CiscoVPDN
از ویکی پارس پویش
- Note
- Make sure your IBSng server has rsh-client package installed (apt-get install rsh-client for ubuntu)
محتویات |
AAA Configuration
aaa new-model aaa authentication ppp ibs group radius aaa authorization network ibs group radius aaa accounting delay-start aaa accounting update periodic 1 aaa accounting network ibs start-stop group radius aaa pod server port 1700 auth-type any server-key <radius-key> (Replaced by in 12.4 aaa server radius dynamic-author server-key <radius-key> auth-type any )
RCMD configuration
no ip rcmd domain-lookup ip rcmd rsh-enable ip rcmd remote-host root <ip radius server> root enable
Define ibs hostname
ip host ibs <ip radius server>
VPDN Configuration
vpdn enable
Note In some IOSes vpdn-group can be define and some others bba-group:
VPDN-GROUP as PPPOE concentrator
vpdn-group pppoe accept-dialin protocol pppoe virtual-template 1
VPDN-GROUP as PPTP concentrator
vpdn-group pptp Default PPTP VPDN group accept-dialin protocol pptp virtual-template 2
BBA-GROUP as PPPOE concentrator
bba-group pppoe global virtual-template 1 sessions max limit 1400 sessions per-vc limit 1400 sessions per-mac limit 1400 sessions per-vlan limit 1400
INTERFACE VIRTUAL-TEMPLATES
interface Virtual-Template1 mtu 1492 ip unnumbered FastEthernet0 ip route-cache policy ip policy route-map cache peer default ip address pool <pool name> ppp authentication ms-chap chap pap ibs ppp authorization ibs ppp accounting ibs
RADIUS CONFIGURATION
radius-server attribute 44 include-in-access-req
radius-server host <IBS Ip> auth-port 1812 acct-port 1813
radius-server key <radius secret>
radius-server vsa send accounting
radius-server vsa send authentication
radius-server source-ports extended
Attributes
cisco_reonline_users :
cisco_rsh_command :
cisco_rsh_max_concurrent_connections :
cisco_update_accounting_interval :
general_update_interval :
online_check :
