cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
373
Views
0
Helpful
5
Replies

ISDN ppp callback not works with multilink !?

KAROLY KOHEGYI
Level 2
Level 2

Hi!

We use a CISCO 5350 for dial-in and dial-out functons.

The ppp ISDN and ppp analog dial-in work with single-line or ppp multink.

The ISDN PPP callback works on single-line.

When i try the multilink capability the NAS callback single-line only.

The debug isdn q931 shows one isdn call only.

Why does not NAS try the open the secondary ISDN channel??

Here is the config.

Thanks

version 12.2

service exec-callback

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname ispw3

!

no boot startup-test

logging buffered 65000 debugging

aaa new-model

!

!

aaa authentication login default group tacacs+ local

aaa authentication ppp default local group tacacs+

aaa authentication ppp elektra if-needed group tacacs+

aaa authorization exec default group tacacs+ none

aaa authorization network default group tacacs+ none

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 0 default stop-only group tacacs+

aaa accounting commands 15 default stop-only group tacacs+

aaa accounting network default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+

aaa session-id common

enable password 7 <removed>

!

username admin password 7 <removed>

username manager password 7 <removed>

!

!

resource-pool disable

clock timezone MET 1

spe country e1-default

!

!

!

!

!

ip subnet-zero

ip cef

no ip ftp passive

ip domain-name net1.mkb.hu

ip name-server 172.18.1.3

ip name-server 172.18.1.8

!

ip ssh time-out 120

ip ssh authentication-retries 3

ip address-pool local

multilink virtual-template 1

virtual-profile virtual-template 1

virtual-profile aaa

isdn switch-type primary-net5

isdn voice-call-failure 0

chat-script callback ABORT ERROR ABORT BUSY "" "ATZ" OK "ATDT \T" TIMEOUT 60 CONNECT \c

chat-script aux ABORT ERROR ABORT BUSY "" "ATZ" OK "ATDT \T" TIMEOUT 60 CONNECT \c

chat-script offhook "" "ATH1" OK

chat-script callbackuj ABORT ERROR ABORT BUSY "" "ATZ" OK "ATS29=5" OK "ATDT \T" TIMEOUT 60 CONNECT \c

modemcap entry nextport miscellaneous ats29=5

modemcap entry MKB:FD=&F:MSC=s29=6

!

!

!

!

!

!

!

fax interface-type fax-mail

mta receive maximum-recipients 0

!

crypto mib ipsec flowmib history tunnel size 200

crypto mib ipsec flowmib history failure size 200

!

controller E1 3/0

pri-group timeslots 1-31

!

controller E1 3/1

!

controller E1 3/2

!

controller E1 3/3

!

controller E1 3/4

!

controller E1 3/5

!

controller E1 3/6

!

controller E1 3/7

!

!

!

interface FastEthernet0/0

ip address 172.18.1.16 255.255.0.0

no ip route-cache

no ip mroute-cache

no keepalive

duplex full

speed auto

no cdp enable

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/0

no ip address

shutdown

clockrate 2000000

!

interface Serial0/1

no ip address

shutdown

clockrate 2000000

!

interface Serial3/0:15

ip unnumbered FastEthernet0/0

encapsulation ppp

no ip route-cache

load-interval 30

dialer idle-timeout 600

dialer load-threshold 1 either

dialer-group 1

autodetect encapsulation ppp v120 lapb-ta

isdn switch-type primary-net5

isdn incoming-voice modem

isdn calling-number 8530

isdn outgoing-voice info-transfer-capability 3.1kHz-audio

no fair-queue

no cdp enable

ppp callback accept

ppp authentication ms-chap chap pap elektra

ppp multilink

!

interface Virtual-Template1

description **** Analog userek *****

ip unnumbered FastEthernet0/0

no ip route-cache

ip tcp header-compression

load-interval 30

no keepalive

ppp callback accept

ppp authentication ms-chap chap pap elektra

ppp multilink

ppp timeout retry 5

multilink load-threshold 1 either

!

interface Group-Async0

description **** Analog userek *****

ip unnumbered FastEthernet0/0

encapsulation ppp

no ip route-cache

ip tcp header-compression

no ip mroute-cache

async mode interactive

no fair-queue

ppp callback accept

ppp authentication ms-chap chap pap elektra

ppp timeout retry 5

group-range 1/00 1/107

!

ip classless

ip route 0.0.0.0 0.0.0.0 172.18.1.2

no ip http server

!

!

ip access-list extended cardinal-ppp

permit tcp any host 172.18.1.9 eq telnet

permit udp any host 172.18.1.3 eq domain

permit tcp any host 172.18.1.10 eq telnet

ip access-list extended elektra-ppp

permit tcp any host 172.18.1.9 eq 7003

permit udp any host 172.18.1.3 eq domain

ip access-list extended hobo-in

permit tcp any host 172.18.1.2 eq 6660

permit udp any host 172.18.1.3 eq domain

logging 172.18.1.15

dialer-list 1 protocol ip permit

no cdp run

!

tacacs-server host 172.18.1.6 single-connection

tacacs-server host 172.18.1.15 single-connection

tacacs-server key <removed>

snmp-server community <removed> RO

snmp-server enable traps tty

snmp-server enable traps isdn call-information

snmp-server enable traps isdn layer2

snmp-server enable traps hsrp

snmp-server enable traps config

snmp-server enable traps entity

snmp-server enable traps envmon

snmp-server enable traps bgp

snmp-server enable traps rsvp

snmp-server enable traps frame-relay

snmp-server enable traps rtr

snmp-server enable traps syslog

!

call rsvp-sync

!

voice-port 3/0:D

compand-type a-law

!

!

mgcp profile default

!

dial-peer cor custom

!

!

!

!

banner motd ^CCC

ACCESS-SERVER CISCO 5350

User Access Verification

^C

!

line con 0

exec-timeout 0 0

stopbits 1

flowcontrol software

line aux 0

script modem-off-hook offhook

script callback aux

modem answer-timeout 5

modem InOut

transport input all

escape-character NONE

autoselect ppp

callback forced-wait 10

stopbits 1

speed 19200

line vty 0 4

exec-timeout 0 0

line vty 5 15

line 1/00 1/107

session-timeout 60

no exec-banner

exec-timeout 30 0

timeout login response 60

no flush-at-activation

no activation-character

script modem-off-hook offhook

script callback callbackuj

modem InOut

modem autoconfigure type MKB

transport input all

autoselect during-login

autoselect ppp

callback forced-wait 10

!

scheduler allocate 10000 400

end

5 Replies 5

mljohnson
Level 4
Level 4

It's difficult to say without debug; in particular, "debug ppp neg", "debug callback", "debug isdn q931", "debug aaa authen", and "debug aaa author". This debug should indicate what the problem is in calling back a second time.

KAROLY KOHEGYI
Level 2
Level 2

Hi!

Here is the debug output what you asked. i set the 'debug ppp multilink event' too which show the traffic is above the threshold on the interface. Nov 15 10:20:51.995: ISDN Se3/0:15: RX <- SETUP pd = 8 callref = 0x5D5F Nov 15 10:20:51.995: Sending Complete Nov 15 10:20:51.995: Bearer Capability i = 0x8890 Nov 15 10:20:51.995: Channel ID i = 0xA18394 Nov 15 10:20:51.995: Calling Party Number i = 'A', 0x83, '4672060', Plan:ISDN, Type:Subscriber(local) Nov 15 10:20:51.995: Called Party Number i = 0xC9, '8520', Plan:Private, Type:Subscriber(local) Nov 15 10:20:51.999: AAA/ACCT/DS0: channel=19, ds1=0, t3=0, slot=3, ds0=50331667 Nov 15 10:20:51.999: AAA/ACCT/DS0: channel=19, ds1=0, t3=0, slot=3, ds0=50331667 Nov 15 10:20:51.999: ISDN Se3/0:15: TX -> CALL_PROC pd = 8 callref = 0xDD5F Nov 15 10:20:51.999: Channel ID i = 0xA98394 Nov 15 10:20:51.999: ISDN Se3/0:15: TX -> CONNECT pd = 8 callref = 0xDD5F Nov 15 10:20:51.999: Channel ID i = 0xA98394 Nov 15 10:20:52.019: ISDN Se3/0:15: RX <- CONNECT_ACK pd = 8 callref = 0x5D5F Nov 15 10:20:52.019: ISDN Se3/0:15: CALL_PROGRESS: CALL_CONNECTED call id 0xC8, bchan 19, dsl 0 Nov 15 10:20:52.431: Se3/0:19 PPP: Treating connection as a callin Nov 15 10:20:52.431: Se3/0:19 PPP: Phase is ESTABLISHING, Passive Open Nov 15 10:20:52.431: Se3/0:19 LCP: State is Listen Nov 15 10:20:52.431: Se3/0:19 LCP: I CONFREQ [Listen] id 1 len 27 Nov 15 10:20:52.431: Se3/0:19 LCP: MRU 1500 (0x010405DC) Nov 15 10:20:52.431: Se3/0:19 LCP: MagicNumber 0x18F44247 (0x050618F44247) Nov 15 10:20:52.431: Se3/0:19 LCP: Callback 6 (0x0D0306) Nov 15 10:20:52.431: Se3/0:19 LCP: MRRU 1500 (0x110405DC) Nov 15 10:20:52.435: Se3/0:19 LCP: EndpointDisc 1 Local (0x130601194F02) Nov 15 10:20:52.435: Se3/0:19 LCP: O CONFREQ [Listen] id 3 len 27 Nov 15 10:20:52.435: Se3/0:19 LCP: AuthProto MS-CHAP (0x0305C22380) Nov 15 10:20:52.435: Se3/0:19 LCP: MagicNumber 0x1FB32031 (0x05061FB32031) Nov 15 10:20:52.435: Se3/0:19 LCP: MRRU 1524 (0x110405F4) Nov 15 10:20:52.435: Se3/0:19 LCP: EndpointDisc 1 ispw3 (0x1308016973707733) Nov 15 10:20:52.435: Se3/0:19 LCP: O CONFACK [Listen] id 1 len 27 Nov 15 10:20:52.435: Se3/0:19 LCP: MRU 1500 (0x010405DC) Nov 15 10:20:52.435: Se3/0:19 LCP: MagicNumber 0x18F44247 (0x050618F44247) Nov 15 10:20:52.435: Se3/0:19 LCP: Callback 6 (0x0D0306) Nov 15 10:20:52.435: Se3/0:19 LCP: MRRU 1500 (0x110405DC) Nov 15 10:20:52.435: Se3/0:19 LCP: EndpointDisc 1 Local (0x130601194F02) Nov 15 10:20:52.447: Se3/0:19 LCP: I CONFNAK [ACKsent] id 3 len 8 Nov 15 10:20:52.447: Se3/0:19 LCP: AuthProto PAP (0x0304C023) Nov 15 10:20:52.447: Se3/0:19 LCP: O CONFREQ [ACKsent] id 4 len 26 Nov 15 10:20:52.447: Se3/0:19 LCP: AuthProto PAP (0x0304C023) Nov 15 10:20:52.447: Se3/0:19 LCP: MagicNumber 0x1FB32031 (0x05061FB32031) Nov 15 10:20:52.447: Se3/0:19 LCP: MRRU 1524 (0x110405F4) Nov 15 10:20:52.451: Se3/0:19 LCP: EndpointDisc 1 ispw3 (0x1308016973707733) Nov 15 10:20:52.479: Se3/0:19 LCP: I CONFACK [ACKsent] id 4 len 26 Nov 15 10:20:52.479: Se3/0:19 LCP: AuthProto PAP (0x0304C023) Nov 15 10:20:52.479: Se3/0:19 LCP: MagicNumber 0x1FB32031 (0x05061FB32031) Nov 15 10:20:52.479: Se3/0:19 LCP: MRRU 1524 (0x110405F4) Nov 15 10:20:52.479: Se3/0:19 LCP: EndpointDisc 1 ispw3 (0x1308016973707733) Nov 15 10:20:52.479: Se3/0:19 LCP: State is Open Nov 15 10:20:52.479: Se3/0:19 PPP: Phase is AUTHENTICATING, by this end Nov 15 10:20:52.483: Se3/0:19 LCP: I IDENTIFY [Open] id 2 len 18 magic 0x18F44247 MSRASV5.00 Nov 15 10:20:52.483: Se3/0:19 LCP: I IDENTIFY [Open] id 3 len 20 magic 0x18F44247 MSRAS-1-KOKI Nov 15 10:20:52.487: Se3/0:19 PAP: I AUTH-REQ id 17 len 23 from "kakohegyi" Nov 15 10:20:52.487: Se3/0:19 PAP: Authenticating peer kakohegyi Nov 15 10:20:52.487: Se3/0:19 PPP: Phase is FORWARDING, Attempting Forward Nov 15 10:20:52.487: Se3/0:19 PPP: Phase is AUTHENTICATING, Unauthenticated User Nov 15 10:20:52.491: AAA/AUTHEN/PPP (0000005A): Pick method list 'elektra' Nov 15 10:20:52.995: Se3/0:19 PPP: Phase is FORWARDING, Attempting Forw

mljohnson
Level 4
Level 4

You have a load-threshold configured on the serial interface, but no dialer map. If you want to use MPPP BOD for the remotes, it would be best to have the remotes initiate a second call (configure a dialer load-threshold on them); otherwise, you will need to configure a static dialer map for each remote that should be called back a second time. And with a dialer map, you would need to configure a "class" option with it to authorize callback in the first place.

Hi!

Yes. I see this solution in many examples.

But we have got many of users. It is not possible to make many-many STATIC Dialer map.

I would like that NAS initiates the second call immediately ( or later ) by AAA information ( DIALER STRING, USERNAME )

IS IT POSSIBLE OR I'LL FORGET THIS POSSIBILITY?

ps.

Unfortunetly my ISDN ( Zyxel omni.net plus ) TA does not make a second call after callback. The client ppp Mppp works dial-in only.

The dialer maps are not required if you have the remotes initiate the second call; this only requires the addition of the "dialer load-threshold" command on the remotes, if using cisco's.

If you want the NAS to intitiate the second call, you need the static dialer maps. You could have a look at Large Scale Dialout (this would elimiate the need for a map), although I'm not sure that this would work given that the first connection would not be brought up using LSDO.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fdial_c/fnsprt11/dafsdil.htm

Having the remote's initiate both the first and second call would likely be the easiest to maintain. I'm not familiar with the oomni.net, but if it supports MPPP and dialout it should support the dialing of a second link.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco