hi,

This is configuration I restart from scratch :

------

!

version 12.0

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Router

!

aaa new-model

aaa authentication login DIAL local

aaa authentication ppp DIAL local

!

username testusr password 0 abc

ip subnet-zero

ip address-pool local

!

!

!

interface Ethernet0

description Connect to LAN

ip address 192.168.100.254 255.255.255.0

no ip directed-broadcast

!

interface Serial0

no ip address

no ip directed-broadcast

shutdown

!

interface Serial1

no ip address

no ip directed-broadcast

shutdown

!

interface Group-Async1

ip unnumbered Ethernet0

no ip directed-broadcast

encapsulation ppp

async mode interactive

peer default ip address pool Setup_Pool

ppp authentication pap DIAL

group-range 1 16

!

ip local pool Setup_Pool 192.168.100.120 192.168.100.135

ip classless

!

logging 192.168.100.1

!

line con 0

transport input none

line 1 16

login authentication DIAL

modem InOut

transport input all

stopbits 1

speed 57600

flowcontrol hardware

line aux 0

line vty 0 4

password letmein

!

end

---------

After debug aaa authen , i see it can't found user, don't know why

I used issued user/pass ( testusr/abc ) to login via telnet it successded but can't dialin with this account.

Debug msg show it found authentication list DIAL and authentication method Local but can't found user ( User not found and after GETPASS command it say STATE=FAIL )

Especially, when I telnet, I can see user name in debug message but when Dialin, I can't see user name, it appeared as some special characters. What's wrong with this ?

TIA

I think it's better if you could post the complete debug.

First, enable "service timestamps debug date msec" from global config mode.

Then issue "debug ppp negotiation" and "debug ppp authentication".

Here's the Log

--------------------------------

Router#sh logg

Log Buffer (4096 bytes):

*Mar 1 03:05:35.939: AAA: parse name=tty5 idb type=10 tty=5

*Mar 1 03:05:35.939: AAA: name=tty5 flags=0x11 type=4 shelf=0 slot=0 adapter=0 port=5 channel=0

*Mar 1 03:05:35.943: AAA/AUTHEN: create_user (0x277D10) user='' ruser='' port='tty5' rem_addr='async' authen_type=ASCII service=LOGIN priv=1

*Mar 1 03:05:35.947: AAA/AUTHEN/START (624521261): port='tty5' list='DIAL' action=LOGIN service=LOGIN

*Mar 1 03:05:35.947: AAA/AUTHEN/START (624521261): found list DIAL

*Mar 1 03:05:35.951: AAA/AUTHEN/START (624521261): Method=LOCAL

*Mar 1 03:05:35.951: AAA/AUTHEN (624521261): status = GETUSER

*Mar 1 03:05:37.151: AAA/AUTHEN/CONT (624521261): continue_login (user='(undef)')

*Mar 1 03:05:37.151: AAA/AUTHEN (624521261): status = GETUSER

*Mar 1 03:05:37.155: AAA/AUTHEN/CONT (624521261): Method=LOCAL

*Mar 1 03:05:37.155: AAA/AUTHEN (624521261): status = GETPASS

*Mar 1 03:05:51.015: AAA/AUTHEN/CONT (624521261): continue_login (user='`')

*Mar 1 03:05:51.019: AAA/AUTHEN (624521261): status = GETPASS

*Mar 1 03:05:51.023: AAA/AUTHEN/CONT (624521261): Method=LOCAL

*Mar 1 03:05:51.023: AAA/AUTHEN (624521261): User not found

*Mar 1 03:05:51.027: AAA/AUTHEN (624521261): status = FAIL

*Mar 1 03:05:53.031: AAA/AUTHEN: free_user (0x277D10) user='`' ruser='' port='tty5' rem_addr='async' authen_type=ASCII service=LOGIN priv=1

*Mar 1 03:05:53.035: AAA: parse name=tty5 idb type=10 tty=5

*Mar 1 03:05:53.035: AAA: name=tty5 flags=0x11 type=4 shelf=0 slot=0 adapter=0 port=5 channel=0

*Mar 1 03:05:53.039: AAA/AUTHEN: create_user (0x277D10) user='' ruser='' port='tty5' rem_addr='async' authen_type=ASCII service=LOGIN priv=1

*Mar 1 03:05:53.043: AAA/AUTHEN/START (3103399682): port='tty5' list='DIAL' action=LOGIN service=LOGIN

*Mar 1 03:05:53.047: AAA/AUTHEN/START (3103399682): found list DIAL

*Mar 1 03:05:53.047: AAA/AUTHEN/START (3103399682): Method=LOCAL

*Mar 1 03:05:53.051: AAA/AUTHEN (3103399682): status = GETUSER

*Mar 1 03:05:58.087: AAA/AUTHEN/CONT (3103399682): continue_login (user='(undef)')

*Mar 1 03:05:58.091: AAA/AUTHEN (3103399682): status = GETUSER

*Mar 1 03:05:58.091: AAA/AUTHEN/CONT (3103399682): Method=LOCAL

*Mar 1 03:05:58.095: AAA/AUTHEN (3103399682): status = GETPASS

*Mar 1 03:05:58.299: AAA/AUTHEN/CONT (3103399682): continue_login (user='`')

*Mar 1 03:05:58.299: AAA/AUTHEN (3103399682): status = GETPASS

*Mar 1 03:05:58.303: AAA/AUTHEN/CONT (3103399682): Method=LOCAL

*Mar 1 03:05:58.303: AAA/AUTHEN (3103399682): User not found

*Mar 1 03:05:58.307: AAA/AUTHEN (3103399682): status = FAIL

*Mar 1 03:06:00.307: AAA/AUTHEN: free_user (0x277D10) user='`' ruser='' port='tty5' rem_addr='async' authen_type=ASCII service=LOGIN priv=1

*Mar 1 03:06:00.311: AAA: parse name=tty5 idb type=10 tty=5

*Mar 1 03:06:00.311: AAA: name=tty5 flags=0x11 type=4 shelf=0 slot=0 adapter=0 port=5 channel=0

*Mar 1 03:06:00.315: AAA/AUTHEN: create_user (0x277D10) user='' ruser='' port='tty5' rem_addr='async' authen_type=ASCII service=LOGIN priv=1

*Mar 1 03:06:00.319: AAA/AUTHEN/START (3259348451): port='tty5' list='DIAL' action=LOGIN service=LOGIN

*Mar 1 03:06:00.323: AAA/AUTHEN/START (3259348451): found list DIAL

*Mar 1 03:06:00.327: AAA/AUTHEN/START (3259348451): Method=LOCAL

*Mar 1 03:06:00.327: AAA/AUTHEN (3259348451): status = GETUSER

*Mar 1 03:06:04.155: AAA/AUTHEN/CONT (3259348451): continue_login (user='(undef)')

*Mar 1 03:06:04.159: AAA/AUTHEN (3259348451): status = GETUSER

*Mar 1 03:06:04.159: AAA/AUTHEN/CONT (3259348451): Method=LOCAL

*Mar 1 03:06:04.163: AAA/AUTHEN (3259348451): status = GETPASS

*Mar 1 03:06:04.259: AAA/AUTHEN/CONT (3259348451): continue_login (user='`')

*Mar 1 03:06:04.263: AAA/AUTHEN (3259348451): status = GETPASS

*Mar 1 03:06:04.267: AAA/AUTHEN/CONT (3259348451): Method=LOCAL

*Mar 1 03:06:04.267: AAA/AUTHEN (3259348451): User not found

*Mar 1 03:06:04.271: AAA/AUTHEN (3259348451): status = FAIL

*Mar 1 03:06:06.275: AAA/AUTHEN: free_user (0x277D10) user='`' ruser='' port='tty5' rem_addr='async' authen_type=ASCII service=LOGIN priv=1

Router#

---------------

TIA

It seems that the username used to connect to this router is NULL.

Could you verify that the dialing client is using the correct username.

The username should be seen in the debug.

Below is an example of a debug where the username can be found:

1w2d: AAA: parse name=tty38 idb type=-1 tty=-1

1w2d: AAA: name=tty38 flags=0x11 type=5 shelf=0 slot=0 adapter=0 port=38 channel =0

1w2d: AAA/AUTHEN: create_user (0x61297B5C) user='' ruser='' port='tty38' rem_addr='10.22.2.1/' authen_type=ASCII service=LOGIN priv=1

1w2d: AAA/AUTHEN/START (1572192080): port='tty38' list='' action=LOGIN service=LOGIN

1w2d: AAA/AUTHEN/START (1572192080): using "default" list

1w2d: AAA/AUTHEN/START (1572192080): Method=LOCAL

1w2d: AAA/AUTHEN (1572192080): status = GETUSER

1w2d: AAA/AUTHEN/CONT (1572192080): continue_login (user='(undef)')

1w2d: AAA/AUTHEN (1572192080): status = GETUSER

1w2d: AAA/AUTHEN/CONT (1572192080): Method=LOCAL

1w2d: AAA/AUTHEN (1572192080): status = GETPASS

1w2d: AAA/AUTHEN/CONT (1572192080): continue_login (user='user6')

1w2d: AAA/AUTHEN (1572192080): status = GETPASS

1w2d: AAA/AUTHEN/CONT (1572192080): Method=LOCAL

1w2d: AAA/AUTHEN (1572192080): password incorrect

1w2d: AAA/AUTHEN (1572192080): status = ERROR

1w2d: AAA/AUTHEN/START (2502004780): port='tty38' list='' action=LOGIN service=LOGIN

1w2d: AAA/AUTHEN/START (2502004780): Restart

1w2d: AAA/AUTHEN/START (2502004780): Method=RADIUS

1w2d: AAA/AUTHEN (2502004780): status = GETPASS

1w2d: AAA/AUTHEN/CONT (2502004780): continue_login (user='user6')

1w2d: AAA/AUTHEN (2502004780): status = GETPASS

1w2d: AAA/AUTHEN (2502004780): Method=RADIUS

HTH.

I see this but don't know why, dialin client I used are : win98 with clear text password. another client is windows2k but the problem same. I am make sure setting on client are used PAP as authentication method

Another thing, when I login to router via telnet, I can see my username clearly but can't see this when dialin, anyone know this ?

Thanhks for your quick reply !!!

Just for isolation, could you try creating a new username and password

in the router, then use this for your dialup testing. Thanks.

I did it many time

OK, I see. Try using authentication without AAA and see what happens.

config t

no aaa new-model

int g1

ppp authentication pap default

line 1 16

login authentication default

Thanks.

It still not work

and your command : ppp authen pap default is wrong

just ppp authen pap & login local

What is diffrential between Cisco 2511 and Cisco AS-2511-RJ ? I checkout description section for both but found nothing.

Cisco 2511 has 16 ports via octal fan-out cables (requires a CAB-OCTAL-ASYNC

or a CAB-OCTAL-MODEM) while a Cisco AS2511-RJ has 16 RJ-45 ports.

Here's the link:

http://www.cisco.com/en/US/products/hw/routers/ps233/products_data_sheet09186a008009204c.html

You should probably start troubleshooting from Layer 2, then to Layer 3.

Try removing authentication. If it's still not working, then you may have

PPP problems. The following link provides an example using a Cisco 2511

and information on verification and troubleshooting:

http://www.cisco.com/en/US/tech/tk713/tk507/technologies_configuration_example09186a0080093c31.shtml

Goodluck.

Thanks

I've used http://www.cisco.com/en/US/tech/tk713/tk507/technologies_configuration_example09186a0080093c31.shtml to try as my config but it get same error.

When I config AS-2511-RJ I also used it as started point to get it work but now it can't work, don't know why, maybe hardware or IOS version is the problem ?