Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2074
Views
0
Helpful
4
Replies

ACS 2.6 / user d exactly after 10 minutes why ? analog or ISDN same result

p.emery
Level 1
Level 1

‎06-06-2002 10:55 AM - edited ‎02-21-2020 10:00 AM

hi

i have a cisco Router 3640 with modem and it is a NAS and every user is autorise from Cisco Secure 2.6 and unfortunatly every 10 minutes exactly ...it didn't depends from ISDN or analogique and i have tried to foud in cisco secure or inside the route which parameters could sbe bad but i cand find which disturb my user

could you help me ?

here is the router config :

version 12.1

no service single-slot-reload-enable

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname NAS_3640_1

!

logging buffered 4096 debugging

logging rate-limit console 10 except errors

aaa new-model

aaa authentication login default group radius

aaa authentication login no_radius local

aaa authentication ppp dial_in group radius

aaa authorization network default group radius

aaa authorization network dial_in group radius

enable secret 5 <removed>

!

username test1 password 7 <removed>

username admin password 7 <removed>

modem country mica XXXX

ip subnet-zero

!

!

no ip finger

!

virtual-profile virtual-template 1

virtual-profile aaa

isdn switch-type basic-net3

!

!

!

interface Loopback0

description for PPP Users

ip address 172.16.248.1 255.255.255.0

!

interface FastEthernet0/0

ip address 192.168.254.3 255.255.255.0

duplex auto

speed auto

!

interface BRI1/0

no ip address

encapsulation ppp

dialer rotary-group 1

isdn switch-type basic-net3

isdn incoming-voice modem

no cdp enable

ppp authorization dial_in

!

interface BRI1/1

no ip address

encapsulation ppp

dialer rotary-group 1

isdn switch-type basic-net3

isdn incoming-voice modem

no cdp enable

ppp authorization dial_in

!

interface BRI1/2

no ip address

encapsulation ppp

dialer rotary-group 1

isdn switch-type basic-net3

isdn incoming-voice modem

no cdp enable

ppp authorization dial_in

!

interface BRI1/3

no ip address

encapsulation ppp

dialer rotary-group 1

isdn switch-type basic-net3

isdn incoming-voice modem

no cdp enable

!

interface FastEthernet3/0

ip address 192.168.240.1 255.255.255.252

duplex auto

speed auto

!

interface Virtual-Template1

ip unnumbered Loopback0

ppp authentication chap dial_in

ppp authorization dial_in

!

interface Group-Async1

ip unnumbered FastEthernet0/0

encapsulation ppp

dialer in-band

dialer idle-timeout 7200

async default routing

async dynamic address

async mode dedicated

no peer default ip address

ppp authentication chap dial_in

ppp authorization dial_in

group-range 65 76

!

interface Dialer1

ip unnumbered Loopback0

encapsulation ppp

dialer in-band

dialer idle-timeout 7200

dialer-group 1

no peer default ip address

no cdp enable

ppp authentication chap dial_in

ppp authorization dial_in

!

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.254.1

no ip http server

!

radius-server host 192.168.240.2 auth-port 1645 acct-port 1646

radius-server retransmit 3

radius-server key 7 <removed>

!

line con 0

password 7 <removed>

login authentication no_radius

transport input none

line 65 76

autoselect during-login

autoselect ppp

login authentication dialin

modem InOut

modem autoconfigure discovery

transport input all

stopbits 1

flowcontrol hardware

line aux 0

line vty 0 4

exec-timeout 0 0

password 7 <removed>

login authentication no_radius

many thanks for your helps

philippe

Labels:
0 Helpful
4 Replies 4

p.emery
Level 1
Level 1

‎06-06-2002 10:59 AM

here i have the log from an ISDN connection :

1d02h: %LINK-3-UPDOWN: Interface BRI1/0:1, changed state to up

1d02h: BR1/0:1 AAA/AUTHOR/FSM: (0): LCP succeeds trivially

1d02h: AAA: parse name=BRI1/0:1 idb type=14 tty=-1

1d02h: AAA: name=BRI1/0:1 flags=0x55 type=2 shelf=0 slot=1 adapter=0 port=0 chan

nel=1

1d02h: AAA: parse name= idb type=-1 tty=-1

1d02h: AAA/MEMORY: create_user (0x6156048C) user='coucou' ruser='' port='BRI1/0:

1' rem_addr='0329533045/9533005' authen_type=CHAP service=PPP priv=1

1d02h: AAA/AUTHEN/START (3354427015): port='BRI1/0:1' list='dial_in' action=LOGI

N service=PPP

1d02h: AAA/AUTHEN/START (3354427015): found list dial_in

1d02h: AAA/AUTHEN/START (3354427015): Method=radius (radius)

1d02h: RADIUS: ustruct sharecount=1

1d02h: RADIUS: Initial Transmit BRI1/0:1 id 30 192.168.240.2:1645, Access-Reques

t, len 98

1d02h: Attribute 4 6 C0A8F001

1d02h: Attribute 5 6 00007531

1d02h: Attribute 61 6 00000000

1d02h: Attribute 1 8 636F7563

1d02h: Attribute 30 9 39353333

1d02h: Attribute 31 12 30333239

1d02h: Attribute 3 19 1B0AA1D5

1d02h: Attribute 6 6 00000002

1d02h: Attribute 7 6 00000001

1d02h: RADIUS: Received from id 30 192.168.240.2:1645, Access-Accept, len 186

1d02h: Attribute 6 6 00000002

1d02h: Attribute 7 6 00000001

1d02h: Attribute 10 6 00000000

1d02h: Attribute 11 8 3130312E

1d02h: Attribute 22 29 3137322E

1d02h: Attribute 26 49 00000009012B6970

1d02h: Attribute 26 50 00000009012C6970

1d02h: Attribute 8 6 AC10F8FE

1d02h: Attribute 9 6 FFFFF800

1d02h: AAA/AUTHEN (3354427015): status = PASS

1d02h: BR1/0:1 AAA/AUTHOR/LCP: Authorize LCP

1d02h: BR1/0:1 AAA/AUTHOR/LCP (1395507533): Port='BRI1/0:1' list='dial_in' servi

ce=NET

1d02h: AAA/AUTHOR/LCP: BR1/0:1 (1395507533) user='coucou'

1d02h: BR1/0:1 AAA/AUTHOR/LCP (1395507533): send AV service=ppp

1d02h: BR1/0:1 AAA/AUTHOR/LCP (1395507533): send AV protocol=lcp

1d02h: BR1/0:1 AAA/AUTHOR/LCP (1395507533): found list "dial_in"

1d02h: BR1/0:1 AAA/AUTHOR/LCP (1395507533): Method=radius (radius)

1d02h: RADIUS: cisco AVPair "ip:dns-servers=172.16.69.17 172.16.121.17" not appl

ied for lcp

1d02h: RADIUS: cisco AVPair "ip:wins-servers=172.16.69.20 172.16.121.21" not app

lied for lcp

1d02h: BR1/0:1 AAA/AUTHOR (1395507533): Post authorization status = PASS_REPL

1d02h: BR1/0:1 AAA/AUTHOR/LCP: Processing AV service=ppp

1d02h: BR1/0:1 AAA/AUTHOR/LCP: Processing AV routing*false

1d02h: BR1/0:1 VP: Create and clone from virtual-template 1

1d02h: Vt1 VTEMPLATE: (Pre)cloning vaccess from recycle queue

1d02h: Vi1 VTEMPLATE: Has a new cloneblk vtemplate, now it has vtemplate

1d02h: Vi1 VTEMPLATE: ************* CLONE VACCESS1 *****************

1d02h: Vi1 VTEMPLATE: Clone from Virtual-Template1

interface Virtual-Access1

default ip address

no ip address

encap ppp

ip unnumbered loopback 0

enc ppp

ip unnumbered loopback 0

encapsulation ppp

end

1d02h: Vi1 VP: Create Virtual Profile for BR1/0:1

1d02h: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up

1d02h: Vi1 VP: Bind to BR1/0:1

1d02h: Vi1 VP: Bind fastswitching vectors

1d02h: Vi1 VP: Copied LCP state from BR1/0:1

1d02h: Vi1 AAA/AUTHOR/FSM: (0): Can we start IPCP?

1d02h: Vi1 AAA/AUTHOR/FSM (2212599508): Port='BRI1/0:1' list='dial_in' service=N

ET

1d02h: AAA/AUTHOR/FSM: Vi1 (2212599508) user='coucou'

1d02h: Vi1 AAA/AUTHOR/FSM (2212599508): send AV service=ppp

1d02h: Vi1 AAA/AUTHOR/FSM (2212599508): send AV protocol=ip

1d02h: Vi1 AAA/AUTHOR/FSM (2212599508): found list "dial_in"

1d02h: Vi1 AAA/AUTHOR/FSM (2212599508): Method=radius (radius)

1d02h: RADIUS: framed-route 172.16.0.0 255.255.0.0 192.168.254.1

1d02h: RADIUS: cisco AVPair "ip:dns-servers=172.16.69.17 172.16.121.17"

1d02h: RADIUS: cisco AVPair "ip:wins-servers=172.16.69.20 172.16.121.21"

1d02h: RADIUS: Authorize IP address 172.16.248.254

1d02h: RADIUS: Framed-IP-Netmask 255.255.248.0

1d02h: RADIUS: framed-route 172.16.248.0 255.255.248.0

1d02h: Vi1 AAA/AUTHOR (2212599508): Post authorization status = PASS_REPL

1d02h: Vi1 AAA/AUTHOR/FSM: We can start IPCP

1d02h: Vi1 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 0.0.0.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV routing*false

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV inacl=101

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV route=172.16.0.0 255.255.0.0 192.168.2

54.1

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV dns-servers=172.16.69.17 172.16.121.17

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV wins-servers=172.16.69.20 172.16.121.2

1

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=172.16.248.254

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV netmask*255.255.248.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV route=172.16.248.0 255.255.248.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded

1d02h: Vi1 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 172.16.248.254

1d02h: Vi1 AAA/AUTHOR/IPCP: primary dns server 172.16.69.17

1d02h: Vi1 AAA/AUTHOR/IPCP: primary wins server 172.16.69.20

1d02h: Vi1 AAA/AUTHOR/IPCP: seconday dns server 172.16.121.17

1d02h: Vi1 AAA/AUTHOR/IPCP: seconday wins server 172.16.121.21

1d02h: Vi1 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 172.16.248.254

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV routing*false

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV inacl=101

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV route=172.16.0.0 255.255.0.0 192.168.2

54.1

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV dns-servers=172.16.69.17 172.16.121.17

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV wins-servers=172.16.69.20 172.16.121.2

1

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=172.16.248.254

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV netmask*255.255.248.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV route=172.16.248.0 255.255.248.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded

1d02h: Vi1 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 172.16.248.254

1d02h: Vi1 AAA/AUTHOR/IPCP: primary dns server 172.16.69.17

1d02h: Vi1 AAA/AUTHOR/IPCP: primary wins server 172.16.69.20

1d02h: Vi1 AAA/AUTHOR/IPCP: seconday dns server 172.16.121.17

1d02h: Vi1 AAA/AUTHOR/IPCP: seconday wins server 172.16.121.21

1d02h: Vi1 AAA/AUTHOR/IPCP: Start. Her address 172.16.248.254, we want 172.16.2

48.254

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV routing*false

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV inacl=101

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV route=172.16.0.0 255.255.0.0 192.168.2

54.1

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV dns-servers=172.16.69.17 172.16.121.17

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV wins-servers=172.16.69.20 172.16.121.2

1

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=172.16.248.254

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV netmask*255.255.248.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV route=172.16.248.0 255.255.248.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded

1d02h: Vi1 AAA/AUTHOR/IPCP: Done. Her address 172.16.248.254, we want 172.16.24

8.254

1d02h: Vi1 AAA/AUTHOR/IPCP: primary dns server 172.16.69.17

1d02h: Vi1 AAA/AUTHOR/IPCP: primary wins server 172.16.69.20

1d02h: Vi1 AAA/AUTHOR/IPCP: seconday dns server 172.16.121.17

1d02h: Vi1 AAA/AUTHOR/IPCP: seconday wins server 172.16.121.21

1d02h: Vi1 AAA/AUTHOR/PER-USER: Event IP_UP

1d02h: Vi1 AAA/AUTHOR: IP_UP

1d02h: Vi1 AAA/PER-USER: processing author params.

1d02h: Vi1 VTEMPLATE: Has a new cloneblk AAA, now it has vtemplate/AAA

1d02h: Vi1 VTEMPLATE: ************* CLONE VACCESS1 *****************

1d02h: Vi1 VTEMPLATE: Clone from AAA

interface Virtual-Access1

IP access-group 101 in

end

1d02h: Vi1 AAA/AUTHOR: Vaccess parse 'interface Virtual-Access1

IP access-group 101 in

' ok (0)

1d02h: Vi1 AAA/AUTHOR: Parse 'IP route 172.16.0.0 255.255.0.0 192.168.254.1'

1d02h: Vi1 AAA/AUTHOR: Parse returned ok (0)

1d02h: Vi1 AAA/AUTHOR: enqueue peruser IP txt=no IP route 172.16.0.0 255.255.0.0

192.168.254.1

1d02h: Vi1 AAA/AUTHOR: Parse 'ip route 172.16.248.0 255.255.248.0 172.16.248.254

'

1d02h: Vi1 AAA/AUTHOR: Parse returned ok (0)

1d02h: Vi1 AAA/AUTHOR: enqueue peruser IP txt=no ip route 172.16.248.0 255.255.2

48.0 172.16.248.254

1d02h: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI1/0:1, changed state t

o up

1d02h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed

state to up

1d02h: %ISDN-6-CONNECT: Interface BRI1/0:1 is now connected to 0329533045 coucou

NAS_3640_1#

and here an analogue one :

1d02h: %ISDN-6-CONNECT: Interface BRI1/0:1 is now connected to 0329576000

NAS_3640_1#

1d02h: As75 AAA/AUTHOR/FSM: (0): LCP succeeds trivially

1d02h: %LINK-3-UPDOWN: Interface Async75, changed state to up

1d02h: AAA: parse name=Async75 idb type=10 tty=75

1d02h: AAA: name=Async75 flags=0x11 type=4 shelf=0 slot=0 adapter=0 port=75 chan

nel=0

1d02h: AAA: parse name=BRI1/0:1 idb type=14 tty=-1

1d02h: AAA: name=BRI1/0:1 flags=0x55 type=2 shelf=0 slot=1 adapter=0 port=0 chan

nel=1

1d02h: AAA/MEMORY: create_user (0x6156048C) user='coucou' ruser='' port='Async75

' rem_addr='0329576000/9533008' authen_type=CHAP service=PPP priv=1

1d02h: AAA/AUTHEN/START (1518246456): port='Async75' list='dial_in' action=LOGIN

service=PPP

1d02h: AAA/AUTHEN/START (1518246456): found list dial_in

1d02h: AAA/AUTHEN/START (1518246456): Method=radius (radius)

1d02h: RADIUS: ustruct sharecount=1

1d02h: RADIUS: Initial Transmit Async75 id 29 192.168.240.2:1645, Access-Request

, len 98

1d02h: Attribute 4 6 C0A8F001

1d02h: Attribute 5 6 0000004B

1d02h: Attribute 61 6 00000000

1d02h: Attribute 1 8 636F7563

1d02h: Attribute 30 9 39353333

1d02h: Attribute 31 12 30333239

1d02h: Attribute 3 19 01652D42

1d02h: Attribute 6 6 00000002

1d02h: Attribute 7 6 00000001

1d02h: RADIUS: Received from id 29 192.168.240.2:1645, Access-Accept, len 186

1d02h: Attribute 6 6 00000002

1d02h: Attribute 7 6 00000001

1d02h: Attribute 10 6 00000000

1d02h: Attribute 11 8 3130312E

1d02h: Attribute 22 29 3137322E

1d02h: Attribute 26 49 00000009012B6970

1d02h: Attribute 26 50 00000009012C6970

1d02h: Attribute 8 6 AC10F8FD

1d02h: Attribute 9 6 FFFFF800

1d02h: AAA/AUTHEN (1518246456): status = PASS

1d02h: As75 AAA/AUTHOR/LCP: Authorize LCP

1d02h: As75 AAA/AUTHOR/LCP (1184823696): Port='Async75' list='dial_in' service=N

ET

1d02h: AAA/AUTHOR/LCP: As75 (1184823696) user='coucou'

1d02h: As75 AAA/AUTHOR/LCP (1184823696): send AV service=ppp

1d02h: As75 AAA/AUTHOR/LCP (1184823696): send AV protocol=lcp

1d02h: As75 AAA/AUTHOR/LCP (1184823696): found list "dial_in"

1d02h: As75 AAA/AUTHOR/LCP (1184823696): Method=radius (radius)

1d02h: RADIUS: cisco AVPair "ip:dns-servers=172.16.69.17 172.16.121.17" not appl

ied for lcp

1d02h: RADIUS: cisco AVPair "ip:wins-servers=172.16.69.20 172.16.121.21" not app

lied for lcp

1d02h: As75 AAA/AUTHOR (1184823696): Post authorization status = PASS_REPL

1d02h: As75 AAA/AUTHOR/LCP: Processing AV service=ppp

1d02h: As75 AAA/AUTHOR/LCP: Processing AV routing*false

1d02h: As75 VP: Create and clone from virtual-template 1

1d02h: VTEMPLATE: No unused vaccess, create new vaccess

1d02h: Vi1 VTEMPLATE: Set default settings with no ip address, encap ppp

1d02h: Vi1 VTEMPLATE: Hardware address 0006.d775.d8c1

1d02h: Vi1 VTEMPLATE: Has a new cloneblk vtemplate, now it has vtemplate

1d02h: Vi1 VTEMPLATE: ************* CLONE VACCESS1 *****************

1d02h: Vi1 VTEMPLATE: Clone from Virtual-Template1

interface Virtual-Access1

default ip address

no ip address

encap ppp

ip unnumbered loopback 0

enc ppp

ip unnumbered loopback 0

encapsulation ppp

end

1d02h: Vi1 VP: Create Virtual Profile for As75

1d02h: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up

1d02h: Vi1 VP: Bind to As75

1d02h: Vi1 VP: Bind fastswitching vectors

1d02h: Vi1 VP: Copied LCP state from As75

1d02h: Vi1 AAA/AUTHOR/FSM: (0): Can we start IPCP?

1d02h: Vi1 AAA/AUTHOR/FSM (2439018656): Port='Async75' list='dial_in' service=NE

T

1d02h: AAA/AUTHOR/FSM: Vi1 (2439018656) user='coucou'

1d02h: Vi1 AAA/AUTHOR/FSM (2439018656): send AV service=ppp

1d02h: Vi1 AAA/AUTHOR/FSM (2439018656): send AV protocol=ip

1d02h: Vi1 AAA/AUTHOR/FSM (2439018656): found list "dial_in"

1d02h: Vi1 AAA/AUTHOR/FSM (2439018656): Method=radius (radius)

1d02h: RADIUS: framed-route 172.16.0.0 255.255.0.0 192.168.254.1

1d02h: RADIUS: cisco AVPair "ip:dns-servers=172.16.69.17 172.16.121.17"

1d02h: RADIUS: cisco AVPair "ip:wins-servers=172.16.69.20 172.16.121.21"

1d02h: RADIUS: Authorize IP address 172.16.248.253

1d02h: RADIUS: Framed-IP-Netmask 255.255.248.0

1d02h: RADIUS: framed-route 172.16.248.0 255.255.248.0

1d02h: Vi1 AAA/AUTHOR (2439018656): Post authorization status = PASS_REPL

1d02h: Vi1 AAA/AUTHOR/FSM: We can start IPCP

1d02h: Vi1 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 0.0.0.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV routing*false

1d02h: Vi1 AAA/AUTHOR/IPCP: Set routing to FALSE

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV inacl=101

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV route=172.16.0.0 255.255.0.0 192.168.2

54.1

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV dns-servers=172.16.69.17 172.16.121.17

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV wins-servers=172.16.69.20 172.16.121.2

1

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=172.16.248.253

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV netmask*255.255.248.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV route=172.16.248.0 255.255.248.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded

1d02h: Vi1 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 172.16.248.253

1d02h: Vi1 AAA/AUTHOR/IPCP: primary dns server 172.16.69.17

1d02h: Vi1 AAA/AUTHOR/IPCP: primary wins server 172.16.69.20

1d02h: Vi1 AAA/AUTHOR/IPCP: seconday dns server 172.16.121.17

1d02h: Vi1 AAA/AUTHOR/IPCP: seconday wins server 172.16.121.21

1d02h: Vi1 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 172.16.248.253

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV routing*false

1d02h: Vi1 AAA/AUTHOR/IPCP: Set routing to FALSE

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV inacl=101

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV route=172.16.0.0 255.255.0.0 192.168.2

54.1

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV dns-servers=172.16.69.17 172.16.121.17

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV wins-servers=172.16.69.20 172.16.121.2

1

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=172.16.248.253

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV netmask*255.255.248.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV route=172.16.248.0 255.255.248.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded

1d02h: Vi1 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0, we want 172.16.248.253

1d02h: Vi1 AAA/AUTHOR/IPCP: primary dns server 172.16.69.17

1d02h: Vi1 AAA/AUTHOR/IPCP: primary wins server 172.16.69.20

1d02h: Vi1 AAA/AUTHOR/IPCP: seconday dns server 172.16.121.17

1d02h: Vi1 AAA/AUTHOR/IPCP: seconday wins server 172.16.121.21

1d02h: Vi1 AAA/AUTHOR/IPCP: Start. Her address 172.16.248.253, we want 172.16.2

48.253

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV routing*false

1d02h: Vi1 AAA/AUTHOR/IPCP: Set routing to FALSE

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV inacl=101

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV route=172.16.0.0 255.255.0.0 192.168.2

54.1

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV dns-servers=172.16.69.17 172.16.121.17

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV wins-servers=172.16.69.20 172.16.121.2

1

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=172.16.248.253

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV netmask*255.255.248.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Processing AV route=172.16.248.0 255.255.248.0

1d02h: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded

1d02h: Vi1 AAA/AUTHOR/IPCP: Done. Her address 172.16.248.253, we want 172.16.24

8.253

1d02h: Vi1 AAA/AUTHOR/IPCP: primary dns server 172.16.69.17

1d02h: Vi1 AAA/AUTHOR/IPCP: primary wins server 172.16.69.20

1d02h: Vi1 AAA/AUTHOR/IPCP: seconday dns server 172.16.121.17

1d02h: Vi1 AAA/AUTHOR/IPCP: seconday wins server 172.16.121.21

1d02h: Vi1 AAA/AUTHOR/PER-USER: Event IP_UP

1d02h: Vi1 AAA/AUTHOR: IP_UP

1d02h: Vi1 AAA/PER-USER: processing author params.

1d02h: Vi1 VTEMPLATE: Has a new cloneblk AAA, now it has vtemplate/AAA

1d02h: Vi1 VTEMPLATE: ************* CLONE VACCESS1 *****************

1d02h: Vi1 VTEMPLATE: Clone from AAA

interface Virtual-Access1

IP access-group 101 in

end

1d02h: Vi1 AAA/AUTHOR: Vaccess parse 'interface Virtual-Access1

IP access-group 101 in

' ok (0)

1d02h: Vi1 AAA/AUTHOR: Parse 'IP route 172.16.0.0 255.255.0.0 192.168.254.1'

1d02h: Vi1 AAA/AUTHOR: Parse returned ok (0)

1d02h: Vi1 AAA/AUTHOR: enqueue peruser IP txt=no IP route 172.16.0.0 255.255.0.0

192.168.254.1

1d02h: Vi1 AAA/AUTHOR: Parse 'ip route 172.16.248.0 255.255.248.0 172.16.248.253

'

1d02h: Vi1 AAA/AUTHOR: Parse returned ok (0)

1d02h: Vi1 AAA/AUTHOR: enqueue peruser IP txt=no ip route 172.16.248.0 255.255.248.0 172.16.248.253

1d02h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed

state to up

thanks everybody for your helps

philippe

0 Helpful

tepatel
Cisco Employee
Cisco Employee
In response to p.emery

‎06-06-2002 01:05 PM

Issue command "sh caller timeout" to see any timeout involved with the dialin users..Also add the command "dialer-list 1 protocol ip permit" in the global config.

Now you can configure the idle timout and absolute timout under the virtual-template 1 to troubleshoot it further..

interface Virtual-Template1

ppp timeout idle 1800

timeout absolute 180

With that connection should atleast stay connected for 30 mins..

You can also configure those timeouts in radius server for dialin users..

Here is the link which discuss "per user tiemouts" on access server and thru radius server in detail along with troubleshooting.

http://www.cisco.com/warp/public/131/8.html

Thx..Tejal

0 Helpful

p.emery
Level 1
Level 1
In response to tepatel

‎06-06-2002 02:25 PM

thaks tejal i tried and i lets you knows

best regards

philippe

0 Helpful

p.emery
Level 1
Level 1

‎06-12-2002 10:31 AM

hi

i have done the test without change after 602 secondes we have a decoonection !!

here is some info :

NAS_3640_1#sh caller timeout

Session Idle Disconnect

Line User Timeout Timeout User in

vty 0 admin - - -

vty 1 admin - - -

BR1/0:1 pme 02:00:00 - 01:58:26

Vi2 pme 01:20:00 00:30:00 00:30:00

13w4d: %ISDN-6-LAYER2DOWN: Layer 2 for Interface BRI1/0, TEI 115 changed to down

13w4d: %ISDN-6-LAYER2DOWN: Layer 2 for Interface BR1/0, TEI 115 changed to down

13w4d: %ISDN-6-DISCONNECT: Interface BRI1/0:1 disconnected from 0329533005 pme, call last

ed 602 seconds

13w4d: %LINK-3-UPDOWN: Interface BRI1/0:1, changed state to down

13w4d: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down

13w4d: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI1/0:1, changed state to down

13w4d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to d

own

router config

interface Virtual-Template1

ip unnumbered Loopback0

timeout absolute 180 0

ppp authentication chap dial_in

ppp authorization dial_in

ppp timeout idle 1800

thanks for your helps it is very important for us !

best regards

philippe

0 Helpful
Customers Also Viewed These Support Documents