02-16-2005 06:11 AM
Hi,
I have folowing config.
aaa authentication login test local
aaa authentication ppp default group radius local
aaa authentication ppp test local
aaa authorization exec default local group radius
aaa authorization exec test local
aaa authorization commands 15 test local
aaa authorization network default group radius
aaa authorization network vpn_users group radius
aaa authorization network test if-authenticated
aaa accounting update newinfo
username xxx privilege 15 password xxxx
interface Serial2/0
physical-layer async
description line 65
ip unnumbered Loopback10
encapsulation ppp
async default routing
async mode interactive
peer default ip address pool test
ppp authentication chap test
ppp authorization test
ip local pool test 10.10.1.2
line 65
login authentication test
modem InOut
autocommand udptn 10.10.1.1 2097
transport input all
transport output udptn
autoselect during-login
autoselect ppp
dispatch-character 13
stopbits 1
speed 115200
flowcontrol hardware
A big troublesome problem with autocommand, it simply
doesn't executed when I establish dial-up connection to the line 65.
I've no idea why, pls help.
Thank You
martin
02-16-2005 08:47 AM
Need to see the debugs for following
debug modem
debug aaa authentication
debug aaa authorization
debug udptn
After that, try to see udptn works without autocommand..for that enter
Router# udptn 10.10.1.1 2097
If it works without autocommand, then post those debugs when you dialin using modem.
02-17-2005 01:57 AM
Hi tepatel,
Here are the debugs:
ICE_BOX_TRANSACTY#sh deb
General OS:
Modem control/process activation debugging is on
AAA Authentication debugging is on
AAA Authorization debugging is on
UDPtn debugging is on
Feb 17 10:51:55.259 CET: TTY65: DSR came up
Feb 17 10:51:55.259 CET: tty65: Modem: IDLE->(unknown)
Feb 17 10:51:55.259 CET: TTY65: EXEC creation
Feb 17 10:51:55.259 CET: AAA/BIND(000000F7): Bind i/f Serial2/0
Feb 17 10:51:55.259 CET: AAA/AUTHEN/LOGIN (000000F7): Pick method list 'test'
Feb 17 10:51:55.259 CET: TTY65: create timer type 10, 30 seconds
Feb 17 10:51:55.555 CET: %SEC-6-IPACCESSLOGP: list nextra_test_out permitted tcp 195.168.51.201(34592) -> 66.102.11.99(80), 1 packet
Feb 17 10:51:57.008 CET: TTY65: Autoselect(2) sample [suppressed--line is not echoing]
Feb 17 10:51:57.008 CET: TTY65: Autoselect(2) sample [suppressed--line is not echoing]
Feb 17 10:51:57.008 CET: TTY65: Autoselect(2) sample [suppressed--line is not echoing]
Feb 17 10:51:57.008 CET: TTY65: Autoselect(2) sample 7EFF7D23
Feb 17 10:51:57.008 CET: TTY65 Autoselect cmd: ppp negotiate
Feb 17 10:51:57.008 CET: TTY65: pause timer type 10 (OK)
Feb 17 10:51:57.008 CET: TTY65: EXEC creation
Feb 17 10:51:57.008 CET: TTY65: create timer type 1, 600 seconds
Feb 17 10:51:57.012 CET: TTY65: destroy timer type 1
Feb 17 10:51:57.012 CET: TTY65: no timer type 0 to destroy
Feb 17 10:51:57.012 CET: TTY65: no timer type 2 to destroy
Feb 17 10:51:57.016 CET: AAA/AUTHOR (000000F7): Method=If-authen for method list id=04000008.Skip author
Feb 17 10:51:57.020 CET: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
Feb 17 10:51:57.544 CET: AAA/AUTHEN/PPP (000000F7): Pick method list 'test'
Feb 17 10:51:57.544 CET: Se2/0 AAA/AUTHOR/FSM: We can start IPCP
Feb 17 10:51:57.796 CET: Se2/0 AAA/AUTHOR/IPCP: no author-info for primary dns
Feb 17 10:51:57.796 CET: Se2/0 AAA/AUTHOR/IPCP: no author-info for primary wins
Feb 17 10:51:57.796 CET: Se2/0 AAA/AUTHOR/IPCP: no author-info for seconday dns
Feb 17 10:51:57.796 CET: Se2/0 AAA/AUTHOR/IPCP: no author-info for seconday wins
Feb 17 10:51:58.020 CET: Se2/0 AAA/AUTHOR/IPCP: no author-info for primary dns
Feb 17 10:51:58.244 CET: Se2/0 AAA/AUTHOR/IPCP: no author-info for primary dns
Feb 17 10:51:58.544 CET: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
ICE_BOX_TRANSACTY#udptn 10.10.1.1 2097
Trying 10.10.1.1, 2097 ... Open
Feb 17 10:54:53.808 CET: udptn98: open to 10.10.1.1:2097
Feb 17 10:54:53.808 CET: TTY98: pause timer type 1 (OK)
Feb 17 10:55:01.468 CET: udptn98: output packet w 1 bytes
Feb 17 10:55:01.468 CET: udptn98: Input packet w 1 bytes
Feb 17 10:55:03.432 CET: TTY98: resume timer type 1 (OK)
Feb 17 10:55:03.432 CET: TTY98: no timer type 4 to destroy
02-22-2005 08:44 AM
Looks like a problem with the ios. I would say open a tac case/SR for this issue by logging on
02-23-2005 12:46 AM
Hi tepatel,
The problem has been solved.There has been a problem with aaa, especialy with authorization and authentication.When I turned it off, autocommand was successfuly executed.
Here's my new config:
aaa authentication login default local group tacacs+
aaa authentication login console local
aaa authentication login MODEM none
aaa authentication ppp default local group tacacs+
aaa authentication ppp MODEM none
aaa authorization exec default local group tacacs+
aaa authorization exec MODEM none
aaa authorization network default group tacacs+
aaa authorization network vpn_users group tacacs+
aaa authorization configuration default group tacacs+
aaa accounting update newinfo
aaa accounting network default start-stop group tacacs+
aaa session-id common
line 67
authorization exec MODEM
login authentication MODEM
modem InOut
autocommand udptn 10.10.1.1 2097
transport input all
transport output all
autoselect during-login
autoselect ppp
dispatch-character 13
speed 115200
flowcontrol hardware
Thanks for cooperation.
martin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide