2bit Posted April 9, 2009 (edited) · Report post Cisco 2811. Первый раз взял в руки Cisco маршрутизатор. Накидал вот такой конфиг PPTP+Radius: ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! aaa new-model aaa authentication login default local aaa authentication ppp default group radius aaa authorization exec default local aaa authorization network default group radius aaa accounting network default start-stop group radius aaa accounting system default start-stop group radius enable secret 5 password enable password password ! username admin password password ip subnet-zero no ip rcmd domain-lookup ip domain-name router hostname Router ip name-server 192.168.1.21 ip cef vpdn enable ! vpdn-group 1 ! ! Default PPTP VPDN group accept-dialin protocol any virtual-template 1 local name pptp_gateway ! ! interface FastEthernet0/0 no ip address no ip route-cache shutdown duplex auto speed auto ! interface FastEthernet0/1 ip address 192.168.1.1 255.255.255.0 no ip route-cache duplex full speed auto no mop enabled ! interface FastEthernet0/0 ip address 172.18.2.2 255.255.0.0 no ip route-cache duplex full speed auto no mop enabled ! ! Интерфейс замыкания на себя... interface Loopback 1 ip address 172.22.0.0 255.255.255.255 ! ! interface Virtual-Template1 ip unnumbered Loopback 1 ip mtu 1492 autodetect encapsulation ppp ppp authentication chap callin ! ! ! ip http server no ip http secure-server ! ip radius source-interface FastEthernet0/1 ! radius-server configure-nas radius-server host 192.168.1.21 auth-port 1812 acct-port 1813 radius-server retransmit 3 radius-server timeout 30 radius-server key radius radius-server vsa send accounting radius-server vsa send authentication ! ! ! ! line con 0 line aux 0 line vty 0 4 password password ! ! end Это вроде как черновой вариант. Сильно страшный? Вопрос в следующем. Radius начинает работать только когда пройдет 15мин после загрузки Cisco. В консоле пишется: Press RETURN to get started! sslinit fn *Apr 9 15:42:20.779: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0 State changed to: Initialized *Apr 9 15:42:20.783: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0 State changed to: Enabled *Apr 9 15:42:21.775: %LINEPROTO-5-UPDOWN: Line protocol on Interface VoIP-Null0, changed state to up *Apr 9 15:42:21.775: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up *Apr 9 15:42:21.775: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up *Apr 9 15:42:22.775: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down *Apr 9 15:42:22.775: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up *Apr 9 15:42:24.071: %SYS-5-CONFIG_I: Configured from memory by console *Apr 9 15:42:24.587: %SYS-5-RESTART: System restarted -- Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(3a), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2005 by Cisco Systems, Inc. Compiled Fri 30-Sep-05 13:24 by hqluong *Apr 9 15:42:24.591: %SNMP-5-COLDSTART: SNMP agent on host Router is undergoing a cold start *Apr 9 15:42:25.147: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF *Apr 9 15:42:25.147: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up *Apr 9 15:42:25.815: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down *Apr 9 15:42:29.603: %RADIUS-6-GETROUTES: Retrieving static routes in user route-1 *Apr 9 15:43:04.907: %RADIUS-3-NOHOSTNAME: Failed to retrieve my hostname. *Apr 9 15:47:11.267: %RADIUS-4-RADIUS_DEAD: RADIUS server 192.168.1.21:1812,1813 is not responding. *Apr 9 15:47:11.271: %RADIUS-4-RADIUS_ALIVE: RADIUS server 192.168.1.21:1812,1813 has returned. *Apr 9 15:49:37.663: %RADIUS-4-RADIUS_DEAD: RADIUS server 192.168.1.21:1812,1813 is not responding. *Apr 9 15:49:37.667: %RADIUS-4-RADIUS_ALIVE: RADIUS server 192.168.1.21:1812,1813 has returned. *Apr 9 15:52:23.891: %RADIUS-4-RADIUS_DEAD: RADIUS server 192.168.1.21:1812,1813 is not responding. *Apr 9 15:52:23.895: %RADIUS-4-RADIUS_ALIVE: RADIUS server 192.168.1.21:1812,1813 has returned. *Apr 9 15:55:52.471: %RADIUS-4-RADIUS_DEAD: RADIUS server 192.168.1.21:1812,1813 is not responding. *Apr 9 15:55:52.471: %AAAA-3-DROPACCTSNDFAIL: Accounting record dropped, send to server failed: system-start *Apr 9 15:55:52.471: %RADIUS-4-RADIUS_ALIVE: RADIUS server 192.168.1.21:1812,1813 has returned. *Apr 9 15:59:03.115: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up *Apr 9 15:59:03.119: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to up *Apr 9 15:59:04.115: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up *Apr 9 15:59:04.119: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, changed state to up *Apr 9 15:59:29.107: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to down *Apr 9 15:59:30.107: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, changed state to down Edited April 9, 2009 by 2bit Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
2bit Posted April 9, 2009 · Report post При загрузке Cisco ломится на Radius сервер с какими-то запросами `Route-1`/ Вообщем не человек кошка =( (С) Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
2bit Posted April 10, 2009 · Report post Лишние запросы на Radius отключаются через: no radius-server configure-nas Ошибки о не доступности Radius сервера являются багом Cisco и никак их не поправить. Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
