Star1609 Posted April 3, 2014 · Report post Есть железка juniper MX5-T , пытаюсь терментировать pppoe включился ноутом в ge1/1/1 шлю PADI и получаю PADO и error 651 В лог ничего не пищет , на радус сервер ничего не отправляет (смотрю tcpdump) , логирование настроено в конфиге ниже. Куда смотреть в чем ошибся ? На ней лицензии: admin> show system license License usage: Licenses Licenses Licenses Expiry Feature name used installed needed subscriber-accounting 1 1 0 permanent subscriber-authentication 0 1 0 permanent subscriber-address-assignment 0 1 0 permanent subscriber-vlan 0 1 0 permanent subscriber-ip 0 1 0 permanent scale-subscriber 0 1000 0 permanent scale-l2tp 0 1000 0 permanent scale-mobile-ip 0 1000 0 permanent Licenses installed: License identifier: E000185416 License version: 2 Features: subscriber-accounting - Per Subscriber Radius Accounting permanent subscriber-authentication - Per Subscriber Radius Authentication permanent subscriber-address-assignment - Radius/SRC Address Pool Assignment permanent subscriber-vlan - Dynamic Auto-sensed Vlan permanent subscriber-ip - Dynamic and Static IP permanent КОНФИГ: dynamic-profiles { PPPOE-test { interfaces { pp0 { unit "$junos-interface-unit" { ppp-options { pap; } pppoe-options { underlying-interface "$junos-underlying-interface"; server; } keepalives interval 30; family inet { unnumbered-address lo0.0; } } } } } } interfaces { ge-1/1/1 { unit 0 { encapsulation ppp-over-ether; pppoe-underlying-options { dynamic-profile PPPOE-tenet; } } fxp0 { unit 0 { family inet { address 192.168.10.1/24; } } } access { radius-server { 192.168.10.2 secret "$9$avZi.FnCOBE69vLx-g4"; ## SECRET-DATA } group-profile DNS { ppp { primary-dns 8.8.8.8; } } profile RAD_tenet { accounting-order radius; authentication-order radius; radius { authentication-server 192.168.10.2; accounting-server 192.168.10.2; } accounting { order radius; accounting-stop-on-failure; accounting-stop-on-access-deny; immediate-update; update-interval 10; statistics volume-time; } } } Логи собираются так system { syslog { user * { any emergency; } file messages { any any; authorization info; } file interactive-commands { interactive-commands any; } } } } Share this post Link to post Share on other sites
Star1609 Posted April 4, 2014 · Report post Кто то в курсе ? Share this post Link to post Share on other sites
nnm Posted April 4, 2014 (edited) · Report post 1. Есть в конфиге фраза access-profile RAD_tenet? 2. Перенесите конфигурацию radius сервера с secret в [access profile RAD_tenet] И да, очень удобно читать выложенный конфиг. :( Edited April 4, 2014 by nnm Share this post Link to post Share on other sites
