Re: static IP and AS5200 problem

Dale E. Reed Jr. ( (no email) )
Fri, 29 May 1998 13:36:21 -0700

Christian Simard wrote:
>
> I'v assigned a static IP Address to a user in the Radconfigs table.
> Without a static IP, there is no problem to get authentified by
> the CISCO AS5200 but with the static IP, the user get disconnected
> immediatly after "Framed-Address". Here is a the radius debug screen
> snapshoot and a debug of AAA made on the CISCO AS5200:

You most likely need more than just Framed-Address. Try adding
User-Service=Framed-User, and Framed-Protocol=PPP as well.
RadiusNT does NOT add the RadConfigs entries to the RadATConfigs
entries. Its one or the other.

> I use Radius NT 1.16 with SQL server but I have the same problem with 2.2
>
> thank you for your help!
>
> RADIUS NT:
> =========
>
> Allocating Statement...
>
> SQL Statement: Select ra.RadAttributeID, Name, Data, Value, Type From
> RadConfig
> s rc, RadAttributes ra Where ra.RadAttributeID=rc.RadAttributeID AND
> rc.AccountI
> D=659
>
> Framed-Address = 207.139.145.150 (1)
> Freeing SQL Statement...
> Sending Ack of id 181 to cf8b9105 (cisco5-2.netc.net)
> Framed-Address = 207.139.145.150
>
> Response Time: 230
>
> CISCO AS5200:
> ============
>
> AAA/AUTHEN/START (0): port='Async36' list='' action=LOGIN service=PPP
> AAA/AUTHEN/START (0): using "default" list
> AAA/AUTHEN/START (397743627): Method=RADIUS
> AAA/AUTHEN (397743627): status = GETPASS
> AAA/AUTHEN/CONT (397743627): continue_login
> AAA/AUTHEN (397743627): status = GETPASS
> AAA/AUTHEN (397743627): Method=RADIUS
> AAA/AUTHEN (397743627): status = PASS
> AAA/AUTHOR/LCP: authorize LCP
> AAA/AUTHOR (0): user='simardc'
> AAA/AUTHOR (0): send AV service=ppp
> AAA/AUTHOR (0): send AV protocol=lcp
> AAA/AUTHOR (623322683): Method=RADIUS
> AAA/AUTHOR (623322683): Post authorization status = ERROR
>
> Same login with Livingston RADIUS:
> =================================
>
> %LINK-3-UPDOWN: Interface Async26, changed state to up
> AAA/AUTHEN: create_user user='simardc' ruser='' port='Async26'
> rem_addr='async/8
> 718373' authen_type=2 service=3 priv=1
> AAA/AUTHEN/START (0): port='Async26' list='' action=LOGIN service=PPP
> AAA/AUTHEN/START (0): using "default" list
> AAA/AUTHEN/START (511843121): Method=RADIUS
> AAA/AUTHEN (511843121): status = GETPASS
> AAA/AUTHEN/CONT (511843121): continue_login
> AAA/AUTHEN (511843121): status = GETPASS
> AAA/AUTHEN (511843121): Method=RADIUS
> AAA/AUTHEN (511843121): status = PASS
> AAA/AUTHOR/LCP: authorize LCP
> AAA/AUTHOR (0): user='simardc'
> AAA/AUTHOR (0): send AV service=ppp
> AAA/AUTHOR (0): send AV protocol=lcp
> AAA/AUTHOR (638391897): Method=RADIUS
> AAA/AUTHOR (638391897): Post authorization status = PASS_REPL
> AAA/AUTHOR/LCP: Async26: Processing AV routing*true
> AAA/AUTHOR/FSM (0): can we start IPCP?
> AAA/AUTHOR (0): user='simardc'
> AAA/AUTHOR (0): send AV service=ppp
> AAA/AUTHOR (0): send AV protocol=ip
> AAA/AUTHOR (62202857): Method=RADIUS
> AAA/AUTHOR (62202857): Post authorization status = PASS_REPL
> AAA/AUTHOR/FSM: we can start IPCP for protocol 0x8021
> AAA/AUTHOR/IPCP: Async26: start: her address 0.0.0.0, we want 207.139.145.169
> AAA/AUTHOR/IPCP: Async26: Processing AV addr=207.139.145.150
> AAA/AUTHOR/IPCP: Async26: Processing AV routing*true
> AAA/AUTHOR/IPCP: Async26: set routing to TRUE
> AAA/AUTHOR/IPCP: Async26: authorization succeeded
> AAA/AUTHOR/IPCP: Async26: done: her address 0.0.0.0, we want 207.139.145.150
> AAA/AUTHOR/IPCP: Async26: authorization succeeded
> AAA/AUTHOR/IPCP: Async26: start: her address 0.0.0.0, we want 207.139.145.150
> AAA/AUTHOR/IPCP: Async26: Processing AV addr=207.139.145.150
> AAA/AUTHOR/IPCP: Async26: Processing AV routing*true

-- Dale E. Reed Jr.  (daler@iea-software.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |   http://www.iea-software.com