Buy or Renew
Buy or Renew
Join the Catalyst Center Onboarding Ask Me Anything event happening now!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
605
Views
0
Helpful
4
Replies

2511 Dial up Problems Windows TCP/IP Error 733

trobison
Level 1
Level 1

‎11-18-2002 06:22 AM - edited ‎03-02-2019 02:57 AM

I have a 2511 RJ that we are setting up. We are using TACACS+. Will be moving to RADIUS later. The problem is that when a user dial up, they get a windows 733 error, babling about inability to get a negotiated protocol.

NAS config is as follows:

version 12.2

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname cromw_2511RJ

!

boot system flash bootflash:

boot system flash

boot system flash host

boot system flash cs2500-js-l.122-7.bin

boot system tftp cs2500-js-l.122-7.bin 192.168.0.3

boot system flash bootflash

aaa new-model

aaa authentication login default local group tacacs+

aaa authentication login console line

aaa authentication ppp default if-needed group tacacs+ local

aaa authorization network default group tacacs+

aaa authorization configuration default group tacacs+

aaa accounting exec default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+

enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

enable password xxxxxxxx

!

ip subnet-zero

ip name-server 65.125.220.3

ip name-server 65.125.220.4

!

!

!

!

interface Ethernet0

ip address 65.125.221.252 255.255.255.224

loopback

no mop enabled

!

interface Serial0

no ip address

shutdown

lat enabled

!

interface Group-Async1

ip unnumbered Ethernet0

encapsulation ppp

ip tcp header-compression passive

no ip mroute-cache

async mode interactive

peer default ip address pool setup_pool

ppp authentication ms-chap pap

group-range 1 16

!

router eigrp 1

redistribute connected

redistribute static

redistribute rip

network 65.0.0.0

network 208.138.122.0

no auto-summary

eigrp log-neighbor-changes

!

router rip

redistribute connected

redistribute static

redistribute eigrp 1

network 208.138.122.0

!

router igrp 1

redistribute connected

network 192.168.0.0

network 192.168.1.0

!

router rip

redistribute connected

redistribute static

redistribute eigrp 1

network 208.138.122.0

!

router igrp 1

redistribute connected

network 192.168.0.0

network 192.168.1.0

!

ip local pool setup_pool 65.125.221.20 65.125.221.25

ip default-gateway 65.125.221.252

ip classless

ip tacacs source-interface Ethernet0

no ip http server

no ip pim bidir-enable

!

dialer-list 1 protocol ip permit

!

tacacs-server host 65.125.220.236

tacacs-server key xxxxxxxx

!

line con 0

line 1 16

login authentication tacacs+

modem Dialin

autoselect during-login

autoselect ppp

speed 115200

flowcontrol hardware

line aux 0

line vty 0 4

password xxxxxxxxx

!

Labels:
0 Helpful
4 Replies 4

lgijssel
Level 9
Level 9

‎11-18-2002 07:23 AM

Could be aaa configuration. Ours is like this:

aaa new-model

aaa authentication login default tacacs+

aaa authentication ppp default tacacs+

aaa authorization exec default tacacs+

aaa authorization network default tacacs+

aaa accounting suppress null-username

aaa accounting update newinfo

aaa accounting exec default start-stop tacacs+

aaa accounting network default start-stop tacacs+

aaa accounting connection default start-stop tacacs+

When you are using Cisco ACS, be sure that PPP and IPCP are checked on the group(s) that authorize users.

Do a debug ppp neg to see where it goes wrong.

0 Helpful

tepatel
Cisco Employee
Cisco Employee

‎11-18-2002 09:19 AM

Need to see debug for following to know the actual reason

debug modem

debug ppp authentication

debug ppp nego

debug aaa authentication

debug aaa authorization

debug dialer

0 Helpful

trobison
Level 1
Level 1
In response to tepatel

‎11-19-2002 05:53 AM

00:34:52: AAA: parse name=tty1 idb type=10 tty=1

00:34:52: AAA: name=tty1 flags=0x11 type=4 shelf=0 slot=0 adapter=0 port=1 chann

el=0

00:34:52: AAA/MEMORY: create_user (0x385EB8) user='NULL' ruser='NULL' ds0=-1 por

t='tty1' rem_addr='async' authen_type=ASCII service=LOGIN priv=1 initial_task_id

='0'

00:34:52: AAA/AUTHEN/START (1175944531): port='tty1' list='' action=LOGIN servic

e=LOGIN

00:34:52: AAA/AUTHEN/START (1175944531): using "default" list

00:34:52: AAA/AUTHEN/START (1175944531): Method=LOCAL

00:34:52: AAA/AUTHEN (1175944531): status = GETUSER

00:34:52: TTY1: set timer type 10, 30 seconds

00:34:54: TTY1: Autoselect(2) sample 7E

00:34:54: TTY1: Autoselect(2) sample 7EFF

00:34:54: TTY1: Autoselect(2) sample 7EFF7D

00:34:54: TTY1: Autoselect(2) sample 7EFF7D23

00:34:54: TTY1 Autoselect cmd: ppp negotiate

00:34:54: AAA/AUTHEN/ABORT: (1175944531) because Autoselected.

00:34:54: AAA/AUTHEN/ABORT: (1175944531) because Autoselected.

00:34:54: AAA/MEMORY: free_user_quiet (0x385EB8) user='NULL' ruser='NULL' port='

tty1' rem_addr='async' authen_type=1 service=1 priv=1

00:34:54: TTY1: EXEC creation

00:34:54: TTY1: create timer type 1, 600 seconds

00:34:54: TTY1: destroy timer type 1

00:34:54: TTY1: no timer type 0 to destroy

00:34:56: %LINK-3-UPDOWN: Interface Async1, changed state to up

00:34:56: As1 PPP: Treating connection as a dedicated line

00:34:56: As1 PPP: Phase is ESTABLISHING, Active Open [0 sess, 0 load]

00:34:56: As1 AAA/AUTHOR/FSM: (0): LCP succeeds trivially

00:34:56: As1 LCP: O CONFREQ [Closed] id 7 len 25

00:34:56: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)

00:34:56: As1 LCP: AuthProto MS-CHAP (0x0305C22380)

00:34:56: As1 LCP: MagicNumber 0x109BE5FE (0x0506109BE5FE)

00:34:56: As1 LCP: PFC (0x0702)

00:34:56: As1 LCP: ACFC (0x0802)

00:34:56: As1 LCP: I CONFACK [REQsent] id 7 len 25

00:34:56: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)

00:34:56: As1 LCP: AuthProto MS-CHAP (0x0305C22380)

00:34:56: As1 LCP: MagicNumber 0x109BE5FE (0x0506109BE5FE)

00:34:56: As1 LCP: PFC (0x0702)

00:34:56: As1 LCP: ACFC (0x0802)

00:34:57: As1 LCP: I CONFREQ [ACKrcvd] id 2 len 50

00:34:57: As1 LCP: ACCM 0x00000000 (0x020600000000)

00:34:57: As1 LCP: MagicNumber 0x798076CB (0x0506798076CB)

00:34:57: As1 LCP: PFC (0x0702)

00:34:57: As1 LCP: ACFC (0x0802)

00:34:57: As1 LCP: Callback 6 (0x0D0306)

00:34:57: As1 LCP: MRRU 1614 (0x1104064E)

00:34:57: As1 LCP: EndpointDisc 1 Local

00:34:57: As1 LCP: (0x13170199DAED288194418BA4D418B55E)

00:34:57: As1 LCP: (0xFFB57700000000)

00:34:57: As1 LCP: O CONFREJ [ACKrcvd] id 2 len 11

00:34:57: As1 LCP: Callback 6 (0x0D0306)

00:34:57: As1 LCP: MRRU 1614 (0x1104064E)

00:34:57: As1 LCP: I CONFREQ [ACKrcvd] id 3 len 43

00:34:57: As1 LCP: ACCM 0x00000000 (0x020600000000)

00:34:57: As1 LCP: MagicNumber 0x798076CB (0x0506798076CB)

00:34:57: As1 LCP: PFC (0x0702)

00:34:57: As1 LCP: ACFC (0x0802)

00:34:57: As1 LCP: EndpointDisc 1 Local

00:34:57: As1 LCP: (0x13170199DAED288194418BA4D418B55E)

00:34:57: As1 LCP: (0xFFB57700000000)

00:34:57: As1 LCP: O CONFACK [ACKrcvd] id 3 len 43

00:34:57: As1 LCP: ACCM 0x00000000 (0x020600000000)

00:34:57: As1 LCP: MagicNumber 0x798076CB (0x0506798076CB)

00:34:57: As1 LCP: PFC (0x0702)

00:34:57: As1 LCP: ACFC (0x0802)

00:34:57: As1 LCP: EndpointDisc 1 Local

00:34:57: As1 LCP: (0x13170199DAED288194418BA4D418B55E)

00:34:57: As1 LCP: (0xFFB57700000000)

00:34:57: As1 LCP: State is Open

00:34:57: As1 PPP: Phase is AUTHENTICATING, by this end [0 sess, 0 load]

00:34:57: As1 MS-CHAP: O CHALLENGE id 3 len 25 from "cromw_2511RJ"

00:34:57: As1 LCP: I IDENTIFY [Open] id 4 len 18 magic 0x798076CB MSRASV5.00

00:34:57: As1 LCP: I IDENTIFY [Open] id 5 len 31 magic 0x798076CB MSRAS-1-MEADOW

S-1QDN4P0

00:34:57: As1 MS-CHAP: I RESPONSE id 3 len 62 from "trobison"

00:34:57: AAA: parse name=Async1 idb type=10 tty=1

00:34:57: AAA: name=Async1 flags=0x11 type=4 shelf=0 slot=0 adapter=0 port=1 cha

nnel=0

00:34:58: AAA/MEMORY: create_user (0x386050) user='trobison' ruser='NULL' ds0=-1

port='Async1' rem_addr='async' authen_type=MSCHAP service=PPP priv=1 initial_ta

sk_id='0'

00:34:58: AAA/AUTHEN/START (1061268854): port='Async1' list='' action=LOGIN serv

ice=PPP

00:34:58: AAA/AUTHEN/START (1061268854): using "default" list

00:34:58: AAA/AUTHEN (1061268854): status = UNKNOWN

00:34:58: AAA/AUTHEN/START (1061268854): Method=tacacs+ (tacacs+)

00:34:58: TAC+: send AUTHEN/START packet ver=193 id=1061268854

00:34:59: TAC+: ver=193 id=1061268854 received AUTHEN status = PASS

00:34:59: AAA/AUTHEN (1061268854): status = PASS

00:34:59: As1 AAA/AUTHOR/LCP: Authorize LCP

00:34:59: As1 AAA/AUTHOR/LCP (1293332020): Port='Async1' list='' service=NET

00:34:59: AAA/AUTHOR/LCP: As1 (1293332020) user='trobison'

00:34:59: As1 AAA/AUTHOR/LCP (1293332020): send AV service=ppp

00:34:59: As1 AAA/AUTHOR/LCP (1293332020): send AV protocol=lcp

00:34:59: As1 AAA/AUTHOR/LCP (1293332020): found list "default"

00:34:59: As1 AAA/AUTHOR/LCP (1293332020): Method=tacacs+ (tacacs+)

00:34:59: AAA/AUTHOR/TAC+: (1293332020): user=trobison

00:34:59: AAA/AUTHOR/TAC+: (1293332020): send AV service=ppp

00:34:59: AAA/AUTHOR/TAC+: (1293332020): send AV protocol=lcp

00:34:59: TAC+: (1293332020): received author response status = PASS_ADD

00:34:59: As1 AAA/AUTHOR (1293332020): Post authorization status = PASS_ADD

00:34:59: As1 MS-CHAP: O SUCCESS id 3 len 4

00:34:59: As1 PPP: Phase is UP [0 sess, 0 load]

00:34:59: As1 AAA/AUTHOR/FSM: (0): Can we start IPCP?

00:34:59: As1 AAA/AUTHOR/FSM (2020175829): Port='Async1' list='' service=NET

00:34:59: AAA/AUTHOR/FSM: As1 (2020175829) user='trobison'

00:34:59: As1 AAA/AUTHOR/FSM (2020175829): send AV service=ppp

00:34:59: As1 AAA/AUTHOR/FSM (2020175829): send AV protocol=ip

00:34:59: As1 AAA/AUTHOR/FSM (2020175829): found list "default"

00:34:59: As1 AAA/AUTHOR/FSM (2020175829): Method=tacacs+ (tacacs+)

00:34:59: AAA/AUTHOR/TAC+: (2020175829): user=trobison

00:34:59: AAA/AUTHOR/TAC+: (2020175829): send AV service=ppp

00:34:59: AAA/AUTHOR/TAC+: (2020175829): send AV protocol=ip

00:34:59: As1 CCP: I CONFREQ [Not negotiated] id 6 len 10

00:34:59: As1 CCP: MS-PPC supported bits 0x00000001 (0x120600000001)

00:34:59: As1 LCP: O PROTREJ [Open] id 8 len 16 protocol CCP (0x80FD0106000A1206

00000001)

00:34:59: As1 IPCP: I CONFREQ [Closed] id 7 len 40

00:34:59: As1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01)

00:34:59: As1 IPCP: Address 0.0.0.0 (0x030600000000)

00:34:59: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)

00:34:59: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)

00:34:59: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)

00:34:59: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)

00:34:59: TAC+: (2020175829): received author response status = PASS_ADD

00:34:59: As1 AAA/AUTHOR (2020175829): Post authorization status = PASS_ADD

00:34:59: As1 AAA/AUTHOR/FSM: We can start IPCP

00:34:59: As1 IPCP: O CONFREQ [Closed] id 5 len 16

00:34:59: As1 IPCP: CompressType VJ 15 slots (0x0206002D0F00)

00:34:59: As1 IPCP: Address 65.125.221.252 (0x0306417DDDFC)

00:34:59: As1 IPCP: I CONFACK [REQsent] id 5 len 16

00:34:59: As1 IPCP: CompressType VJ 15 slots (0x0206002D0F00)

00:34:59: As1 IPCP: Address 65.125.221.252 (0x0306417DDDFC)

00:35:00: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, changed state

to up

00:35:01: As1 IPCP: TIMEout: State ACKrcvd

00:35:01: As1 IPCP: O CONFREQ [ACKrcvd] id 6 len 16

00:35:01: As1 IPCP: CompressType VJ 15 slots (0x0206002D0F00)

00:35:01: As1 IPCP: Address 65.125.221.252 (0x0306417DDDFC)

00:35:01: As1 IPCP: I CONFACK [REQsent] id 6 len 16

00:35:01: As1 IPCP: CompressType VJ 15 slots (0x0206002D0F00)

00:35:01: As1 IPCP: Address 65.125.221.252 (0x0306417DDDFC)

00:35:02: As1 IPCP: I CONFREQ [ACKrcvd] id 8 len 40

00:35:02: As1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01)

00:35:02: As1 IPCP: Address 0.0.0.0 (0x030600000000)

00:35:02: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)

00:35:02: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)

00:35:02: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)

00:35:02: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)

00:35:02: As1 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0, we want 65.125.221.2

2

00:35:02: As1 AAA/AUTHOR/IPCP (2213017230): Port='Async1' list='' service=NET

00:35:02: AAA/AUTHOR/IPCP: As1 (2213017230) user='trobison'

00:35:02: As1 AAA/AUTHOR/IPCP (2213017230): send AV service=ppp

00:35:02: As1 AAA/AUTHOR/IPCP (2213017230): send AV protocol=ip

00:35:02: As1 AAA/AUTHOR/IPCP (2213017230): found list "default"

00:35:02: As1 AAA/AUTHOR/IPCP (2213017230): Method=tacacs+ (tacacs+)

00:35:02: AAA/AUTHOR/TAC+: (2213017230): user=trobison

00:35:02: AAA/AUTHOR/TAC+: (2213017230): send AV service=ppp

00:35:02: AAA/AUTHOR/TAC+: (2213017230): send AV protocol=ip

00:35:03: TAC+: (2213017230): received author response status = PASS_ADD

00:35:03: As1 AAA/AUTHOR (2213017230): Post authorization status = PASS_ADD

00:35:03: As1 AAA/AUTHOR/IPCP: Says use pool setup_pool

00:35:03: As1 AAA/AUTHOR/IPCP: Pool returned 65.125.221.20

00:35:03: As1 AAA/AUTHOR/IPCP: Processing AV service=ppp

00:35:03: As1 AAA/AUTHOR/IPCP: Processing AV protocol=ip

00:35:03: As1 AAA/AUTHOR/IPCP: Processing AV addr-pool=setup_pool

00:35:03: As1 AAA/AUTHOR/IPCP: Processing AV routing=true

00:35:03: As1 AAA/AUTHOR/IPCP: Routing denied -- tty not configured to route

00:35:03: As1 AAA/AUTHOR/IPCP: Authorization denied

00:35:03: As1 LCP: O PROTREJ [Open] id 9 len 46 protocol IPCP

00:35:03: As1 LCP: (0x8021010800280206002D0F0103060000)

00:35:03: As1 LCP: (0x00008106000000008206000000008306)

00:35:03: As1 LCP: (0x00000000840600000000)

00:35:03: As1 IPCP: State is Closed

00:35:03: As1 LCP: I TERMREQ [Open] id 9 len 16 (0x798076CB003CCD7400000000)

00:35:03: As1 LCP: O TERMACK [Open] id 9 len 4

00:35:03: As1 PPP: Phase is TERMINATING [0 sess, 0 load]

00:35:04: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, changed state

to down

00:35:04: TTY1: DSR was dropped

00:35:04: tty1: Modem: READY->(unknown)

00:35:05: As1 LCP: TIMEout: State TERMsent

00:35:05: As1 LCP: State is Closed

00:35:05: As1 PPP: Phase is DOWN [0 sess, 0 load]

00:35:05: TTY1: Async Int reset: Dropping DTR

00:35:05: As1 PPP: Phase is ESTABLISHING, Passive Open [0 sess, 0 load]

00:35:05: As1 LCP: State is Listen

00:35:05: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on Ethernet0 (not f

ull duplex), with crom_serial FastEthernet0/1 (full duplex).

00:35:05: As1 LCP: State is Listen

00:35:05: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on Ethernet0 (not f

ull duplex), with crom_serial FastEthernet0/1 (full duplex).

00:35:05: TTY1: dropping DTR, hanging up

00:35:05: tty1: Modem: HANGUP->(unknown)

00:35:06: TTY1: cleanup pending. Delaying DTR

00:35:07: %LINK-5-CHANGED: Interface Async1, changed state to reset

00:35:07: As1 LCP: State is Closed

00:35:07: As1 PPP: Phase is DOWN [0 sess, 0 load]

00:35:07: TTY1: cleanup pending. Delaying DTR

00:35:08: TTY1: cleanup pending. Delaying DTR

00:35:10: TTY1: cleanup pending. Delaying DTR

00:35:10: TTY1: no timer type 0 to destroy

00:35:10: TTY1: no timer type 1 to destroy

00:35:10: TTY1: no timer type 3 to destroy

00:35:10: TTY1: no timer type 4 to destroy

00:35:10: TTY1: no timer type 2 to destroy

00:35:10: AAA/MEMORY: free_user (0x386050) user='trobison' ruser='NULL' port='As

ync1' rem_addr='async' authen_type=MSCHAP service=PPP priv=1

00:35:10: Async1: allowing modem_process to continue hangup

00:35:10: As1 IPCP: Remove route to 65.125.221.22

00:35:11: TTY1: restoring DTR

00:35:12: %LINK-3-UPDOWN: Interface Async1, changed state to down

00:35:12: As1 LCP: State is Closed

0 Helpful

mljohnson
Level 4
Level 4
In response to trobison

‎11-19-2002 12:09 PM

You need to either remove "routing=true" from the user's profile (preferred), or add "async default routing" to the group-async interface. The clue is here:

00:35:03: As1 AAA/AUTHOR/IPCP: Processing AV routing=true

00:35:03: As1 AAA/AUTHOR/IPCP: Routing denied -- tty not configured to route

00:35:03: As1 AAA/AUTHOR/IPCP: Authorization denied

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card