GroupStudy.com - CCIE, CCNA, CCNP and other Cisco Certifications

Home

BookStore

StudyNotes

Links

[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

Subject: Re: ISDN Call back with Dialstring problem
From: Jason Brown <spderman_po@xxxxxxxxx>
Date: Sat, 7 Dec 2002 09:25:37 -0800 (PST)
In-reply-to: <F27lfCTKYEX3UsskhpD0000da0a@hotmail.com>

http://www.cisco.com/warp/public/471/ppp-callback-aaa.html

What version of code are you running?

"To configure PPP callback using a AAA server assigned
callback string, you need to use the dialer aaa
command which is available in Cisco IOS. Software
Release 12.0(3)T or higher. However in Cisco IOS
versions 12.1(4)T, 12.2(1)T, and later, this command
is not required for PPP callback using a AAA server
assigned callback string."

Regards,

Jason

--- li jun <liuyang1976@xxxxxxxxxxx> wrote:
> Yes, I have enable aaa authorization on call back
> server as 
> aaa authorization network default group tacacs+
> 
> and enable ACS authorize on ppp & callback string
> that I debug TACACS+ on 
> call back server, I can see the dial string has been
> send to call back 
> server from TACACS. but the problem is call back
> server do not call back .
> 
> another, command 'dialer aaa' need to be used under
> dialer interface. 
> 
> I guess is the router config problem, do we have a
> configure example with 
> it. 
> 
> 
> thanks
> 
> 
> 
> >From: "Joe Wong" <vr2zjw@xxxxxxxxxxx>
> >To: "li jun"
> <liuyang1976@xxxxxxxxxxx>,<security@xxxxxxxxxxxxxx>
> >Subject: Re: ISDN Call back with Dialstring problem
> >Date: Sat, 7 Dec 2002 14:16:37 +0800
> >
> >Perhap you may want to enable aaa authorization on
> the callback server and
> >config the ACS authorize on ppp & callback string
> to see whether it work 
> or
> >not.
> >
> >I have problem with callback & multilink, could you
> make it work?
> >----- Original Message -----
> >From: "li jun" <liuyang1976@xxxxxxxxxxx>
> >To: <security@xxxxxxxxxxxxxx>
> >Sent: Saturday, December 07, 2002 12:35 PM
> >Subject: ISDN Call back with Dialstring problem
> >
> >
> > > Cisco guys and security expert,
> > > here I meet a problem. I have condfig 2 router
> use ISDN call back
> > > successfully. and authention the call back
> server to TACACS server. do
> >step
> > > by step with Cisco DOC, everything works.
> > > then next step I try let call back server get
> the callback-dialstring 
> from
> > > TACACS server, I can see the callback-dialer
> string has been send to 
> call
> > > back server  from TACACS server, but call back
> server does not call 
> back
> >to
> > > the client.
> > >
> > > could you pls help me to check what's the
> problem or give me the Cisco 
> web
> > > site to find the correct answer? thanks
> > >
> > > here is my config fot your reference.
> > >
> > > this is call back client configure:
> > >
> > > interface BRI0/0
> > >  ip address 200.50.35.5 255.255.255.252
> > >  encapsulation ppp
> > >  ip ospf authentication message-digest
> > >  ip ospf message-digest-key 2 md5 7 cisco
> > >  ip ospf demand-circuit
> > >  no ip mroute-cache
> > >  dialer idle-timeout 40
> > >  dialer map ip 200.50.35.6 name r1 broadcast
> 384960
> > >  dialer load-threshold 100 either
> > >  dialer-group 1
> > >  isdn switch-type basic-net3
> > >  no peer neighbor-route
> > >  no cdp enable
> > >  ppp callback request
> > >  ppp authentication chap callin
> > >  ppp chap hostname r1
> > >  ppp multilink
> > >
> > > dialer-list 1 protocol ip permit
> > >
> > > here is the config of call back server
> > >
> > > aaa new-model
> > > aaa authentication login loginau group tacacs+
> local
> > > aaa authentication ppp default group tacacs+
> > >
> > > interface BRI0/0
> > >  ip address 200.50.35.6 255.255.255.252
> > >  encapsulation ppp
> > >  no ip route-cache
> > >  ip ospf authentication message-digest
> > >  ip ospf message-digest-key 2 md5 7 cisco
> > >  no ip mroute-cache
> > >  dialer callback-secure
> > >  dialer aaa     ===> want to get the dialer
> string from TACACS server
> > >  dialer map ip 200.50.35.5 name r4 class
> callback broadcast
> > >  dialer load-threshold 1 either
> > >  dialer-group 1
> > >  isdn switch-type basic-net3
> > >  no cdp enable
> > >  ppp callback accept
> > >  ppp authentication chap
> > >  ppp multilink
> > >
> > > map-class dialer callback
> > >  dialer callback-server username
> > > dialer-list 1 protocol ip permit
> > >
> > >
> > >
>
_________________________________________________________________
> > > SkA*;z5DEsSQ=xPP=;Aw#,GkJ9SC MSN Messenger:
> http://messenger.msn.com/cn
> > >
> 
> 
>
_________________________________________________________________
> OmSCJ@=gIOWn4s5D5gWSSJ<~O5M3!* MSN Hotmail!#
> http://www.hotmail.com 


__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

References:
- Re: ISDN Call back with Dialstring problem
  - From: li jun

Prev by Date: Re: ISDN Call back with Dialstring problem
Next by Date: RE: ISDN Call back with Dialstring problem
Previous by thread: Re: ISDN Call back with Dialstring problem
Next by thread: RE: ISDN Call back with Dialstring problem
Index(es):
- Date
- Thread