Cisco-Vpdn

از ویکی پارس پویش
(تفاوت بین نسخه‌ها)
پرش به: ناوبری, جستجو
(صفحه‌ای جدید حاوی '<div dir=ltr> '''AAA Configuration:''' aaa new-model aaa authentication ppp ibs group radius aaa authorization network ibs group rad...' ایجاد کرد)
 
سطر ۵۸: سطر ۵۸:
 
   radius-server vsa send authentication
 
   radius-server vsa send authentication
 
   radius-server source-ports extended
 
   radius-server source-ports extended
 +
 +
 +
 +
'''Sample for POD :'''
 +
NOTE: Use same key as you have been set for radius server 
 +
NOTE: RSH setting is no longer needed if you are using  POD
 +
NOTE: Make sure ras attribute cisco_kill_user_by_radius in IBSng ras setting is set to 1
 +
 +
aaa pod server server-key 0 IBS_KEY auth-type any
 +
(Replaced by in 12.4
 +
aaa server radius dynamic-author
 +
server-key IBS_KEY
 +
  auth-type any
 +
)
 
</div>
 
</div>

نسخهٔ ‏۴ اکتبر ۲۰۱۲، ساعت ۲۳:۱۷

AAA Configuration:
 aaa new-model
  aaa authentication ppp ibs group radius
  aaa authorization network ibs group radius
  aaa accounting delay-start
  aaa accounting update periodic 1
  aaa accounting network ibs start-stop group radius
RCMD configuration:
 no ip rcmd domain-lookup 
 ip rcmd rsh-enable
 ip rcmd remote-host root 172.16.16.1 root enable
VPDN Configuration:
 vpdn enable
Note
 In some IOSes vpdn-group can be define and some others bba-group:
VPDN-GROUP as PPPOE concentrator:
 vpdn-group pppoe
  accept-dialin
  protocol pppoe
  virtual-template 1
VPDN-GROUP as PPTP concentrator:
 vpdn-group pptp
  Default PPTP VPDN group
  accept-dialin
  protocol pptp 
  virtual-template 2  

BBA-GROUP as PPPOE concentrator:
 bba-group pppoe global
  virtual-template 1 
  sessions max limit 1400
  sessions per-vc limit 1400
  sessions per-mac limit 1400
  sessions per-vlan limit 1400
INTERFACE VIRTUAL-TEMPLATES:
 interface Virtual-Template1
  mtu 1492
  ip unnumbered FastEthernet0
  ip route-cache policy
  ip policy route-map cache
  peer default ip address pool <pool name>
  ppp authentication ms-chap chap pap ibs
  ppp authorization ibs
  ppp accounting ibs
RADIUS CONFIGURATION:
 radius-server attribute 44 include-in-access-req
 radius-server host 172.16.16.1 auth-port 1812 acct-port 1813 
 radius-server key <radius secret>
 radius-server vsa send accounting
 radius-server vsa send authentication
 radius-server source-ports extended


Sample for POD :
NOTE: Use same key as you have been set for radius server   
NOTE: RSH setting is no longer needed if you are using  POD 
NOTE: Make sure ras attribute cisco_kill_user_by_radius in IBSng ras setting is set to 1
aaa pod server server-key 0 IBS_KEY auth-type any
(Replaced by in 12.4
aaa server radius dynamic-author
server-key IBS_KEY
 auth-type any

)

ابزارهای شخصی

گویش‌ها
فضاهای نام
عملکردها
گشتن
جعبه‌ابزار