Andrey75 Posted April 14, 2016 Помогите! настраиваю cisco ios 15.2 = radius при передаче пакетов биллингу что то не нравиться. как найти что? 12:36:28.602139 In a4:0c:c3:7c:2c:19 ethertype IPv4 (0x0800), length 175: (tos 0x0, ttl 255, id 9646, offset 0, flags [none], proto UDP (17), length 159) 10.1.0.1.datametrics > 10.1.0.2.radius: [udp sum ok] RADIUS, length: 131 Access Request (1), id: 0x0b, Authenticator: f2c5cf5f8743deee672a8d76736 1ae86 Username Attribute (1), length: 12, Value: 10.1.10.21 0x0000: 3130 2e31 2e31 302e 3231 Password Attribute (2), length: 18, Value: 0x0000: 1b7b 3014 9cdb 7487 205e 409c e276 970f Vendor Specific Attribute (26), length: 19, Value: Vendor: Cisco (9) Vendor Attribute: 250, Length: 11, Value: S10.1.10.21 0x0000: 0000 0009 fa0d 5331 302e 312e 3130 2e32 0x0010: 31 NAS Port Type Attribute (61), length: 6, Value: Virtual 0x0000: 0000 0005 Vendor Specific Attribute (26), length: 17, Value: Vendor: Cisco (9) Vendor Attribute: 2, Length: 9, Value: 0/0/3/250 0x0000: 0000 0009 020b 302f 302f 332f 3235 30 NAS Port Attribute (5), length: 6, Value: 0 0x0000: 0000 0000 NAS Port ID Attribute (87), length: 11, Value: 0/0/3/250 0x0000: 302f 302f 332f 3235 30 Service Type Attribute (6), length: 6, Value: Outbound 0x0000: 0000 0005 NAS IP Address Attribute (4), length: 6, Value: 10.1.0.1 0x0000: 0a01 0001 Accounting Session ID Attribute (44), length: 10, Value: 0000000D 0x0000: 3030 3030 3030 3044 12:36:29.602487 Out 00:1f:29:e0:56:fa ethertype IPv4 (0x0800), length 64: (tos 0 x0, ttl 64, id 58924, offset 0, flags [none], proto UDP (17), length 48) 10.1.0.2.radius > 10.1.0.1.datametrics: [bad udp cksum 92e8!] RADIUS, length : 20 Access Reject (3), id: 0x0b, Authenticator: 84ce35f13e835c89b3b4a520e828 4782 Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Andrey75 Posted April 14, 2016 не могу авторизовать абонента может нет пароля Password Attribute (2), length: 18, Value: Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
alexaaa Posted April 14, 2016 (edited) во первых какой биллинг? во вторых какой подробно ios и модель cisco? какой сервис pppoe или ipoe? конфиг циски покажите Edited April 14, 2016 by alexaaa Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Andrey75 Posted April 14, 2016 (edited) биллинг CarbonSoft cisco 7200 NPE-G1 ios c7200-advipservicesk9-mz.152-4.S7 схема IPoE конфиг Building configuration... Current configuration : 6022 bytes ! ! Last configuration change at 10:33:37 UTC Thu Apr 14 2016 ! version 15.2 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname KharinoIPoE ! boot-start-marker boot system disk2:c7200-advipservicesk9-mz.152-4.S7.bin boot-end-marker ! ! enable secret 5 $1$G4sK$Q616cITrTmXUIz0iS0.Sz1 ! aaa new-model ! ! aaa group server radius CRB_AAAGS_IPOE server-private 10.1.0.2 auth-port 1812 acct-port 1813 timeout 3 retransmit 2 key 7 1405130F05113902142716 ip radius source-interface GigabitEthernet0/3.10 deadtime 1 ! aaa authentication login AAA_LIST_IPOE group CRB_AAAGS_IPOE aaa authentication ppp AAA_LIST_IPOE group CRB_AAAGS_IPOE aaa authorization network AAA_LIST_IPOE group CRB_AAAGS_IPOE aaa authorization subscriber-service default local aaa authorization subscriber-service AAA_LIST_IPOE local group CRB_AAAGS_IPOE aaa accounting delay-start all aaa accounting jitter maximum 10 aaa accounting update periodic 20 aaa accounting network AAA_LIST_IPOE action-type start-stop group CRB_AAAGS_IPOE ! ! ! ! ! aaa server radius dynamic-author client 10.1.0.2 server-key 7 120B04131B1E1F2D1A2401 port 3799 auth-type any ! aaa session-id common aaa policy interface-config allow-subinterface ip cef ! ! ! ! ! ! ip flow-cache timeout inactive 30 ip flow-cache timeout active 20 ip domain name KharinoIPoE no ipv6 cef ! ! subscriber service multiple-accept subscriber authorization enable multilink bundle-name authenticated ! ! archive log config hidekeys ! ! ! ! ! username admin privilege 15 secret 5 $1$J9.1$Hy5OeGNL40k..5Bam.EsU/ ! ! ip ssh version 1 class-map type traffic match-any CLS_BLOCKED_REDIRECT match access-group input name ACL_BLOCKED_REDIRECT ! class-map type traffic match-any CLS_BLOCKED_TRUSTED match access-group input name ACL_BLOCKED_TRUSTED match access-group output name ACL_BLOCKED_TRUSTED ! class-map type traffic match-any CLS_NOSHAPE match access-group output name ACL_NOSHAPE match access-group input name ACL_NOSHAPE ! class-map type traffic match-any CLS_NEGBAL_REDIRECT match access-group input name ACL_NEGBAL_REDIRECT ! class-map type traffic match-any CLS_NEGBAL_TRUSTED match access-group input name ACL_NEGBAL_TRUSTED match access-group output name ACL_NEGBAL_TRUSTED ! class-map type traffic match-any CLS_ACCEPT match access-group input name ACL_NEGBAL_TRUSTED match access-group output name ACL_NEGBAL_TRUSTED ! class-map type control match-all CTRL_TIMER_AUTH match authen-status authenticated match timer TIMER_AUTH ! class-map type control match-all CTRL_TIMER_UNAUTH match authen-status unauthenticated match timer TIMER_UNAUTH ! policy-map type control CTRL_IPOE class type control always event timed-policy-expiry 1 service disconnect ! class type control always event account-logoff 1 service disconnect ! class type control always event radius-timeout 10 set-timer TIMER_UNAUTH 10 20 service-policy type service name FWPOL_DEFAULT ! class type control always event session-start 10 set-timer TIMER_AUTH 10080 20 authorize aaa list AAA_LIST_IPOE password servicemode identifier source-ip-address 30 set-timer TIMER_UNAUTH 5 40 service-policy type service name FWPOL_BLOCKED_TRUSTED 50 service-policy type service name FWPOL_BLOCKED_REDIRECT ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface GigabitEthernet0/1 ip address dhcp ip nat outside media-type rj45 speed auto duplex auto no negotiation auto ! interface GigabitEthernet0/2 no ip address shutdown media-type rj45 speed auto duplex auto no negotiation auto ! interface GigabitEthernet0/3 no ip address media-type rj45 speed auto duplex auto no negotiation auto ! interface GigabitEthernet0/3.10 encapsulation dot1Q 10 ip address 10.1.0.1 255.255.255.0 ip nat inside ! interface GigabitEthernet0/3.250 encapsulation dot1Q 250 ip address 10.1.10.1 255.255.255.0 ip nat inside ip flow ingress ip flow egress service-policy type control CTRL_IPOE ip subscriber routed initiator unclassified ip-address ! ip nat translation timeout 300 ip nat translation tcp-timeout 12000 ip nat translation pptp-timeout 12000 ip nat translation udp-timeout 60 ip nat translation finrst-timeout 10 ip nat translation syn-timeout 10 ip nat translation icmp-timeout 10 ip nat translation port-timeout tcp 80 180 ip nat translation port-timeout tcp 8080 180 ip nat translation port-timeout tcp 1600 180 ip nat translation port-timeout tcp 110 180 ip nat translation port-timeout tcp 25 180 ip nat inside source list 10 interface GigabitEthernet0/1 overload ip forward-protocol nd ! ip flow-export source GigabitEthernet0/3 ip flow-export version 5 ip flow-export destination 10.1.0.2 9996 ! no ip http server no ip http secure-server ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 ! ip access-list extended ACL_ACCEPT permit ip any any ip access-list extended ACL_BLOCKED_REDIRECT deny ip any host 10.1.0.2 deny ip host 10.1.0.2 any permit tcp any any eq www deny ip any any ip access-list extended ACL_BLOCKED_TRUSTED permit udp any any eq domain permit ip any host 10.1.0.2 permit ip host 10.1.0.2 any ip access-list extended ACL_NEGBAL_REDIRECT deny ip any host 10.1.0.2 deny ip host 10.1.0.2 any permit tcp any any eq www deny ip any any ip access-list extended ACL_NEGBAL_TRUSTED permit udp any any eq domain permit ip any host 10.1.0.2 permit ip host 10.1.0.2 any ip access-list extended ACL_NOSHAPE permit ip any host 10.1.0.2 permit ip host 10.1.0.2 any ! access-list 10 permit 10.1.0.0 0.0.0.255 access-list 23 permit 10.1.0.0 0.0.0.255 ! ! radius-server attribute 44 include-in-access-req default-vrf radius-server vsa send cisco-nas-port radius-server vsa send authentication ! ! control-plane ! ! line con 0 stopbits 1 line aux 0 stopbits 1 line vty 0 4 access-class 23 in exec-timeout 600 0 logging synchronous transport input ssh ! ntp master 3 ntp update-calendar ntp server ntp2.stratum2.ru ntp server ntp3.stratum2.ru ntp server time-a.nist.gov prefer ! end Edited April 14, 2016 by Andrey75 Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Andrey75 Posted April 14, 2016 (edited) нет совпадений Cisco-AVpair? Безымянный.bmp ip присваивает биллинг у абонента он есть DHCP работает Edited April 14, 2016 by Andrey75 Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
alexaaa Posted April 14, 2016 (edited) это требует у вас пароль пользователя на авторизацию 20 authorize aaa list AAA_LIST_IPOE password > servicemode < identifier source-ip-address добавте атрибуты radius-server attribute 44 include-in-access-req radius-server attribute 44 extend-with-addr radius-server attribute 8 include-in-access-req radius-server attribute 32 include-in-accounting-req radius-server attribute 55 include-in-acct-req radius-server attribute 31 mac format unformatted radius-server vsa send cisco-nas-port radius-server vsa send accounting radius-server vsa send authentication Edited April 14, 2016 by alexaaa Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Andrey75 Posted April 14, 2016 это требует у вас пароль пользователя на авторизацию 20 authorize aaa list AAA_LIST_IPOE password > servicemode < identifier source-ip-address добавте атрибуты radius-server attribute 44 include-in-access-req radius-server attribute 44 extend-with-addr radius-server attribute 8 include-in-access-req radius-server attribute 32 include-in-accounting-req radius-server attribute 55 include-in-acct-req radius-server attribute 31 mac format unformatted radius-server vsa send cisco-nas-port radius-server vsa send accounting radius-server vsa send authentication не помогло, в логах тоже ошибка авторизации ip/servicemode Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
alexaaa Posted April 14, 2016 рабочий вариант class-map type traffic match-any CM_T_NoMoney_PASS match access-group input name CM_T_NoMoney_PASS match access-group output name CM_T_NoMoney_PASS ! class-map type traffic match-any CM_T_NoMoney_REDIRECT_WWW match access-group input name CM_T_NoMoney_REDIRECT_WWW ! class-map type traffic match-any CM_T_NoMoney_REDIRECT_DNS match access-group input name CM_T_NoMoney_REDIRECT_DNS ! class-map type traffic match-any CM_ANY match access-group input name CM_T_ANY match access-group output name CM_T_ANY ! class-map type traffic match-any CM_ANY6 match access-group input name CM_T_ANY6 match access-group output name CM_T_ANY6 ! class-map type traffic match-any CM_T_NoMoney_PASS_HTTPS match access-group input name CM_T_NoMoney_PASS_HTTPS match access-group output name CM_T_NoMoney_PASS_HTTPS ! class-map type control match-all CM_C_IPoE_RTIMEOUT_REAUTH match timer IPoE_RTIMEOUT_REAUTH match authen-status unauthenticated ! class-map type control match-all CM_C_IPoE_REJECT_REAUTH match timer IPoE_REJECT_REAUTH match authen-status unauthenticated ! policy-map type service NoMoney10 10 class type traffic CM_T_NoMoney_PASS ! class type traffic default in-out drop ! ! policy-map type service NoMoney500 500 class type traffic CM_T_NoMoney_REDIRECT_WWW redirect to group NoMoney ! class type traffic default in-out drop ! ! policy-map type service NoMoney510 510 class type traffic CM_T_NoMoney_REDIRECT_DNS redirect to group NoMoneyDNS ! class type traffic default in-out drop ! ! policy-map type service Internet 100 class type traffic CM_ANY ! class type traffic default in-out drop ! ! ! policy-map type service NoMoney400 400 class type traffic CM_T_NoMoney_PASS_HTTPS police input 128000 police output 128000 ! class type traffic default in-out drop ! policy-map type control IPoE class type control CM_C_IPoE_RTIMEOUT_REAUTH event timed-policy-expiry 1 service disconnect ! class type control CM_C_IPoE_REJECT_REAUTH event timed-policy-expiry 1 service disconnect ! class type control always event session-start 10 authorize aaa list IPOE password ciscoo identifier source-ip-address 20 set-timer IPoE_REJECT_REAUTH 1 30 service-policy type service aaa list IPOE name NoMoney10 34 service-policy type service aaa list IPOE name NoMoney400 40 service-policy type service aaa list IPOE name NoMoney500 50 service-policy type service aaa list IPOE name NoMoney510 ! class type control always event service-stop 1 service-policy type service unapply identifier service-name ! class type control always event session-restart 10 authorize aaa list IPOE password ciscoo identifier source-ip-address 20 set-timer IPoE_REJECT_REAUTH 1 30 service-policy type service aaa list IPOE name NoMoney10 34 service-policy type service aaa list IPOE name NoMoney400 40 service-policy type service aaa list IPOE name NoMoney500 50 service-policy type service aaa list IPOE name NoMoney510 ! class type control always event radius-timeout 1 set-timer IPoE_RTIMEOUT_REAUTH 1 10 service-policy type service aaa list IPOE name NoMoney10 14 service-policy type service aaa list IPOE name NoMoney400 20 service-policy type service aaa list IPOE name NoMoney500 30 service-policy type service aaa list IPOE name NoMoney510 ! ! Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Andrey75 Posted April 14, 2016 (edited) class type control always event session-start 10 authorize aaa list IPOE password ciscoo identifier source-ip-address 20 set-timer IPoE_REJECT_REAUTH 1 30 service-policy type service aaa list IPOE name NoMoney10 34 service-policy type service aaa list IPOE name NoMoney400 40 service-policy type service aaa list IPOE name NoMoney500 50 service-policy type service aaa list IPOE name NoMoney510 у Вас "10 authorize aaa list IPOE password ciscoo identifier source-ip-address" У меня "20 authorize aaa list AAA_LIST_IPOE password servicemode identifier source-ip-address" где брать этот пароль на радиусе? в логах радиуса биллинга ошибка Auth: Login incorrect: [10.1.10.21/servicemode] Edited April 14, 2016 by Andrey75 Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Andrey75 Posted April 14, 2016 СПАСИБО alexaaa! Поставил пароль абоненту servicemode , абонент авторизуется. интернета нет, подскажите по конфигу где копать? Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
alexaaa Posted April 14, 2016 СПАСИБО alexaaa! Поставил пароль абоненту servicemode , абонент авторизуется. интернета нет, подскажите по конфигу где копать? выставите приоритеты классам Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Andrey75 Posted April 14, 2016 думаю нет НАТа Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Andrey75 Posted April 16, 2016 (edited) СПАСИБО alexaaa! Поставил пароль абоненту servicemode , абонент авторизуется. интернета нет, подскажите по конфигу где копать? выставите приоритеты классам опять же СПАСИБО не могу понять как выдавать ip с 30 маской? и возможен редирект, если нет авторизации по радиусу Edited April 16, 2016 by Andrey75 Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Red_Sam Posted April 18, 2016 Если рад-сервер признается мертвым то абонентов должно выпускать в инет. Вы обращались в ТП биллинга? Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
TiRider Posted April 22, 2016 Сделайте ISG, но без NATа, т.к. железка на неё не рассчитана. Это будет правильнее. Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Andrey75 Posted May 11, 2016 (edited) помогите с редиректом при не авторизованном абоненте конфиг redirect server-group RSG_NEGBAL_REDIRECT server ip 10.1.0.2 port 442 ! redirect server-group RSG_BLOCKED_REDIRECT server ip 10.1.0.2 port 444 ! redirect server-group RSG_RADIUS_REDIRECT server ip 10.1.0.2 port 440 ! ! ! ip ssh version 1 class-map type traffic match-any CLS_RADIUS_REDIRECT match access-group input name ACL_RADIUS_REDIRECT ! class-map type traffic match-any CLS_ACCEPT match access-group input name ACL_NEGBAL_TRUSTED match access-group output name ACL_NEGBAL_TRUSTED ! class-map type traffic match-any CLS_NEGBAL_TRUSTED match access-group input name ACL_NEGBAL_TRUSTED match access-group output name ACL_NEGBAL_TRUSTED ! class-map type traffic match-any CLS_NEGBAL_REDIRECT match access-group input name ACL_NEGBAL_REDIRECT ! class-map type traffic match-any CLS_NOSHAPE match access-group output name ACL_NOSHAPE match access-group input name ACL_NOSHAPE ! class-map type traffic match-any CLS_BLOCKED_TRUSTED match access-group input name ACL_BLOCKED_TRUSTED match access-group output name ACL_BLOCKED_TRUSTED ! class-map type traffic match-any CLS_BLOCKED_REDIRECT match access-group input name ACL_BLOCKED_REDIRECT ! class-map type control match-all CTRL_TIMER_UNAUTH match authen-status unauthenticated match timer TIMER_UNAUTH ! class-map type control match-all CTRL_TIMER_AUTH match authen-status authenticated match timer TIMER_AUTH ! ! policy-map type service FWPOL_ACCEPT service local class type traffic CLS_ACCEPT ! ! policy-map type service FWPOL_NEGBAL_TRUSTED service local class type traffic CLS_NEGBAL_TRUSTED ! ! policy-map type service FWPOL_NEGBAL_REDIRECT service local class type traffic CLS_NEGBAL_REDIRECT redirect to group RSG_NEGBAL_REDIRECT ! class type traffic default in-out drop ! ! policy-map type service FWPOL_BLOCKED_TRUSTED service local class type traffic CLS_BLOCKED_TRUSTED ! ! policy-map type service FWPOL_BLOCKED_REDIRECT service local class type traffic CLS_BLOCKED_REDIRECT redirect to group RSG_BLOCKED_REDIRECT ! class type traffic default in-out drop ! ! policy-map type service FWPOL_DEFAULT service local 10 class type traffic CLS_ACCEPT police input 512000 police output 512000 ! ! policy-map type service FWPOL_NOSHAPE class type traffic CLS_NOSHAPE police input 90000000 police output 90000000 ! ! policy-map type service FWPOL_RADIUS_REDIRECT service local class type traffic CLS_RADIUS_REDIRECT redirect to group RSG_RADIUS_REDIRECT ! ! policy-map type control CTRL_IPOE class type control always event timed-policy-expiry 1 service disconnect ! class type control always event account-logoff 1 service disconnect ! class type control always event radius-timeout 10 set-timer TIMER_UNAUTH 10 20 service-policy type service name FWPOL_DEFAULT ! class type control always event session-start 10 authorize aaa list AAA_LIST_IPOE password adminIPoE identifier source-ip-address 20 set-timer TIMER_UNAUTH 1 30 service-policy type service name FWPOL_ACCEPT 40 service-policy type service name FWPOL_NEGBAL_TRUSTED 50 service-policy type service name FWPOL_NEGBAL_REDIRECT 60 service-policy type service name FWPOL_BLOCKED_TRUSTED 70 service-policy type service name FWPOL_BLOCKED_REDIRECT 80 service-policy type service name FWPOL_RADIUS_REDIRECT ! class type control always event session-restart 10 authorize aaa list AAA_LIST_IPOE password adminIPoE identifier source-ip-address 20 set-timer TIMER_UNAUTH 1 30 service-policy type service name FWPOL_ACCEPT 40 service-policy type service name FWPOL_NEGBAL_TRUSTED 50 service-policy type service name FWPOL_NEGBAL_REDIRECT 60 service-policy type service name FWPOL_BLOCKED_TRUSTED 70 service-policy type service name FWPOL_BLOCKED_REDIRECT 80 service-policy type service name FWPOL_RADIUS_REDIRECT ! ! ip access-list extended ACL_ACCEPT permit ip any any ip access-list extended ACL_BLOCKED_REDIRECT deny ip any host 10.1.0.2 deny ip host 10.1.0.2 any permit tcp any any eq www deny ip any any ip access-list extended ACL_BLOCKED_TRUSTED permit udp any any eq domain permit ip any host 10.1.0.2 permit ip host 10.1.0.2 any ip access-list extended ACL_NAT permit ip any 10.1.10.0 0.0.0.255 permit ip 10.1.10.0 0.0.0.255 any ip access-list extended ACL_NEGBAL_REDIRECT deny ip any host 10.1.0.2 deny ip host 10.1.0.2 any permit tcp any any eq www deny ip any any ip access-list extended ACL_NEGBAL_TRUSTED permit udp any any eq domain permit ip any host 10.1.0.2 permit ip host 10.1.0.2 any ip access-list extended ACL_NOSHAPE permit ip any host 10.1.0.2 permit ip host 10.1.0.2 any ip access-list extended ACL_RADIUS_REDIRECT deny ip any host 10.1.0.2 deny ip host 10.1.0.2 any permit tcp any any eq www deny ip any any ip access-list extended WIFIGainy permit ip any any Edited May 11, 2016 by Andrey75 Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Andrey75 Posted May 12, 2016 совсем все плохо? Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Andrey75 Posted May 13, 2016 где у меня ошибка? ПОМОГИТЕ! KharinoIPoE#show subscriber session Codes: Lterm - Local Term, Fwd - forwarded, unauth - unathenticated, authen - authenticated, TC Ct. - Number of Traffic Classes on the main session Current Subscriber Information: Total sessions 47 Uniq ID Interface State Service Up-time TC Ct. Identifier 46 IP authen Lterm 3d00h 2 10.1.10.52 988 IP authen Lterm 3d00h 2 10.1.10.106 312 IP unauthen Attempting 00:00:00 0 172.24.7.202 1031 IP authen Lterm 2d23h 2 10.1.10.64 1040 IP authen Lterm 1d00h 2 172.24.0.77 998 IP authen Lterm 1d00h 2 10.1.10.130 764 IP authen Lterm 1d21h 2 172.24.0.73 733 IP authen Lterm 1d21h 2 10.1.10.49 749 IP authen Lterm 1d21h 2 10.1.10.20 10 IP authen Lterm 2d05h 2 10.1.10.61 305 IP unauthen Lterm 22:33:30 2 172.24.7.200 303 IP unauthen Lterm 23:29:50 0 172.24.7.201 1038 IP authen Lterm 2d09h 2 10.1.10.34 1036 IP authen Lterm 2d11h 2 10.1.10.109 996 IP authen Lterm 2d10h 2 10.1.10.103 1034 IP authen Lterm 2d20h 2 10.1.10.85 991 IP authen Lterm 2d21h 2 10.1.10.82 956 IP authen Lterm 2d12h 2 10.1.10.58 1032 IP authen Lterm 2d22h 2 10.1.10.16 473 IP authen Lterm 2d22h 2 10.1.10.115 835 IP authen Lterm 3d00h 2 172.24.0.69 816 IP authen Lterm 3d00h 2 10.1.10.94 825 IP authen Lterm 3d00h 2 10.1.10.19 831 IP authen Lterm 3d01h 2 10.1.10.5 826 IP authen Lterm 3d00h 2 10.1.10.124 829 IP authen Lterm 3d00h 2 10.1.10.100 827 IP authen Lterm 3d01h 2 10.1.10.55 811 IP authen Lterm 3d01h 2 10.1.10.127 823 IP authen Lterm 3d01h 2 10.1.10.37 820 IP authen Lterm 3d01h 2 10.1.10.79 828 IP authen Lterm 3d00h 2 10.1.10.67 806 IP authen Lterm 3d01h 2 10.1.10.31 821 IP authen Lterm 3d01h 2 10.1.10.121 822 IP authen Lterm 3d01h 2 10.1.10.70 817 IP authen Lterm 3d01h 2 10.1.10.135 815 IP authen Lterm 3d01h 2 10.1.10.118 810 IP authen Lterm 3d01h 2 10.1.10.22 819 IP authen Lterm 3d01h 2 10.1.10.136 813 IP authen Lterm 3d01h 2 10.1.10.76 809 IP authen Lterm 3d01h 2 10.1.10.131 814 IP authen Lterm 3d01h 2 10.1.10.7 808 IP authen Lterm 3d01h 2 10.1.10.15 818 IP authen Lterm 3d01h 2 10.1.10.88 800 IP authen Lterm 3d01h 2 10.1.10.138 807 IP authen Lterm 3d01h 2 10.1.10.140 804 IP authen Lterm 3d01h 2 10.1.10.97 812 IP authen Lterm 3d01h 2 10.1.10.40 KharinoIPoE#show subscriber session uid 312 KharinoIPoE# ip 172.24.0.202 присваивает биллинг без привязки к мак адресу. как редиректить такой ip Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Red_Sam Posted May 16, 2016 ip 172.24.0.202 присваивает биллинг без привязки к мак адресу. как редиректить такой ip Уверен что биллинг присваивает адреса корректно. Судя по всему вы не используете ни мак-привязку, ни опцию82. Адреса выдает ICS-DHCP и настраивается он через вебку биллинга Фраза "как редиректить такой ip" предполагает что биллинг выдает "плохой, неправильный" адрес который невозможно редиректить. Откройте конфиг схемы, почитайте его и сравните с тем что у Вас на оборудовании Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
