i understand ;=) i don't have put AAA Radius on the virtual template sorry
Le ven. 28 août 2020 à 16:59, Olivier CALVANO <[email protected]> a écrit : > Hi > > i want use a Cisco ASR1001X for PPPoE connexion and forwarding the l2tp > > > aaa new-model > > aaa group server radius radius-local > server-private 192.168.168.1 auth-port 1812 acct-port 1813 key xxx > ip radius source-interface Loopback0 > ! > aaa authentication ppp ppp-radius group radius-local > aaa authorization network network-radius group radius-local > aaa session-id common > > vpdn enable > vpdn multihop > vpdn authen-before-forward > vpdn logging > vpdn logging local > vpdn logging user > vpdn logging tunnel-drop > vpdn history failure table-size 50 > ! > vpdn-group Network-Collect > accept-dialin > protocol l2tp > virtual-template 1 > lcp renegotiation always > no l2tp tunnel authentication > ip mtu adjust > relay pppoe bba-group Network-Collect-BBA > > bba-group pppoe Network-Collect-BBA > virtual-template 1 > sessions per-vc limit 2 > sessions per-mac limit 1 > > interface Port-channel10 > no ip address > pppoe enable group Network-Collect-BBA > lacp max-bundle 3 > > interface Virtual-Template1 > ip unnumbered Loopback0 > no ip redirects > no ip unreachables > no ip proxy-arp > no logging event link-status > no peer default ip address > no snmp trap link-status > no keepalive > ppp authentication pap chap callin > > In logs, i see the request of the 877 routers: > > Aug 28 14:53:38.532: PPPoE 0: I PADI R:0017.5997.529e L:ffff.ffff.ffff > 820 Po10.820 > Aug 28 14:53:38.532: Service tag: NULL Tag > Aug 28 14:53:38.532: PPPoE 0: O PADO, R:80e0.1d7c.b049 L:0017.5997.529e > 820 Po10.820 > Aug 28 14:53:38.532: Service tag: NULL Tag > Aug 28 14:53:40.580: PPPoE 0: I PADR R:0017.5997.529e L:80e0.1d7c.b049 > 820 Po10.820 > Aug 28 14:53:40.580: Service tag: NULL Tag > Aug 28 14:53:40.580: PPPoE : encap string prepared > Aug 28 14:53:40.580: [136]PPPoE 136: Access IE handle allocated > Aug 28 14:53:40.580: [136]PPPoE 136: AAA get retrieved attrs > Aug 28 14:53:40.580: [136]PPPoE 136: AAA get nas port details > Aug 28 14:53:40.580: [136]PPPoE 136: Error adjusting nas port format did > Aug 28 14:53:40.580: dyn_attrs->xmit_rate: 1410065408 dyn_attrs->rcv_rate: > 1410065408 > Aug 28 14:53:40.580: [136]PPPoE 136: AAA get dynamic attrs > Aug 28 14:53:40.580: [136]PPPoE 136: AAA unique ID 94 allocated > Aug 28 14:53:40.580: [136]PPPoE 136: No AAA accounting method list > Aug 28 14:53:40.580: [136]PPPoE 136: Service request sent to SSS > Aug 28 14:53:40.580: [136]PPPoE 136: Created, Service: None > R:80e0.1d7c.b049 L:0017.5997.529e 820 Po10.820 > Aug 28 14:53:40.581: [136]PPPoE 136: State NAS_PORT_POLICY_INQUIRY > Event SSS MORE KEYS > Aug 28 14:53:40.581: [136]PPPoE 136: data path set to PPP > Aug 28 14:53:40.581: [136]PPPoE 136: Segment (SSS class): PROVISION > Aug 28 14:53:40.581: [136]PPPoE 136: State PROVISION_PPP Event SSM > PROVISIONED > Aug 28 14:53:40.581: [136]PPPoE 136: O PADS R:0017.5997.529e > L:80e0.1d7c.b049 Po10.820 > Aug 28 14:53:40.581: [136]PPPoE 136 <Po10.820:820>: Unable to add line > attributes from ANCP > Aug 28 14:53:40.581: [136]PPPoE 136: Unable to Add ANCP Line attributes to > the PPPoE Authen attributes > Aug 28 14:53:40.762: [136]PPPoE 136: State LCP_NEGOTIATION Event PPP > DISCONNECT > Aug 28 14:53:40.762: [136]PPPoE 136: O PADT R:0017.5997.529e > L:80e0.1d7c.b049 Po10.820 > Aug 28 14:53:40.762: [136]PPPoE 136: Destroying R:0017.5997.529e > L:80e0.1d7c.b049 820 Po10.820 > Aug 28 14:53:40.762: dyn_attrs->xmit_rate: 1410065408 dyn_attrs->rcv_rate: > 1410065408 > Aug 28 14:53:40.762: [136]PPPoE 136: AAA get dynamic attrs > Aug 28 14:53:40.762: [136]PPPoE 136: AAA account stopped > Aug 28 14:53:40.763: [136]PPPoE 136: Segment (SSS class): UNPROVISION > Aug 28 14:53:40.794: PPPoE 136: I PADT R:0017.5997.529e L:80e0.1d7c.b049 > 820 Po10.820 > > > > but the router don't request information to radius server and stop pppoe > process > > > anyone have a idea of my error ? > > thanks > olivier > > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
