Cisco-Vpdn

از ویکی پارس پویش
پرش به: ناوبری, جستجو
AAA Configuration:
 aaa new-model
  aaa authentication ppp ibs group radius
  aaa authorization network ibs group radius
  aaa accounting delay-start
  aaa accounting update periodic 1
  aaa accounting network ibs start-stop group radius
RCMD configuration:
 no ip rcmd domain-lookup 
 ip rcmd rsh-enable
 ip rcmd remote-host root 172.16.16.1 root enable
VPDN Configuration:
 vpdn enable
Note
 In some IOSes vpdn-group can be define and some others bba-group:
VPDN-GROUP as PPPOE concentrator:
 vpdn-group pppoe
  accept-dialin
  protocol pppoe
  virtual-template 1
VPDN-GROUP as PPTP concentrator:
 vpdn-group pptp
  Default PPTP VPDN group
  accept-dialin
  protocol pptp 
  virtual-template 2  

BBA-GROUP as PPPOE concentrator:
 bba-group pppoe global
  virtual-template 1 
  sessions max limit 1400
  sessions per-vc limit 1400
  sessions per-mac limit 1400
  sessions per-vlan limit 1400
INTERFACE VIRTUAL-TEMPLATES:
 interface Virtual-Template1
  mtu 1492
  ip unnumbered FastEthernet0
  ip policy route-map cache
  peer default ip address pool <pool name>
  ppp authentication ms-chap chap pap ibs
  ppp authorization ibs
  ppp accounting ibs
  sessions auto cleanup
  sessions max limit 6000


RADIUS CONFIGURATION:
 radius-server attribute 44 include-in-access-req
 radius-server host 172.16.16.1 auth-port 1812 acct-port 1813 
 radius-server key <radius secret>
 radius-server vsa send accounting
 radius-server vsa send authentication
 radius-server source-ports extended


POD Sample :
NOTE: Use same key as you have been set for radius server   
NOTE: RSH setting is no longer needed if you are using  POD 
NOTE: Make sure ras attribute cisco_kill_user_by_radius in IBSng ras setting is set to 1
aaa pod server server-key 0 IBS_KEY auth-type any
(Replaced by in 12.4
aaa server radius dynamic-author
server-key IBS_KEY
 auth-type any)
ابزارهای شخصی

گویش‌ها
فضاهای نام
عملکردها
گشتن
جعبه‌ابزار