2bit Posted April 9, 2009 Posted April 9, 2009 (edited) Cisco 2811. Первый раз взял в руки Cisco маршрутизатор. Накидал вот такой конфиг PPTP+Radius: ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! aaa new-model aaa authentication login default local aaa authentication ppp default group radius aaa authorization exec default local aaa authorization network default group radius aaa accounting network default start-stop group radius aaa accounting system default start-stop group radius enable secret 5 password enable password password ! username admin password password ip subnet-zero no ip rcmd domain-lookup ip domain-name router hostname Router ip name-server 192.168.1.21 ip cef vpdn enable ! vpdn-group 1 ! ! Default PPTP VPDN group accept-dialin protocol any virtual-template 1 local name pptp_gateway ! ! interface FastEthernet0/0 no ip address no ip route-cache shutdown duplex auto speed auto ! interface FastEthernet0/1 ip address 192.168.1.1 255.255.255.0 no ip route-cache duplex full speed auto no mop enabled ! interface FastEthernet0/0 ip address 172.18.2.2 255.255.0.0 no ip route-cache duplex full speed auto no mop enabled ! ! Интерфейс замыкания на себя... interface Loopback 1 ip address 172.22.0.0 255.255.255.255 ! ! interface Virtual-Template1 ip unnumbered Loopback 1 ip mtu 1492 autodetect encapsulation ppp ppp authentication chap callin ! ! ! ip http server no ip http secure-server ! ip radius source-interface FastEthernet0/1 ! radius-server configure-nas radius-server host 192.168.1.21 auth-port 1812 acct-port 1813 radius-server retransmit 3 radius-server timeout 30 radius-server key radius radius-server vsa send accounting radius-server vsa send authentication ! ! ! ! line con 0 line aux 0 line vty 0 4 password password ! ! end Это вроде как черновой вариант. Сильно страшный? Вопрос в следующем. Radius начинает работать только когда пройдет 15мин после загрузки Cisco. В консоле пишется: Press RETURN to get started! sslinit fn *Apr 9 15:42:20.779: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0 State changed to: Initialized *Apr 9 15:42:20.783: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0 State changed to: Enabled *Apr 9 15:42:21.775: %LINEPROTO-5-UPDOWN: Line protocol on Interface VoIP-Null0, changed state to up *Apr 9 15:42:21.775: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up *Apr 9 15:42:21.775: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up *Apr 9 15:42:22.775: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down *Apr 9 15:42:22.775: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up *Apr 9 15:42:24.071: %SYS-5-CONFIG_I: Configured from memory by console *Apr 9 15:42:24.587: %SYS-5-RESTART: System restarted -- Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(3a), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2005 by Cisco Systems, Inc. Compiled Fri 30-Sep-05 13:24 by hqluong *Apr 9 15:42:24.591: %SNMP-5-COLDSTART: SNMP agent on host Router is undergoing a cold start *Apr 9 15:42:25.147: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF *Apr 9 15:42:25.147: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up *Apr 9 15:42:25.815: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down *Apr 9 15:42:29.603: %RADIUS-6-GETROUTES: Retrieving static routes in user route-1 *Apr 9 15:43:04.907: %RADIUS-3-NOHOSTNAME: Failed to retrieve my hostname. *Apr 9 15:47:11.267: %RADIUS-4-RADIUS_DEAD: RADIUS server 192.168.1.21:1812,1813 is not responding. *Apr 9 15:47:11.271: %RADIUS-4-RADIUS_ALIVE: RADIUS server 192.168.1.21:1812,1813 has returned. *Apr 9 15:49:37.663: %RADIUS-4-RADIUS_DEAD: RADIUS server 192.168.1.21:1812,1813 is not responding. *Apr 9 15:49:37.667: %RADIUS-4-RADIUS_ALIVE: RADIUS server 192.168.1.21:1812,1813 has returned. *Apr 9 15:52:23.891: %RADIUS-4-RADIUS_DEAD: RADIUS server 192.168.1.21:1812,1813 is not responding. *Apr 9 15:52:23.895: %RADIUS-4-RADIUS_ALIVE: RADIUS server 192.168.1.21:1812,1813 has returned. *Apr 9 15:55:52.471: %RADIUS-4-RADIUS_DEAD: RADIUS server 192.168.1.21:1812,1813 is not responding. *Apr 9 15:55:52.471: %AAAA-3-DROPACCTSNDFAIL: Accounting record dropped, send to server failed: system-start *Apr 9 15:55:52.471: %RADIUS-4-RADIUS_ALIVE: RADIUS server 192.168.1.21:1812,1813 has returned. *Apr 9 15:59:03.115: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up *Apr 9 15:59:03.119: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to up *Apr 9 15:59:04.115: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up *Apr 9 15:59:04.119: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, changed state to up *Apr 9 15:59:29.107: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to down *Apr 9 15:59:30.107: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, changed state to down Edited April 9, 2009 by 2bit Вставить ник Quote
2bit Posted April 9, 2009 Author Posted April 9, 2009 При загрузке Cisco ломится на Radius сервер с какими-то запросами `Route-1`/ Вообщем не человек кошка =( (С) Вставить ник Quote
2bit Posted April 10, 2009 Author Posted April 10, 2009 Лишние запросы на Radius отключаются через: no radius-server configure-nas Ошибки о не доступности Radius сервера являются багом Cisco и никак их не поправить. Вставить ник Quote
.png.5d2afa2996cc6a85d0f2c09b92dd0a28.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.