03-28-2002 05:53 AM - edited 03-01-2019 09:04 PM
Hi all,
after upgrading from 12.2(7) to 12.2(8)T4 (pppoe client needed) MS callback to Win98 clients doesn't work any more. I didn't try it with Win2000 but I estimate that this won't work too.
All I did was upgrading the router, reloading, configuring pppoe client - no changes where made in the RAS config. Is/was this a bug or feature. Is callback with MS dialup network supported? So many
questions.
I want to dial in with user - let's say xx5 according to the config - and I want to callback this user.
With my old IOS version I just needed to add a callback number like username xx3 callback-dialstring 999 password asd and it worked!
So what's wrong?
TIA,
Joe
If you want to have look at the config - here it is:
!
! Last configuration change at 08:59:54 CET Wed Mar 27 2002 by asd
! NVRAM config last updated at 09:22:08 CET Wed Mar 27 2002 by asd
!
version 12.2
service exec-callback
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
service exec-wait
!
hostname asterix
!
logging buffered 4096 debugging
enable secret xxx
!
username xx1 password asd
username xx2 password asd
username xx3 callback-dialstring 999 password asd
username xx4 password asd
username xx5 callback-dialstring 999 password asd
username xx6 password asd
username xx7 password asd
username xx8 password asd
username xx9 callback-dialstring 999 password asd
username xx10 callback-dialstring 999 password asd
username xx11 nocallback-verify callback-dialstring "" password asd
username xx12 password asd
clock timezone CET 1
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
ip subnet-zero
no ip source-route
!
!
ip host idefix 192.168.1.3
ip host majestix 192.168.1.12
ip host obelix 192.168.1.2
ip host asterix 192.168.1.1
ip host miraculix 192.168.1.13
ip host methusalix 192.168.1.11
ip name-server 192.168.1.13
!
no ip bootp server
vpdn enable
!
vpdn-group 1
request-dialin
protocol pppoe
!
isdn switch-type basic-1tr6
isdn voice-call-failure 0
isdn tei-negotiation first-call
chat-script offhook "" "ATZ" OK
chat-script callback ABORT ERROR ABORT BUSY "" "ATZ" OK "ATX3DT0 \T"
TIMEOUT 60 CONNECT \c
!
!
!
!
!
!
!
fax interface-type fax-mail
mta receive maximum-recipients 0
!
!
!
!
interface Ethernet0/0
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
no ip route-cache
no ip mroute-cache
full-duplex
no cdp enable
!
interface Ethernet0/1
description T-DSL Anschluss
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
no ip mroute-cache
shutdown
half-duplex
pppoe enable
pppoe-client dial-pool-number 21
no cdp enable
!
interface BRI1/0
no ip address
encapsulation ppp
no ip route-cache
no ip mroute-cache
load-interval 30
dialer pool-member 1 max-link 2
isdn switch-type basic-1tr6
priority-group 10
compress mppc
no cdp enable
ppp multilink
!
interface BRI1/1
no ip address
ip nat inside
encapsulation ppp
ip tcp header-compression
no ip mroute-cache
no keepalive
dialer rotary-group 11
dialer-group 1
isdn switch-type basic-1tr6
isdn fast-rollover-delay 1
compress mppc
no cdp enable
ppp authentication pap
!
interface BRI1/2
no ip address
no ip mroute-cache
shutdown
isdn switch-type basic-1tr6
no cdp enable
!
interface BRI1/3
no ip address
no ip mroute-cache
shutdown
isdn switch-type basic-1tr6
no cdp enable
!
interface Async65
bandwidth 38
ip address 192.168.22.1 255.255.255.0
ip nat inside
encapsulation ppp
ip tcp header-compression passive
no ip mroute-cache
async dynamic address
async mode interactive
peer default ip address 192.168.22.11
compress mppc
!
interface Dialer1
description Internet ueber MuchmoreTelecom Flatrate
ip address negotiated
ip access-group 100 in
no ip unreachables
ip nat outside
encapsulation ppp
no ip route-cache
ip tcp header-compression
no ip mroute-cache
load-interval 30
dialer pool 1
dialer remote-name arcor
dialer idle-timeout 600
dialer enable-timeout 2
dialer string 1234
dialer hold-queue 10
dialer load-threshold 1 either
dialer-group 2
priority-group 10
compress mppc
no cdp enable
ppp authentication pap callin
ppp chap refuse
ppp pap sent-username anything password nothing
ppp multilink
!
interface Dialer2
description Internet ueber Arcor (Backup)
ip address negotiated
ip access-group 100 in
no ip unreachables
ip nat outside
encapsulation ppp
no ip route-cache
ip tcp header-compression
no ip mroute-cache
load-interval 30
shutdown
dialer pool 1
dialer remote-name Arcor
dialer idle-timeout 600
dialer enable-timeout 2
dialer string 00192072
dialer hold-queue 10
dialer load-threshold 20 either
dialer-group 2
priority-group 10
no cdp enable
ppp authentication pap callin
ppp chap refuse
ppp pap sent-username anything password nothing
ppp multilink
!
interface Dialer11
description RAS
ip address 192.168.21.1 255.255.255.0
ip nat inside
encapsulation ppp
no ip route-cache
ip tcp header-compression
no ip mroute-cache
load-interval 30
dialer in-band
dialer idle-timeout 1800
dialer fast-idle 1
dialer enable-timeout 2
dialer-group 1
peer default ip address pool baisch_ras
compress mppc
no cdp enable
ppp callback accept
ppp authentication chap callin
ppp multilink
!
interface Dialer21
ip address negotiated
ip mtu 1492
ip nat outside
encapsulation ppp
no ip route-cache
no ip mroute-cache
dialer pool 21
dialer-group 101
no cdp enable
ppp authentication pap callin
ppp pap sent-username anything password nothing
!
ip local pool baisch_ras 192.168.21.11 192.168.21.50
ip nat inside source list 101 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
ip pim bidir-enable
!
!
!
map-class dialer callback
dialer callback-server username
!
logging 192.168.1.12
access-list 99 permit 192.168.0.0 0.0.255.255
access-list 100 permit ...
access-list 101 permit ...
priority-list 10 protocol ip low tcp ftp
priority-list 10 protocol ip low tcp ftp-data
priority-list 10 protocol ip low tcp pop3
priority-list 10 protocol ip low tcp smtp
priority-list 10 protocol ip high tcp www
priority-list 10 protocol ip high tcp 443
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip list 101
no cdp run
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
banner motd
This is a private system operated for and by
xxx.
Authorization from xxx management is required to use
this system.
Use by unauthorized persons is prohibited.
!
line con 0
exec-timeout 2 0
login local
line aux 0
session-timeout 11
location Async Dial-In
exec-timeout 11 10
script startup offhook
script reset offhook
script modem-off-hook offhook
script callback callback
no vacant-message
login local
modem InOut
transport preferred telnet
transport input all
callback forced-wait 20
stopbits 1
speed 38400
flowcontrol hardware
line vty 0 4
access-class 99 in
exec-timeout 5 0
password 7 0458
login local
!
ntp clock-period 17208918
ntp server 192.53.103.104
ntp server 129.69.1.153
ntp server 130.149.17.8
ntp server 131.188.3.220
!
end
03-30-2002 01:38 AM
At first I thought the pppoe stuff might be messing up the callback, with the dialers and all, but you are doing exec-callback so that shouldn't cause any problems.
I did a bug search on cco and found this:
CSCdw63293 - callback is calling garbage
First Found-in Version: 12.2(7.6)T
Release Notes
callback is calling garbage
example :
Event: Call to ^->o`lB at 64 Kb/s
\____> Garbage.
the switch will return :
Invalid number format
this bug as dup'd to:
CSCdu50702 - PPP authorization fails for callback when LCP renegotiates
Fixed-in:
12.2(4.1) 12.2(4.1)S 12.2(4.1)PI 12.2(5.2)T
12.2(4.02a)DA 12.2(6.4)PB 12.2(6.4)B 12.2(8.5)T
12.2(8.5)PI04
Release Notes:
On a callback call, if LCP completes negotiation (LCP Open) and
prior to IPCP (or any NCP) completeling negotiation LCP negotiation
restarts, this may cause the callback call to fail due to AAA
authorization problems.
Workaround is to enable authentication for callin and callout on
the NAS.
In one case, the workaround was to use
"ppp authentication pap chap callin callback", as the default would fail.
I'm not sure these are related, can you run some debugs to confirm?
Josh
04-01-2002 12:00 AM
Josh,
thanks for your reply.
I don't think that this bug is my problem. The router doesn't call back at all.
I made some debug:
Apr 1 09:51:36: %LINK-3-UPDOWN: Interface BRI1/1:1, changed state to up
Apr 1 09:51:36: BR1/1:1 PPP: Authorization NOT required
Apr 1 09:51:36: BR1/1:1 PPP: Treating connection as a callin
Apr 1 09:51:36: BR1/1:1 PPP: Phase is ESTABLISHING, Passive Open
Apr 1 09:51:36: BR1/1:1 LCP: State is Listen
Apr 1 09:51:38: BR1/1:1 LCP: I CONFREQ [Listen] id 0 len 50
Apr 1 09:51:38: BR1/1:1 LCP: ACCM 0x00000000 (0x020600000000)
Apr 1 09:51:38: BR1/1:1 LCP: MagicNumber 0x1D646287 (0x05061D646287)
Apr 1 09:51:38: BR1/1:1 LCP: PFC (0x0702)
Apr 1 09:51:38: BR1/1:1 LCP: ACFC (0x0802)
Apr 1 09:51:38: BR1/1:1 LCP: Callback 6 (0x0D0306)
Apr 1 09:51:38: BR1/1:1 LCP: MRRU 1614 (0x1104064E)
Apr 1 09:51:38: BR1/1:1 LCP: EndpointDisc 1 Local
Apr 1 09:51:38: BR1/1:1 LCP: (0x13170179989DB9E9284DE0AEB573B7BB)
Apr 1 09:51:38: BR1/1:1 LCP: (0xFE52ED00000000)
Apr 1 09:51:38: BR1/1:1 LCP: O CONFREQ [Listen] id 6 len 28
Apr 1 09:51:38: BR1/1:1 LCP: AuthProto PAP (0x0304C023)
Apr 1 09:51:38: BR1/1:1 LCP: MagicNumber 0x1F81B661 (0x05061F81B661)
Apr 1 09:51:38: BR1/1:1 LCP: MRRU 1524 (0x110405F4)
Apr 1 09:51:38: BR1/1:1 LCP: EndpointDisc 1 asterix (0x130A0161737465726978)
Apr 1 09:51:38: BR1/1:1 LCP: O CONFACK [Listen] id 0 len 50
Apr 1 09:51:38: BR1/1:1 LCP: ACCM 0x00000000 (0x020600000000)
Apr 1 09:51:38: BR1/1:1 LCP: MagicNumber 0x1D646287 (0x05061D646287)
Apr 1 09:51:38: BR1/1:1 LCP: PFC (0x0702)
Apr 1 09:51:38: BR1/1:1 LCP: ACFC (0x0802)
Apr 1 09:51:38: BR1/1:1 LCP: Callback 6 (0x0D0306)
Apr 1 09:51:38: BR1/1:1 LCP: MRRU 1614 (0x1104064E)
Apr 1 09:51:38: BR1/1:1 LCP: EndpointDisc 1 Local
Apr 1 09:51:38: BR1/1:1 LCP: (0x13170179989DB9E9284DE0AEB573B7BB)
Apr 1 09:51:38: BR1/1:1 LCP: (0xFE52ED00000000)
Apr 1 09:51:38: BR1/1:1 LCP: I CONFACK [ACKsent] id 6 len 28
Apr 1 09:51:38: BR1/1:1 LCP: AuthProto PAP (0x0304C023)
Apr 1 09:51:38: BR1/1:1 LCP: MagicNumber 0x1F81B661 (0x05061F81B661)
Apr 1 09:51:38: BR1/1:1 LCP: MRRU 1524 (0x110405F4)
Apr 1 09:51:38: BR1/1:1 LCP: EndpointDisc 1 asterix (0x130A0161737465726978)
Apr 1 09:51:38: BR1/1:1 LCP: State is Open
Apr 1 09:51:38: BR1/1:1 MCB: Initialize
Apr 1 09:51:38: BR1/1:1 MCB: Flush
Apr 1 09:51:38: BR1/1:1 PPP: Phase is AUTHENTICATING, by this end
Apr 1 09:51:38: BR1/1:1 LCP: I IDENTIFY [Open] id 1 len 18 magic 0x1D646287 MSR
ASV5.00
Apr 1 09:51:38: BR1/1:1 PAP: I AUTH-REQ id 5 len 19 from "schniepp"
Apr 1 09:51:38: BR1/1:1 PAP: Authenticating peer schniepp
Apr 1 09:51:38: BR1/1:1 PPP: Phase is FORWARDING, Attempting Forward
Apr 1 09:51:38: BR1/1:1 PPP: Phase is AUTHENTICATING, Unauthenticated User
Apr 1 09:51:38: BR1/1:1 PPP: Sent PAP LOGIN Request to AAA
Apr 1 09:51:38: BR1/1:1 PPP: Received LOGIN Response from AAA = PASS
Apr 1 09:51:38: BR1/1:1 PPP: Phase is FORWARDING, Attempting Forward
Apr 1 09:51:38: BR1/1:1 PPP: Phase is AUTHENTICATING, Authenticated User
Apr 1 09:51:38: BR1/1:1 PAP: O AUTH-ACK id 5 len 5
Apr 1 09:51:38: BR1/1:1 MCB: Start
Apr 1 09:51:38: BR1/1:1 MCB: Callback not authorized for this user schniepp
Apr 1 09:51:38: BR1/1:1 MCB: Newstate 0-INIT -> 2-WAIT_RESPONSE
Apr 1 09:51:38: BRI1/1:1 PPP: O MCB Request(1) id 75 len 6
Apr 1 09:51:38: BRI1/1:1 MCB: O 1 4B 0 6 1 2
Apr 1 09:51:38: BR1/1:1 MCB: O Request Id 75 Callback Type None
Apr 1 09:51:38: BR1/1:1 PPP: Phase is CBCP
Apr 1 09:51:38: BRI1/1:1 PPP: I MCB Response(2) id 75 len 6
Apr 1 09:51:38: BRI1/1:1 MCB: I 2 4B 0 6 1 2
Apr 1 09:51:38: BR1/1:1 MCB: Received response
Apr 1 09:51:38: BR1/1:1 MCB: Response CBK-None 1 2
Apr 1 09:51:38: BRI1/1:1 PPP: O MCB Ack(3) id 76 len 6
Apr 1 09:51:38: BRI1/1:1 MCB: O 3 4C 0 6 1 2
Apr 1 09:51:38: BR1/1:1 MCB: O Ack Id 76 Callback Type None
Apr 1 09:51:38: BR1/1:1 MCB: No Callback negotiated; Exit
Apr 1 09:51:38: BR1/1:1 MCB: Flush
Apr 1 09:51:38: BR1/1:1 PPP: Phase is VIRTUALIZED
Apr 1 09:51:38: Vi1 MCB: Initialize
Apr 1 09:51:38: Vi1 PPP: Phase is DOWN, Setup
Apr 1 09:51:38: Vi1 CCP: Compression already closed
Apr 1 09:51:38: Vi1 CCP: Compression already closed
Apr 1 09:51:38: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
Apr 1 09:51:38: Vi1 PPP: Authorization NOT required
Apr 1 09:51:38: Vi1 PPP: Treating connection as a callin
Apr 1 09:51:38: Vi1 PPP: Phase is ESTABLISHING, Passive Open
Apr 1 09:51:38: Vi1 LCP: State is Listen
Apr 1 09:51:38: Vi1 MLP: Added first link BR1/1:1 to bundle schniepp
Apr 1 09:51:38: Vi1 PPP: Phase is UP
Apr 1 09:51:38: Vi1 IPCP: O CONFREQ [Closed] id 1 len 16
Apr 1 09:51:38: Vi1 IPCP: CompressType VJ 15 slots (0x0206002D0F00)
Apr 1 09:51:38: Vi1 IPCP: Address 192.168.21.1 (0x0306C0A81501)
Apr 1 09:51:38: Vi1 CCP: Compression already closed
Apr 1 09:51:38: Vi1 CCP: O CONFREQ [Closed] id 1 len 10
Apr 1 09:51:38: Vi1 CCP: MS-PPC supported bits 0x00000001 (0x120600000001)
Apr 1 09:51:38: Vi1 CCP: I CONFREQ [REQsent] id 2 len 10
Apr 1 09:51:38: Vi1 CCP: MS-PPC supported bits 0x00000001 (0x120600000001)
Apr 1 09:51:38: Vi1 CCP: O CONFACK [REQsent] id 2 len 10
Apr 1 09:51:38: Vi1 CCP: MS-PPC supported bits 0x00000001 (0x120600000001)
Apr 1 09:51:38: Vi1 IPCP: I CONFREQ [REQsent] id 3 len 16
Apr 1 09:51:38: Vi1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002
D0F01)
Apr 1 09:51:38: Vi1 IPCP: Address 0.0.0.0 (0x030600000000)
Apr 1 09:51:38: Vi1 IPCP: Pool returned 192.168.21.50
Apr 1 09:51:38: Vi1 IPCP: O CONFNAK [REQsent] id 3 len 10
Apr 1 09:51:38: Vi1 IPCP: Address 192.168.21.50 (0x0306C0A81532)
Apr 1 09:51:38: Vi1 IPCP: I CONFACK [REQsent] id 1 len 16
Apr 1 09:51:38: Vi1 IPCP: CompressType VJ 15 slots (0x0206002D0F00)
Apr 1 09:51:38: Vi1 IPCP: Address 192.168.21.1 (0x0306C0A81501)
Apr 1 09:51:38: Vi1 CCP: I CONFACK [ACKsent] id 1 len 10
Apr 1 09:51:38: Vi1 CCP: MS-PPC supported bits 0x00000001 (0x120600000001)
Apr 1 09:51:38: Vi1 CCP: State is Open
Apr 1 09:51:38: Vi1 CCP: ppp_hwcomp_open: no h/w
Apr 1 09:51:38: Vi1 IPCP: I CONFREQ [ACKrcvd] id 4 len 16
Apr 1 09:51:38: Vi1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002
D0F01)
Apr 1 09:51:38: Vi1 IPCP: Address 192.168.21.50 (0x0306C0A81532)
Apr 1 09:51:38: Vi1 IPCP: O CONFACK [ACKrcvd] id 4 len 16
Apr 1 09:51:38: Vi1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002
D0F01)
Apr 1 09:51:38: Vi1 IPCP: Address 192.168.21.50 (0x0306C0A81532)
Apr 1 09:51:38: Vi1 IPCP: State is Open
Apr 1 09:51:38: Di11 IPCP: Install route to 192.168.21.50
Apr 1 09:51:38: Vi1 IPCP: Add link info for cef entry 192.168.21.50
Apr 1 09:51:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI1/1:1, chang
ed state to up
Apr 1 09:51:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1
, changed state to up
asterix#
Apr 1 09:51:42: %ISDN-6-CONNECT: Interface BRI1/1:1 is now connected to 0718188
137 schniepp
04-04-2002 02:03 PM
The error is here:
Callback not authorized for this user schniepp
Make sure that there is a username with a callback-dialstring for schniepp.
Note too that you have PAP configured on BRI1/1, and CHAP on the dialer rotary-group.
04-05-2002 05:16 AM
There's a username: username schniepp callback-dialstring 00718188137 password xxx
BTW I added "ppp authentication pap chap callin callback" on bri1/1 and the dialer rotary-group.
This config worked with 12.2(7) and doesn't work with 12.2(8)T4. This should be a bug.
04-08-2002 09:57 AM
Since you do not have AAA enabled, the global username is all that is required to authorize callback for a particular user. If you see this working in 12.2(7) but not 12.2(8)T4, and you see the "not authorized" debug message even when you have a username configured for that user with a callback-dialstring, then this is a bug. I do not see any bug ID's that match such behavior (which may be only a 12.2T problem), so I would suggest you open a case with the TAC to have this problem pursued further.
04-23-2002 02:52 PM
Hello,
I have just already a problem like you.
My solution was to set the timer for recalling higher.
replace: dialer enable-timeout 2
to: dialer enable-timeout 7
Good luck
Horst
04-26-2002 01:03 AM
Horst,
thanks for your help, but unfortunately this wasn't my problem. I'm convinced that this is a bug since this configuration was working with a previous release.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide