この文書では、ルータとサーバを設定して、RADIUS による Point-to-Point Protocol(PPP; ポイントツーポイント プロトコル)コールバックを行う例について説明します。
ドキュメント表記の詳細は、『シスコ テクニカル ティップスの表記法』を参照してください。
この設定の動作のために。
ローカル認証とコールバックで初期テストを行います(つまり、aaa new-model コマンドを削除することを意味します)。コールバックがローカル認証で動作しない場合は、RADIUS を使用しても動作しません。ローカル認証の使用については、この例を参照してください。
コールバックを行わずに、RADIUS を使用した詳細な PPP 認証テストを行います。コールバックなしでの認証または許可、およびその両方に失敗した場合は、コールバックありでの認証および許可も動作しません。
RADIUS を使用したコールバックと PPP 認証のためのローカル認証が動作したら、ルータ上のローカル ユーザの情報(コールバック用のダイヤル ストリングなど)を、サーバ上のそのユーザのプロファイルに追加します。
注:これらのテストでのクライアントはNT 4.0サーバのDUNで、PPP接続では通常どおりに設定されていますが、Microsoftコールバックを許可するためにServerの下でEnable PPP/LCP extensionsにチェックマークが入っています。Microsoftコールバックは、Cisco IOS®ソフトウェアリリース11.3.2.T以降でサポートされています。コールバック用にMicrosoft Windows PCを設定する方法の詳細については、MicrosoftのWebサイトを参照してください。
この設定は、次のソフトウェアのバージョンで開発およびテストしたものです。
Cisco IOS ソフトウェア リリース 11.3.2.T 以降
CiscoSecure ACS UNIX 2.xまたはCiscoSecure ACS for Windows 2.x以降
このセクションでは、このドキュメントで説明する機能を設定するために必要な情報を提供しています。
注:この文書で使用されているコマンドの詳細を調べるには、「Command Lookup ツール」を使用してください(登録ユーザのみ)。
このドキュメントでは次の図に示すネットワーク構成を使用しています。
ユーザは、パスワードと確認用パスワードを取得します。
Group Settingsで、attribute 006 Service-Type = Framed attribute 007 Framed-Protocol = PPPと指定します。
画面の最後のボックスであるCisco RADIUS Attributesで、[009\001 - AV-Pair]を確認し、その下にlcp:callback-dialstring=20367と入力します。
rtp-berry# ./ViewProfile -p 9900 -u callback User Profile Information user = callback{ profile_id = 34 profile_cycle = 1 radius=Cisco { check_items= { 2="callback" } reply_attributes= { 6=2 7=1 9,1="lcp:callback-dialstring=20367" } } }
callback2 Password = "callback2" User-Service-Type = Framed-User, Framed-Protocol = PPP, cisco-avpair = "lcp:callback-dialstring=20367"
ルータの設定 |
---|
rtpkrb#show run Building configuration... Current configuration: ! version 11.3 service timestamps debug uptime service timestamps log uptime no service password-encryption service udp-small-servers service tcp-small-servers ! hostname rtpkrb ! !--- AAA configuration. aaa new-model aaa authentication login default radius none aaa authentication ppp default radius none aaa authorization exec default radius none aaa authorization network default radius none enable secret 5 $1$pkX.$JdAySRE1SbdbDe7bj0wyt0 enable password ww ! ip host rtpkrb 10.31.1.5 ip domain-name RTP.CISCO.COM ip name-server 171.68.118.103 !--- Chat-scripts to be used for the dialout. chat-script offhook "" "ATH1" OK chat-script callback ABORT ERROR ABORT BUSY "" "ATZ" OK "ATDT \T" TIMEOUT 30 CONNECT \c ! interface Loopback0 ip address 1.1.1.1 255.255.255.0 ! interface Ethernet0 ip address 10.31.1.5 255.255.0.0 ! interface Serial0 no ip address no ip mroute-cache shutdown ! interface Serial1 no ip address shutdown ! interface Async1 ip unnumbered Ethernet0 encapsulation ppp async mode dedicated peer default ip address pool async no cdp enable ppp max-bad-auth 3 ppp callback accept ppp authentication pap ! ip local pool async 15.15.15.15 ip classless ip route 0.0.0.0 0.0.0.0 10.31.1.1 snmp-server community public RW snmp-server host 171.68.118.100 traps public radius-server host 171.68.118.101 auth-port 1645 acct-port 1646 radius-server key cisco ! line con 0 line 1 session-timeout 20 exec-timeout 20 0 password ww autoselect ppp script modem-off-hook offhook script callback callback modem InOut transport input all stopbits 1 speed 38400 flowcontrol hardware line 2 modem InOut speed 38400 flowcontrol hardware line 3 16 line aux 0 line vty 0 4 exec-timeout 0 0 timeout login response 100 password ww ! end |
現在、この設定に使用できる確認手順はありません。
このセクションでは、設定のトラブルシューティングに役立つ情報を紹介します。
注:debug コマンドを使用する前に、「debug コマンドに関する重要な情報」を参照してください。
debug aaa authentication - AAA 認証に関する情報を表示します。
debug aaa authorization - AAA 許可に関する情報を表示します。
debug callback - ルータがモデムとチャット スクリプトを使用して端末回線にコールバックしているときに、コールバック イベントを表示します。
debug chat - Network Access Server(NAS; ネットワーク アクセス サーバ)と PC の間で送信されている文字列を表示します。チャット スクリプトは、Data Terminal Equipment(DTE; データ端末装置)-DTE 間または DTE-Data Communications Equipment(DCE; データ通信装置)デバイス間のハンドシェイクを定義する expect-send 文字列ペアのセットです。
debug modem - アクセス サーバのモデム回線のアクティビティを監視します。
debug ppp negotiation - PPP の開始時に送信される PPP パケットを表示します。PPP の開始時には PPP オプションがネゴシエートされます。
debug ppp authentication - Challenge Handshake Authentication Protocol(CHAP)パケット交換や Password Authentication Protocol(PAP; パスワード認証プロトコル)交換などの認証プロトコル メッセージを表示します。
debug radius:RADIUS に関係する詳細なデバッグ情報を表示します。
General OS: Modem control/process activation debugging is on AAA Authentication debugging is on AAA Authorization debugging is on PPP: PPP protocol negotiation debugging is on Chat Scripts: Chat scripts activity debugging is on Callback: Callback activity debugging is on Radius protocol debugging is on rtpkrb# 04:04:42: TTY1: DSR came up 04:04:42: tty1: Modem: IDLE->READY 04:04:42: TTY1: Autoselect started 04:04:44: TTY1: Autoselect sample 7E 04:04:44: TTY1: Autoselect sample 7EFF 04:04:44: TTY1: Autoselect sample 7EFF7D 04:04:44: TTY1: Autoselect sample 7EFF7D23 04:04:44: TTY1 Autoselect cmd: ppp negotiate 04:04:44: TTY1: EXEC creation 04:04:46: %LINK-3-UPDOWN: Interface Async1, changed state to up 04:04:46: As1 PPP: Treating connection as a dedicated line 04:04:46: As1 PPP: Phase is ESTABLISHING, Active Open 04:04:46: As1 LCP: O CONFREQ [Closed] id 224 len 24 04:04:46: As1 LCP: ACCM 0x000A0000 (0x0206000A0000) 04:04:46: As1 LCP: AuthProto PAP (0x0304C023) 04:04:46: As1 LCP: MagicNumber 0xE0FE5C09 (0x0506E0FE5C09) 04:04:46: As1 LCP: PFC (0x0702) 04:04:46: As1 LCP: ACFC (0x0802) 04:04:46: As1 LCP: I CONFACK [REQsent] id 224 len 24 04:04:46: As1 LCP: ACCM 0x000A0000 (0x0206000A0000) 04:04:46: As1 LCP: AuthProto PAP (0x0304C023) 04:04:46: As1 LCP: MagicNumber 0xE0FE5C09 (0x0506E0FE5C09) 04:04:46: As1 LCP: PFC (0x0702) 04:04:46: As1 LCP: ACFC (0x0802) 04:04:47: As1 LCP: I CONFREQ [ACKrcvd] id 0 len 23 04:04:47: As1 LCP: ACCM 0x00000000 (0x020600000000) 04:04:47: As1 LCP: MagicNumber 0x00006CCD (0x050600006CCD) 04:04:47: As1 LCP: PFC (0x0702) 04:04:47: As1 LCP: ACFC (0x0802) 04:04:47: As1 LCP: Callback 6 (0x0D0306) 04:04:47: As1 LCP: O CONFACK [ACKrcvd] id 0 len 23 04:04:47: As1 LCP: ACCM 0x00000000 (0x020600000000) 04:04:47: As1 LCP: MagicNumber 0x00006CCD (0x050600006CCD) 04:04:47: As1 LCP: PFC (0x0702) 04:04:47: As1 LCP: ACFC (0x0802) 04:04:47: As1 LCP: Callback 6 (0x0D0306) 04:04:47: As1 LCP: State is Open 04:04:47: As1 PPP: Phase is AUTHENTICATING, by this end 04:04:47: As1 LCP: I IDENTIFY [Open] id 1 len 18 magic 0x00006CCD MSRASV4.00 04:04:47: As1 LCP: I IDENTIFY [Open] id 2 len 21 magic 0x00006CCD MSRAS-1-ZEKIE 04:04:47: As1 PAP: I AUTH-REQ id 15 len 24 from "callback2" 04:04:47: As1 PAP: Authenticating peer callback2 04:04:47: AAA/AUTHEN: create_user (0x14B1CC) user='callback2' ruser='' port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1 04:04:47: AAA/AUTHEN/START (3229557248): port='Async1' list='' action=LOGIN service=PPP 04:04:47: AAA/AUTHEN/START (3229557248): using "default" list 04:04:47: AAA/AUTHEN/START (3229557248): Method=RADIUS 04:04:47: RADIUS: Computed extended port value 0:1: 04:04:47: RADIUS: Initial Transmit id 156 171.68.118.101:1645, Access-Request, len 79 04:04:47: Attribute 4 6 0A1F0105 04:04:47: Attribute 5 6 00000001 04:04:47: Attribute 61 6 00000000 04:04:47: Attribute 1 11 63616C6C 04:04:47: Attribute 2 18 47E86FBC 04:04:47: Attribute 6 6 00000002 04:04:47: Attribute 7 6 00000001 04:04:47: RADIUS: Received from id 156 171.68.118.101:1645, Access-Accept, len 69 04:04:47: Attribute 6 6 00000002 04:04:47: Attribute 7 6 00000001 04:04:47: Attribute 26 37 00000009011F6C63 04:04:47: RADIUS: saved authorization data for user 14B1CC at 14A684 04:04:47: AAA/AUTHEN (3229557248): status = PASS 04:04:47: AAA/AUTHOR/LCP As1: Authorize LCP 04:04:47: AAA/AUTHOR/LCP As1 (101984404): Port='Async1' list='' service=NET 04:04:47: AAA/AUTHOR/LCP: As1 (101984404) user='callback2' 04:04:47: AAA/AUTHOR/LCP: As1 (101984404) send AV service=ppp 04:04:47: AAA/AUTHOR/LCP: As1 (101984404) send AV protocol=lcp 04:04:47: AAA/AUTHOR/LCP (101984404) found list "default" 04:04:47: AAA/AUTHOR/LCP: As1 (101984404) Method=RADIUS !--- Callback number is obtained from the RADIUS server. 04:04:47: RADIUS: cisco AVPair "lcp:callback-dialstring=20367" 04:04:47: AAA/AUTHOR (101984404): Post authorization status = PASS_REPL 04:04:47: AAA/AUTHOR/LCP As1: Processing AV service=ppp 04:04:47: AAA/AUTHOR/LCP As1: Processing AV callback-dialstring=20367 04:04:47: As1 PAP: O AUTH-ACK id 15 len 5 04:04:47: As1 MCB: User callback2 Callback Number - Server 20367 04:04:47: Async1 PPP: O MCB Request(1) id 47 len 7 04:04:47: Async1 MCB: O 1 2F 0 7 3 3 0 04:04:47: As1 MCB: O Request Id 47 Callback Type Server-Num delay 0 04:04:47: Async1 PPP: I MCB Response(2) id 47 len 7 04:04:47: Async1 MCB: I 2 2F 0 7 3 3 C 04:04:47: As1 MCB: Received response 04:04:47: As1 MCB: Response CBK-Server-Num 3 3 12 04:04:47: Async1 PPP: O MCB Ack(3) id 48 len 7 04:04:47: Async1 MCB: O 3 30 0 7 3 3 C 04:04:47: As1 MCB: O Ack Id 48 Callback Type Server-Num delay 12 04:04:47: As1 MCB: Negotiated MCB with peer 04:04:47: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, changed state to up 04:04:47: As1 LCP: I TERMREQ [Open] id 3 len 8 (0x00000000) 04:04:47: As1 LCP: O TERMACK [Open] id 3 len 4 04:04:47: As1 MCB: Peer terminating the link 04:04:47: As1 PPP: Phase is TERMINATING 04:04:47: As1 MCB: Link terminated by peer, Callback Needed !--- Callback is initiated. 04:04:47: As1 MCB: Initiate Callback for callback2 at 20367 using Async 04:04:47: As1 MCB: Async-callback in progress 04:04:47: TTY1 Callback PPP process creation 04:04:47: As1 AAA/ACCT: Using PPP accounting list "" 04:04:47: TTY1 Callback process initiated, user: dialstring 20367 04:04:48: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, changed state to down 04:04:48: TTY1: Async Int reset: Dropping DTR 04:04:49: As1 LCP: TIMEout: Time 0xE02574 State TERMsent 04:04:49: As1 LCP: State is Closed 04:04:49: As1 PPP: Phase is DOWN 04:04:49: As1 PPP: Phase is ESTABLISHING, Passive Open 04:04:49: As1 LCP: State is Listen 04:04:50: %LINK-5-CHANGED: Interface Async1, changed state to reset 04:04:50: As1 LCP: State is Closed 04:04:50: As1 PPP: Phase is DOWN 04:04:50: As1 IPCP: Remove route to 15.15.15.15 04:04:53: AAA/AUTHEN: free_user (0x14B1CC) user='callback2' ruser='' port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1 04:04:53: TTY1 Callback forced wait = 4 seconds 04:04:55: %LINK-3-UPDOWN: Interface Async1, changed state to down 04:04:55: As1 LCP: State is Closed 04:04:55: As1 PPP: Phase is DOWN 04:04:57: CHAT1: Matched chat script offhook to string offhook 04:04:57: CHAT1: Asserting DTR 04:04:57: CHAT1: Chat script offhook started 04:04:57: CHAT1: Sending string: ATH1 04:04:57: CHAT1: Expecting string: OK 04:04:57: CHAT1: Completed match for expect: OK 04:04:57: CHAT1: Chat script offhook finished, status = Success 04:04:57: CHAT1: Matched chat script callback to string callback 04:04:57: CHAT1: Asserting DTR 04:04:57: CHAT1: Chat script callback started 04:04:57: CHAT1: Sending string: ATZ 04:04:57: CHAT1: Expecting string: OK 04:04:57: CHAT1: Completed match for expect: OK 04:04:57: CHAT1: Sending string: ATDT \T<20367> 04:04:57: CHAT1: Expecting string: CONNECT 04:05:14: CHAT1: Completed match for expect: CONNECT 04:05:14: CHAT1: Sending string: \c 04:05:14: CHAT1: Chat script callback finished, status = Success 04:05:14: TTY1 PPP Callback Successful - await exec/autoselect pickup 04:05:16: TTY1: DSR came up 04:05:16: TTY1: Callback in effect 04:05:16: tty1: Modem: IDLE->READY 04:05:16: TTY1: Autoselect started 04:05:16: As1 LCP: I CONFREQ [Closed] id 0 len 20 04:05:16: As1 LCP: ACCM 0x00000000 (0x020600000000) 04:05:16: As1 LCP: MagicNumber 0x000007A0 (0x0506000007A0) 04:05:16: As1 LCP: PFC (0x0702) 04:05:16: As1 LCP: ACFC (0x0802) 04:05:16: As1 LCP: Lower layer not up, discarding packet 04:05:18: %LINK-3-UPDOWN: Interface Async1, changed state to up 04:05:18: As1 PPP: Treating connection as a dedicated line 04:05:18: As1 PPP: Phase is ESTABLISHING, Active Open 04:05:18: As1 LCP: O CONFREQ [Closed] id 225 len 24 04:05:18: As1 LCP: ACCM 0x000A0000 (0x0206000A0000) 04:05:18: As1 LCP: AuthProto PAP (0x0304C023) 04:05:18: As1 LCP: MagicNumber 0xE0FED8A0 (0x0506E0FED8A0) 04:05:18: As1 LCP: PFC (0x0702) 04:05:18: As1 LCP: ACFC (0x0802) 04:05:18: As1 LCP: I CONFACK [REQsent] id 225 len 24 04:05:18: As1 LCP: ACCM 0x000A0000 (0x0206000A0000) 04:05:18: As1 LCP: AuthProto PAP (0x0304C023) 04:05:18: As1 LCP: MagicNumber 0xE0FED8A0 (0x0506E0FED8A0) 04:05:18: As1 LCP: PFC (0x0702) 04:05:18: As1 LCP: ACFC (0x0802) 04:05:19: As1 LCP: I CONFREQ [ACKrcvd] id 0 len 20 04:05:19: As1 LCP: ACCM 0x00000000 (0x020600000000) 04:05:19: As1 LCP: MagicNumber 0x000007A0 (0x0506000007A0) 04:05:19: As1 LCP: PFC (0x0702) 04:05:19: As1 LCP: ACFC (0x0802) 04:05:19: As1 LCP: O CONFACK [ACKrcvd] id 0 len 20 04:05:19: As1 LCP: ACCM 0x00000000 (0x020600000000) 04:05:19: As1 LCP: MagicNumber 0x000007A0 (0x0506000007A0) 04:05:19: As1 LCP: PFC (0x0702) 04:05:19: As1 LCP: ACFC (0x0802) 04:05:19: As1 LCP: State is Open 04:05:19: As1 PPP: Phase is AUTHENTICATING, by this end 04:05:19: As1 LCP: I IDENTIFY [Open] id 1 len 18 magic 0x000007A0 MSRASV4.00 04:05:19: As1 LCP: I IDENTIFY [Open] id 2 len 21 magic 0x000007A0 MSRAS-1-ZEKIE 04:05:19: As1 PAP: I AUTH-REQ id 16 len 24 from "callback2" 04:05:19: As1 PAP: Authenticating peer callback2 04:05:19: AAA/AUTHEN: create_user (0x14A640) user='callback2' ruser='' port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1 04:05:19: AAA/AUTHEN/START (1256800753): port='Async1' list='' action=LOGIN service=PPP 04:05:19: AAA/AUTHEN/START (1256800753): using "default" list 04:05:19: AAA/AUTHEN/START (1256800753): Method=RADIUS 04:05:19: RADIUS: Computed extended port value 0:1: 04:05:19: RADIUS: Initial Transmit id 157 171.68.118.101:1645, Access-Request, len 79 04:05:19: Attribute 4 6 0A1F0105 04:05:19: Attribute 5 6 00000001 04:05:19: Attribute 61 6 00000000 04:05:19: Attribute 1 11 63616C6C 04:05:19: Attribute 2 18 C29C6276 04:05:19: Attribute 6 6 00000002 04:05:19: Attribute 7 6 00000001 04:05:19: RADIUS: Received from id 157 171.68.118.101:1645, Access-Accept, len 69 04:05:19: Attribute 6 6 00000002 04:05:19: Attribute 7 6 00000001 04:05:19: Attribute 26 37 00000009011F6C63 04:05:19: RADIUS: saved authorization data for user 14A640 at 14B1CC 04:05:19: AAA/AUTHEN (1256800753): status = PASS 04:05:19: AAA/AUTHOR/LCP As1: Authorize LCP 04:05:19: AAA/AUTHOR/LCP As1 (1783017574): Port='Async1' list='' service=NET 04:05:19: AAA/AUTHOR/LCP: As1 (1783017574) user='callback2' 04:05:19: AAA/AUTHOR/LCP: As1 (1783017574) send AV service=ppp 04:05:19: AAA/AUTHOR/LCP: As1 (1783017574) send AV protocol=lcp 04:05:19: AAA/AUTHOR/LCP (1783017574) found list "default" 04:05:19: AAA/AUTHOR/LCP: As1 (1783017574) Method=RADIUS 04:05:19: RADIUS: cisco AVPair "lcp:callback-dialstring=20367" 04:05:19: AAA/AUTHOR (1783017574): Post authorization status = PASS_REPL 04:05:19: AAA/AUTHOR/LCP As1: Processing AV service=ppp 04:05:19: AAA/AUTHOR/LCP As1: Processing AV callback-dialstring=20367 04:05:19: As1 PAP: O AUTH-ACK id 16 len 5 04:05:19: As1 PPP: Phase is UP 04:05:19: AAA/AUTHOR/FSM As1: (0): Can we start IPCP? 04:05:19: AAA/AUTHOR/FSM As1 (1621572650): Port='Async1' list='' service=NET 04:05:19: AAA/AUTHOR/FSM: As1 (1621572650) user='callback2' 04:05:19: AAA/AUTHOR/FSM: As1 (1621572650) send AV service=ppp 04:05:19: AAA/AUTHOR/FSM: As1 (1621572650) send AV protocol=ip 04:05:19: AAA/AUTHOR/FSM (1621572650) found list "default" 04:05:19: AAA/AUTHOR/FSM: As1 (1621572650) Method=RADIUS 04:05:19: RADIUS: cisco AVPair "lcp:callback-dialstring=20367" not applied for ip 04:05:19: AAA/AUTHOR (1621572650): Post authorization status = PASS_REPL 04:05:19: AAA/AUTHOR/FSM As1: We can start IPCP 04:05:19: As1 IPCP: O CONFREQ [Closed] id 24 len 10 04:05:19: As1 IPCP: Address 10.31.1.5 (0x03060A1F0105) 04:05:19: As1 IPCP: I CONFREQ [REQsent] id 3 len 40 04:05:19: As1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01) 04:05:19: As1 IPCP: Address 0.0.0.0 (0x030600000000) 04:05:19: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000) 04:05:19: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000) 04:05:19: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000) 04:05:19: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000) 04:05:19: AAA/AUTHOR/IPCP As1: Start. Her address 0.0.0.0, we want 0.0.0.0 04:05:19: AAA/AUTHOR/IPCP As1: Processing AV service=ppp 04:05:19: AAA/AUTHOR/IPCP As1: Authorization succeeded 04:05:19: AAA/AUTHOR/IPCP As1: Done. Her address 0.0.0.0, we want 0.0.0.0 04:05:19: As1 IPCP: Using pool 'async' 04:05:19: As1 IPCP: Pool returned 15.15.15.15 04:05:19: As1 IPCP: O CONFREJ [REQsent] id 3 len 28 04:05:19: As1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01) 04:05:19: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000) 04:05:19: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000) 04:05:19: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000) 04:05:19: As1 IPCP: I CONFACK [REQsent] id 24 len 10 04:05:19: As1 IPCP: Address 10.31.1.5 (0x03060A1F0105) 04:05:19: As1 IPCP: I CONFREQ [ACKrcvd] id 4 len 16 04:05:19: As1 IPCP: Address 0.0.0.0 (0x030600000000) 04:05:19: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000) 04:05:19: AAA/AUTHOR/IPCP As1: Start. Her address 0.0.0.0, we want 15.15.15.15 04:05:19: AAA/AUTHOR/IPCP As1: Processing AV service=ppp 04:05:19: AAA/AUTHOR/IPCP As1: Authorization succeeded 04:05:19: AAA/AUTHOR/IPCP As1: Done. Her address 0.0.0.0, we want 15.15.15.15 04:05:19: As1 IPCP: O CONFNAK [ACKrcvd] id 4 len 16 04:05:19: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F) 04:05:19: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667) 04:05:20: As1 IPCP: I CONFREQ [ACKrcvd] id 5 len 16 04:05:20: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F) 04:05:20: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667) 04:05:20: AAA/AUTHOR/IPCP As1: Start. Her address 15.15.15.15, we want 15.15.15.15 04:05:20: AAA/AUTHOR/IPCP As1 (2922034935): Port='Async1' list='' service=NET 04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) user='callback2' 04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) send AV service=ppp 04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) send AV protocol=ip 04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) send AV addr*15.15.15.15 04:05:20: AAA/AUTHOR/IPCP (2922034935) found list "default" 04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) Method=RADIUS 04:05:20: RADIUS: cisco AVPair "lcp:callback-dialstring=20367" not applied for ip 04:05:20: AAA/AUTHOR (2922034935): Post authorization status = PASS_REPL 04:05:20: AAA/AUTHOR/IPCP As1: Reject 15.15.15.15, using 15.15.15.15 04:05:20: AAA/AUTHOR/IPCP As1: Processing AV service=ppp 04:05:20: AAA/AUTHOR/IPCP As1: Processing AV addr*15.15.15.15 04:05:20: AAA/AUTHOR/IPCP As1: Authorization succeeded 04:05:20: AAA/AUTHOR/IPCP As1: Done. Her address 15.15.15.15, we want 15.15.15.15 04:05:20: As1 IPCP: O CONFACK [ACKrcvd] id 5 len 16 04:05:20: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F) 04:05:20: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667) 04:05:20: As1 IPCP: State is Open 04:05:20: As1 IPCP: Install route to 15.15.15.15 04:05:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, changed state to up
前の例は、事前に定義された(サーバに設定された)番号でのコールバックでした。コールバックはユーザが指定した番号で行われる場合もあり、この場合、認証サーバではコールバック番号はヌルで指定されます。これにより、ルータからユーザにコールバック番号を問い合せるようになります。ここで再度、指定したローカル コールバックを使用して、初期テストを行う必要があります。ローカル コールバックとヌル コールバック ストリングが動作しない場合は(つまり、aaa new-model コマンドの削除)、RADIUS コールバックも動作しません。ヌル コールバック ストリング ローカルをルータに対してローカルに指定するには、次のようにします。
username callback callback-dialstring "" password 0 callback
PC の Dial-UP-Networking(Windows NT Server)の User Preferences で、Callback - maybe ask me during redial if server offers ボックスをチェックします。ユーザが認証されると、PC 上に表示されたウィンドウで「Callback - You have entered "Set by caller"」で始まるメッセージが表示され、さらに「Enter modem phone number」と表示されます。
ユーザは、パスワードと確認用パスワードを取得します。
Group Settingsで、attribute 006 Service-Type = Framed attribute 007 Framed-Protocol = PPPと指定します。
画面の最後のボックスCisco RADIUS Attributesで、[009\001 - AV-Pair]を確認し、その下にlcp:callback-dialstring=と入力します。
rtp-berry# ./ViewProfile -p 9900 -u callback User Profile Information user = callback{ profile_id = 34 profile_cycle = 1 radius=Cisco { check_items= { 2="callback" } reply_attributes= { 6=2 7=1 9,1="lcp:callback-dialstring=" } } }
callback2 Password = "callback2" User-Service-Type = Framed-User, Framed-Protocol = PPP, cisco-avpair = "lcp:callback-dialstring="
koala#show debug General OS: Modem control/process activation debugging is on AAA Authentication debugging is on AAA Authorization debugging is on Dial on demand: Dial on demand events debugging is on PPP: PPP authentication debugging is on PPP protocol negotiation debugging is on Chat Scripts: Chat scripts activity debugging is on Callback: Callback activity debugging is on Radius protocol debugging is on koala# 02:23:01: TTY1: DSR came up 02:23:01: tty1: Modem: IDLE->READY 02:23:01: TTY1: Autoselect started 02:23:03: TTY1: Autoselect sample 7E 02:23:03: TTY1: Autoselect sample 7EFF 02:23:03: TTY1: Autoselect sample 7EFF7D 02:23:03: TTY1: Autoselect sample 7EFF7D23 02:23:03: TTY1 Autoselect cmd: ppp negotiate 02:23:03: TTY1: EXEC creation 02:23:05: %LINK-3-UPDOWN: Interface Async1, changed state to up 02:23:05: As1 PPP: Treating connection as a dedicated line 02:23:05: As1 PPP: Phase is ESTABLISHING, Active Open 02:23:05: As1 LCP: O CONFREQ [Closed] id 27 len 24 02:23:05: As1 LCP: ACCM 0x000A0000 (0x0206000A0000) 02:23:05: As1 LCP: AuthProto PAP (0x0304C023) 02:23:05: As1 LCP: MagicNumber 0xE0A14386 (0x0506E0A14386) 02:23:05: As1 LCP: PFC (0x0702) 02:23:05: As1 LCP: ACFC (0x0802) 02:23:05: As1 LCP: I CONFACK [REQsent] id 27 len 24 02:23:05: As1 LCP: ACCM 0x000A0000 (0x0206000A0000) 02:23:05: As1 LCP: AuthProto PAP (0x0304C023) 02:23:05: As1 LCP: MagicNumber 0xE0A14386 (0x0506E0A14386) 02:23:05: As1 LCP: PFC (0x0702) 02:23:05: As1 LCP: ACFC (0x0802) 02:23:06: As1 LCP: I CONFREQ [ACKrcvd] id 0 len 23 02:23:06: As1 LCP: ACCM 0x00000000 (0x020600000000) 02:23:06: As1 LCP: MagicNumber 0x0000152B (0x05060000152B) 02:23:06: As1 LCP: PFC (0x0702) 02:23:06: As1 LCP: ACFC (0x0802) 02:23:06: As1 LCP: Callback 6 (0x0D0306) 02:23:06: As1 LCP: O CONFACK [ACKrcvd] id 0 len 23 02:23:06: As1 LCP: ACCM 0x00000000 (0x020600000000) 02:23:06: As1 LCP: MagicNumber 0x0000152B (0x05060000152B) 02:23:06: As1 LCP: PFC (0x0702) 02:23:06: As1 LCP: ACFC (0x0802) 02:23:06: As1 LCP: Callback 6 (0x0D0306) 02:23:06: As1 LCP: State is Open 02:23:06: As1 PPP: Phase is AUTHENTICATING, by this end 02:23:06: As1 LCP: I IDENTIFY [Open] id 1 len 18 magic 0x0000152B MSRASV4.00 02:23:06: As1 LCP: I IDENTIFY [Open] id 2 len 21 magic 0x0000152B MSRAS-1-ZEKIE 02:23:06: As1 PAP: I AUTH-REQ id 64 len 22 from "userspec" 02:23:06: As1 PAP: Authenticating peer userspec 02:23:06: AAA/AUTHEN: create_user (0x16E284) user='userspec' ruser='' port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1 02:23:06: AAA/AUTHEN/START (835406208): port='Async1' list='' action=LOGIN service=PPP 02:23:06: AAA/AUTHEN/START (835406208): using "default" list 02:23:06: AAA/AUTHEN (835406208): status = UNKNOWN 02:23:06: AAA/AUTHEN/START (835406208): Method=RADIUS 02:23:06: RADIUS: Computed extended port value 0:1: 02:23:06: RADIUS: Initial Transmit id 25 171.68.120.194:1645, Access-Request, len 78 02:23:06: Attribute 4 6 0A1F0105 02:23:06: Attribute 5 6 00000001 02:23:06: Attribute 61 6 00000000 02:23:06: Attribute 1 10 75736572 02:23:06: Attribute 2 18 E1377DA0 02:23:06: Attribute 6 6 00000002 02:23:06: Attribute 7 6 00000001 02:23:06: RADIUS: Received from id 25 171.68.120.194:1645, Access-Accept, len 64 02:23:06: Attribute 6 6 00000002 02:23:06: Attribute 7 6 00000001 02:23:06: Attribute 26 32 00000009011A6C63 02:23:06: RADIUS: saved authorization data for user 16E284 at A1B44 02:23:06: AAA/AUTHEN (835406208): status = PASS 02:23:06: AAA/AUTHOR/LCP As1: Authorize LCP 02:23:06: AAA/AUTHOR/LCP As1 (2812925385): Port='Async1' list='' service=NET 02:23:06: AAA/AUTHOR/LCP: As1 (2812925385) user='userspec' 02:23:06: AAA/AUTHOR/LCP: As1 (2812925385) send AV service=ppp 02:23:06: AAA/AUTHOR/LCP: As1 (2812925385) send AV protocol=lcp 02:23:06: AAA/AUTHOR/LCP (2812925385) found list "default" 02:23:06: AAA/AUTHOR/LCP: As1 (2812925385) Method=RADIUS !--- Callback dialstring is empty (null). 02:23:06: RADIUS: cisco AVPair "lcp:callback-dialstring=" 02:23:06: AAA/AUTHOR (2812925385): Post authorization status = PASS_REPL 02:23:06: AAA/AUTHOR/LCP As1: Processing AV service=ppp 02:23:06: AAA/AUTHOR/LCP As1: Processing AV callback-dialstring= 02:23:06: As1 PAP: O AUTH-ACK id 64 len 5 !--- Router recognizes that it is to receive number from client !--- and starts sending requests to PC. 02:23:06: As1 MCB: User userspec Callback Number - Client ANY 02:23:06: Async1 PPP: O MCB Request(1) id 92 len 9 02:23:06: Async1 MCB: O 1 5C 0 9 2 5 0 1 0 02:23:06: As1 MCB: O Request Id 92 Callback Type Client-Num delay 0 02:23:07: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, changed state to up !--- Router receives response from PC. 02:23:09: Async1 PPP: I MCB Response(2) id 92 len 14 02:23:09: Async1 MCB: I 2 5C 0 E 2 A C 1 32 30 33 36 37 0 02:23:09: As1 MCB: Received response !--- Received callback number from the client. 02:23:09: As1 MCB: Response CBK-Client-Num 2 10 12, addr 1-20367 02:23:09: Async1 PPP: O MCB Ack(3) id 93 len 14 02:23:09: Async1 MCB: O 3 5D 0 E 2 A C 1 32 30 33 36 37 0 02:23:09: As1 MCB: O Ack Id 93 Callback Type Client-Num delay 12 02:23:09: As1 MCB: Negotiated MCB with peer 02:23:09: As1 LCP: I TERMREQ [Open] id 3 len 8 (0x00000000) 02:23:09: As1 LCP: O TERMACK [Open] id 3 len 4 02:23:09: As1 MCB: Peer terminating the link 02:23:09: As1 PPP: Phase is TERMINATING 02:23:09: As1 MCB: Link terminated by peer, Callback Needed !--- Callback is initiated. 02:23:09: As1 MCB: Initiate Callback for userspec at 20367 using Async 02:23:09: TTY1 Callback user dialstring 20367 from PPP negotiation 02:23:09: As1 MCB: Async-callback in progress 02:23:09: TTY1 Callback PPP process creation 02:23:09: As1 AAA/ACCT: Using PPP accounting list "" 02:23:09: TTY1 Callback process initiated, user: dialstring 20367 02:23:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, changed state to down 02:23:10: TTY1: Async Int reset: Dropping DTR 02:23:11: As1 LCP: TIMEout: Time 0x831824 State TERMsent 02:23:11: As1 LCP: State is Closed 02:23:11: As1 PPP: Phase is DOWN 02:23:11: As1 VP: Cleaning already proceeding 02:23:11: As1 PPP: Phase is ESTABLISHING, Passive Open 02:23:11: AAA/AUTHEN: dup_user (0x16E558) user='userspec' ruser='' port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1 source='AAA dup lcp_reset' 02:23:11: AAA/AUTHEN: Method=IF-NEEDED: no authentication needed. user='userspec' port='Async1' rem_addr='async' 02:23:11: As1 LCP: State is Listen 02:23:11: AAA/AUTHEN: free_user (0x16E284) user='userspec' ruser='' port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1 02:23:12: %LINK-5-CHANGED: Interface Async1, changed state to reset 02:23:12: As1 LCP: State is Closed 02:23:12: As1 PPP: Phase is DOWN 02:23:12: As1 VP: Cleaning already proceeding 02:23:12: As1 IPCP: Remove route to 15.15.15.15 02:23:15: AAA/AUTHEN: free_user (0x16E558) user='userspec' ruser='' port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1 02:23:15: TTY1 Callback forced wait = 4 seconds 02:23:17: %LINK-3-UPDOWN: Interface Async1, changed state to down 02:23:17: As1 LCP: State is Closed 02:23:17: As1 PPP: Phase is DOWN 02:23:17: As1 VP: Cleaning already proceeding 02:23:19: CHAT1: Matched chat script offhook to string offhook 02:23:19: CHAT1: Asserting DTR 02:23:19: CHAT1: Chat script offhook started 02:23:19: CHAT1: Sending string: ATH1 02:23:19: CHAT1: Expecting string: OK 02:23:19: CHAT1: Completed match for expect: OK 02:23:19: CHAT1: Chat script offhook finished, status = Success 02:23:19: CHAT1: Matched chat script callback to string callback 02:23:19: CHAT1: Asserting DTR 02:23:19: CHAT1: Chat script callback started 02:23:19: CHAT1: Sending string: ATZ 02:23:19: CHAT1: Expecting string: OK 02:23:19: CHAT1: Completed match for expect: OK 02:23:19: CHAT1: Sending string: ATDT \T<20367> 02:23:19: CHAT1: Expecting string: CONNECT 02:23:35: CHAT1: Completed match for expect: CONNECT 02:23:35: CHAT1: Sending string: \c 02:23:35: CHAT1: Chat script callback finished, status = Success 02:23:35: TTY1 PPP Callback Successful - await exec/autoselect pickup 02:23:37: TTY1: DSR came up 02:23:37: TTY1: Callback in effect 02:23:37: tty1: Modem: IDLE->READY 02:23:37: TTY1: Autoselect started 02:23:37: As1 LCP: I CONFREQ [Closed] id 0 len 20 02:23:37: As1 LCP: ACCM 0x00000000 (0x020600000000) 02:23:37: As1 LCP: MagicNumber 0x00005156 (0x050600005156) 02:23:37: As1 LCP: PFC (0x0702) 02:23:37: As1 LCP: ACFC (0x0802) 02:23:37: As1 LCP: Lower layer not up, discarding packet 02:23:39: %LINK-3-UPDOWN: Interface Async1, changed state to up 02:23:39: As1 PPP: Treating connection as a dedicated line 02:23:39: As1 PPP: Phase is ESTABLISHING, Active Open 02:23:39: As1 LCP: O CONFREQ [Closed] id 28 len 24 02:23:39: As1 LCP: ACCM 0x000A0000 (0x0206000A0000) 02:23:39: As1 LCP: AuthProto PAP (0x0304C023) 02:23:39: As1 LCP: MagicNumber 0xE0A1CAB2 (0x0506E0A1CAB2) 02:23:39: As1 LCP: PFC (0x0702) 02:23:39: As1 LCP: ACFC (0x0802) 02:23:40: As1 LCP: I CONFACK [REQsent] id 28 len 24 02:23:40: As1 LCP: ACCM 0x000A0000 (0x0206000A0000) 02:23:40: As1 LCP: AuthProto PAP (0x0304C023) 02:23:40: As1 LCP: MagicNumber 0xE0A1CAB2 (0x0506E0A1CAB2) 02:23:40: As1 LCP: PFC (0x0702) 02:23:40: As1 LCP: ACFC (0x0802) 02:23:40: As1 LCP: I CONFREQ [ACKrcvd] id 0 len 20 02:23:40: As1 LCP: ACCM 0x00000000 (0x020600000000) 02:23:40: As1 LCP: MagicNumber 0x00005156 (0x050600005156) 02:23:40: As1 LCP: PFC (0x0702) 02:23:40: As1 LCP: ACFC (0x0802) 02:23:40: As1 LCP: O CONFACK [ACKrcvd] id 0 len 20 02:23:40: As1 LCP: ACCM 0x00000000 (0x020600000000) 02:23:40: As1 LCP: MagicNumber 0x00005156 (0x050600005156) 02:23:40: As1 LCP: PFC (0x0702) 02:23:40: As1 LCP: ACFC (0x0802) 02:23:40: As1 LCP: State is Open 02:23:40: As1 PPP: Phase is AUTHENTICATING, by this end 02:23:41: As1 LCP: I IDENTIFY [Open] id 1 len 18 magic 0x00005156 MSRASV4.00 02:23:41: As1 LCP: I IDENTIFY [Open] id 2 len 21 magic 0x00005156 MSRAS-1-ZEKIE 02:23:41: As1 PAP: I AUTH-REQ id 65 len 22 from "userspec" 02:23:41: As1 PAP: Authenticating peer userspec 02:23:41: AAA/AUTHEN: create_user (0x16E284) user='userspec' ruser='' port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1 02:23:41: AAA/AUTHEN/START (2883652190): port='Async1' list='' action=LOGIN service=PPP 02:23:41: AAA/AUTHEN/START (2883652190): using "default" list 02:23:41: AAA/AUTHEN (2883652190): status = UNKNOWN 02:23:41: AAA/AUTHEN/START (2883652190): Method=RADIUS 02:23:41: RADIUS: Computed extended port value 0:1: 02:23:41: RADIUS: Initial Transmit id 26 171.68.120.194:1645, Access-Request, len 78 02:23:41: Attribute 4 6 0A1F0105 02:23:41: Attribute 5 6 00000001 02:23:41: Attribute 61 6 00000000 02:23:41: Attribute 1 10 75736572 02:23:41: Attribute 2 18 8150DA02 02:23:41: Attribute 6 6 00000002 02:23:41: Attribute 7 6 00000001 02:23:41: RADIUS: Received from id 26 171.68.120.194:1645, Access-Accept, len 64 02:23:41: Attribute 6 6 00000002 02:23:41: Attribute 7 6 00000001 02:23:41: Attribute 26 32 00000009011A6C63 02:23:41: RADIUS: saved authorization data for user 16E284 at A1B44 02:23:41: AAA/AUTHEN (2883652190): status = PASS 02:23:41: AAA/AUTHOR/LCP As1: Authorize LCP 02:23:41: AAA/AUTHOR/LCP As1 (3660077691): Port='Async1' list='' service=NET 02:23:41: AAA/AUTHOR/LCP: As1 (3660077691) user='userspec' 02:23:41: AAA/AUTHOR/LCP: As1 (3660077691) send AV service=ppp 02:23:41: AAA/AUTHOR/LCP: As1 (3660077691) send AV protocol=lcp 02:23:41: AAA/AUTHOR/LCP (3660077691) found list "default" 02:23:41: AAA/AUTHOR/LCP: As1 (3660077691) Method=RADIUS 02:23:41: RADIUS: cisco AVPair "lcp:callback-dialstring=" 02:23:41: AAA/AUTHOR (3660077691): Post authorization status = PASS_REPL 02:23:41: AAA/AUTHOR/LCP As1: Processing AV service=ppp 02:23:41: AAA/AUTHOR/LCP As1: Processing AV callback-dialstring= 02:23:41: As1 PAP: O AUTH-ACK id 65 len 5 02:23:41: As1 PPP: Phase is UP 02:23:41: AAA/AUTHOR/FSM As1: (0): Can we start IPCP? 02:23:41: AAA/AUTHOR/FSM As1 (2418882911): Port='Async1' list='' service=NET 02:23:41: AAA/AUTHOR/FSM: As1 (2418882911) user='userspec' 02:23:41: AAA/AUTHOR/FSM: As1 (2418882911) send AV service=ppp 02:23:41: AAA/AUTHOR/FSM: As1 (2418882911) send AV protocol=ip 02:23:41: AAA/AUTHOR/FSM (2418882911) found list "default" 02:23:41: AAA/AUTHOR/FSM: As1 (2418882911) Method=RADIUS 02:23:41: RADIUS: cisco AVPair "lcp:callback-dialstring=" not applied for ip 02:23:41: AAA/AUTHOR (2418882911): Post authorization status = PASS_REPL 02:23:41: AAA/AUTHOR/FSM As1: We can start IPCP 02:23:41: As1 IPCP: O CONFREQ [Closed] id 12 len 10 02:23:41: As1 IPCP: Address 10.31.1.5 (0x03060A1F0105) 02:23:41: As1 IPCP: I CONFREQ [REQsent] id 3 len 40 02:23:41: As1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01) 02:23:41: As1 IPCP: Address 0.0.0.0 (0x030600000000) 02:23:41: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000) 02:23:41: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000) 02:23:41: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000) 02:23:41: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000) 02:23:41: AAA/AUTHOR/IPCP As1: Start. Her address 0.0.0.0, we want 0.0.0.0 02:23:41: AAA/AUTHOR/IPCP As1: Processing AV service=ppp 02:23:41: AAA/AUTHOR/IPCP As1: Authorization succeeded 02:23:41: AAA/AUTHOR/IPCP As1: Done. Her address 0.0.0.0, we want 0.0.0.0 02:23:41: As1 IPCP: Using pool 'async' 02:23:41: As1 IPCP: Pool returned 15.15.15.15 02:23:41: As1 IPCP: O CONFREJ [REQsent] id 3 len 28 02:23:41: As1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01) 02:23:41: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000) 02:23:41: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000) 02:23:41: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000) 02:23:41: As1 IPCP: I CONFACK [REQsent] id 12 len 10 02:23:41: As1 IPCP: Address 10.31.1.5 (0x03060A1F0105) 02:23:41: As1 IPCP: I CONFREQ [ACKrcvd] id 4 len 16 02:23:41: As1 IPCP: Address 0.0.0.0 (0x030600000000) 02:23:41: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000) 02:23:41: AAA/AUTHOR/IPCP As1: Start. Her address 0.0.0.0, we want 15.15.15.15 02:23:41: AAA/AUTHOR/IPCP As1: Processing AV service=ppp 02:23:41: AAA/AUTHOR/IPCP As1: Authorization succeeded 02:23:41: AAA/AUTHOR/IPCP As1: Done. Her address 0.0.0.0, we want 15.15.15.15 02:23:41: As1 IPCP: O CONFNAK [ACKrcvd] id 4 len 16 02:23:41: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F) 02:23:41: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667) 02:23:41: As1 IPCP: I CONFREQ [ACKrcvd] id 5 len 16 02:23:41: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F) 02:23:41: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667) 02:23:41: AAA/AUTHOR/IPCP As1: Start. Her address 15.15.15.15, we want 15.15.15.15 02:23:41: AAA/AUTHOR/IPCP As1 (2792483333): Port='Async1' list='' service=NET 02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) user='userspec' 02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) send AV service=ppp 02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) send AV protocol=ip 02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) send AV addr*15.15.15.15 02:23:41: AAA/AUTHOR/IPCP (2792483333) found list "default" 02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) Method=RADIUS 02:23:41: RADIUS: cisco AVPair "lcp:callback-dialstring=" not applied for ip 02:23:41: AAA/AUTHOR (2792483333): Post authorization status = PASS_REPL 02:23:41: AAA/AUTHOR/IPCP As1: Reject 15.15.15.15, using 15.15.15.15 02:23:41: AAA/AUTHOR/IPCP As1: Processing AV service=ppp 02:23:41: AAA/AUTHOR/IPCP As1: Processing AV addr*15.15.15.15 02:23:41: AAA/AUTHOR/IPCP As1: Authorization succeeded 02:23:41: AAA/AUTHOR/IPCP As1: Done. Her address 15.15.15.15, we want 15.15.15.15 02:23:41: As1 IPCP: O CONFACK [ACKrcvd] id 5 len 16 02:23:41: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F) 02:23:41: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667) 02:23:41: As1 IPCP: State is Open 02:23:41: dialer Protocol up for As1 02:23:41: As1 IPCP: Install route to 15.15.15.15 02:23:42: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, changed state to up
改定 | 発行日 | コメント |
---|---|---|
1.0 |
06-Dec-2001 |
初版 |