Jump to content
Калькуляторы

Не работает PPPoE на железке juniper MX5-T PPPoE+juniper mx5-t

Есть железка juniper MX5-T , пытаюсь терментировать pppoe включился ноутом в ge1/1/1 шлю PADI и получаю PADO и error 651

В лог ничего не пищет , на радус сервер ничего не отправляет (смотрю tcpdump) , логирование настроено в конфиге ниже.

Куда смотреть в чем ошибся ?

 

На ней лицензии:

 

admin> show system license

License usage:

Licenses Licenses Licenses Expiry

Feature name used installed needed

subscriber-accounting 1 1 0 permanent

subscriber-authentication 0 1 0 permanent

subscriber-address-assignment 0 1 0 permanent

subscriber-vlan 0 1 0 permanent

subscriber-ip 0 1 0 permanent

scale-subscriber 0 1000 0 permanent

scale-l2tp 0 1000 0 permanent

scale-mobile-ip 0 1000 0 permanent

 

Licenses installed:

License identifier: E000185416

License version: 2

Features:

subscriber-accounting - Per Subscriber Radius Accounting

permanent

subscriber-authentication - Per Subscriber Radius Authentication

permanent

subscriber-address-assignment - Radius/SRC Address Pool Assignment

permanent

subscriber-vlan - Dynamic Auto-sensed Vlan

permanent

subscriber-ip - Dynamic and Static IP

permanent

 

КОНФИГ:

dynamic-profiles {

PPPOE-test {

interfaces {

pp0 {

unit "$junos-interface-unit" {

ppp-options {

pap;

}

pppoe-options {

underlying-interface "$junos-underlying-interface";

server;

}

keepalives interval 30;

family inet {

unnumbered-address lo0.0;

}

}

}

}

}

}

 

 

 

interfaces {

 

ge-1/1/1 {

unit 0 {

encapsulation ppp-over-ether;

pppoe-underlying-options {

dynamic-profile PPPOE-tenet;

}

}

 

fxp0 {

unit 0 {

family inet {

address 192.168.10.1/24;

 

}

}

 

}

 

 

 

access {

radius-server {

192.168.10.2 secret "$9$avZi.FnCOBE69vLx-g4"; ## SECRET-DATA

}

group-profile DNS {

ppp {

primary-dns 8.8.8.8;

}

}

profile RAD_tenet {

accounting-order radius;

authentication-order radius;

radius {

authentication-server 192.168.10.2;

accounting-server 192.168.10.2;

}

accounting {

order radius;

accounting-stop-on-failure;

accounting-stop-on-access-deny;

immediate-update;

update-interval 10;

statistics volume-time;

}

}

}

 

Логи собираются так

system {

 

syslog {

user * {

any emergency;

}

file messages {

any any;

authorization info;

}

file interactive-commands {

interactive-commands any;

}

}

}

}

Share this post


Link to post
Share on other sites

1. Есть в конфиге фраза access-profile RAD_tenet?

2. Перенесите конфигурацию radius сервера с secret в [access profile RAD_tenet]

 

И да, очень удобно читать выложенный конфиг. :(

Edited by nnm

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this