06-24-2003 03:09 PM - edited 03-10-2019 07:22 AM
Our company bought a uBR7100 Universal Broadband Router.
The exact version information is:
IOS (tm) EGR Software (UBR7100-K1P-M), Version 12.1(12c)EC1, EARLY
DEPLOYMENT RELEASE SOFTWARE (fc1)
Everything works fine, except the radius server access. The authentication
works well.
I've configured the router with the help i've found on the web at cisco.com,
but i didn't find any useful information about 3 things:
- accounting on network actions (the login, logout, etc information on the
CMs (no accounting information of any kind))
- session-timeout on CMs (they didn't drop the connection at the end of the
session, i've tried the idle time as well)
- service-group on CMs (i can not tell the CMTS to give the pre-defined QoS
profile to the CM from the radius database assigned to the mac address)
The usual method that should work on other cisco ppp connections fails this
time.
06-29-2003 02:47 PM
Hi,
Can you please provide us the config on the router and the following debugs.
debug aaa authen
debug aaa author
debug aaa accounting
debug aaa per-user
debug radius
Thanks
Sujit
06-29-2003 10:54 PM
--begin ciscomoderator note-- The following post has been edited to remove potentially confidential information. Please refrain from posting confidential information on the site to reduce security risks to your network. -- end ciscomoderator note --
Router#sh log
Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns)
Console logging: level debugging, 68739 messages logged
Monitor logging: level debugging, 0 messages logged
Buffer logging: level debugging, 68739 messages logged
Trap logging: level informational, 3979 message lines logged
Log Buffer (8192 bytes):
1w5d: AAA/AUTHEN/CABLE CM MAC Addr xxxxxxxx, Serial # SM1349048, on Ca1/0
1w5d: AAA: parse name=Cable1/0 idb type=25 tty=-1
1w5d: AAA: name=Cable1/0 flags=0x15 type=6 shelf=0 slot=1 adapter=0 port=0 chann
el=0
1w5d: AAA: parse name=
1w5d: AAA/MEMORY: create_user (0x61DA4DA0) user='xxxxxxxx' ruser='' port='*'
rem_addr='' authen_type=ASCII service=LOGIN priv=1
1w5d: AAA/AUTHEN/START (658127678): port='*' list='cmts' action=LOGIN service=LO
GIN
1w5d: AAA/AUTHEN/START (658127678): found list cmts
1w5d: AAA/AUTHEN/START (658127678): Method=radius (radius)
1w5d: AAA/AUTHEN (658127678): status = GETPASS
1w5d: AAA/AUTHEN/CONT (658127678): continue_login (user='xxxxxxxx')
1w5d: AAA/AUTHEN (658127678): status = GETPASS
1w5d: AAA/AUTHEN (658127678): Method=radius (radius)
1w5d: RADIUS: ustruct sharecount=1
1w5d: RADIUS: Initial Transmit * id 231 xxx.xxx.xxx.4:nnnn, Access-Request, len
74
1w5d: Attribute 4 6 D9AD2102
1w5d: Attribute 61 6 00000000
1w5d: Attribute 1 14 30303430
1w5d: Attribute 2 18 35159BB8
1w5d: Attribute 44 10 30303030
1w5d: RADIUS: Received from id 231 xxx.xxx.xxx.4:nnnn, Access-Accept, len 56
1w5d: Attribute 7 6 00000001
1w5d: Attribute 13 6 00000001
1w5d: Attribute 6 6 00000002
1w5d: Attribute 8 6 FFFFFFFE
1w5d: Attribute 9 6 FFFFFFFF
1w5d: Attribute 27 6 00015180
1w5d: RADIUS: saved authorization data for user xxxxxxxxat xxxxxxxx
1w5d: AAA/AUTHEN (658127678): status = PASS
1w5d: AAA/AUTHEN/CABLE CM MAC Addr xxxxxxxx, Serial # SM1350209, on Ca1/0
1w5d: AAA: parse name=Cable1/0 idb type=25 tty=-1
1w5d: AAA: name=Cable1/0 flags=0x15 type=6 shelf=0 slot=1 adapter=0 port=0 chann
el=0
1w5d: AAA: parse name=
1w5d: AAA/MEMORY: create_user (0xxxxxxxxxx) user='xxxxxxxx' ruser='' port='*'
rem_addr='' authen_type=ASCII service=LOGIN priv=1
1w5d: AAA/AUTHEN/START (2897868618): port='*' list='cmts' action=LOGIN service=L
OGIN
1w5d: AAA/AUTHEN/START (2897868618): found list cmts
1w5d: AAA/AUTHEN/START (2897868618): Method=radius (radius)
1w5d: AAA/AUTHEN (2897868618): status = GETPASS
1w5d: AAA/AUTHEN/CONT (2897868618): continue_login (user='xxxxxxxx')
1w5d: AAA/AUTHEN (2897868618): status = GETPASS
1w5d: AAA/AUTHEN (2897868618): Method=radius (radius)
1w5d: RADIUS: ustruct sharecount=1
1w5d: RADIUS: Initial Transmit * id 232 xxx.xxx.xxx.4:nnnn, Access-Request, len
74
1w5d: Attribute 4 6 D9AD2102
1w5d: Attribute 61 6 00000000
1w5d: Attribute 1 14 30303430
1w5d: Attribute 2 18 6C6BDEF9
1w5d: Attribute 44 10 30303030
1w5d: RADIUS: Received from id 232 xxx.xxx.xxx.4:nnnn, Access-Accept, len 56
1w5d: Attribute 7 6 00000001
1w5d: Attribute 13 6 00000001
1w5d: Attribute 6 6 00000002
1w5d: Attribute 8 6 FFFFFFFE
1w5d: Attribute 9 6 FFFFFFFF
1w5d: Attribute 27 6 00015180
1w5d: RADIUS: saved authorization data for user xxxxxxxxx at xxxxxxxxx
1w5d: AAA/AUTHEN (2897868618): status = PASS
Router#
Router#sh ru
Building configuration...
Current configuration : 4942 bytes
!
! Last configuration change at 08:31:17 CET Mon Jun 30 2003
! NVRAM config last updated at 18:14:02 CET Thu Jun 26 2003
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
logging cns-events debugging
aaa new-model
aaa authentication login default line
aaa authentication login cmts group radius
aaa authorization network default group radius
aaa authorization auth-proxy default group radius
aaa accounting exec cmts start-stop group radius
aaa accounting network cmts start-stop group radius
aaa accounting connection default start-stop group radius
aaa accounting system default start-stop group radius
aaa nas port extended
enable secret 5 ********
enable password ********
!
cable modem remote-query 30 xxxxxxxxxxxxxxxxxx
no cable qos permission create
no cable qos permission update
cable qos permission modems
cable time-server
!
cable config-file 128-32.cm
service-class 1 max-upstream 32
service-class 1 max-downstream 128
service-class 1 max-burst 1600
service-class 1 privacy
cpe max 1
timestamp
!
cable config-file 256-64.cm
service-class 1 max-upstream 64
service-class 1 max-downstream 256
service-class 1 max-burst 1600
service-class 1 privacy
cpe max 1
timestamp
!
cable config-file 384-64.cm
service-class 1 max-upstream 64
service-class 1 max-downstream 384
service-class 1 max-burst 1600
service-class 1 privacy
cpe max 1
timestamp
!
cable config-file 512-128.cm
service-class 1 max-upstream 128
service-class 1 max-downstream 512
service-class 1 max-burst 1600
service-class 1 privacy
cpe max 1
timestamp
!
cable config-file 384-64-b.cm
service-class 1 max-upstream 64
service-class 1 max-downstream 384
service-class 1 max-burst 1600
service-class 1 privacy
cpe max 16
timestamp
!
cable config-file 512-128-b.cm
service-class 1 max-upstream 128
service-class 1 max-downstream 512
service-class 1 max-burst 1600
service-class 1 privacy
cpe max 16
timestamp
!
clock timezone CET 1
clock summer-time CET recurring
clock calendar-valid
ip subnet-zero
ip cef
ip name-server 195.228.254.30
ip name-server xxx.xxx.xxx.1
ip dhcp excluded-address 10.0.1.200 10.0.1.254
ip dhcp excluded-address mmm.mmm.mm.120 mmm.mmm.mm.126
ip dhcp excluded-address mmm.mmm.mm.1 mmm.mmm.mm.12
ip dhcp ping packets 0
!
ip dhcp pool hosts
network mmm.mmm.mm.0 255.255.255.128
next-server mmm.mmm.mm.9
default-router mmm.mmm.mm.9
dns-server 195.228.254.30 xxx.xxx.xxx.1
lease 1 0 10
!
ip dhcp pool cm-default
network 10.0.1.0 255.255.255.0
bootfile 256-64.cm
next-server 10.0.1.1
default-router 10.0.1.1
option 7 ip 10.0.1.1
option 4 ip 10.0.1.1
option 2 hex ffff.8f80
option 128 ip 10.0.1.1
option 11 ip 10.0.1.1
option 10 ip 10.0.1.1
lease 7 0 10
!
ip dhcp pool cm-0040.7b7e.a830
host 10.0.1.200 255.255.255.0
client-identifier 0100.407b.7ea8.30
bootfile 512-128-b.cm
next-server 10.0.1.1
!
ip ssh time-out 120
ip ssh authentication-retries 3
!
!
!
!
interface FastEthernet0/0
ip address mmm.mmm.mm.2 255.255.255.248
no ip mroute-cache
duplex half
speed 10
!
interface FastEthernet0/1
no ip address
no ip mroute-cache
shutdown
duplex auto
speed auto
!
interface Cable1/0
ip address mmm.mmm.mm.9 255.255.255.252 secondary
ip address 10.0.1.1 255.255.255.0
no ip mroute-cache
no keepalive
cable shared-secret 0 szikrit
cable downstream annex B
cable downstream modulation 64qam
cable downstream interleave-depth 32
cable downstream frequency 330000000
cable downstream channel-id 0
cable downstream description Elore irany
no cable downstream rf-shutdown
cable downstream rf-power 45
cable upstream 0 description Vissza irany
cable upstream 0 frequency 16704000
cable upstream 0 power-level 0
cable upstream 0 freq-adjust averaging 50
cable upstream 0 channel-width 800000
cable upstream 0 admission-control 10
no cable upstream 0 shutdown
no cable arp
cable source-verify dhcp
cable dhcp-giaddr policy
cable privacy mandatory
cable privacy authenticate-modem
cable privacy authorize-multicast
cable privacy 40-bit-des
cable privacy kek life-time 750000
cable privacy kek grace-time 800
cable privacy tek life-time 56000
cable privacy tek grace-time 800
!
ip default-gateway mmm.mmm.mm.1
no ip classless
ip route 0.0.0.0 0.0.0.0 mmm.mmm.mm.1 permanent
ip route mmm.mmm.mm.0 255.255.255.128 Cable1/0
no ip http server
!
ip radius source-interface FastEthernet0/0
snmp-server community xxxxxxxxxx
snmp-server manager
!
radius-server host xxx.xxx.xxx.4 auth-port nnnn acct-port nnnn key xxxxxxxxxx
radius-server retransmit 3
radius-server attribute 44 include-in-access-req
radius-server vsa send accounting
!
line con 0
line aux 0
line vty 0 4
password ********
!
ntp clock-period 17180071
ntp update-calendar
ntp server vvv.v.v.1 source FastEthernet0/0
end
Router#
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide