Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2502
Views
0
Helpful
2
Replies

ppp can't run on this line

m.matteson
Level 2
Level 2

‎06-16-2003 12:40 PM - edited ‎03-10-2019 07:21 AM

does anyone have a list of cisco vsa or av pairs? thanks! i just want to know whats out there and what i can use. anyways..here is my problem.

i just started to setup authorization and now i can't get into my router by telnet.

all i did was this.

aaa athorization exec default group radius

and then applied

aaa athorization exec default to line vty 0 4

are you suppose to apply authorization to lines? but why is it saying ppp won't work? my debug says this

exe-router#rvice-Type [6] 6 Login [1]

3d00h: RADIUS: NAS-IP-Address [4] 6 172.16.1.1

3d00h: RADIUS: Received from id 21645/103 172.16.1.26:1645, Access-Accept, len 1

19

3d00h: RADIUS: authenticator 94 8B C1 DF 00 23 90 6E - 2F 31 6B AF C1 FC 6E FD

3d00h: RADIUS: Vendor, Cisco [26] 25

3d00h: RADIUS: Cisco AVpair [1] 19 "Shell:priv-lvl=15"

3d00h: RADIUS: Framed-Protocol [7] 6 PPP [1]

3d00h: RADIUS: Port-Limit [62] 6 1

3d00h: RADIUS: Service-Type [6] 6 Login [1]

3d00h: RADIUS: Class [25] 32

3d00h: RADIUS: 40 B1 04 CA 00 00 01 37 00 01 AC 10 01 1A 01 C3 [@??????7?????

???]

3d00h: RADIUS: 32 D8 AD 10 92 58 00 00 00 00 00 00 00 44 [2????X???????

D]

3d00h: RADIUS: Vendor, Microsoft [26] 12

3d00h: RADIUS: MS-MPPE-Enc-Policy [7] 6

3d00h: RADIUS: 00 00 00 [???]

3d00h: RADIUS: Vendor, Microsoft [26] 12

3d00h: RADIUS: MS-MPPE-Enc-Type [8] 6

3d00h: RADIUS: 00 00 00 [???]

3d00h: RADIUS(00000057): Received from id 21645/103

3d00h: RADIUS: Constructed " ppp negotiate "

3d00h: AAA/AUTHOR/EXEC(00000057): processing AV priv-lvl=15

3d00h: AAA/AUTHOR/EXEC(00000057): processing AV noescape=1

3d00h: AAA/AUTHOR/EXEC(00000057): processing AV autocmd= ppp negotiate

3d00h: AAA/AUTHOR/EXEC(00000057): Authorization successful

says i was authorized. but....also where did that ppp autocommand come from?

Labels:
0 Helpful
2 Replies 2

sghosh
Level 1
Level 1

‎06-17-2003 09:42 AM

Him

You need to remove the following attribute in the profile of the user.

Framed-Protocol [7] 6 PPP [1]

If you are using the following attribute , router uses it for ppp authorization.

Here is the list of the av-pair.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a008010216c.html

these av-pairs can be used for radius as well as tacacs+.

Do let me know if you have any questions.

Thanks

Sujit

0 Helpful

m.matteson
Level 2
Level 2
In response to sghosh

‎06-17-2003 10:32 AM

thank you for your response. it seems that may was the problem...got rid of it and now it works. thanks man

0 Helpful
Customers Also Viewed These Support Documents