cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
410
Views
4
Helpful
8
Replies

Radius attribute DNS

ksAlec
Level 1
Level 1

I'm trying to send some kind of DNS-Server address to my ppp client.

Dial in via vpdn and aaa via radius provides e.g. Framed-IP-Address,

but it doesn't seem to forward any DNS information whatsoever.

Maybe the reason is that I haven't used the correct attribute, because I can't find any in the rfc dictionaries

maybe I need to add a parameter to my cisco configuration.

 

All I know is that debug radius doesn't show my DNS server.

Any ideas anyone?

8 Replies 8

I need it the other way round: We are the Service provider (LNS) and I need to send the dns server address to a dial-up Client, which is a fritzbox.

Configure DNS Servers Through IPCP « ipSpace.net blog

under the virtual-template of server use 

ppp ipcp dns <primary> 

under the interface of client use 

ppp ipcp dns request 

I think this what you need 

MHM

ksAlec
Level 1
Level 1

I tried that, but it didn't work.

ppp ipcp dns x.x.x.x

and the Fritzbox still says DNS is 0.0.0.0

Using a "normal" provider, the Fritzbox does get DNS server addresses, so I guess the client isn't the problem.

Then try 

PPP ipcp dns accpet <<- this under client 

Also use below debug to check if Server send DNS or not

debug ppp negotiation

MHM

ksAlec
Level 1
Level 1

I couldn't see the ipcp DNS part while debugging my test client,
but now I get clients who try to access my DNS-Server, so something must have worked, just not for that one test FritzBox.

I'll probably keep testing next week...

 

 

*Aug 11 16:31:25.679: Vi3 IPCP: I CONFNAK [ACKsent] id 2 len 16
*Aug 11 16:31:25.679: Vi3 IPCP:    Address 101.101.101.102 (0x030665656566)
*Aug 11 16:31:25.679: Vi3 IPCP:    PrimaryDNS 4.2.2.2 (0x810604020202)

 the DNS must appear in this part of debug 

MHM

ksAlec
Level 1
Level 1

I've found somewhere on the internet that it might not be possible to send dns-server information via radius. It said, that even if the radius sends that information it won't be forwarded. The only way is using a fixed dns-server via

ppp ipcp dns x.x.x.x

If that is true, it's unfortunate because I'd want different ppp connections to use different dns-servers. I guess I could work around it though.

Review Cisco Networking for a $25 gift card