What does your virtual template look like? I have in addition to your ppp group a group for l2tp:- aaa authentication ppp l2tptunnel group radius
and then :- vpdn-group 1 accept-dialin protocol l2tp virtual-template 1 terminate-from hostname <remotehost> lcp renegotiation on-mismatch l2tp tunnel password 0 blah interface Virtual-Template1 ip unnumbered Loopback3 no logging event link-status load-interval 30 no snmp trap link-status no peer default ip address ppp authentication chap l2tptunnel ppp authorization l2tptunnel ppp accounting l2tptunnel this is on a NPE-G1 running c7200-spservicesk9-mz.124-2.T5.bin Skeeve Stevens wrote: > Hey guys, > > I have a 7200 taking sessions from a Redback and either the Redback > is not configured properly (hard to prove as I don't have access), or I have > a local problem. > > I'm receiving the log entry below > > AAA/AUTHOR (0x0): Pick method list 'local-list' > > This seems to suggest that it is ignoring radius and trying local > auth. > > I have: > > ! > aaa group server radius dslrad > server 202.x.x.x auth-port 1812 acct-port 1813 > ! > aaa authentication login default local > aaa authentication ppp default group radius group dslrad > aaa authorization exec default local group dslrad > aaa authorization network default group dslrad > aaa accounting delay-start > aaa accounting update periodic 30 > aaa accounting network default start-stop group dslrad > aaa accounting connection default start-stop group dslrad > aaa accounting system default start-stop group dslrad > > which seems to be fine. > > I have the following debugging on: > > General OS: > AAA Authentication debugging is on > AAA Authorization debugging is on > AAA Administrative debugging is on > AAA Local debugs debugging is on > AAA Radius debugs debugging is on > L2TP: > L2TP packet events debugging is on > L2TP packet errors debugging is on > L2TP errors debugging is on > L2TP events debugging is on > L2TP L2TUN socket API debugging is on > PPP: > PPP authentication debugging is on > PPP protocol errors debugging is on > PPP protocol negotiation debugging is on > PPP forwarding events debugging is on > VPN: > VPDN call event debugging is on > VPDN message debugging is on > VPDN events debugging is on > VPDN errors debugging is on > VPDN packet debugging is on > Radius protocol debugging is on > Radius protocol brief debugging is on > Radius protocol verbose debugging is on > > And I am seeing zero radius chatter at all, and only the one AAA comment > about local-list. > > The tunnel seems to come up to the Redback, but then I see nothing except > this: > > May 30 2007 21:51:59: L2X:CEF From tunnel: 93 byte pak dropped > May 30 2007 21:52:01: L2X:CEF From tunnel: Gi0/1.31 Received 93 byte pak > May 30 2007 21:52:01: L2X:CEF From tunnel: 93 byte pak dropped > May 30 2007 21:52:03: L2X:CEF From tunnel: Gi0/1.31 Received 93 byte pak > > Anyone have any ideas please? > > System image file is "disk2:c7200p-advipservicesk9-mz.124-11.T1.bin" > > Cisco 7204G2. > > .Skeeve > > > -- > Skeeve Stevens, RHCE > [EMAIL PROTECTED] / www.skeeve.org > Cell +61 (0)414 753 383 / skype://skeeve > > eintellego - [EMAIL PROTECTED] - www.eintellego.net > -- > I'm a groove licked love child king of the verse > Si vis pacem, para bellum > > > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ -- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender. Any offers or quotation of service are subject to formal specification. Errors and omissions excepted. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of Lumison, nplusone or lightershade ltd. Finally, the recipient should check this email and any attachments for the presence of viruses. Lumison, nplusone and lightershade ltd accepts no liability for any damage caused by any virus transmitted by this email. -- -- Virus scanned by Lumison. _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
