Jump to content
Калькуляторы

Не работает PPPoE на железке juniper MX5-T PPPoE+juniper mx5-t

Есть железка juniper MX5-T , пытаюсь терментировать pppoe включился ноутом в ge1/1/1 шлю PADI и получаю PADO и error 651

В лог ничего не пищет , на радус сервер ничего не отправляет (смотрю tcpdump) , логирование настроено в конфиге ниже.

Куда смотреть в чем ошибся ?

 

На ней лицензии:

 

admin> show system license

License usage:

Licenses Licenses Licenses Expiry

Feature name used installed needed

subscriber-accounting 1 1 0 permanent

subscriber-authentication 0 1 0 permanent

subscriber-address-assignment 0 1 0 permanent

subscriber-vlan 0 1 0 permanent

subscriber-ip 0 1 0 permanent

scale-subscriber 0 1000 0 permanent

scale-l2tp 0 1000 0 permanent

scale-mobile-ip 0 1000 0 permanent

 

Licenses installed:

License identifier: E000185416

License version: 2

Features:

subscriber-accounting - Per Subscriber Radius Accounting

permanent

subscriber-authentication - Per Subscriber Radius Authentication

permanent

subscriber-address-assignment - Radius/SRC Address Pool Assignment

permanent

subscriber-vlan - Dynamic Auto-sensed Vlan

permanent

subscriber-ip - Dynamic and Static IP

permanent

 

КОНФИГ:

dynamic-profiles {

PPPOE-test {

interfaces {

pp0 {

unit "$junos-interface-unit" {

ppp-options {

pap;

}

pppoe-options {

underlying-interface "$junos-underlying-interface";

server;

}

keepalives interval 30;

family inet {

unnumbered-address lo0.0;

}

}

}

}

}

}

 

 

 

interfaces {

 

ge-1/1/1 {

unit 0 {

encapsulation ppp-over-ether;

pppoe-underlying-options {

dynamic-profile PPPOE-tenet;

}

}

 

fxp0 {

unit 0 {

family inet {

address 192.168.10.1/24;

 

}

}

 

}

 

 

 

access {

radius-server {

192.168.10.2 secret "$9$avZi.FnCOBE69vLx-g4"; ## SECRET-DATA

}

group-profile DNS {

ppp {

primary-dns 8.8.8.8;

}

}

profile RAD_tenet {

accounting-order radius;

authentication-order radius;

radius {

authentication-server 192.168.10.2;

accounting-server 192.168.10.2;

}

accounting {

order radius;

accounting-stop-on-failure;

accounting-stop-on-access-deny;

immediate-update;

update-interval 10;

statistics volume-time;

}

}

}

 

Логи собираются так

system {

 

syslog {

user * {

any emergency;

}

file messages {

any any;

authorization info;

}

file interactive-commands {

interactive-commands any;

}

}

}

}

Share this post


Link to post
Share on other sites

1. Есть в конфиге фраза access-profile RAD_tenet?

2. Перенесите конфигурацию radius сервера с secret в [access profile RAD_tenet]

 

И да, очень удобно читать выложенный конфиг. :(

Edited by nnm

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.