Andrey75 Posted May 13, 2016 · Report post помогите с редиректом при не авторизованном абоненте конфиг redirect server-group RSG_NEGBAL_REDIRECT server ip 10.1.0.2 port 442 ! redirect server-group RSG_BLOCKED_REDIRECT server ip 10.1.0.2 port 444 ! redirect server-group RSG_RADIUS_REDIRECT server ip 10.1.0.2 port 440 ! ! ! ip ssh version 1 class-map type traffic match-any CLS_RADIUS_REDIRECT match access-group input name ACL_RADIUS_REDIRECT ! class-map type traffic match-any CLS_ACCEPT match access-group input name ACL_NEGBAL_TRUSTED match access-group output name ACL_NEGBAL_TRUSTED ! class-map type traffic match-any CLS_NEGBAL_TRUSTED match access-group input name ACL_NEGBAL_TRUSTED match access-group output name ACL_NEGBAL_TRUSTED ! class-map type traffic match-any CLS_NEGBAL_REDIRECT match access-group input name ACL_NEGBAL_REDIRECT ! class-map type traffic match-any CLS_NOSHAPE match access-group output name ACL_NOSHAPE match access-group input name ACL_NOSHAPE ! class-map type traffic match-any CLS_BLOCKED_TRUSTED match access-group input name ACL_BLOCKED_TRUSTED match access-group output name ACL_BLOCKED_TRUSTED ! class-map type traffic match-any CLS_BLOCKED_REDIRECT match access-group input name ACL_BLOCKED_REDIRECT ! class-map type control match-all CTRL_TIMER_UNAUTH match authen-status unauthenticated match timer TIMER_UNAUTH ! class-map type control match-all CTRL_TIMER_AUTH match authen-status authenticated match timer TIMER_AUTH ! ! policy-map type service FWPOL_ACCEPT service local class type traffic CLS_ACCEPT ! ! policy-map type service FWPOL_NEGBAL_TRUSTED service local class type traffic CLS_NEGBAL_TRUSTED ! ! policy-map type service FWPOL_NEGBAL_REDIRECT service local class type traffic CLS_NEGBAL_REDIRECT redirect to group RSG_NEGBAL_REDIRECT ! class type traffic default in-out drop ! ! policy-map type service FWPOL_BLOCKED_TRUSTED service local class type traffic CLS_BLOCKED_TRUSTED ! ! policy-map type service FWPOL_BLOCKED_REDIRECT service local class type traffic CLS_BLOCKED_REDIRECT redirect to group RSG_BLOCKED_REDIRECT ! class type traffic default in-out drop ! ! policy-map type service FWPOL_DEFAULT service local 10 class type traffic CLS_ACCEPT police input 512000 police output 512000 ! ! policy-map type service FWPOL_NOSHAPE class type traffic CLS_NOSHAPE police input 90000000 police output 90000000 ! ! policy-map type service FWPOL_RADIUS_REDIRECT service local class type traffic CLS_RADIUS_REDIRECT redirect to group RSG_RADIUS_REDIRECT ! ! policy-map type control CTRL_IPOE class type control always event timed-policy-expiry 1 service disconnect ! class type control always event account-logoff 1 service disconnect ! class type control always event radius-timeout 10 set-timer TIMER_UNAUTH 10 20 service-policy type service name FWPOL_DEFAULT ! class type control always event session-start 10 authorize aaa list AAA_LIST_IPOE password adminIPoE identifier source-ip-address 20 set-timer TIMER_UNAUTH 1 30 service-policy type service name FWPOL_ACCEPT 40 service-policy type service name FWPOL_NEGBAL_TRUSTED 50 service-policy type service name FWPOL_NEGBAL_REDIRECT 60 service-policy type service name FWPOL_BLOCKED_TRUSTED 70 service-policy type service name FWPOL_BLOCKED_REDIRECT 80 service-policy type service name FWPOL_RADIUS_REDIRECT ! class type control always event session-restart 10 authorize aaa list AAA_LIST_IPOE password adminIPoE identifier source-ip-address 20 set-timer TIMER_UNAUTH 1 30 service-policy type service name FWPOL_ACCEPT 40 service-policy type service name FWPOL_NEGBAL_TRUSTED 50 service-policy type service name FWPOL_NEGBAL_REDIRECT 60 service-policy type service name FWPOL_BLOCKED_TRUSTED 70 service-policy type service name FWPOL_BLOCKED_REDIRECT 80 service-policy type service name FWPOL_RADIUS_REDIRECT ! ! ip access-list extended ACL_ACCEPT permit ip any any ip access-list extended ACL_BLOCKED_REDIRECT deny ip any host 10.1.0.2 deny ip host 10.1.0.2 any permit tcp any any eq www deny ip any any ip access-list extended ACL_BLOCKED_TRUSTED permit udp any any eq domain permit ip any host 10.1.0.2 permit ip host 10.1.0.2 any ip access-list extended ACL_NAT permit ip any 10.1.10.0 0.0.0.255 permit ip 10.1.10.0 0.0.0.255 any ip access-list extended ACL_NEGBAL_REDIRECT deny ip any host 10.1.0.2 deny ip host 10.1.0.2 any permit tcp any any eq www deny ip any any ip access-list extended ACL_NEGBAL_TRUSTED permit udp any any eq domain permit ip any host 10.1.0.2 permit ip host 10.1.0.2 any ip access-list extended ACL_NOSHAPE permit ip any host 10.1.0.2 permit ip host 10.1.0.2 any ip access-list extended ACL_RADIUS_REDIRECT deny ip any host 10.1.0.2 deny ip host 10.1.0.2 any permit tcp any any eq www deny ip any any ip access-list extended WIFIGainy permit ip any any где у меня ошибка? ПОМОГИТЕ! KharinoIPoE#show subscriber session Codes: Lterm - Local Term, Fwd - forwarded, unauth - unathenticated, authen - authenticated, TC Ct. - Number of Traffic Classes on the main session Current Subscriber Information: Total sessions 47 Uniq ID Interface State Service Up-time TC Ct. Identifier 46 IP authen Lterm 3d00h 2 10.1.10.52 988 IP authen Lterm 3d00h 2 10.1.10.106 312 IP unauthen Attempting 00:00:00 0 172.24.7.202 1031 IP authen Lterm 2d23h 2 10.1.10.64 1040 IP authen Lterm 1d00h 2 172.24.0.77 998 IP authen Lterm 1d00h 2 10.1.10.130 764 IP authen Lterm 1d21h 2 172.24.0.73 733 IP authen Lterm 1d21h 2 10.1.10.49 749 IP authen Lterm 1d21h 2 10.1.10.20 10 IP authen Lterm 2d05h 2 10.1.10.61 305 IP unauthen Lterm 22:33:30 2 172.24.7.200 303 IP unauthen Lterm 23:29:50 0 172.24.7.201 1038 IP authen Lterm 2d09h 2 10.1.10.34 1036 IP authen Lterm 2d11h 2 10.1.10.109 996 IP authen Lterm 2d10h 2 10.1.10.103 1034 IP authen Lterm 2d20h 2 10.1.10.85 991 IP authen Lterm 2d21h 2 10.1.10.82 956 IP authen Lterm 2d12h 2 10.1.10.58 1032 IP authen Lterm 2d22h 2 10.1.10.16 473 IP authen Lterm 2d22h 2 10.1.10.115 835 IP authen Lterm 3d00h 2 172.24.0.69 816 IP authen Lterm 3d00h 2 10.1.10.94 825 IP authen Lterm 3d00h 2 10.1.10.19 831 IP authen Lterm 3d01h 2 10.1.10.5 826 IP authen Lterm 3d00h 2 10.1.10.124 829 IP authen Lterm 3d00h 2 10.1.10.100 827 IP authen Lterm 3d01h 2 10.1.10.55 811 IP authen Lterm 3d01h 2 10.1.10.127 823 IP authen Lterm 3d01h 2 10.1.10.37 820 IP authen Lterm 3d01h 2 10.1.10.79 828 IP authen Lterm 3d00h 2 10.1.10.67 806 IP authen Lterm 3d01h 2 10.1.10.31 821 IP authen Lterm 3d01h 2 10.1.10.121 822 IP authen Lterm 3d01h 2 10.1.10.70 817 IP authen Lterm 3d01h 2 10.1.10.135 815 IP authen Lterm 3d01h 2 10.1.10.118 810 IP authen Lterm 3d01h 2 10.1.10.22 819 IP authen Lterm 3d01h 2 10.1.10.136 813 IP authen Lterm 3d01h 2 10.1.10.76 809 IP authen Lterm 3d01h 2 10.1.10.131 814 IP authen Lterm 3d01h 2 10.1.10.7 808 IP authen Lterm 3d01h 2 10.1.10.15 818 IP authen Lterm 3d01h 2 10.1.10.88 800 IP authen Lterm 3d01h 2 10.1.10.138 807 IP authen Lterm 3d01h 2 10.1.10.140 804 IP authen Lterm 3d01h 2 10.1.10.97 812 IP authen Lterm 3d01h 2 10.1.10.40 KharinoIPoE#show subscriber session uid 312 KharinoIPoE# ip 172.24.0.202 присваивает биллинг без привязки к мак адресу. как редиректить такой ip Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
evgenich Posted May 24, 2016 · Report post нафига ? accept и редирект в сервисе. Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Andrey75 Posted June 9, 2016 · Report post нафига ? accept и редирект в сервисе. неавторизованные абоненты на страницу заявления при сети WI FI например Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...