cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1865
Views
0
Helpful
2
Replies

Accounting on the 7100 CMTS

palyar
Level 1
Level 1

Our company bought a uBR7100 Universal Broadband Router.

The exact version information is:

IOS (tm) EGR Software (UBR7100-K1P-M), Version 12.1(12c)EC1, EARLY

DEPLOYMENT RELEASE SOFTWARE (fc1)

Everything works fine, except the radius server access. The authentication

works well.

I've configured the router with the help i've found on the web at cisco.com,

but i didn't find any useful information about 3 things:

- accounting on network actions (the login, logout, etc information on the

CMs (no accounting information of any kind))

- session-timeout on CMs (they didn't drop the connection at the end of the

session, i've tried the idle time as well)

- service-group on CMs (i can not tell the CMTS to give the pre-defined QoS

profile to the CM from the radius database assigned to the mac address)

The usual method that should work on other cisco ppp connections fails this

time.

2 Replies 2

sghosh
Level 1
Level 1

Hi,

Can you please provide us the config on the router and the following debugs.

debug aaa authen

debug aaa author

debug aaa accounting

debug aaa per-user

debug radius

Thanks

Sujit

--begin ciscomoderator note-- The following post has been edited to remove potentially confidential information. Please refrain from posting confidential information on the site to reduce security risks to your network. -- end ciscomoderator note --

Router#sh log

Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns)

Console logging: level debugging, 68739 messages logged

Monitor logging: level debugging, 0 messages logged

Buffer logging: level debugging, 68739 messages logged

Trap logging: level informational, 3979 message lines logged

Log Buffer (8192 bytes):

1w5d: AAA/AUTHEN/CABLE CM MAC Addr xxxxxxxx, Serial # SM1349048, on Ca1/0

1w5d: AAA: parse name=Cable1/0 idb type=25 tty=-1

1w5d: AAA: name=Cable1/0 flags=0x15 type=6 shelf=0 slot=1 adapter=0 port=0 chann

el=0

1w5d: AAA: parse name= idb type=-1 tty=-1

1w5d: AAA/MEMORY: create_user (0x61DA4DA0) user='xxxxxxxx' ruser='' port='*'

rem_addr='' authen_type=ASCII service=LOGIN priv=1

1w5d: AAA/AUTHEN/START (658127678): port='*' list='cmts' action=LOGIN service=LO

GIN

1w5d: AAA/AUTHEN/START (658127678): found list cmts

1w5d: AAA/AUTHEN/START (658127678): Method=radius (radius)

1w5d: AAA/AUTHEN (658127678): status = GETPASS

1w5d: AAA/AUTHEN/CONT (658127678): continue_login (user='xxxxxxxx')

1w5d: AAA/AUTHEN (658127678): status = GETPASS

1w5d: AAA/AUTHEN (658127678): Method=radius (radius)

1w5d: RADIUS: ustruct sharecount=1

1w5d: RADIUS: Initial Transmit * id 231 xxx.xxx.xxx.4:nnnn, Access-Request, len

74

1w5d: Attribute 4 6 D9AD2102

1w5d: Attribute 61 6 00000000

1w5d: Attribute 1 14 30303430

1w5d: Attribute 2 18 35159BB8

1w5d: Attribute 44 10 30303030

1w5d: RADIUS: Received from id 231 xxx.xxx.xxx.4:nnnn, Access-Accept, len 56

1w5d: Attribute 7 6 00000001

1w5d: Attribute 13 6 00000001

1w5d: Attribute 6 6 00000002

1w5d: Attribute 8 6 FFFFFFFE

1w5d: Attribute 9 6 FFFFFFFF

1w5d: Attribute 27 6 00015180

1w5d: RADIUS: saved authorization data for user xxxxxxxxat xxxxxxxx

1w5d: AAA/AUTHEN (658127678): status = PASS

1w5d: AAA/AUTHEN/CABLE CM MAC Addr xxxxxxxx, Serial # SM1350209, on Ca1/0

1w5d: AAA: parse name=Cable1/0 idb type=25 tty=-1

1w5d: AAA: name=Cable1/0 flags=0x15 type=6 shelf=0 slot=1 adapter=0 port=0 chann

el=0

1w5d: AAA: parse name= idb type=-1 tty=-1

1w5d: AAA/MEMORY: create_user (0xxxxxxxxxx) user='xxxxxxxx' ruser='' port='*'

rem_addr='' authen_type=ASCII service=LOGIN priv=1

1w5d: AAA/AUTHEN/START (2897868618): port='*' list='cmts' action=LOGIN service=L

OGIN

1w5d: AAA/AUTHEN/START (2897868618): found list cmts

1w5d: AAA/AUTHEN/START (2897868618): Method=radius (radius)

1w5d: AAA/AUTHEN (2897868618): status = GETPASS

1w5d: AAA/AUTHEN/CONT (2897868618): continue_login (user='xxxxxxxx')

1w5d: AAA/AUTHEN (2897868618): status = GETPASS

1w5d: AAA/AUTHEN (2897868618): Method=radius (radius)

1w5d: RADIUS: ustruct sharecount=1

1w5d: RADIUS: Initial Transmit * id 232 xxx.xxx.xxx.4:nnnn, Access-Request, len

74

1w5d: Attribute 4 6 D9AD2102

1w5d: Attribute 61 6 00000000

1w5d: Attribute 1 14 30303430

1w5d: Attribute 2 18 6C6BDEF9

1w5d: Attribute 44 10 30303030

1w5d: RADIUS: Received from id 232 xxx.xxx.xxx.4:nnnn, Access-Accept, len 56

1w5d: Attribute 7 6 00000001

1w5d: Attribute 13 6 00000001

1w5d: Attribute 6 6 00000002

1w5d: Attribute 8 6 FFFFFFFE

1w5d: Attribute 9 6 FFFFFFFF

1w5d: Attribute 27 6 00015180

1w5d: RADIUS: saved authorization data for user xxxxxxxxx at xxxxxxxxx

1w5d: AAA/AUTHEN (2897868618): status = PASS

Router#

Router#sh ru

Building configuration...

Current configuration : 4942 bytes

!

! Last configuration change at 08:31:17 CET Mon Jun 30 2003

! NVRAM config last updated at 18:14:02 CET Thu Jun 26 2003

!

version 12.1

no service single-slot-reload-enable

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Router

!

logging cns-events debugging

aaa new-model

aaa authentication login default line

aaa authentication login cmts group radius

aaa authorization network default group radius

aaa authorization auth-proxy default group radius

aaa accounting exec cmts start-stop group radius

aaa accounting network cmts start-stop group radius

aaa accounting connection default start-stop group radius

aaa accounting system default start-stop group radius

aaa nas port extended

enable secret 5 ********

enable password ********

!

cable modem remote-query 30 xxxxxxxxxxxxxxxxxx

no cable qos permission create

no cable qos permission update

cable qos permission modems

cable time-server

!

cable config-file 128-32.cm

service-class 1 max-upstream 32

service-class 1 max-downstream 128

service-class 1 max-burst 1600

service-class 1 privacy

cpe max 1

timestamp

!

cable config-file 256-64.cm

service-class 1 max-upstream 64

service-class 1 max-downstream 256

service-class 1 max-burst 1600

service-class 1 privacy

cpe max 1

timestamp

!

cable config-file 384-64.cm

service-class 1 max-upstream 64

service-class 1 max-downstream 384

service-class 1 max-burst 1600

service-class 1 privacy

cpe max 1

timestamp

!

cable config-file 512-128.cm

service-class 1 max-upstream 128

service-class 1 max-downstream 512

service-class 1 max-burst 1600

service-class 1 privacy

cpe max 1

timestamp

!

cable config-file 384-64-b.cm

service-class 1 max-upstream 64

service-class 1 max-downstream 384

service-class 1 max-burst 1600

service-class 1 privacy

cpe max 16

timestamp

!

cable config-file 512-128-b.cm

service-class 1 max-upstream 128

service-class 1 max-downstream 512

service-class 1 max-burst 1600

service-class 1 privacy

cpe max 16

timestamp

!

clock timezone CET 1

clock summer-time CET recurring

clock calendar-valid

ip subnet-zero

ip cef

ip name-server 195.228.254.30

ip name-server xxx.xxx.xxx.1

ip dhcp excluded-address 10.0.1.200 10.0.1.254

ip dhcp excluded-address mmm.mmm.mm.120 mmm.mmm.mm.126

ip dhcp excluded-address mmm.mmm.mm.1 mmm.mmm.mm.12

ip dhcp ping packets 0

!

ip dhcp pool hosts

network mmm.mmm.mm.0 255.255.255.128

next-server mmm.mmm.mm.9

default-router mmm.mmm.mm.9

dns-server 195.228.254.30 xxx.xxx.xxx.1

lease 1 0 10

!

ip dhcp pool cm-default

network 10.0.1.0 255.255.255.0

bootfile 256-64.cm

next-server 10.0.1.1

default-router 10.0.1.1

option 7 ip 10.0.1.1

option 4 ip 10.0.1.1

option 2 hex ffff.8f80

option 128 ip 10.0.1.1

option 11 ip 10.0.1.1

option 10 ip 10.0.1.1

lease 7 0 10

!

ip dhcp pool cm-0040.7b7e.a830

host 10.0.1.200 255.255.255.0

client-identifier 0100.407b.7ea8.30

bootfile 512-128-b.cm

next-server 10.0.1.1

!

ip ssh time-out 120

ip ssh authentication-retries 3

!

!

!

!

interface FastEthernet0/0

ip address mmm.mmm.mm.2 255.255.255.248

no ip mroute-cache

duplex half

speed 10

!

interface FastEthernet0/1

no ip address

no ip mroute-cache

shutdown

duplex auto

speed auto

!

interface Cable1/0

ip address mmm.mmm.mm.9 255.255.255.252 secondary

ip address 10.0.1.1 255.255.255.0

no ip mroute-cache

no keepalive

cable shared-secret 0 szikrit

cable downstream annex B

cable downstream modulation 64qam

cable downstream interleave-depth 32

cable downstream frequency 330000000

cable downstream channel-id 0

cable downstream description Elore irany

no cable downstream rf-shutdown

cable downstream rf-power 45

cable upstream 0 description Vissza irany

cable upstream 0 frequency 16704000

cable upstream 0 power-level 0

cable upstream 0 freq-adjust averaging 50

cable upstream 0 channel-width 800000

cable upstream 0 admission-control 10

no cable upstream 0 shutdown

no cable arp

cable source-verify dhcp

cable dhcp-giaddr policy

cable privacy mandatory

cable privacy authenticate-modem

cable privacy authorize-multicast

cable privacy 40-bit-des

cable privacy kek life-time 750000

cable privacy kek grace-time 800

cable privacy tek life-time 56000

cable privacy tek grace-time 800

!

ip default-gateway mmm.mmm.mm.1

no ip classless

ip route 0.0.0.0 0.0.0.0 mmm.mmm.mm.1 permanent

ip route mmm.mmm.mm.0 255.255.255.128 Cable1/0

no ip http server

!

ip radius source-interface FastEthernet0/0

snmp-server community xxxxxxxxxx

snmp-server manager

!

radius-server host xxx.xxx.xxx.4 auth-port nnnn acct-port nnnn key xxxxxxxxxx

radius-server retransmit 3

radius-server attribute 44 include-in-access-req

radius-server vsa send accounting

!

line con 0

line aux 0

line vty 0 4

password ********

!

ntp clock-period 17180071

ntp update-calendar

ntp server vvv.v.v.1 source FastEthernet0/0

end

Router#