RADIUS による PPP コールバックの設定

はじめに

この文書では、ルータとサーバを設定して、RADIUS による Point-to-Point Protocol（PPP; ポイントツーポイント プロトコル）コールバックを行う例について説明します。

はじめる前に

表記法

ドキュメント表記の詳細は、『シスコ テクニカル ティップスの表記法』を参照してください。

前提条件

この設定の動作のために。

• ローカル認証とコールバックで初期テストを行います（つまり、aaa new-model コマンドを削除することを意味します）。コールバックがローカル認証で動作しない場合は、RADIUS を使用しても動作しません。ローカル認証の使用については、この例を参照してください。

• コールバックを行わずに、RADIUS を使用した詳細な PPP 認証テストを行います。コールバックなしでの認証または許可、およびその両方に失敗した場合は、コールバックありでの認証および許可も動作しません。

• RADIUS を使用したコールバックと PPP 認証のためのローカル認証が動作したら、ルータ上のローカル ユーザの情報（コールバック用のダイヤル ストリングなど）を、サーバ上のそのユーザのプロファイルに追加します。

注：これらのテストでのクライアントはNT 4.0サーバのDUNで、PPP接続では通常どおりに設定されていますが、Microsoftコールバックを許可するためにServerの下でEnable PPP/LCP extensionsにチェックマークが入っています。Microsoftコールバックは、Cisco IOS^®ソフトウェアリリース11.3.2.T以降でサポートされています。コールバック用にMicrosoft Windows PCを設定する方法の詳細については、MicrosoftのWebサイトを参照してください。

使用するコンポーネント

この設定は、次のソフトウェアのバージョンで開発およびテストしたものです。

• Cisco IOS ソフトウェア リリース 11.3.2.T 以降

• CiscoSecure ACS UNIX 2.xまたはCiscoSecure ACS for Windows 2.x以降

設定

このセクションでは、このドキュメントで説明する機能を設定するために必要な情報を提供しています。

注：この文書で使用されているコマンドの詳細を調べるには、「Command Lookup ツール」を使用してください（登録ユーザのみ）。

ネットワーク図

このドキュメントでは次の図に示すネットワーク構成を使用しています。

サーバのセットアップ - CiscoSecure NT

• ユーザは、パスワードと確認用パスワードを取得します。

• Group Settingsで、attribute 006 Service-Type = Framed attribute 007 Framed-Protocol = PPPと指定します。

• 画面の最後のボックスであるCisco RADIUS Attributesで、[009\001 - AV-Pair]を確認し、その下にlcp:callback-dialstring=20367と入力します。

サーバのセットアップ - CiscoSecure UNIX

rtp-berry# ./ViewProfile -p 9900 -u callback
User Profile Information
user = callback{
profile_id = 34 
profile_cycle = 1 
radius=Cisco {
check_items= {
2="callback"
} 
reply_attributes= {
6=2
7=1
9,1="lcp:callback-dialstring=20367"
} 
} 

}

サーバのセットアップ - Livingston RADIUS（シスコの AV ペア使用）

callback2 Password = "callback2"
User-Service-Type = Framed-User,
Framed-Protocol = PPP,
cisco-avpair = "lcp:callback-dialstring=20367"

コンフィギュレーション

rtpkrb#show run
Building configuration...

Current configuration:
!
version 11.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname rtpkrb
!

!--- AAA configuration.

aaa new-model
aaa authentication login default radius none
aaa authentication ppp default radius none
aaa authorization exec default radius none
aaa authorization network default radius none
enable secret 5 $1$pkX.$JdAySRE1SbdbDe7bj0wyt0
enable password ww
!
ip host rtpkrb 10.31.1.5
ip domain-name RTP.CISCO.COM
ip name-server 171.68.118.103

!--- Chat-scripts to be used for the dialout.

chat-script offhook "" "ATH1" OK
chat-script callback ABORT ERROR ABORT BUSY "" "ATZ" OK "ATDT \T" 
   TIMEOUT 30 CONNECT \c
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Ethernet0
ip address 10.31.1.5 255.255.0.0
!
interface Serial0
no ip address
no ip mroute-cache
shutdown
!
interface Serial1
no ip address
shutdown
!
interface Async1
ip unnumbered Ethernet0
encapsulation ppp
async mode dedicated
peer default ip address pool async
no cdp enable
ppp max-bad-auth 3
ppp callback accept
ppp authentication pap
!
ip local pool async 15.15.15.15
ip classless
ip route 0.0.0.0 0.0.0.0 10.31.1.1
snmp-server community public RW
snmp-server host 171.68.118.100 traps public
radius-server host 171.68.118.101 auth-port 1645 acct-port 1646
radius-server key cisco
!
line con 0
line 1
session-timeout 20 
exec-timeout 20 0
password ww
autoselect ppp
script modem-off-hook offhook
script callback callback
modem InOut
transport input all
stopbits 1
speed 38400
flowcontrol hardware
line 2
modem InOut
speed 38400
flowcontrol hardware
line 3 16
line aux 0
line vty 0 4
exec-timeout 0 0
timeout login response 100
password ww
!
end

確認

現在、この設定に使用できる確認手順はありません。

トラブルシュート

このセクションでは、設定のトラブルシューティングに役立つ情報を紹介します。

トラブルシューティングのためのコマンド

注：debug コマンドを使用する前に、「debug コマンドに関する重要な情報」を参照してください。

• debug aaa authentication - AAA 認証に関する情報を表示します。

• debug aaa authorization - AAA 許可に関する情報を表示します。

• debug callback - ルータがモデムとチャット スクリプトを使用して端末回線にコールバックしているときに、コールバック イベントを表示します。

• debug chat - Network Access Server（NAS; ネットワーク アクセス サーバ）と PC の間で送信されている文字列を表示します。チャット スクリプトは、Data Terminal Equipment（DTE; データ端末装置）-DTE 間または DTE-Data Communications Equipment（DCE; データ通信装置）デバイス間のハンドシェイクを定義する expect-send 文字列ペアのセットです。

• debug modem - アクセス サーバのモデム回線のアクティビティを監視します。

• debug ppp negotiation - PPP の開始時に送信される PPP パケットを表示します。PPP の開始時には PPP オプションがネゴシエートされます。

• debug ppp authentication - Challenge Handshake Authentication Protocol（CHAP）パケット交換や Password Authentication Protocol（PAP; パスワード認証プロトコル）交換などの認証プロトコル メッセージを表示します。

• debug radius：RADIUS に関係する詳細なデバッグ情報を表示します。

debug 出力例

General OS:
Modem control/process activation debugging is on
AAA Authentication debugging is on
AAA Authorization debugging is on
PPP:
PPP protocol negotiation debugging is on
Chat Scripts:
Chat scripts activity debugging is on
Callback:
Callback activity debugging is on
Radius protocol debugging is on
rtpkrb#
04:04:42: TTY1: DSR came up
04:04:42: tty1: Modem: IDLE->READY
04:04:42: TTY1: Autoselect started
04:04:44: TTY1: Autoselect sample 7E
04:04:44: TTY1: Autoselect sample 7EFF
04:04:44: TTY1: Autoselect sample 7EFF7D
04:04:44: TTY1: Autoselect sample 7EFF7D23
04:04:44: TTY1 Autoselect cmd: ppp negotiate
04:04:44: TTY1: EXEC creation
04:04:46: %LINK-3-UPDOWN: Interface Async1, changed state to up
04:04:46: As1 PPP: Treating connection as a dedicated line
04:04:46: As1 PPP: Phase is ESTABLISHING, Active Open
04:04:46: As1 LCP: O CONFREQ [Closed] id 224 len 24
04:04:46: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
04:04:46: As1 LCP: AuthProto PAP (0x0304C023)
04:04:46: As1 LCP: MagicNumber 0xE0FE5C09 (0x0506E0FE5C09)
04:04:46: As1 LCP: PFC (0x0702)
04:04:46: As1 LCP: ACFC (0x0802)
04:04:46: As1 LCP: I CONFACK [REQsent] id 224 len 24
04:04:46: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
04:04:46: As1 LCP: AuthProto PAP (0x0304C023)
04:04:46: As1 LCP: MagicNumber 0xE0FE5C09 (0x0506E0FE5C09)
04:04:46: As1 LCP: PFC (0x0702)
04:04:46: As1 LCP: ACFC (0x0802)
04:04:47: As1 LCP: I CONFREQ [ACKrcvd] id 0 len 23
04:04:47: As1 LCP: ACCM 0x00000000 (0x020600000000)
04:04:47: As1 LCP: MagicNumber 0x00006CCD (0x050600006CCD)
04:04:47: As1 LCP: PFC (0x0702)
04:04:47: As1 LCP: ACFC (0x0802)
04:04:47: As1 LCP: Callback 6 (0x0D0306)
04:04:47: As1 LCP: O CONFACK [ACKrcvd] id 0 len 23
04:04:47: As1 LCP: ACCM 0x00000000 (0x020600000000)
04:04:47: As1 LCP: MagicNumber 0x00006CCD (0x050600006CCD)
04:04:47: As1 LCP: PFC (0x0702)
04:04:47: As1 LCP: ACFC (0x0802)
04:04:47: As1 LCP: Callback 6 (0x0D0306)
04:04:47: As1 LCP: State is Open
04:04:47: As1 PPP: Phase is AUTHENTICATING, by this end
04:04:47: As1 LCP: I IDENTIFY [Open] id 1 len 18 magic 
   0x00006CCD MSRASV4.00
04:04:47: As1 LCP: I IDENTIFY [Open] id 2 len 21 magic 
   0x00006CCD MSRAS-1-ZEKIE
04:04:47: As1 PAP: I AUTH-REQ id 15 len 24 from "callback2"
04:04:47: As1 PAP: Authenticating peer callback2
04:04:47: AAA/AUTHEN: create_user (0x14B1CC) user='callback2' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
04:04:47: AAA/AUTHEN/START (3229557248): port='Async1' list='' 
   action=LOGIN service=PPP
04:04:47: AAA/AUTHEN/START (3229557248): using "default" list
04:04:47: AAA/AUTHEN/START (3229557248): Method=RADIUS
04:04:47: RADIUS: Computed extended port value 0:1:
04:04:47: RADIUS: Initial Transmit id 156 171.68.118.101:1645, 
   Access-Request, len 79
04:04:47: Attribute 4 6 0A1F0105
04:04:47: Attribute 5 6 00000001
04:04:47: Attribute 61 6 00000000
04:04:47: Attribute 1 11 63616C6C
04:04:47: Attribute 2 18 47E86FBC
04:04:47: Attribute 6 6 00000002
04:04:47: Attribute 7 6 00000001
04:04:47: RADIUS: Received from id 156 171.68.118.101:1645, 
   Access-Accept, len 69
04:04:47: Attribute 6 6 00000002
04:04:47: Attribute 7 6 00000001
04:04:47: Attribute 26 37 00000009011F6C63
04:04:47: RADIUS: saved authorization data for user 14B1CC at 14A684
04:04:47: AAA/AUTHEN (3229557248): status = PASS
04:04:47: AAA/AUTHOR/LCP As1: Authorize LCP
04:04:47: AAA/AUTHOR/LCP As1 (101984404): Port='Async1' 
   list='' service=NET
04:04:47: AAA/AUTHOR/LCP: As1 (101984404) user='callback2'
04:04:47: AAA/AUTHOR/LCP: As1 (101984404) send AV service=ppp
04:04:47: AAA/AUTHOR/LCP: As1 (101984404) send AV protocol=lcp
04:04:47: AAA/AUTHOR/LCP (101984404) found list "default"
04:04:47: AAA/AUTHOR/LCP: As1 (101984404) Method=RADIUS

!--- Callback number is obtained from the RADIUS server.

04:04:47: RADIUS: cisco AVPair "lcp:callback-dialstring=20367"
04:04:47: AAA/AUTHOR (101984404): Post authorization status = PASS_REPL
04:04:47: AAA/AUTHOR/LCP As1: Processing AV service=ppp
04:04:47: AAA/AUTHOR/LCP As1: Processing AV callback-dialstring=20367
04:04:47: As1 PAP: O AUTH-ACK id 15 len 5
04:04:47: As1 MCB: User callback2 Callback Number - Server 20367
04:04:47: Async1 PPP: O MCB Request(1) id 47 len 7
04:04:47: Async1 MCB: O 1 2F 0 7 3 3 0 
04:04:47: As1 MCB: O Request Id 47 Callback Type Server-Num delay 0
04:04:47: Async1 PPP: I MCB Response(2) id 47 len 7
04:04:47: Async1 MCB: I 2 2F 0 7 3 3 C 
04:04:47: As1 MCB: Received response
04:04:47: As1 MCB: Response CBK-Server-Num 3 3 12
04:04:47: Async1 PPP: O MCB Ack(3) id 48 len 7
04:04:47: Async1 MCB: O 3 30 0 7 3 3 C 
04:04:47: As1 MCB: O Ack Id 48 Callback Type Server-Num delay 12
04:04:47: As1 MCB: Negotiated MCB with peer
04:04:47: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, 
   changed state to up
04:04:47: As1 LCP: I TERMREQ [Open] id 3 len 8 (0x00000000)
04:04:47: As1 LCP: O TERMACK [Open] id 3 len 4
04:04:47: As1 MCB: Peer terminating the link
04:04:47: As1 PPP: Phase is TERMINATING
04:04:47: As1 MCB: Link terminated by peer, Callback Needed

!--- Callback is initiated.

04:04:47: As1 MCB: Initiate Callback for callback2 at 20367 using Async
04:04:47: As1 MCB: Async-callback in progress
04:04:47: TTY1 Callback PPP process creation
04:04:47: As1 AAA/ACCT: Using PPP accounting list ""
04:04:47: TTY1 Callback process initiated, user: dialstring 20367
04:04:48: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, 
   changed state to down
04:04:48: TTY1: Async Int reset: Dropping DTR
04:04:49: As1 LCP: TIMEout: Time 0xE02574 State TERMsent
04:04:49: As1 LCP: State is Closed
04:04:49: As1 PPP: Phase is DOWN
04:04:49: As1 PPP: Phase is ESTABLISHING, Passive Open
04:04:49: As1 LCP: State is Listen
04:04:50: %LINK-5-CHANGED: Interface Async1, changed state to reset
04:04:50: As1 LCP: State is Closed
04:04:50: As1 PPP: Phase is DOWN
04:04:50: As1 IPCP: Remove route to 15.15.15.15
04:04:53: AAA/AUTHEN: free_user (0x14B1CC) user='callback2' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
04:04:53: TTY1 Callback forced wait = 4 seconds
04:04:55: %LINK-3-UPDOWN: Interface Async1, changed state to down
04:04:55: As1 LCP: State is Closed
04:04:55: As1 PPP: Phase is DOWN
04:04:57: CHAT1: Matched chat script offhook to string offhook
04:04:57: CHAT1: Asserting DTR
04:04:57: CHAT1: Chat script offhook started
04:04:57: CHAT1: Sending string: ATH1
04:04:57: CHAT1: Expecting string: OK
04:04:57: CHAT1: Completed match for expect: OK
04:04:57: CHAT1: Chat script offhook finished, status = Success
04:04:57: CHAT1: Matched chat script callback to string callback
04:04:57: CHAT1: Asserting DTR
04:04:57: CHAT1: Chat script callback started
04:04:57: CHAT1: Sending string: ATZ
04:04:57: CHAT1: Expecting string: OK
04:04:57: CHAT1: Completed match for expect: OK
04:04:57: CHAT1: Sending string: ATDT \T<20367>
04:04:57: CHAT1: Expecting string: CONNECT
04:05:14: CHAT1: Completed match for expect: CONNECT
04:05:14: CHAT1: Sending string: \c
04:05:14: CHAT1: Chat script callback finished, status = Success
04:05:14: TTY1 PPP Callback Successful - await exec/autoselect pickup
04:05:16: TTY1: DSR came up
04:05:16: TTY1: Callback in effect
04:05:16: tty1: Modem: IDLE->READY
04:05:16: TTY1: Autoselect started
04:05:16: As1 LCP: I CONFREQ [Closed] id 0 len 20
04:05:16: As1 LCP: ACCM 0x00000000 (0x020600000000)
04:05:16: As1 LCP: MagicNumber 0x000007A0 (0x0506000007A0)
04:05:16: As1 LCP: PFC (0x0702)
04:05:16: As1 LCP: ACFC (0x0802)
04:05:16: As1 LCP: Lower layer not up, discarding packet
04:05:18: %LINK-3-UPDOWN: Interface Async1, changed state to up
04:05:18: As1 PPP: Treating connection as a dedicated line
04:05:18: As1 PPP: Phase is ESTABLISHING, Active Open
04:05:18: As1 LCP: O CONFREQ [Closed] id 225 len 24
04:05:18: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
04:05:18: As1 LCP: AuthProto PAP (0x0304C023)
04:05:18: As1 LCP: MagicNumber 0xE0FED8A0 (0x0506E0FED8A0)
04:05:18: As1 LCP: PFC (0x0702)
04:05:18: As1 LCP: ACFC (0x0802)
04:05:18: As1 LCP: I CONFACK [REQsent] id 225 len 24
04:05:18: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
04:05:18: As1 LCP: AuthProto PAP (0x0304C023)
04:05:18: As1 LCP: MagicNumber 0xE0FED8A0 (0x0506E0FED8A0)
04:05:18: As1 LCP: PFC (0x0702)
04:05:18: As1 LCP: ACFC (0x0802)
04:05:19: As1 LCP: I CONFREQ [ACKrcvd] id 0 len 20
04:05:19: As1 LCP: ACCM 0x00000000 (0x020600000000)
04:05:19: As1 LCP: MagicNumber 0x000007A0 (0x0506000007A0)
04:05:19: As1 LCP: PFC (0x0702)
04:05:19: As1 LCP: ACFC (0x0802)
04:05:19: As1 LCP: O CONFACK [ACKrcvd] id 0 len 20
04:05:19: As1 LCP: ACCM 0x00000000 (0x020600000000)
04:05:19: As1 LCP: MagicNumber 0x000007A0 (0x0506000007A0)
04:05:19: As1 LCP: PFC (0x0702)
04:05:19: As1 LCP: ACFC (0x0802)
04:05:19: As1 LCP: State is Open
04:05:19: As1 PPP: Phase is AUTHENTICATING, by this end
04:05:19: As1 LCP: I IDENTIFY [Open] id 1 len 18 magic 
   0x000007A0 MSRASV4.00
04:05:19: As1 LCP: I IDENTIFY [Open] id 2 len 21 magic 
   0x000007A0 MSRAS-1-ZEKIE
04:05:19: As1 PAP: I AUTH-REQ id 16 len 24 from "callback2"
04:05:19: As1 PAP: Authenticating peer callback2
04:05:19: AAA/AUTHEN: create_user (0x14A640) user='callback2' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
04:05:19: AAA/AUTHEN/START (1256800753): port='Async1' list='' 
   action=LOGIN service=PPP
04:05:19: AAA/AUTHEN/START (1256800753): using "default" list
04:05:19: AAA/AUTHEN/START (1256800753): Method=RADIUS
04:05:19: RADIUS: Computed extended port value 0:1:
04:05:19: RADIUS: Initial Transmit id 157 171.68.118.101:1645, 
   Access-Request, len 79
04:05:19: Attribute 4 6 0A1F0105
04:05:19: Attribute 5 6 00000001
04:05:19: Attribute 61 6 00000000
04:05:19: Attribute 1 11 63616C6C
04:05:19: Attribute 2 18 C29C6276
04:05:19: Attribute 6 6 00000002
04:05:19: Attribute 7 6 00000001
04:05:19: RADIUS: Received from id 157 171.68.118.101:1645, 
   Access-Accept, len 69
04:05:19: Attribute 6 6 00000002
04:05:19: Attribute 7 6 00000001
04:05:19: Attribute 26 37 00000009011F6C63
04:05:19: RADIUS: saved authorization data for user 14A640 at 14B1CC
04:05:19: AAA/AUTHEN (1256800753): status = PASS
04:05:19: AAA/AUTHOR/LCP As1: Authorize LCP
04:05:19: AAA/AUTHOR/LCP As1 (1783017574): Port='Async1' 
   list='' service=NET
04:05:19: AAA/AUTHOR/LCP: As1 (1783017574) user='callback2'
04:05:19: AAA/AUTHOR/LCP: As1 (1783017574) send AV service=ppp
04:05:19: AAA/AUTHOR/LCP: As1 (1783017574) send AV protocol=lcp
04:05:19: AAA/AUTHOR/LCP (1783017574) found list "default"
04:05:19: AAA/AUTHOR/LCP: As1 (1783017574) Method=RADIUS
04:05:19: RADIUS: cisco AVPair "lcp:callback-dialstring=20367"
04:05:19: AAA/AUTHOR (1783017574): Post authorization status = PASS_REPL
04:05:19: AAA/AUTHOR/LCP As1: Processing AV service=ppp
04:05:19: AAA/AUTHOR/LCP As1: Processing AV callback-dialstring=20367
04:05:19: As1 PAP: O AUTH-ACK id 16 len 5
04:05:19: As1 PPP: Phase is UP
04:05:19: AAA/AUTHOR/FSM As1: (0): Can we start IPCP?
04:05:19: AAA/AUTHOR/FSM As1 (1621572650): Port='Async1' 
   list='' service=NET
04:05:19: AAA/AUTHOR/FSM: As1 (1621572650) user='callback2'
04:05:19: AAA/AUTHOR/FSM: As1 (1621572650) send AV service=ppp
04:05:19: AAA/AUTHOR/FSM: As1 (1621572650) send AV protocol=ip
04:05:19: AAA/AUTHOR/FSM (1621572650) found list "default"
04:05:19: AAA/AUTHOR/FSM: As1 (1621572650) Method=RADIUS
04:05:19: RADIUS: cisco AVPair "lcp:callback-dialstring=20367" 
   not applied for ip
04:05:19: AAA/AUTHOR (1621572650): Post authorization status = PASS_REPL
04:05:19: AAA/AUTHOR/FSM As1: We can start IPCP
04:05:19: As1 IPCP: O CONFREQ [Closed] id 24 len 10
04:05:19: As1 IPCP: Address 10.31.1.5 (0x03060A1F0105)
04:05:19: As1 IPCP: I CONFREQ [REQsent] id 3 len 40
04:05:19: As1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01)
04:05:19: As1 IPCP: Address 0.0.0.0 (0x030600000000)
04:05:19: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
04:05:19: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)
04:05:19: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
04:05:19: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)
04:05:19: AAA/AUTHOR/IPCP As1: Start. Her address 0.0.0.0, we want 0.0.0.0
04:05:19: AAA/AUTHOR/IPCP As1: Processing AV service=ppp
04:05:19: AAA/AUTHOR/IPCP As1: Authorization succeeded
04:05:19: AAA/AUTHOR/IPCP As1: Done. Her address 0.0.0.0, we want 0.0.0.0
04:05:19: As1 IPCP: Using pool 'async'
04:05:19: As1 IPCP: Pool returned 15.15.15.15
04:05:19: As1 IPCP: O CONFREJ [REQsent] id 3 len 28
04:05:19: As1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01)
04:05:19: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)
04:05:19: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
04:05:19: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)
04:05:19: As1 IPCP: I CONFACK [REQsent] id 24 len 10
04:05:19: As1 IPCP: Address 10.31.1.5 (0x03060A1F0105)
04:05:19: As1 IPCP: I CONFREQ [ACKrcvd] id 4 len 16
04:05:19: As1 IPCP: Address 0.0.0.0 (0x030600000000)
04:05:19: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
04:05:19: AAA/AUTHOR/IPCP As1: Start. Her address 0.0.0.0, 
   we want 15.15.15.15
04:05:19: AAA/AUTHOR/IPCP As1: Processing AV service=ppp
04:05:19: AAA/AUTHOR/IPCP As1: Authorization succeeded
04:05:19: AAA/AUTHOR/IPCP As1: Done. Her address 0.0.0.0, 
   we want 15.15.15.15
04:05:19: As1 IPCP: O CONFNAK [ACKrcvd] id 4 len 16
04:05:19: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F)
04:05:19: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667)
04:05:20: As1 IPCP: I CONFREQ [ACKrcvd] id 5 len 16
04:05:20: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F)
04:05:20: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667)
04:05:20: AAA/AUTHOR/IPCP As1: Start. Her address 15.15.15.15, 
   we want 15.15.15.15
04:05:20: AAA/AUTHOR/IPCP As1 (2922034935): Port='Async1' 
   list='' service=NET
04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) user='callback2'
04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) send AV service=ppp
04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) send AV protocol=ip
04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) send AV addr*15.15.15.15
04:05:20: AAA/AUTHOR/IPCP (2922034935) found list "default"
04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) Method=RADIUS
04:05:20: RADIUS: cisco AVPair "lcp:callback-dialstring=20367" 
   not applied for ip
04:05:20: AAA/AUTHOR (2922034935): Post authorization status = PASS_REPL
04:05:20: AAA/AUTHOR/IPCP As1: Reject 15.15.15.15, using 15.15.15.15
04:05:20: AAA/AUTHOR/IPCP As1: Processing AV service=ppp
04:05:20: AAA/AUTHOR/IPCP As1: Processing AV addr*15.15.15.15
04:05:20: AAA/AUTHOR/IPCP As1: Authorization succeeded
04:05:20: AAA/AUTHOR/IPCP As1: Done. Her address 15.15.15.15, 
   we want 15.15.15.15
04:05:20: As1 IPCP: O CONFACK [ACKrcvd] id 5 len 16
04:05:20: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F)
04:05:20: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667)
04:05:20: As1 IPCP: State is Open
04:05:20: As1 IPCP: Install route to 15.15.15.15
04:05:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, 
   changed state to up

ユーザ指定の番号による PPP コールバック

前の例は、事前に定義された（サーバに設定された）番号でのコールバックでした。コールバックはユーザが指定した番号で行われる場合もあり、この場合、認証サーバではコールバック番号はヌルで指定されます。これにより、ルータからユーザにコールバック番号を問い合せるようになります。ここで再度、指定したローカル コールバックを使用して、初期テストを行う必要があります。ローカル コールバックとヌル コールバック ストリングが動作しない場合は（つまり、aaa new-model コマンドの削除）、RADIUS コールバックも動作しません。ヌル コールバック ストリング ローカルをルータに対してローカルに指定するには、次のようにします。

username callback callback-dialstring "" password 0 callback

PC の Dial-UP-Networking（Windows NT Server）の User Preferences で、Callback - maybe ask me during redial if server offers ボックスをチェックします。ユーザが認証されると、PC 上に表示されたウィンドウで「Callback - You have entered "Set by caller"」で始まるメッセージが表示され、さらに「Enter modem phone number」と表示されます。

サーバ設定

サーバのセットアップ - CiscoSecure NT

• ユーザは、パスワードと確認用パスワードを取得します。

• Group Settingsで、attribute 006 Service-Type = Framed attribute 007 Framed-Protocol = PPPと指定します。

• 画面の最後のボックスCisco RADIUS Attributesで、[009\001 - AV-Pair]を確認し、その下にlcp:callback-dialstring=と入力します。

サーバのセットアップ - CiscoSecure UNIX

rtp-berry# ./ViewProfile -p 9900 -u callback
User Profile Information
user = callback{
profile_id = 34 
profile_cycle = 1 
radius=Cisco {
check_items= {
2="callback"
} 
reply_attributes= {
6=2
7=1
9,1="lcp:callback-dialstring="
} 
} 

}

サーバのセットアップ-リビングストンRADIUS

callback2 Password = "callback2"
User-Service-Type = Framed-User,
Framed-Protocol = PPP,
cisco-avpair = "lcp:callback-dialstring="

debug 出力例

koala#show debug
General OS:
Modem control/process activation debugging is on
AAA Authentication debugging is on
AAA Authorization debugging is on
Dial on demand:
Dial on demand events debugging is on
PPP:
PPP authentication debugging is on
PPP protocol negotiation debugging is on
Chat Scripts:
Chat scripts activity debugging is on
Callback:
Callback activity debugging is on
Radius protocol debugging is on
koala#
02:23:01: TTY1: DSR came up
02:23:01: tty1: Modem: IDLE->READY
02:23:01: TTY1: Autoselect started
02:23:03: TTY1: Autoselect sample 7E
02:23:03: TTY1: Autoselect sample 7EFF
02:23:03: TTY1: Autoselect sample 7EFF7D
02:23:03: TTY1: Autoselect sample 7EFF7D23
02:23:03: TTY1 Autoselect cmd: ppp negotiate
02:23:03: TTY1: EXEC creation
02:23:05: %LINK-3-UPDOWN: Interface Async1, changed state to up
02:23:05: As1 PPP: Treating connection as a dedicated line
02:23:05: As1 PPP: Phase is ESTABLISHING, Active Open
02:23:05: As1 LCP: O CONFREQ [Closed] id 27 len 24
02:23:05: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
02:23:05: As1 LCP: AuthProto PAP (0x0304C023)
02:23:05: As1 LCP: MagicNumber 0xE0A14386 (0x0506E0A14386)
02:23:05: As1 LCP: PFC (0x0702)
02:23:05: As1 LCP: ACFC (0x0802)
02:23:05: As1 LCP: I CONFACK [REQsent] id 27 len 24
02:23:05: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
02:23:05: As1 LCP: AuthProto PAP (0x0304C023)
02:23:05: As1 LCP: MagicNumber 0xE0A14386 (0x0506E0A14386)
02:23:05: As1 LCP: PFC (0x0702)
02:23:05: As1 LCP: ACFC (0x0802)
02:23:06: As1 LCP: I CONFREQ [ACKrcvd] id 0 len 23
02:23:06: As1 LCP: ACCM 0x00000000 (0x020600000000)
02:23:06: As1 LCP: MagicNumber 0x0000152B (0x05060000152B)
02:23:06: As1 LCP: PFC (0x0702)
02:23:06: As1 LCP: ACFC (0x0802)
02:23:06: As1 LCP: Callback 6 (0x0D0306)
02:23:06: As1 LCP: O CONFACK [ACKrcvd] id 0 len 23
02:23:06: As1 LCP: ACCM 0x00000000 (0x020600000000)
02:23:06: As1 LCP: MagicNumber 0x0000152B (0x05060000152B)
02:23:06: As1 LCP: PFC (0x0702)
02:23:06: As1 LCP: ACFC (0x0802)
02:23:06: As1 LCP: Callback 6 (0x0D0306)
02:23:06: As1 LCP: State is Open
02:23:06: As1 PPP: Phase is AUTHENTICATING, by this end
02:23:06: As1 LCP: I IDENTIFY [Open] id 1 len 18 magic 
   0x0000152B MSRASV4.00
02:23:06: As1 LCP: I IDENTIFY [Open] id 2 len 21 magic 
   0x0000152B MSRAS-1-ZEKIE
02:23:06: As1 PAP: I AUTH-REQ id 64 len 22 from "userspec"
02:23:06: As1 PAP: Authenticating peer userspec
02:23:06: AAA/AUTHEN: create_user (0x16E284) user='userspec' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
02:23:06: AAA/AUTHEN/START (835406208): port='Async1' list='' 
   action=LOGIN service=PPP
02:23:06: AAA/AUTHEN/START (835406208): using "default" list
02:23:06: AAA/AUTHEN (835406208): status = UNKNOWN
02:23:06: AAA/AUTHEN/START (835406208): Method=RADIUS
02:23:06: RADIUS: Computed extended port value 0:1:
02:23:06: RADIUS: Initial Transmit id 25 171.68.120.194:1645, 
   Access-Request, len 78
02:23:06: Attribute 4 6 0A1F0105
02:23:06: Attribute 5 6 00000001
02:23:06: Attribute 61 6 00000000
02:23:06: Attribute 1 10 75736572
02:23:06: Attribute 2 18 E1377DA0
02:23:06: Attribute 6 6 00000002
02:23:06: Attribute 7 6 00000001
02:23:06: RADIUS: Received from id 25 171.68.120.194:1645, 
   Access-Accept, len 64
02:23:06: Attribute 6 6 00000002
02:23:06: Attribute 7 6 00000001
02:23:06: Attribute 26 32 00000009011A6C63
02:23:06: RADIUS: saved authorization data for user 16E284 at A1B44
02:23:06: AAA/AUTHEN (835406208): status = PASS
02:23:06: AAA/AUTHOR/LCP As1: Authorize LCP
02:23:06: AAA/AUTHOR/LCP As1 (2812925385): Port='Async1' 
   list='' service=NET
02:23:06: AAA/AUTHOR/LCP: As1 (2812925385) user='userspec'
02:23:06: AAA/AUTHOR/LCP: As1 (2812925385) send AV service=ppp
02:23:06: AAA/AUTHOR/LCP: As1 (2812925385) send AV protocol=lcp
02:23:06: AAA/AUTHOR/LCP (2812925385) found list "default"
02:23:06: AAA/AUTHOR/LCP: As1 (2812925385) Method=RADIUS

!--- Callback dialstring is empty (null).

02:23:06: RADIUS: cisco AVPair "lcp:callback-dialstring="
02:23:06: AAA/AUTHOR (2812925385): Post authorization status = PASS_REPL
02:23:06: AAA/AUTHOR/LCP As1: Processing AV service=ppp
02:23:06: AAA/AUTHOR/LCP As1: Processing AV callback-dialstring=
02:23:06: As1 PAP: O AUTH-ACK id 64 len 5

!--- Router recognizes that it is to receive number from client !--- and starts sending requests to PC.

02:23:06: As1 MCB: User userspec Callback Number - Client ANY
02:23:06: Async1 PPP: O MCB Request(1) id 92 len 9
02:23:06: Async1 MCB: O 1 5C 0 9 2 5 0 1 0 
02:23:06: As1 MCB: O Request Id 92 Callback Type Client-Num delay 0
02:23:07: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, 
   changed state to up

!--- Router receives response from PC.

02:23:09: Async1 PPP: I MCB Response(2) id 92 len 14
02:23:09: Async1 MCB: I 2 5C 0 E 2 A C 1 32 30 33 36 37 0 
02:23:09: As1 MCB: Received response

!--- Received callback number from the client.

02:23:09: As1 MCB: Response CBK-Client-Num 2 10 12, addr 1-20367
02:23:09: Async1 PPP: O MCB Ack(3) id 93 len 14
02:23:09: Async1 MCB: O 3 5D 0 E 2 A C 1 32 30 33 36 37 0 
02:23:09: As1 MCB: O Ack Id 93 Callback Type Client-Num delay 12
02:23:09: As1 MCB: Negotiated MCB with peer
02:23:09: As1 LCP: I TERMREQ [Open] id 3 len 8 (0x00000000)
02:23:09: As1 LCP: O TERMACK [Open] id 3 len 4
02:23:09: As1 MCB: Peer terminating the link
02:23:09: As1 PPP: Phase is TERMINATING
02:23:09: As1 MCB: Link terminated by peer, Callback Needed

!--- Callback is initiated.

02:23:09: As1 MCB: Initiate Callback for userspec at 20367 using Async
02:23:09: TTY1 Callback user dialstring 20367 from PPP negotiation
02:23:09: As1 MCB: Async-callback in progress
02:23:09: TTY1 Callback PPP process creation
02:23:09: As1 AAA/ACCT: Using PPP accounting list ""
02:23:09: TTY1 Callback process initiated, user: dialstring 20367
02:23:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, 
   changed state to down
02:23:10: TTY1: Async Int reset: Dropping DTR
02:23:11: As1 LCP: TIMEout: Time 0x831824 State TERMsent
02:23:11: As1 LCP: State is Closed
02:23:11: As1 PPP: Phase is DOWN
02:23:11: As1 VP: Cleaning already proceeding
02:23:11: As1 PPP: Phase is ESTABLISHING, Passive Open
02:23:11: AAA/AUTHEN: dup_user (0x16E558) user='userspec' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP 
   priv=1 source='AAA dup lcp_reset'
02:23:11: AAA/AUTHEN: Method=IF-NEEDED: no authentication needed. 
   user='userspec' port='Async1' rem_addr='async'
02:23:11: As1 LCP: State is Listen
02:23:11: AAA/AUTHEN: free_user (0x16E284) user='userspec' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
02:23:12: %LINK-5-CHANGED: Interface Async1, changed state to reset
02:23:12: As1 LCP: State is Closed
02:23:12: As1 PPP: Phase is DOWN
02:23:12: As1 VP: Cleaning already proceeding
02:23:12: As1 IPCP: Remove route to 15.15.15.15
02:23:15: AAA/AUTHEN: free_user (0x16E558) user='userspec' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
02:23:15: TTY1 Callback forced wait = 4 seconds
02:23:17: %LINK-3-UPDOWN: Interface Async1, changed state to down
02:23:17: As1 LCP: State is Closed
02:23:17: As1 PPP: Phase is DOWN
02:23:17: As1 VP: Cleaning already proceeding
02:23:19: CHAT1: Matched chat script offhook to string offhook
02:23:19: CHAT1: Asserting DTR
02:23:19: CHAT1: Chat script offhook started
02:23:19: CHAT1: Sending string: ATH1
02:23:19: CHAT1: Expecting string: OK
02:23:19: CHAT1: Completed match for expect: OK
02:23:19: CHAT1: Chat script offhook finished, status = Success
02:23:19: CHAT1: Matched chat script callback to string callback
02:23:19: CHAT1: Asserting DTR
02:23:19: CHAT1: Chat script callback started
02:23:19: CHAT1: Sending string: ATZ
02:23:19: CHAT1: Expecting string: OK
02:23:19: CHAT1: Completed match for expect: OK
02:23:19: CHAT1: Sending string: ATDT \T<20367>
02:23:19: CHAT1: Expecting string: CONNECT
02:23:35: CHAT1: Completed match for expect: CONNECT
02:23:35: CHAT1: Sending string: \c
02:23:35: CHAT1: Chat script callback finished, status = Success
02:23:35: TTY1 PPP Callback Successful - await exec/autoselect pickup
02:23:37: TTY1: DSR came up
02:23:37: TTY1: Callback in effect
02:23:37: tty1: Modem: IDLE->READY
02:23:37: TTY1: Autoselect started
02:23:37: As1 LCP: I CONFREQ [Closed] id 0 len 20
02:23:37: As1 LCP: ACCM 0x00000000 (0x020600000000)
02:23:37: As1 LCP: MagicNumber 0x00005156 (0x050600005156)
02:23:37: As1 LCP: PFC (0x0702)
02:23:37: As1 LCP: ACFC (0x0802)
02:23:37: As1 LCP: Lower layer not up, discarding packet
02:23:39: %LINK-3-UPDOWN: Interface Async1, changed state to up
02:23:39: As1 PPP: Treating connection as a dedicated line
02:23:39: As1 PPP: Phase is ESTABLISHING, Active Open
02:23:39: As1 LCP: O CONFREQ [Closed] id 28 len 24
02:23:39: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
02:23:39: As1 LCP: AuthProto PAP (0x0304C023)
02:23:39: As1 LCP: MagicNumber 0xE0A1CAB2 (0x0506E0A1CAB2)
02:23:39: As1 LCP: PFC (0x0702)
02:23:39: As1 LCP: ACFC (0x0802)
02:23:40: As1 LCP: I CONFACK [REQsent] id 28 len 24
02:23:40: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
02:23:40: As1 LCP: AuthProto PAP (0x0304C023)
02:23:40: As1 LCP: MagicNumber 0xE0A1CAB2 (0x0506E0A1CAB2)
02:23:40: As1 LCP: PFC (0x0702)
02:23:40: As1 LCP: ACFC (0x0802)
02:23:40: As1 LCP: I CONFREQ [ACKrcvd] id 0 len 20
02:23:40: As1 LCP: ACCM 0x00000000 (0x020600000000)
02:23:40: As1 LCP: MagicNumber 0x00005156 (0x050600005156)
02:23:40: As1 LCP: PFC (0x0702)
02:23:40: As1 LCP: ACFC (0x0802)
02:23:40: As1 LCP: O CONFACK [ACKrcvd] id 0 len 20
02:23:40: As1 LCP: ACCM 0x00000000 (0x020600000000)
02:23:40: As1 LCP: MagicNumber 0x00005156 (0x050600005156)
02:23:40: As1 LCP: PFC (0x0702)
02:23:40: As1 LCP: ACFC (0x0802)
02:23:40: As1 LCP: State is Open
02:23:40: As1 PPP: Phase is AUTHENTICATING, by this end
02:23:41: As1 LCP: I IDENTIFY [Open] id 1 len 18 magic 
   0x00005156 MSRASV4.00
02:23:41: As1 LCP: I IDENTIFY [Open] id 2 len 21 magic 
   0x00005156 MSRAS-1-ZEKIE
02:23:41: As1 PAP: I AUTH-REQ id 65 len 22 from "userspec"
02:23:41: As1 PAP: Authenticating peer userspec
02:23:41: AAA/AUTHEN: create_user (0x16E284) user='userspec' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
02:23:41: AAA/AUTHEN/START (2883652190): port='Async1' 
   list='' action=LOGIN service=PPP
02:23:41: AAA/AUTHEN/START (2883652190): using "default" list
02:23:41: AAA/AUTHEN (2883652190): status = UNKNOWN
02:23:41: AAA/AUTHEN/START (2883652190): Method=RADIUS
02:23:41: RADIUS: Computed extended port value 0:1:
02:23:41: RADIUS: Initial Transmit id 26 171.68.120.194:1645, 
   Access-Request, len 78
02:23:41: Attribute 4 6 0A1F0105
02:23:41: Attribute 5 6 00000001
02:23:41: Attribute 61 6 00000000
02:23:41: Attribute 1 10 75736572
02:23:41: Attribute 2 18 8150DA02
02:23:41: Attribute 6 6 00000002
02:23:41: Attribute 7 6 00000001
02:23:41: RADIUS: Received from id 26 171.68.120.194:1645, 
   Access-Accept, len 64
02:23:41: Attribute 6 6 00000002
02:23:41: Attribute 7 6 00000001
02:23:41: Attribute 26 32 00000009011A6C63
02:23:41: RADIUS: saved authorization data for user 16E284 at A1B44
02:23:41: AAA/AUTHEN (2883652190): status = PASS
02:23:41: AAA/AUTHOR/LCP As1: Authorize LCP
02:23:41: AAA/AUTHOR/LCP As1 (3660077691): Port='Async1' 
   list='' service=NET
02:23:41: AAA/AUTHOR/LCP: As1 (3660077691) user='userspec'
02:23:41: AAA/AUTHOR/LCP: As1 (3660077691) send AV service=ppp
02:23:41: AAA/AUTHOR/LCP: As1 (3660077691) send AV protocol=lcp
02:23:41: AAA/AUTHOR/LCP (3660077691) found list "default"
02:23:41: AAA/AUTHOR/LCP: As1 (3660077691) Method=RADIUS
02:23:41: RADIUS: cisco AVPair "lcp:callback-dialstring="
02:23:41: AAA/AUTHOR (3660077691): Post authorization status = PASS_REPL
02:23:41: AAA/AUTHOR/LCP As1: Processing AV service=ppp
02:23:41: AAA/AUTHOR/LCP As1: Processing AV callback-dialstring=
02:23:41: As1 PAP: O AUTH-ACK id 65 len 5
02:23:41: As1 PPP: Phase is UP
02:23:41: AAA/AUTHOR/FSM As1: (0): Can we start IPCP?
02:23:41: AAA/AUTHOR/FSM As1 (2418882911): Port='Async1' 
   list='' service=NET
02:23:41: AAA/AUTHOR/FSM: As1 (2418882911) user='userspec'
02:23:41: AAA/AUTHOR/FSM: As1 (2418882911) send AV service=ppp
02:23:41: AAA/AUTHOR/FSM: As1 (2418882911) send AV protocol=ip
02:23:41: AAA/AUTHOR/FSM (2418882911) found list "default"
02:23:41: AAA/AUTHOR/FSM: As1 (2418882911) Method=RADIUS
02:23:41: RADIUS: cisco AVPair "lcp:callback-dialstring=" 
   not applied for ip
02:23:41: AAA/AUTHOR (2418882911): Post authorization 
   status = PASS_REPL
02:23:41: AAA/AUTHOR/FSM As1: We can start IPCP
02:23:41: As1 IPCP: O CONFREQ [Closed] id 12 len 10
02:23:41: As1 IPCP: Address 10.31.1.5 (0x03060A1F0105)
02:23:41: As1 IPCP: I CONFREQ [REQsent] id 3 len 40
02:23:41: As1 IPCP: CompressType VJ 15 slots 
   CompressSlotID (0x0206002D0F01)
02:23:41: As1 IPCP: Address 0.0.0.0 (0x030600000000)
02:23:41: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
02:23:41: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)
02:23:41: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
02:23:41: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)
02:23:41: AAA/AUTHOR/IPCP As1: Start. Her address 0.0.0.0,
   we want 0.0.0.0
02:23:41: AAA/AUTHOR/IPCP As1: Processing AV service=ppp
02:23:41: AAA/AUTHOR/IPCP As1: Authorization succeeded
02:23:41: AAA/AUTHOR/IPCP As1: Done. Her address 0.0.0.0, 
   we want 0.0.0.0
02:23:41: As1 IPCP: Using pool 'async'
02:23:41: As1 IPCP: Pool returned 15.15.15.15
02:23:41: As1 IPCP: O CONFREJ [REQsent] id 3 len 28
02:23:41: As1 IPCP: CompressType VJ 15 slots 
   CompressSlotID (0x0206002D0F01)
02:23:41: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)
02:23:41: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
02:23:41: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)
02:23:41: As1 IPCP: I CONFACK [REQsent] id 12 len 10
02:23:41: As1 IPCP: Address 10.31.1.5 (0x03060A1F0105)
02:23:41: As1 IPCP: I CONFREQ [ACKrcvd] id 4 len 16
02:23:41: As1 IPCP: Address 0.0.0.0 (0x030600000000)
02:23:41: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
02:23:41: AAA/AUTHOR/IPCP As1: Start. Her address 0.0.0.0, 
   we want 15.15.15.15
02:23:41: AAA/AUTHOR/IPCP As1: Processing AV service=ppp
02:23:41: AAA/AUTHOR/IPCP As1: Authorization succeeded
02:23:41: AAA/AUTHOR/IPCP As1: Done. Her address 0.0.0.0, 
   we want 15.15.15.15
02:23:41: As1 IPCP: O CONFNAK [ACKrcvd] id 4 len 16
02:23:41: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F)
02:23:41: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667)
02:23:41: As1 IPCP: I CONFREQ [ACKrcvd] id 5 len 16
02:23:41: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F)
02:23:41: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667)
02:23:41: AAA/AUTHOR/IPCP As1: Start. Her address 15.15.15.15, 
   we want 15.15.15.15
02:23:41: AAA/AUTHOR/IPCP As1 (2792483333): Port='Async1' 
   list='' service=NET
02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) user='userspec'
02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) send AV service=ppp
02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) send AV protocol=ip
02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) send AV addr*15.15.15.15
02:23:41: AAA/AUTHOR/IPCP (2792483333) found list "default"
02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) Method=RADIUS
02:23:41: RADIUS: cisco AVPair "lcp:callback-dialstring=" 
   not applied for ip
02:23:41: AAA/AUTHOR (2792483333): Post authorization status = PASS_REPL
02:23:41: AAA/AUTHOR/IPCP As1: Reject 15.15.15.15, using 15.15.15.15
02:23:41: AAA/AUTHOR/IPCP As1: Processing AV service=ppp
02:23:41: AAA/AUTHOR/IPCP As1: Processing AV addr*15.15.15.15
02:23:41: AAA/AUTHOR/IPCP As1: Authorization succeeded
02:23:41: AAA/AUTHOR/IPCP As1: Done. Her address 15.15.15.15, 
   we want 15.15.15.15
02:23:41: As1 IPCP: O CONFACK [ACKrcvd] id 5 len 16
02:23:41: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F)
02:23:41: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667)
02:23:41: As1 IPCP: State is Open
02:23:41: dialer Protocol up for As1
02:23:41: As1 IPCP: Install route to 15.15.15.15
02:23:42: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, 
   changed state to up

関連情報

• RADIUS に関するサポート ページ
• Cisco Secure ACS for Windows に関するサポート ページ
• Cisco Secure ACS for UNIX に関するサポート ページ
• Requests for Comments (RFCs)
• テクニカル サポートとドキュメント - Cisco Systems