[d-e-n-i-s]

Добрый день, имеет Cisco 7206 NPE-G1

 

Работает в схеме IPoE

Не могу добиться что бы через Radius приходил параметр NAS-Port

 

прилетает следующая связка

User-Name=10.1.30.6

NAS-Port-Id=0/0/1/1504

NAS-IP-Address=10.1.12.249

Service-Type=2

Framed-Protocol=1

Framed-IP-Address=10.1.30.6

Acct-Status-Type=1

Acct-Delay-Time=0

NAS-Port-Type=15

Acct-Session-Id=0000000B

cisco-avpair=parent-session-id=00000009

cisco-NAS-Port=0/0/1/1504

cisco-SSG-Service-Info=NISG-5MBPS

 

 

где есть все кроме параметра NAS-Port

 

Может кто подскажет, куда копать ?

 

IOS - c7200-a3jk91s-mz.122-31.SB11.bin

 

Конфиг

version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname cisco-7206
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$muSC$dk8SLcsv//Nv4v/IXodGf.
!
aaa new-model
!
!
aaa group server radius ipoe-radius
server-private 10.1.12.250 auth-port 1812 acct-port 1813 non-standard key 7 *******
ip radius source-interface GigabitEthernet0/1.1504
!
aaa group server radius ipoe-services-radius
server-private 10.1.12.250 auth-port 1811 acct-port 1813 non-standard key 7 ********
ip radius source-interface GigabitEthernet0/1.1504
!
aaa authentication login ipoe-isg-aaa group ipoe-radius
aaa authorization network ipoe-isg-aaa group ipoe-radius 
aaa authorization subscriber-service default local group ipoe-services-radius 
aaa accounting delay-start vrf default
aaa accounting update periodic 2
aaa accounting network ipoe-isg-aaa start-stop group ipoe-radius
!
aaa nas port extended
!
!
aaa server radius dynamic-author
client 10.1.12.250 server-key 7 *******
ignore session-key
ignore server-key
!
aaa session-id common
ip subnet-zero
!
!
ip ftp username *****
ip ftp password 7 *****
no ip domain lookup
ip domain name noname.ru
no ip dhcp use vrf connected
!
!
ip cef
ip ssh version 2
!
!
subscriber authorization enable
redirect server-group NO-MONEY
server ip 10.10.10.11 port 80
!
call rsvp-sync
no scripting tcl init
no scripting tcl encdir
!
no file verify auto
username admin privilege 15 password 7 ***********
!
class-map type traffic match-any LOCAL-TRAFFIC
match access-group output 2110
!
class-map type traffic match-any OPENGARDEN-TRAFFIC
match access-group input 155
match access-group output 156
!
class-map type traffic match-any ALL-TRAFFIC
match access-group input 101
match access-group output 102
!
class-map type traffic match-any TRAFFIC-FOR-REDIRECT
match access-group input name traffic-for-redirect
!
class-map type control match-all ISG-IP-UNAUTH
match timer UNAUTH-TIMER 
match authen-status unauthenticated 
!
policy-map type service L4REDIRECT
20 class type traffic TRAFFIC-FOR-REDIRECT
 redirect to group NO-MONEY
!
!
policy-map type service OPENGARDEN
40 class type traffic OPENGARDEN-TRAFFIC
 accounting aaa list ipoe-isg-aaa
 police input 1024000
 police output 1024000
!
class type traffic default in-out
 drop
!
!
policy-map type service ISG-LOCAL
100 class type traffic LOCAL-TRAFFIC
 accounting aaa list ipoe-isg-aaa
 police input 10240000
 police output 10240000
!
!
policy-map type control IPoE-ISG
class type control ISG-IP-UNAUTH event timed-policy-expiry
 1 service disconnect
!
class type control always event session-start
 10 authorize aaa list ipoe-isg-aaa password cisco identifier source-ip-address
 20 set-timer UNAUTH-TIMER 1
 30 service-policy type service name L4REDIRECT
 40 service-policy type service name OPENGARDEN
!
class type control always event service-stop
 1 service-policy type service unapply identifier service-name
 10 log-session-state 
!
class type control always event session-restart
 10 authorize aaa list ipoe-isg-aaa password cisco identifier source-ip-address
 20 set-timer UNAUTH-TIMER 1
 30 service-policy type service name L4REDIRECT
 40 service-policy type service name OPENGARDEN
!
!
!
!
interface GigabitEthernet0/1
no ip address
media-type rj45
speed auto
duplex auto
negotiation auto
!
interface GigabitEthernet0/1.55
encapsulation dot1Q 55
ip address 10.1.10.126 255.255.255.252
!
interface GigabitEthernet0/1.1504
description LINK
encapsulation dot1Q 1504
ip address 10.1.12.249 255.255.255.248
service-policy type control IPoE-ISG
ip subscriber routed
 initiator unclassified ip-address
!
interface GigabitEthernet0/2
no ip address
shutdown
media-type rj45
speed auto
duplex auto
negotiation auto
!
interface GigabitEthernet0/3
no ip address
shutdown
media-type rj45
speed auto
duplex auto
negotiation auto
!
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.10.125
ip route 10.1.30.0 255.255.255.240 10.1.12.251
!
no ip http server
!
!
radius-server attribute nas-port format e UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU
radius-server attribute 61 extended
radius-server vsa send cisco-nas-port
radius-server vsa send accounting
radius-server vsa send authentication
!
control-plane
!
dial-peer cor custom
!
gatekeeper
shutdown
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 60 0
logging synchronous
transport input ssh
!
end