d-e-n-i-s Опубликовано 22 марта, 2015 · Жалоба Добрый день, имеет Cisco 7206 NPE-G1 Работает в схеме IPoE Не могу добиться что бы через Radius приходил параметр NAS-Port прилетает следующая связка User-Name=10.1.30.6 NAS-Port-Id=0/0/1/1504 NAS-IP-Address=10.1.12.249 Service-Type=2 Framed-Protocol=1 Framed-IP-Address=10.1.30.6 Acct-Status-Type=1 Acct-Delay-Time=0 NAS-Port-Type=15 Acct-Session-Id=0000000B cisco-avpair=parent-session-id=00000009 cisco-NAS-Port=0/0/1/1504 cisco-SSG-Service-Info=NISG-5MBPS где есть все кроме параметра NAS-Port Может кто подскажет, куда копать ? IOS - c7200-a3jk91s-mz.122-31.SB11.bin Конфиг version 12.2 service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname cisco-7206 ! boot-start-marker boot-end-marker ! enable secret 5 $1$muSC$dk8SLcsv//Nv4v/IXodGf. ! aaa new-model ! ! aaa group server radius ipoe-radius server-private 10.1.12.250 auth-port 1812 acct-port 1813 non-standard key 7 ******* ip radius source-interface GigabitEthernet0/1.1504 ! aaa group server radius ipoe-services-radius server-private 10.1.12.250 auth-port 1811 acct-port 1813 non-standard key 7 ******** ip radius source-interface GigabitEthernet0/1.1504 ! aaa authentication login ipoe-isg-aaa group ipoe-radius aaa authorization network ipoe-isg-aaa group ipoe-radius aaa authorization subscriber-service default local group ipoe-services-radius aaa accounting delay-start vrf default aaa accounting update periodic 2 aaa accounting network ipoe-isg-aaa start-stop group ipoe-radius ! aaa nas port extended ! ! aaa server radius dynamic-author client 10.1.12.250 server-key 7 ******* ignore session-key ignore server-key ! aaa session-id common ip subnet-zero ! ! ip ftp username ***** ip ftp password 7 ***** no ip domain lookup ip domain name noname.ru no ip dhcp use vrf connected ! ! ip cef ip ssh version 2 ! ! subscriber authorization enable redirect server-group NO-MONEY server ip 10.10.10.11 port 80 ! call rsvp-sync no scripting tcl init no scripting tcl encdir ! no file verify auto username admin privilege 15 password 7 *********** ! class-map type traffic match-any LOCAL-TRAFFIC match access-group output 2110 ! class-map type traffic match-any OPENGARDEN-TRAFFIC match access-group input 155 match access-group output 156 ! class-map type traffic match-any ALL-TRAFFIC match access-group input 101 match access-group output 102 ! class-map type traffic match-any TRAFFIC-FOR-REDIRECT match access-group input name traffic-for-redirect ! class-map type control match-all ISG-IP-UNAUTH match timer UNAUTH-TIMER match authen-status unauthenticated ! policy-map type service L4REDIRECT 20 class type traffic TRAFFIC-FOR-REDIRECT redirect to group NO-MONEY ! ! policy-map type service OPENGARDEN 40 class type traffic OPENGARDEN-TRAFFIC accounting aaa list ipoe-isg-aaa police input 1024000 police output 1024000 ! class type traffic default in-out drop ! ! policy-map type service ISG-LOCAL 100 class type traffic LOCAL-TRAFFIC accounting aaa list ipoe-isg-aaa police input 10240000 police output 10240000 ! ! policy-map type control IPoE-ISG class type control ISG-IP-UNAUTH event timed-policy-expiry 1 service disconnect ! class type control always event session-start 10 authorize aaa list ipoe-isg-aaa password cisco identifier source-ip-address 20 set-timer UNAUTH-TIMER 1 30 service-policy type service name L4REDIRECT 40 service-policy type service name OPENGARDEN ! class type control always event service-stop 1 service-policy type service unapply identifier service-name 10 log-session-state ! class type control always event session-restart 10 authorize aaa list ipoe-isg-aaa password cisco identifier source-ip-address 20 set-timer UNAUTH-TIMER 1 30 service-policy type service name L4REDIRECT 40 service-policy type service name OPENGARDEN ! ! ! ! interface GigabitEthernet0/1 no ip address media-type rj45 speed auto duplex auto negotiation auto ! interface GigabitEthernet0/1.55 encapsulation dot1Q 55 ip address 10.1.10.126 255.255.255.252 ! interface GigabitEthernet0/1.1504 description LINK encapsulation dot1Q 1504 ip address 10.1.12.249 255.255.255.248 service-policy type control IPoE-ISG ip subscriber routed initiator unclassified ip-address ! interface GigabitEthernet0/2 no ip address shutdown media-type rj45 speed auto duplex auto negotiation auto ! interface GigabitEthernet0/3 no ip address shutdown media-type rj45 speed auto duplex auto negotiation auto ! ! ip classless ip route 0.0.0.0 0.0.0.0 10.1.10.125 ip route 10.1.30.0 255.255.255.240 10.1.12.251 ! no ip http server ! ! radius-server attribute nas-port format e UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU radius-server attribute 61 extended radius-server vsa send cisco-nas-port radius-server vsa send accounting radius-server vsa send authentication ! control-plane ! dial-peer cor custom ! gatekeeper shutdown ! line con 0 stopbits 1 line aux 0 stopbits 1 line vty 0 4 exec-timeout 60 0 logging synchronous transport input ssh ! end Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...