Star1609 Posted April 3, 2014 Posted April 3, 2014 Есть железка juniper MX5-T , пытаюсь терментировать pppoe включился ноутом в ge1/1/1 шлю PADI и получаю PADO и error 651 В лог ничего не пищет , на радус сервер ничего не отправляет (смотрю tcpdump) , логирование настроено в конфиге ниже. Куда смотреть в чем ошибся ? На ней лицензии: admin> show system license License usage: Licenses Licenses Licenses Expiry Feature name used installed needed subscriber-accounting 1 1 0 permanent subscriber-authentication 0 1 0 permanent subscriber-address-assignment 0 1 0 permanent subscriber-vlan 0 1 0 permanent subscriber-ip 0 1 0 permanent scale-subscriber 0 1000 0 permanent scale-l2tp 0 1000 0 permanent scale-mobile-ip 0 1000 0 permanent Licenses installed: License identifier: E000185416 License version: 2 Features: subscriber-accounting - Per Subscriber Radius Accounting permanent subscriber-authentication - Per Subscriber Radius Authentication permanent subscriber-address-assignment - Radius/SRC Address Pool Assignment permanent subscriber-vlan - Dynamic Auto-sensed Vlan permanent subscriber-ip - Dynamic and Static IP permanent КОНФИГ: dynamic-profiles { PPPOE-test { interfaces { pp0 { unit "$junos-interface-unit" { ppp-options { pap; } pppoe-options { underlying-interface "$junos-underlying-interface"; server; } keepalives interval 30; family inet { unnumbered-address lo0.0; } } } } } } interfaces { ge-1/1/1 { unit 0 { encapsulation ppp-over-ether; pppoe-underlying-options { dynamic-profile PPPOE-tenet; } } fxp0 { unit 0 { family inet { address 192.168.10.1/24; } } } access { radius-server { 192.168.10.2 secret "$9$avZi.FnCOBE69vLx-g4"; ## SECRET-DATA } group-profile DNS { ppp { primary-dns 8.8.8.8; } } profile RAD_tenet { accounting-order radius; authentication-order radius; radius { authentication-server 192.168.10.2; accounting-server 192.168.10.2; } accounting { order radius; accounting-stop-on-failure; accounting-stop-on-access-deny; immediate-update; update-interval 10; statistics volume-time; } } } Логи собираются так system { syslog { user * { any emergency; } file messages { any any; authorization info; } file interactive-commands { interactive-commands any; } } } } Вставить ник Quote
nnm Posted April 4, 2014 Posted April 4, 2014 (edited) 1. Есть в конфиге фраза access-profile RAD_tenet? 2. Перенесите конфигурацию radius сервера с secret в [access profile RAD_tenet] И да, очень удобно читать выложенный конфиг. :( Edited April 4, 2014 by nnm Вставить ник Quote
.png.5d2afa2996cc6a85d0f2c09b92dd0a28.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.