Кто нибудь использует для авторизации сабскрабера сам интерфейс?
"ip subscriber interface"
Попробовал, сервисы вешаются, трафик в сервисы попадает, но нет аккаутинга по сервисам, ни стоповых, ни стартовых пакетов вообще не приходит ни по одному сервису.
Если пробовать ip subscriber routed или l2-connectde все приходит.
Копал cisco, упоминание про аккаутинг при использовании "ip subscriber interface" не нашел...
Вот сессия
Unique Session ID: 99
Identifier: test
SIP subscriber access type(s): IP-Interface
Current SIP options: None
Session Up-time: 00:00:09, Last Changed: 00:00:09
Interface: GigabitEthernet0/1.10
Policy information:
Context 0684C37C: Handle E1000C76
AAA_id 00023BA0: Flow_handle 0
Authentication status: authen
Downloaded User profile, excluding services:
ssg-account-info "Aservice_unauth"
idletime 300 (0x12C)
timeout 21600 (0x5460)
reply-message "Hello, R1:0/0/1/10"
username "test"
reply-message "Hello, test"
ssg-account-info "Aservice_inet512"
ssg-account-info "Aservice_inet2pre"
ssg-account-info "Aservice_local5120"
Downloaded User profile, including services:
ssg-account-info "Aservice_unauth"
idletime 300 (0x12C)
timeout 21600 (0x5460)
reply-message "Hello, R1:0/0/1/10"
username "test"
reply-message "Hello, test"
ssg-account-info "Aservice_inet512"
ssg-account-info "Aservice_inet2pre"
ssg-account-info "Aservice_local5120"
accounting-list “rad”
ssg-service-info "QU;512000;96000;192000;D;512000;96000;192000"
clid "0030.18a0.4ec6"
sss-service 6 [local-termination]
service-type 5 [Outbound]
traffic-class "in default drop"
traffic-class "out default drop"
traffic-class "in access-group name service_inet2pre_in priority 400"
traffic-class "out access-group name service_inet2pre_out priority 400"
Config history for session (recent to oldest):
Access-type: Web-service-logon Client: SM
Policy event: Apply Config Success (Service)
Profile name: service_inet2pre, 4 references
service-type 5 [Outbound]
traffic-class "in default drop"
traffic-class "out default drop"
traffic-class "in access-group name service_inet2pre_in priority 400"
traffic-class "out access-group name service_inet2pre_out priority 400"
Access-type: Web-service-logon Client: SM
Policy event: Service Selection Request (Service)
Profile name: service_unauth, 178 references
username "service_unauth"
clid "0030.18a0.4ec6"
password <hidden>
sss-service 6 [local-termination]
traffic-class "input default drop"
traffic-class "output default drop"
Access-type: Web-service-logon Client: SM
Policy event: Service Selection Request (Service)
Profile name: service_inet512, 58 references
service-type 5 [Outbound]
accounting-list “rad”
traffic-class "in default drop"
traffic-class "out default drop"
traffic-class "in access-group name service_inet_in priority 500"
traffic-class "out access-group name service_inet_out priority 500"
ssg-service-info "QU;512000;96000;192000;D;512000;96000;192000"
Access-type: Web-service-logon Client: SM
Policy event: Service Selection Request (Service)
Profile name: service_local5120, 12 references
service-type 5 [Outbound]
accounting-list “rad”
traffic-class "in default drop"
traffic-class "out default drop"
traffic-class "in access-group name service_local_in priority 200"
traffic-class "out access-group name service_local_out priority 200"
ssg-service-info "QU;5120000;960000;1920000;D;5120000;960000;1920000"
Access-type: IP-Interface Client: SM
Policy event: Service Selection Request
Profile name: nas-port:0.0.0.0:0/0/1/10, 2 references
ssg-account-info "Aservice_unauth"
idletime 300 (0x12C)
timeout 21600 (0x5460)
reply-message "Hello, R1:0/0/1/10"
username "test"
reply-message "Hello, test"
ssg-account-info "Aservice_inet512"
ssg-account-info "Aservice_inet2pre"
ssg-account-info "Aservice_local5120"
Active services associated with session:
name "service_inet2pre"
name "service_unauth"
name "service_inet512"
name "service_local5120"
Rules, actions and conditions executed:
subscriber rule-map isg_sss_initif
condition always event session-start
20 authorize aaa list pppoe identifier nas-port
Session inbound features:
Traffic classes:
Traffic class session ID: 682
ACL Name: service_local_in, Packets = 3, Bytes = 232
Traffic class session ID: 230
ACL Name: service_inet_in, Packets = 0, Bytes = 0
Traffic class session ID: 662
ACL Name: service_inet2pre_in, Packets = 1, Bytes = 76
Default traffic is dropped
Unmatched Packets = 0, Re-classified packets (redirected) = 0
Feature: IP Idle Timeout
Timeout value is 300
Idle time is 00:00:31
Session outbound features:
Traffic classes:
Traffic class session ID: 682
ACL Name: service_local_out, Packets = 3, Bytes = 980
Traffic class session ID: 230
ACL Name: service_inet_out, Packets = 0, Bytes = 0
Traffic class session ID: 662
ACL Name: service_inet2pre_out, Packets = 0, Bytes = 0
Default traffic is dropped
Unmatched Packets = 0, Re-classified packets (redirected) = 0
Non-datapath features:
Feature: Session Timeout
Timeout value is 21600 seconds
Time remaining is 05:58:52
Configuration sources associated with this session:
Service: service_inet2pre, Active Time = 00:01:07
AAA Service ID = 3724542134
Service: service_unauth, Active Time = 00:01:07
Service: service_inet512, Active Time = 00:01:07
AAA Service ID = 2634023719
Service: service_local5120, Active Time = 00:01:07
AAA Service ID = 1979711499
Interface: GigabitEthernet0/1.10, Active Time = 00:01:07