- Cisco Community
- Technology and Support
- Security
- Network Access Control
- AAA Fallback to local for PPP does not work!!!
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
AAA Fallback to local for PPP does not work!!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2013 12:32 AM - edited 03-10-2019 08:44 PM
AAA fallback to local doesn't work!
IOS 152-4.M4
What's wrong? Please help!
CONFIG:
aaa new-model
!
!
aaa group server radius radiussrv-group
server 10.100.2.41
server 10.100.2.42
!
aaa authentication login default group radiussrv-group local
aaa authentication login aaa-list group radiussrv-group local
aaa authentication login aaa-list-console local
aaa authentication ppp default group radiussrv-group local
aaa authorization console
aaa authorization exec aaa-list group radiussrv-group local
aaa authorization exec aaa-list-console if-authenticated
aaa authorization network default group radiussrv-group local
aaa accounting exec aaa-list
action-type start-stop
group radiussrv-group
!
aaa accounting exec aaa-list-console
action-type start-stop
group radiussrv-group
!
!
aaa attribute list ListName_grbsurm
attribute type addr 172.31.10.3 service ppp protocol ip mandatory
attribute type dns-servers "10.100.2.10"
attribute type dns-servers "10.100.2.11"
!
aaa attribute list ListName_pbsurm
attribute type addr 172.31.10.4 service ppp protocol ip mandatory
attribute type dns-servers "10.100.2.10"
attribute type dns-servers "10.100.2.11"
!
aaa attribute list ListName_websvod
attribute type addr 172.31.10.5 service ppp protocol ip mandatory
attribute type dns-servers "10.100.2.10"
attribute type dns-servers "10.100.2.11"
!
username local_admin privilege 15 secret 123123123
username grbsurm password 123123123
username grbsurm aaa attribute list ListName_grbsurm
username pbsurm password 123123123
username pbsurm aaa attribute list ListName_pbsurm
username svodweb password 123123123
username svodweb aaa attribute list ListName_websvod
!
interface Group-Async0
description ===== GROUP_MODEM =====
ip unnumbered Loopback0
ip access-group 111 in
encapsulation ppp
ip tcp header-compression
ip policy route-map DIAlUP-TO-ASA
peer default ip address pool dialin
async mode interactive
no keepalive
compress stac
ppp authentication ms-chap-v2
group-range 0/451 0/486
!
radius-server host 10.100.2.41 key 123123123
radius-server host 10.100.2.42 key 123123123
!
line 0/451 0/486
modem InOut
modem autoconfigure discovery
transport input ssh
autoselect during-login
autoselect ppp
DEBUG OUT:
2013-07-05 10:17:53 Local7.Notice 172.30.255.8 379: Jul 5 03:17:51.999: %PARSER-5-CFGLOG_LOGGEDCMD: User:bms logged command:aaa authentication ppp default local
2013-07-05 10:17:54 Local7.Notice 172.30.255.8 380: Jul 5 03:17:53.567: %SYS-5-CONFIG_I: Configured from console by bms on vty0 (193.232.38.2)
2013-07-05 10:19:06 Local7.Info 172.30.255.8 381: Jul 5 03:19:04.803: %ISDN-6-CONNECT: Interface Serial0/0/0:0 is now connected to 3832101030 N/A
2013-07-05 10:19:31 Local7.Debug 172.30.255.8 382: Jul 5 03:19:31.083: TTY0/452: timer_create_bg error
2013-07-05 10:19:32 Local7.Error 172.30.255.8 383: Jul 5 03:19:31.587: %LINK-3-UPDOWN: Interface Async0/452, changed state to up
2013-07-05 10:19:34 Local7.Info 172.30.255.8 384: Jul 5 03:19:32.839: %ISDN-6-DISCONNECT: Interface Serial0/0/0:0 disconnected from 3832101030 , call lasted 28 seconds
2013-07-05 10:19:35 Local7.Notice 172.30.255.8 385: Jul 5 03:19:34.323: %LINK-5-CHANGED: Interface Async0/452, changed state to reset
2013-07-05 10:19:40 Local7.Error 172.30.255.8 386: Jul 5 03:19:39.323: %LINK-3-UPDOWN: Interface Async0/452, changed state to down
2013-07-05 10:21:28 Local7.Notice 172.30.255.8 387: Jul 5 03:21:27.155: %SYS-5-CONFIG_I: Configured from console by bms on vty1 (193.232.38.2)
2013-07-05 10:22:44 Local7.Info 172.30.255.8 388: Jul 5 03:22:42.798: %ISDN-6-CONNECT: Interface Serial0/0/0:0 is now connected to 3832101030 N/A
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 389: Jul 5 03:23:08.010: TTY0/463: timer_create_bg error
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 390: Jul 5 03:23:08.510: As0/463 PPP: Fast Starting
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 391: Jul 5 03:23:08.510: As0/463 PPP: Processing FastStart message
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 392: Jul 5 03:23:08.510: PPP: Alloc Context [1E12B3C]
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 393: Jul 5 03:23:08.510: ppp3 PPP: Phase is ESTABLISHING
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 394: Jul 5 03:23:08.510: ppp3 PPP: Using AAA Unique Id = 13D
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 395: Jul 5 03:23:08.510: As0/463 PPP: Authorization required
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 396: Jul 5 03:23:08.510: As0/463 PPP: Using modem call direction
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 397: Jul 5 03:23:08.510: As0/463 PPP: Treating connection as a callin
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 398: Jul 5 03:23:08.510: As0/463 PPP: Session handle[CA000003] Session id[3]
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 399: Jul 5 03:23:08.510: As0/463 LCP: Event[OPEN] State[Initial to Starting]
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 400: Jul 5 03:23:08.510: As0/463 PPP LCP: Enter passive mode, state[Stopped]
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 401: Jul 5 03:23:08.510: As0/463 LCP: I CONFREQ [Stopped] id 0 len 23
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 402: Jul 5 03:23:08.510: As0/463 LCP: ACCM 0x00000000 (0x020600000000)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 403: Jul 5 03:23:08.510: As0/463 LCP: MagicNumber 0x020725BB (0x0506020725BB)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 404: Jul 5 03:23:08.510: As0/463 LCP: PFC (0x0702)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 405: Jul 5 03:23:08.510: As0/463 LCP: ACFC (0x0802)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 406: Jul 5 03:23:08.510: As0/463 LCP: Callback 6 (0x0D0306)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 407: Jul 5 03:23:08.510: As0/463 LCP: O CONFREQ [Stopped] id 1 len 25
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 408: Jul 5 03:23:08.510: As0/463 LCP: ACCM 0x000A0000 (0x0206000A0000)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 409: Jul 5 03:23:08.510: As0/463 LCP: AuthProto MS-CHAP-V2 (0x0305C22381)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 410: Jul 5 03:23:08.510: As0/463 LCP: MagicNumber 0xD479EC40 (0x0506D479EC40)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 411: Jul 5 03:23:08.510: As0/463 LCP: PFC (0x0702)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 412: Jul 5 03:23:08.510: As0/463 LCP: ACFC (0x0802)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 413: Jul 5 03:23:08.510: As0/463 LCP: O CONFREJ [Stopped] id 0 len 7
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 414: Jul 5 03:23:08.510: As0/463 LCP: Callback 6 (0x0D0306)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 415: Jul 5 03:23:08.510: As0/463 LCP: Event[Receive ConfReq-] State[Stopped to REQsent]
2013-07-05 10:23:08 Local7.Error 172.30.255.8 416: Jul 5 03:23:08.514: %LINK-3-UPDOWN: Interface Async0/463, changed state to up
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 417: Jul 5 03:23:08.514: As0/463 PPP: Sending cstate UP notification
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 418: Jul 5 03:23:08.514: As0/463 PPP: Processing CstateUp message
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 419: Jul 5 03:23:08.710: As0/463 PPP: I pkt type 0xC021, datagramsize 29 link[ppp]
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 420: Jul 5 03:23:08.710: As0/463 LCP: I CONFACK [REQsent] id 1 len 25
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 421: Jul 5 03:23:08.710: As0/463 LCP: ACCM 0x000A0000 (0x0206000A0000)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 422: Jul 5 03:23:08.710: As0/463 LCP: AuthProto MS-CHAP-V2 (0x0305C22381)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 423: Jul 5 03:23:08.710: As0/463 LCP: MagicNumber 0xD479EC40 (0x0506D479EC40)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 424: Jul 5 03:23:08.710: As0/463 LCP: PFC (0x0702)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 425: Jul 5 03:23:08.710: As0/463 LCP: ACFC (0x0802)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 426: Jul 5 03:23:08.710: As0/463 LCP: Event[Receive ConfAck] State[REQsent to ACKrcvd]
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 427: Jul 5 03:23:08.730: As0/463 PPP: I pkt type 0xC021, datagramsize 24 link[ppp]
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 428: Jul 5 03:23:08.730: As0/463 LCP: I CONFREQ [ACKrcvd] id 1 len 20
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 429: Jul 5 03:23:08.730: As0/463 LCP: ACCM 0x00000000 (0x020600000000)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 430: Jul 5 03:23:08.730: As0/463 LCP: MagicNumber 0x020725BB (0x0506020725BB)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 431: Jul 5 03:23:08.730: As0/463 LCP: PFC (0x0702)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 432: Jul 5 03:23:08.730: As0/463 LCP: ACFC (0x0802)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 433: Jul 5 03:23:08.730: As0/463 LCP: O CONFACK [ACKrcvd] id 1 len 20
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 434: Jul 5 03:23:08.730: As0/463 LCP: ACCM 0x00000000 (0x020600000000)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 435: Jul 5 03:23:08.730: As0/463 LCP: MagicNumber 0x020725BB (0x0506020725BB)
2013-07-05 10:23:08 Local7.Debug 172.30.255.8 436: Jul 5 03:23:08.730: As0/463 LCP: PFC (0x0702)
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 437: Jul 5 03:23:08.730: As0/463 LCP: ACFC (0x0802)
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 438: Jul 5 03:23:08.730: As0/463 LCP: Event[Receive ConfReq+] State[ACKrcvd to Open]
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 439: Jul 5 03:23:08.738: As0/463 PPP: Phase is AUTHENTICATING, by this end
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 440: Jul 5 03:23:08.738: As0/463 MS-CHAP-V2: O CHALLENGE id 1 len 32 from "novc3925r04"
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 441: Jul 5 03:23:08.738: As0/463 LCP: State is Open
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 442: Jul 5 03:23:08.950: As0/463 PPP: I pkt type 0xC021, datagramsize 20 link[ppp]
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 443: Jul 5 03:23:08.950: As0/463 LCP: I IDENTIFY [Open] id 2 len 18 magic 0x020725BBMSRASV5.20
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 444: Jul 5 03:23:08.954: As0/463 PPP: I pkt type 0xC021, datagramsize 28 link[ppp]
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 445: Jul 5 03:23:08.954: As0/463 LCP: I IDENTIFY [Open] id 3 len 26 magic 0x020725BBMSRAS-0-NOV001NB29
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 446: Jul 5 03:23:08.958: As0/463 PPP: I pkt type 0xC021, datagramsize 26 link[ppp]
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 447: Jul 5 03:23:08.958: As0/463 LCP: I IDENTIFY [Open] id 4 len 24 magic 0x020725BBVBBD0W5G/`}6j]H(
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 448: Jul 5 03:23:08.970: As0/463 PPP: I pkt type 0xC223, datagramsize 63 link[ppp]
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 449: Jul 5 03:23:08.970: As0/463 MS-CHAP-V2: I RESPONSE id 1 len 61 from "svodweb"
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 450: Jul 5 03:23:08.970: As0/463 PPP: Phase is FORWARDING, Attempting Forward
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 451: Jul 5 03:23:08.970: As0/463 PPP: Phase is AUTHENTICATING, Unauthenticated User
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 452: Jul 5 03:23:08.974: As0/463 PPP: Sent MSCHAP_V2 LOGIN Request
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 453: Jul 5 03:23:08.974: As0/463 PPP: Received LOGIN Response PASS
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 454: Jul 5 03:23:08.974: As0/463 PPP AUTHOR: Author Data NOT Available
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 455: Jul 5 03:23:08.974: As0/463 PPP: Sent LCP AUTHOR Request
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 456: Jul 5 03:23:08.974: As0/463 PPP: Sent IPCP AUTHOR Request
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 457: Jul 5 03:23:08.974: As0/463 IPCP: Authorizing CP
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 458: Jul 5 03:23:08.974: As0/463 IPCP: CP stalled on event[Authorize CP]
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 459: Jul 5 03:23:09.014: As0/463 IPCP: Received AAA AUTHOR Response FAIL
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 460: Jul 5 03:23:09.014: As0/463 IPCP: Event[CLOSE] State[Initial to Initial]
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 461: Jul 5 03:23:09.014: As0/463 LCP: Received AAA AUTHOR Response FAIL
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 462: Jul 5 03:23:09.014: As0/463 PPP DISC: LCP authorization failed
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 463: Jul 5 03:23:09.014: As0/463 PPP: Sending Acct Event[Down] id[13D]
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 464: Jul 5 03:23:09.014: PPP: NET STOP send to AAA.
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 465: Jul 5 03:23:09.014: As0/463 IPCP: Illegal event DOWN in state Initial
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 466: Jul 5 03:23:09.014: As0/463 IPCP: Event[DOWN] State[Initial to Initial]
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 467: Jul 5 03:23:09.014: As0/463 IPCP: Event[CLOSE] State[Initial to Initial]
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 468: Jul 5 03:23:09.014: As0/463 CCP: Illegal event DOWN in state Initial
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 469: Jul 5 03:23:09.014: As0/463 CCP: Event[DOWN] State[Initial to Initial]
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 470: Jul 5 03:23:09.014: As0/463 CCP: Event[CLOSE] State[Initial to Initial]
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 471: Jul 5 03:23:09.014: As0/463 LCP: O TERMREQ [Open] id 2 len 4
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 472: Jul 5 03:23:09.014: As0/463 LCP: Event[CLOSE] State[Open to Closing]
2013-07-05 10:23:09 Local7.Debug 172.30.255.8 473: Jul 5 03:23:09.210: As0/463 PPP: I pkt type 0xC021, datagramsize 8 link[ppp]
2013-07-05 10:23:10 Local7.Debug 172.30.255.8 474: Jul 5 03:23:09.210: As0/463 LCP: I TERMACK [Closing] id 2 len 4
2013-07-05 10:23:10 Local7.Debug 172.30.255.8 475: Jul 5 03:23:09.210: As0/463 LCP: Event[Receive TermAck] State[Closing to Closed]
2013-07-05 10:23:10 Local7.Debug 172.30.255.8 476: Jul 5 03:23:09.210: As0/463 LCP: Event[DOWN] State[Closed to Initial]
2013-07-05 10:23:10 Local7.Debug 172.30.255.8 477: Jul 5 03:23:09.210: As0/463 PPP: Clearing AAA Unique Id = 13D
2013-07-05 10:23:10 Local7.Debug 172.30.255.8 478: Jul 5 03:23:09.210: As0/463 PPP: Phase is DOWN
- Labels:
-
AAA
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide