Re: Framed-Route atttribute works or not?

Kevin Brown ( kbrown@primelink.com )
Wed, 17 Dec 1997 18:56:51 -0600

At 06:50 PM 12/14/97 -0800, you wrote:
>Well, I haven't had much luck with it over a PPP Session, same as Session
>and Idle Timeouts, they don't work with Cisco on a PPP session, only an EXEC
>session. This does not mean it doesn't work, I just haven't had much luck!
>However, if you really want to do the Framed-Route thing, create a VPDN
>entry with some IP permits and/or Access-List Usernames and when the user
>establishes the PPP session, the Cisco will pick up the IP class and assign
>them to the VPDN! I got it to work here, but it's a bit more administration
>than just assigning an attribute...but it's the only solution I know of at
>the moment until the IETF releases the next Radius DRAFT and Cisco picks it
>up! (I've been studying, heheheh)

In looking through the latest Documentation CD from Cisco (I have Oct 1997)
they discuss the usable RADIUS attributes. Framed-Route is a valid
attribute in IOS release 11.1 and 11.2. The information provided is this:

"Provides routing information to be configured for the user on this network
access server. The RADIUS RFC format (net/bits [router[metric]]) and the
old style dotted mask (net mask [router[metric]]) are supported. If the
router field is omitted or 0, the peer IP address is used. Metrics are
currently ignored."

Now, I've been trying to make more sense of what exactly this is telling
me, and/or you, but the first thing to pop into my mind is to check IOS rev
levels. Then discuss the RadiusNT compliance with the RFC Cisco is
referencing. (no exact RFC date is mentioned).

The other questionable declaration in their documentation is with regards
to the hardware platforms on which RADIUS is 'supported.' In my
documentation, they declare that RADIUS is supported on the Cisco 2500,
Cisco 4000, and Cisco 7000 series routers. Does this expressly preclude
the as5x00 series NAS?

These are all questions I would like perhaps Dale to field as far as
RadiusNT is concerned, and I am currently pending a call-back tonight from
Cisco for further clarification and implementation. If you have additional
questions/information you would like me to gather zap me an email directly,
and I will work them in. Hurry though... no telling when they will call.
It WILL be tonight. :=)
//////////////////////////////////////////////////////////////////////
Kevin Brown Networking Engineer
Huber & Associates <kbrown@primelink.com>
IBM Business Partner http://www.primelink.com/haa/haahome.htm
Phone: 573-634-5000 ext 114
Fax: 573-634-5500
//////////////////////////////////////////////////////////////////////
IBM, Cisco & Ascend Routers, Switches, HUBs, and related hardware.
Windows 95/NT, AIX, BSDI, FreeBSD, OS/400.
RS6000, AS/400 and basic PC troubleshooting.
//////////////////////////////////////////////////////////////////////
------------------------------------------------------------------
Pursuate to US Code, Title 47, Chapter 5, Subchapter II, Sec. 227,
any and all nonsolicited commercial E-mail sent to this address is
subject to a download and archival fee in the amount of $500 US.
Emailing denotes acceptance of these terms.
------------------------------------------------------------------