets output, 3419 bytes, 0 underruns 0 output errors, 0 collisions, 47 interface resets User: timeout, line Vi1, service PPP VDP Active time 00:00:15, Idle time 00:00:15 Timeouts: Absolute Idle Limits: 00:01:30 00:01:00 Disconnect in: 00:01:13 00:00:44 PPP: LCP Open, multilink Closed, CHAP (<- none), IPCP Idle timer 60 secs, idle 15 secs IP: Local 10.1.1.1, remote 10.1.1.3 Access list (I/O) is 199/not set Counts: 7 packets input, 370 bytes, 0 no buffer 0 input errors, 0 CRC, 0 frame, 0 overrun 19 packets output, 404 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets access-3#show caller timeouts Session Idle Disconnect Line User Timeout Timeout User in Se0:18 timeout - - - Vi1 timeout 00:01:30 00:01:00 00:00:40 access-3#ping 10.1.1.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36 ms access-3#show caller timeouts Session Idle Disconnect Line User Timeout Timeout User in Se0:18 timeout - - - Vi1 timeout 00:01:30 00:01:00 00:00:58 access-3#show caller user timeout User: timeout, line Se0:18, service PPP Active time 00:00:34, Idle time 00:00:09 Timeouts: Absolute Idle Limits: - - Disconnect in: - - PPP: LCP Open, multilink Closed, CHAP (<- AAA) Dialer: Connected to 4085551200, inbound Idle timer 60 secs, idle 9 secs Type is ISDN, group Serial0:23 IP: Local 10.1.1.1 Access list (I/O) is 199/not set Counts: 88 packets input, 3843 bytes, 0 no buffer 11 input errors, 2 CRC, 3 frame, 0 overrun 94 packets output, 3971 bytes, 0 underruns 0 output errors, 0 collisions, 47 interface resets User: timeout, line Vi1, service PPP VDP Active time 00:00:34, Idle time 00:00:09 Timeouts: Absolute Idle Limits: 00:01:30 00:01:00 Disconnect in: 00:00:54 00:00:50 PPP: LCP Open, multilink Closed, CHAP (<- none), IPCP Idle timer 60 secs, idle 9 secs IP: Local 10.1.1.1, remote 10.1.1.3 Access list (I/O) is 199/not set Counts: 14 packets input, 922 bytes, 0 no buffer 0 input errors, 0 CRC, 0 frame, 0 overrun 33 packets output, 956 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets access-3#show caller timeout Session Idle Disconnect Line User Timeout Timeout User in Se0:18 timeout - - - Vi1 timeout 00:01:30 00:01:00 00:00:42 access-3#show caller timeouts Session Idle Disconnect Line User Timeout Timeout User in Se0:18 timeout - - - Vi1 timeout 00:01:30 00:01:00 00:00:22 access-3#show caller Active Idle Line User Service Time Time Se0:18 timeout PPP 00:01:22 00:00:57 Vi1 timeout PPP VDP 00:01:22 00:00:57 access-3# *Mar 4 19:46:28.996: Vi1 PPP: Idle timeout, dropping connection *Mar 4 19:46:28.996: Se0:18 AAA/ACCT: ISDN xmit 64000 recv 64000 hwidb 612048BC *Mar 4 19:46:28.996: AAA/ACCT/NET/STOP User timeout, Port Serial0:18: task_id=15 timezone=PST service=ppp protocol=ip addr=10.1.1.3 disc-cause=4 disc-cause-ext=1021 pre-bytes-in=101 pre-bytes-out=102 pre-paks-in=5 pre-paks-out=5 bytes_in=1024 bytes_out=1036 paks_in=21 paks_out=21 pre-session-time=2 elapsed_time=86 nas-rx-speed=64000 nas-tx-speed=64000 *Mar 4 19:46:29.000: ISDN Se0:23: TX -> DISCONNECT pd = 8 callref = 0x800C *Mar 4 19:46:29.000: Cause i = 0x8090 - Normal call clearing *Mar 4 19:46:29.000: Vi1 AAA/AUTHOR/PER-USER: Event IP_DOWN *Mar 4 19:46:29.000: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down *Mar 4 19:46:29.004: Vi1 VTEMPLATE: Free vaccess *Mar 4 19:46:29.004: Vi1 AAA/AUTHOR/PER-USER: Event LCP_DOWN *Mar 4 19:46:29.052: ISDN Se0:23: RX <- RELEASE pd = 8 callref = 0x0C *Mar 4 19:46:29.064: ISDN Se0:23: TX -> RELEASE_COMP pd = 8 callref = 0x800C *Mar 4 19:46:29.064: Se0:18 AAA/AUTHOR/PER-USER: Event LCP_DOWN *Mar 4 19:46:29.208: TAC+: (3109010012): received acct response status = SUCCESS *Mar 4 19:46:29.580: VTEMPLATE: Clean up dirty vaccess queue, size 1 *Mar 4 19:46:29.580: Vi1 VTEMPLATE: Found a dirty vaccess clone with vtemplate/AAA *Mar 4 19:46:29.580: Vi1 VTEMPLATE: ************ UNCLONE VACCESS1 ************** *Mar 4 19:46:29.580: Vi1 VTEMPLATE: Unclone to-be-freed command#2 interface Virtual-Access1 default ppp timeout idle 60 default timeout absolute 1 30 end *Mar 4 19:46:29.596: Vi1 VTEMPLATE: Set default settings with no ip address *Mar 4 19:46:29.616: Vi1 VTEMPLATE: Remove cloneblk AAA with vtemplate/AAA *Mar 4 19:46:29.616: Vi1 VTEMPLATE: ************ UNCLONE VACCESS1 ************** *Mar 4 19:46:29.616: Vi1 VTEMPLATE: Unclone to-be-freed command#15 interface Virtual-Access1 default multilink max-links 2 default ppp multilink default ppp authentication chap pap ms-chap default ppp callback accept default compress mppc default peer default ip address pool default default keepalive default ip nat inside default ip accounting output-packets default ip directed-broadcast default ip helper-address 172.16.24.118 default ip access-group 199 in default ip unnumbered Loopback0 default encap ppp default ip address end *Mar 4 19:46:29.704: Vi1 VTEMPLATE: Set default settings with no ip address *Mar 4 19:46:29.720: Vi1 VTEMPLATE: Remove cloneblk vtemplate with vtemplate/AAA *Mar 4 19:46:29.720: Vi1 VTEMPLATE: Add vaccess to recycle queue, queue SIZE=1 *Mar 4 19:46:30.000: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to down
Révision | Date de publication | Commentaires |
---|---|---|
1.0 |
04-Feb-2010 |
Première publication |