Sorry Guys, I left that bit out stupidly.
radius-server configure-nas radius-server host 202.x.x.x auth-port 1812 acct-port 1813 radius-server retransmit 2 radius-server timeout 2 radius-server key 7 xxx .Skeeve From: Joe Freeman [mailto:[EMAIL PROTECTED] Sent: Thursday, 31 May 2007 1:48 AM To: [EMAIL PROTECTED] Cc: Cisco-nsp Subject: Re: [c-nsp] 7200 LNS problems from Redback? or Radius? Make sure your radius host(s) is(are) defined with a block similiar to this (and are reachable)- radius-server host xx.xx.xx.xx auth-port 1645 acct-port 1646 non-standard radius-server host xx.xx.xx.xx auth-port 1645 acct-port 1646 non-standard radius-server deadtime 60 radius-server key 7 someencryptedpassword radius-server authorization permit missing Service-Type radius-server vsa send accounting radius-server vsa send authentication you can then do a test authentication using the test aaa command - testrouter#test aaa group radius username password That'll tell you if your radius config is properly working or not. Joe On 5/30/07, Skeeve Stevens <[EMAIL PROTECTED]> wrote: Hey guys, I have a 7200 taking sessions from a Redback and either the Redback is not configured properly (hard to prove as I don't have access), or I have a local problem. I'm receiving the log entry below AAA/AUTHOR (0x0): Pick method list 'local-list' This seems to suggest that it is ignoring radius and trying local auth. I have: ! aaa group server radius dslrad server 202.x.x.x auth-port 1812 acct-port 1813 ! aaa authentication login default local aaa authentication ppp default group radius group dslrad aaa authorization exec default local group dslrad aaa authorization network default group dslrad aaa accounting delay-start aaa accounting update periodic 30 aaa accounting network default start-stop group dslrad aaa accounting connection default start-stop group dslrad aaa accounting system default start-stop group dslrad which seems to be fine. I have the following debugging on: General OS: AAA Authentication debugging is on AAA Authorization debugging is on AAA Administrative debugging is on AAA Local debugs debugging is on AAA Radius debugs debugging is on L2TP: L2TP packet events debugging is on L2TP packet errors debugging is on L2TP errors debugging is on L2TP events debugging is on L2TP L2TUN socket API debugging is on PPP: PPP authentication debugging is on PPP protocol errors debugging is on PPP protocol negotiation debugging is on PPP forwarding events debugging is on VPN: VPDN call event debugging is on VPDN message debugging is on VPDN events debugging is on VPDN errors debugging is on VPDN packet debugging is on Radius protocol debugging is on Radius protocol brief debugging is on Radius protocol verbose debugging is on And I am seeing zero radius chatter at all, and only the one AAA comment about local-list. The tunnel seems to come up to the Redback, but then I see nothing except this: May 30 2007 21:51:59: L2X:CEF From tunnel: 93 byte pak dropped May 30 2007 21:52:01: L2X:CEF From tunnel: Gi0/1.31 Received 93 byte pak May 30 2007 21:52:01: L2X:CEF From tunnel: 93 byte pak dropped May 30 2007 21:52:03: L2X:CEF From tunnel: Gi0/1.31 Received 93 byte pak Anyone have any ideas please? System image file is "disk2:c7200p-advipservicesk9-mz.124-11.T1.bin" Cisco 7204G2. .Skeeve -- Skeeve Stevens, RHCE [EMAIL PROTECTED] / www.skeeve.org Cell +61 (0)414 753 383 / skype://skeeve eintellego - [EMAIL PROTECTED] - www.eintellego.net -- I'm a groove licked love child king of the verse Si vis pacem, para bellum _______________________________________________ cisco-nsp mailing list <mailto:[email protected]> [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
