Hugh,
Thanks for the reply. I have attached the config and debug info, i have
looked at this for many days and found nothing obvious (my knowlege on
radius is limited) and tried many different things and come to no
conclusion. If you can see anything wrong please let me know. Also i
have removed all filters and access lists on the routers between here
and there and had no luck.
Regards,
Marcel
Hugh Irvine wrote:
> Hello Marcel -
>
> It sounds like the 2611 is not configured correctly for radius accounting.
>
> You should do a debug on the 2611 to see what it is doing. You might also
> check your access lists and filters, as the accounting port number is
> different from the authentication port (1645/1812 and 1646/1813).
>
> regards
>
> Hugh
>
>
> On Mon, 11 Mar 2002 16:31, Marcel Welschbillig wrote:
>
>> Hi,
>>
>> Was hopping someone can shed some light on our problem, the story goes
>> like this.....
>>
>> We are running radiator with platypus billing system and things are
>> working fine on our local ISP system. We recently got into the satellite
>> telecommunications business and decided to put a 2611 router out on a
>> remote site with an 8AM analog modem module to provide access to the
>> data stream and authenticate via radiator/platypus. The data stream is
>> via VSAT satellite equipment ( Basicly a serial at both routers with
>> VSAT equipment between, using HDSL Encapsulation, introduces about 700ms
>> delay round trip )
>>
>> The strange thing is that i can seem to authenticate from the remote
>> 2611 but there is no call/download information sent back. The radius
>> server and platypus server are local and work fine with our other access
>> servers. Why can it authenticate over the SAT link but not send the
>> billing data back ?? I know the radius server and platypus server are
>> configured correctly because they are accounting for our loacl dialin
>> customers, the router is configured nearly identical to our access
>> servers with regards to CISCO aaa.
>>
>> Any help would be great, i have tried just about everything and dont
>> know where to go next.
areac-rtr#
1w2d: Async33 AAA/DISC: 2/"Lost Carrier"
1w2d: Async33 AAA/DISC/EXT: 1011/"Lost Carrier"
1w2d: AAA/ACCT/ACCT_DISC: Found list "default"
1w2d: Async33 AAA/DISC: 2/"Lost Carrier"
1w2d: AAA/ACCT/ACCT_DISC: Found list "default"
1w2d: Async33 AAA/DISC/EXT: 1011/"Lost Carrier"
1w2d: AAA/ACCT/ACCT_DISC: Found list "default"
1w2d: Async33 AAA/DISC: 2/"Lost Carrier"
1w2d: AAA/ACCT/ACCT_DISC: Found list "default"
1w2d: Async33 AAA/DISC/EXT: 1011/"Lost Carrier"
1w2d: AAA/ACCT: no attribute "pre-bytes-in" to replace, adding it
1w2d: AAA/ACCT: no attribute "pre-bytes-out" to replace, adding it
1w2d: AAA/ACCT: no attribute "pre-paks-in" to replace, adding it
1w2d: AAA/ACCT: no attribute "pre-paks-out" to replace, adding it
1w2d: AAA/ACCT: no attribute "bytes_in" to replace, adding it
1w2d: AAA/ACCT: no attribute "bytes_out" to replace, adding it
1w2d: AAA/ACCT: no attribute "paks_in" to replace, adding it
1w2d: AAA/ACCT: no attribute "paks_out" to replace, adding it
1w2d: AAA/ACCT: no attribute "pre-session-time" to replace, adding it
1w2d: AAA/ACCT: no attribute "elapsed_time" to replace, adding it
1w2d: AAA/ACCT non-ISDN xmit=33600 recv=33600 hwidb=81E5FA20 tty=81E5E1A8
1w2d: AAA/ACCT/NET/STOP User macmahon, Port Async33:
task_id=30 timezone=GMT+8 service=ppp protocol=ip addr=192.168.30.2
disc-cause=1 disc-cause-ext=1045 pre-bytes-in=99 pre-bytes-out=105 pre-paks-in=4
pre-paks-out=4 bytes_in=1175927 bytes_out=971570 paks_in=14840 paks_out=18630
pre-session-time=4 connect-progress=60 elapsed_time=3815 nas-rx-speed=33600
nas-tx-speed=33600
1w2d: AAA/ACCT: user macmahon, acct type 2 (3797123294): Method=radius (radius)
1w2d: RADIUS: ustruct sharecount=3
1w2d: RADIUS: Initial Transmit Async33 id 188 202.65.68.8:1646, Accounting-Request,
len 130
1w2d: Attribute 4 6 CA414A11
1w2d: Attribute 5 6 00000021
areac-rtr#
1w2d: Attribute 61 6 00000000
1w2d: Attribute 1 10 6D61636D
1w2d: Attribute 40 6 00000002
1w2d: Attribute 45 6 00000001
1w2d: Attribute 6 6 00000002
1w2d: Attribute 44 10 30303030
1w2d: Attribute 7 6 00000001
1w2d: Attribute 8 6 C0A81E02
1w2d: Attribute 49 6 00000001
1w2d: Attribute 42 6 0011F177
1w2d: Attribute 43 6 000ED332
1w2d: Attribute 47 6 000039F8
1w2d: Attribute 48 6 000048C6
1w2d: Attribute 46 6 00000EE7
1w2d: Attribute 41 6 00000000
1w2d: RADIUS: Received from id 188 202.65.68.8:1646, Accounting-response, len 20
1w2d: %LINK-5-CHANGED: Interface Async33, changed state to reset
areac-rtr#
1w2d: As33 AAA/DISC: 2/"Lost Carrier"
1w2d: As33 AAA/DISC/EXT: 1011/"Lost Carrier"
areac-rtr#
1w2d: Async33: Async protocol mode stopped for 0.0.0.0
1w2d: AAA/MEMORY: free_user (0x81B7FDD0) user='macmahon' ruser='' port='Async33'
rem_addr='async' authen_type=PAP service=PPP priv=1
areac-rtr#
1w2d: %LINK-3-UPDOWN: Interface Async33, changed state to down
areac-rtr#
1w2d: As33 AAA/DISC: 2/"Lost Carrier"
1w2d: As33 AAA/DISC/EXT: 1011/"Lost Carrier"
areac-rtr#
1w2d: AAA: parse name=tty33 idb type=10 tty=33
1w2d: AAA: name=tty33 flags=0x11 type=4 shelf=0 slot=0 adapter=0 port=33 channel=0
1w2d: AAA/MEMORY: create_user (0x81F4EEEC) user='' ruser='' port='tty33'
rem_addr='async' authen_type=ASCII service=LOGIN priv=1
1w2d: tty33 AAA/DISC: 17/"User Error"
1w2d: tty33 AAA/DISC/EXT: 1025/"Password failure"
1w2d: AAA/MEMORY: free_user (0x81F4EEEC) user='' ruser='' port='tty33'
rem_addr='async' authen_type=ASCII service=LOGIN priv=1
1w2d: As33 PPP: Async Protocol Mode started for 0.0.0.0
1w2d: As33 AAA/ACCT: Using PPP accounting list ""
areac-rtr#
1w2d: %LINK-3-UPDOWN: Interface Async33, changed state to up
areac-rtr#
1w2d: AAA: parse name=Async33 idb type=10 tty=33
1w2d: AAA: name=Async33 flags=0x11 type=4 shelf=0 slot=0 adapter=0 port=33 channel=0
1w2d: AAA/MEMORY: create_user (0x81EE90A8) user='macmahon' ruser='' port='Async33'
rem_addr='async' authen_type=PAP service=PPP priv=1
1w2d: RADIUS: ustruct sharecount=1
1w2d: RADIUS: Initial Transmit Async33 id 189 202.65.68.8:1645, Access-Request, len 78
1w2d: Attribute 4 6 CA414A11
1w2d: Attribute 5 6 00000021
1w2d: Attribute 61 6 00000000
1w2d: Attribute 1 10 6D61636D
1w2d: Attribute 2 18 DA51BDC9
1w2d: Attribute 6 6 00000002
1w2d: Attribute 7 6 00000001
1w2d: RADIUS: Received from id 189 202.65.68.8:1645, Access-Accept, len 44
1w2d: Attribute 8 6 C0A81E02
1w2d: Attribute 7 6 00000001
1w2d: Attribute 13 6 00000001
1w2d: Attribute 6 6 00000002
1w2d: RADIUS: saved authorization data for user 81EE90A8 at 81ED1428
1w2d: As33 AAA/DISC: 1/"User Request"
1w2d: As33 AAA/DISC/EXT: 1020/"User Request"
1w2d: AAA/ACCT/NET/START User macmahon, Port Async33, List ""
1w2d: AAA/ACCT/NET: Found list "default"
1w2d: AAA/ACCT: no attribute "service" to replace, adding it
1w2d: AAA/ACCT/NET/START User macmahon, Port Async33,
task_id=31 timezone=GMT+8 service=ppp
1w2d: RADIUS: Authorize IP address 192.168.30.2
1w2d: AAA/ACCT: user macmahon, acct type 2 (1425507020): Method=radius (radius)
1w2d: RADIUS: ustruct sharecount=4
1w2d: RADIUS: Initial Transmit Async33 id 190 202.65.68.8:1646, Accounting-Request,
len 88
1w2d: Attribute 4 6 CA414A11
1w2d: Attribute 5 6 00000021
1w2d: Attribute 61 6 00000000
1w2d: Attribute 1 10 6D61636D
1w2d: Attribute 40 6 00000001
1w2d: Attribute 45 6 00000001
1w2d: Attribute 6 6 00000002
1w2d: Attribute 44 10 30303030
1w2d: Attribute 7 6 00000001
1w2d: Attribute 41 6 00000000
areac-rtr#
1w2d: AAA/ACCT: no attribute "protocol" to replace, adding it
1w2d: AAA/ACCT: no attribute "addr" to replace, adding it
1w2d: RADIUS: Received from id 190 202.65.68.8:1646, Accounting-response, len 20
areac-rtr#
1w2d: %AMDP2_FE-5-LATECOLL: Ethernet0/0 transmit error
areac-rtr#
1w2d: AAA/ACCT/ACCT_DISC: Found list "default"
1w2d: Async33 AAA/DISC: 1/"User Request"
1w2d: AAA/ACCT/ACCT_DISC: Found list "default"
1w2d: Async33 AAA/DISC/EXT: 1045/"Received Terminate"
areac-rtr#
1w2d: AAA/ACCT/ACCT_DISC: Found list "default"
1w2d: Async33 AAA/DISC: 2/"Lost Carrier"
1w2d: AAA/ACCT/ACCT_DISC: Found list "default"
1w2d: Async33 AAA/DISC/EXT: 1011/"Lost Carrier"
1w2d: AAA/ACCT: no attribute "pre-bytes-in" to replace, adding it
1w2d: AAA/ACCT: no attribute "pre-bytes-out" to replace, adding it
1w2d: AAA/ACCT: no attribute "pre-paks-in" to replace, adding it
1w2d: AAA/ACCT: no attribute "pre-paks-out" to replace, adding it
1w2d: AAA/ACCT: no attribute "bytes_in" to replace, adding it
1w2d: AAA/ACCT: no attribute "bytes_out" to replace, adding it
1w2d: AAA/ACCT: no attribute "paks_in" to replace, adding it
1w2d: AAA/ACCT: no attribute "paks_out" to replace, adding it
1w2d: AAA/ACCT: no attribute "pre-session-time" to replace, adding it
1w2d: AAA/ACCT: no attribute "elapsed_time" to replace, adding it
1w2d: AAA/ACCT non-ISDN xmit=33600 recv=33600 hwidb=81E5FA20 tty=81E5E1A8
1w2d: AAA/ACCT/NET/STOP User macmahon, Port Async33:
task_id=31 timezone=GMT+8 service=ppp protocol=ip addr=192.168.30.2
disc-cause=1 disc-cause-ext=1045 pre-bytes-in=99 pre-bytes-out=105 pre-paks-in=4
pre-paks-out=4 bytes_in=7809 bytes_out=70 paks_in=71 paks_out=5 pre-session-time=3
connect-progress=60 elapsed_time=313 nas-rx-speed=33600 nas-tx-speed=33600
1w2d: AAA/ACCT: user macmahon, acct type 2 (721939091): Method=radius (radius)
1w2d: RADIUS: ustruct sharecount=3
1w2d: RADIUS: Initial Transmit Async33 id 191 202.65.68.8:1646, Accounting-Request,
len 130
1w2d: Attribute 4 6 CA414A11
1w2d: Attribute 5 6 00000021
1w2d: Attribute 61 6 00000000
1w2d: Attribute 1 10 6D61636D
1w2d: Attribute 40 6 00000002
1w2d: Attribute 45 6 00000001
1w2d: Attribute 6 6 00000002
1w2d: Attribute 44 10 30303030
1w2d: Attribute 7 6 00000001
1w2d: Attribute 8 6 C0A81E02
1w2d: Attribute 49 6 00000001
1w2d: Attribute 42 6 00001E81
areac-rtr#
1w2d: Attribute 43 6 00000046
1w2d: Attribute 47 6 00000047
1w2d: Attribute 48 6 00000005
1w2d: Attribute 46 6 00000139
1w2d: Attribute 41 6 00000000
1w2d: Async33 AAA/DISC: 2/"Lost Carrier"
1w2d: Async33 AAA/DISC/EXT: 1011/"Lost Carrier"
1w2d: As33 AAA/DISC: 2/"Lost Carrier"
1w2d: As33 AAA/DISC/EXT: 1011/"Lost Carrier"
1w2d: RADIUS: Received from id 191 202.65.68.8:1646, Accounting-response, len 20
areac-rtr#
1w2d: %LINK-5-CHANGED: Interface Async33, changed state to reset
areac-rtr#
1w2d: As33 AAA/DISC: 2/"Lost Carrier"
1w2d: As33 AAA/DISC/EXT: 1011/"Lost Carrier"
areac-rtr#
1w2d: Async33: Async protocol mode stopped for 0.0.0.0
1w2d: AAA/MEMORY: free_user (0x81EE90A8) user='macmahon' ruser='' port='Async33'
rem_addr='async' authen_type=PAP service=PPP priv=1
areac-rtr#
1w2d: %LINK-3-UPDOWN: Interface Async33, changed state to down
areac-rtr#
1w2d: As33 AAA/DISC: 2/"Lost Carrier"
1w2d: As33 AAA/DISC/EXT: 1011/"Lost Carrier"
areac-rtr#
1w2d: AAA: parse name=tty33 idb type=10 tty=33
1w2d: AAA: name=tty33 flags=0x11 type=4 shelf=0 slot=0 adapter=0 port=33 channel=0
1w2d: AAA/MEMORY: create_user (0x81F4AAFC) user='' ruser='' port='tty33'
rem_addr='async' authen_type=ASCII service=LOGIN priv=1
areac-rtr#
1w2d: tty33 AAA/DISC: 17/"User Error"
1w2d: tty33 AAA/DISC/EXT: 1025/"Password failure"
1w2d: AAA/MEMORY: free_user (0x81F4AAFC) user='' ruser='' port='tty33'
rem_addr='async' authen_type=ASCII service=LOGIN priv=1
1w2d: As33 PPP: Async Protocol Mode started for 0.0.0.0
1w2d: As33 AAA/ACCT: Using PPP accounting list ""
areac-rtr#
1w2d: %LINK-3-UPDOWN: Interface Async33, changed state to up
areac-rtr#
1w2d: AAA: parse name=Async33 idb type=10 tty=33
1w2d: AAA: name=Async33 flags=0x11 type=4 shelf=0 slot=0 adapter=0 port=33 channel=0
1w2d: AAA/MEMORY: create_user (0x81EE90A8) user='macmahon' ruser='' port='Async33'
rem_addr='async' authen_type=PAP service=PPP priv=1
1w2d: RADIUS: ustruct sharecount=1
1w2d: RADIUS: Initial Transmit Async33 id 192 202.65.68.8:1645, Access-Request, len 78
1w2d: Attribute 4 6 CA414A11
1w2d: Attribute 5 6 00000021
1w2d: Attribute 61 6 00000000
1w2d: Attribute 1 10 6D61636D
1w2d: Attribute 2 18 596521EB
1w2d: Attribute 6 6 00000002
1w2d: Attribute 7 6 00000001
1w2d: RADIUS: Received from id 192 202.65.68.8:1645, Access-Accept, len 44
1w2d: Attribute 8 6 C0A81E02
1w2d: Attribute 7 6 00000001
1w2d: Attribute 13 6 00000001
1w2d: Attribute 6 6 00000002
1w2d: RADIUS: saved authorization data for user 81EE90A8 at 81EEBAFC
1w2d: As33 AAA/DISC: 1/"User Request"
1w2d: As33 AAA/DISC/EXT: 1020/"User Request"
1w2d: AAA/ACCT/NET/START User macmahon, Port Async33, List ""
1w2d: AAA/ACCT/NET: Found list "default"
1w2d: AAA/ACCT: no attribute "service" to replace, adding it
1w2d: AAA/ACCT/NET/START User macmahon, Port Async33,
task_id=32 timezone=GMT+8 service=ppp
1w2d: RADIUS: Authorize IP address 192.168.30.2
1w2d: AAA/ACCT: user macmahon, acct type 2 (2849745633): Method=radius (radius)
1w2d: RADIUS: ustruct sharecount=4
1w2d: RADIUS: Initial Transmit Async33 id 193 202.65.68.8:1646, Accounting-Request,
len 88
1w2d: Attribute 4 6 CA414A11
1w2d: Attribute 5 6 00000021
1w2d: Attribute 61 6 00000000
1w2d: Attribute 1 10 6D61636D
1w2d: Attribute 40 6 00000001
1w2d: Attribute 45 6 00000001
1w2d: Attribute 6 6 00000002
1w2d: Attribute 44 10 30303030
1w2d: Attribute 7 6 00000001
1w2d: Attribute 41 6 00000000
1w2d: AAA/ACCT: no attribute "protocol" to replace, adding it
1w2d: AAA/ACCT: no attribute "addr" to replace, adding it
1w2d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async33, changed state to up
1w2d: RADIUS: Received from id 193 202.65.68.8:1646, Accounting-response, len 20
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname areac-rtr
!
logging rate-limit console 10 except errors
aaa new-model
aaa authentication login default group radius
aaa authentication login CONSOLE local
aaa authentication login VTY line
aaa authentication login BILL none
aaa authentication ppp default group radius
aaa authorization exec BILL none
aaa authorization network default group radius
aaa accounting network default start-stop group radius
enable secret 5 $1$pjp2$Z0VI23c43h/eByXDT467F/
!
username marcel password 0 xxxx
username comdek password 0 xxxx
clock timezone GMT+8 8
ip subnet-zero
ip udptn source-interface Serial0/0
!
!
no ip finger
no ip domain-lookup
ip name-server 202.65.64.1
ip name-server 202.65.68.2
no ip dhcp conflict logging
ip dhcp excluded-address 10.20.10.0 10.20.10.50
!
ip dhcp pool scope
network 10.20.10.0 255.255.255.0
dns-server 202.65.64.1 202.65.68.2
default-router 10.20.10.1
!
!
class-map match-any voice
match input-interface Ethernet0/1
match access-group 100
!
!
policy-map voip
class voice
bandwidth 96
!
call rsvp-sync
!
!
!
!
!
!
!
!
interface Ethernet0/0
description Local Network
ip address 10.20.10.1 255.255.255.0 secondary
ip address 202.65.74.17 255.255.255.240
ip nat inside
half-duplex
!
interface Serial0/0
description VSAT connection to Comdek perth
ip address 202.65.74.130 255.255.255.252
ip nat outside
no ip mroute-cache
service-policy output voip
!
interface Ethernet0/1
description Connects to PABX (VoIP)
ip address 192.168.0.6 255.255.255.252
ip directed-broadcast
full-duplex
service-policy output voip
!
interface Serial0/1
description Connects to BHP
ip address 192.168.196.6 255.255.255.252
ip directed-broadcast
clockrate 64000
!
interface Virtual-Template1
ip unnumbered Ethernet0/0
ppp authentication pap
ppp multilink
no ppp multilink fragmentation
!
interface Async33
description connects MacMahon
ip address 192.168.30.1 255.255.255.224
encapsulation ppp
no ip route-cache
ip tcp header-compression
no ip mroute-cache
dialer in-band
dialer idle-timeout 2147483
async mode interactive
no peer default ip address
no fair-queue
ppp authentication pap chap callin
ppp multilink
!
interface Async34
ip unnumbered Ethernet0/0
encapsulation ppp
no ip route-cache
ip tcp header-compression passive
no ip mroute-cache
ip policy route-map transproxy
dialer in-band
async mode interactive
peer default ip address pool setup_pool
no fair-queue
ppp authentication pap callin
ppp multilink
!
interface Async35
ip unnumbered Ethernet0/0
encapsulation ppp
no ip route-cache
ip tcp header-compression passive
no ip mroute-cache
ip policy route-map transproxy
dialer in-band
async mode interactive
peer default ip address pool setup_pool
no fair-queue
ppp authentication pap callin
ppp multilink
!
interface Async36
ip unnumbered Ethernet0/0
encapsulation ppp
no ip route-cache
ip tcp header-compression passive
no ip mroute-cache
ip policy route-map transproxy
dialer in-band
async mode interactive
peer default ip address pool setup_pool
no fair-queue
ppp authentication pap callin
ppp multilink
!
interface Async37
ip unnumbered Ethernet0/0
encapsulation ppp
no ip route-cache
ip tcp header-compression passive
no ip mroute-cache
ip policy route-map transproxy
dialer in-band
async mode interactive
peer default ip address pool setup_pool
no fair-queue
ppp authentication pap callin
ppp multilink
!
interface Async38
ip unnumbered Ethernet0/0
encapsulation ppp
no ip route-cache
ip tcp header-compression passive
no ip mroute-cache
ip policy route-map transproxy
dialer in-band
async mode interactive
peer default ip address pool setup_pool
no fair-queue
ppp authentication pap callin
ppp multilink
!
interface Async39
ip unnumbered Ethernet0/0
encapsulation ppp
no ip route-cache
ip tcp header-compression passive
no ip mroute-cache
ip policy route-map transproxy
dialer in-band
async mode interactive
peer default ip address pool setup_pool
no fair-queue
ppp authentication pap callin
ppp multilink
!
interface Async40
ip unnumbered Ethernet0/0
encapsulation ppp
no ip route-cache
ip tcp header-compression passive
no ip mroute-cache
ip policy route-map transproxy
dialer in-band
async mode interactive
peer default ip address pool setup_pool
no fair-queue
ppp authentication pap callin
ppp multilink
!
ip local pool setup_pool 10.10.10.10 10.10.10.11
ip nat pool ovrld 202.65.74.130 202.65.74.130 prefix-length 24
ip nat inside source list 80 pool ovrld overload
ip classless
ip route 0.0.0.0 0.0.0.0 202.65.74.129
ip route 192.168.196.9 255.255.255.255 192.168.196.5
no ip http server
!
logging trap notifications
access-list 5 permit 202.65.68.10
access-list 5 permit 202.65.68.4
access-list 5 permit 202.65.65.27
access-list 5 permit 202.65.65.25
access-list 80 permit 10.20.10.0 0.0.0.255
access-list 100 permit ip 192.168.0.0 0.0.0.3 192.168.0.4 0.0.0.3
access-list 100 permit ip 192.168.0.4 0.0.0.3 192.168.0.0 0.0.0.3
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
snmp-server engineID local 00000009020000D006050278
snmp-server community plastered RO 5
snmp-server community tetherball RO 5
snmp-server community public RO 4
snmp-server chassis-id areac-rtr
radius-server host 202.65.68.8 auth-port 1645 acct-port 1646
radius-server retransmit 3
radius-server key xxxx
!
dial-peer cor custom
!
!
!
!
line con 0
password k33p1n
login authentication CONSOLE
transport input none
line 33 40
autoselect during-login
autoselect ppp
modem Dialin
transport preferred none
transport input all
transport output none
flowcontrol hardware
line aux 0
no exec-banner
no activation-character
login authentication BILL
autocommand telnet 202.65.68.12 6001
transport input all
escape-character NONE
stopbits 1
speed 1200
line vty 0 4
exec-timeout 0 0
password k33p1n
logging synchronous
login authentication CONSOLE
!
no scheduler allocate
end
