Cisco-Vpdn
از ویکی پارس پویش
(تفاوت بین نسخهها)
| (۴ ویرایش میانی توسط ۲ کاربر نشان داده نشدهاست) | |||
| سطر ۴۴: | سطر ۴۴: | ||
mtu 1492 | mtu 1492 | ||
ip unnumbered FastEthernet0 | ip unnumbered FastEthernet0 | ||
| − | |||
ip policy route-map cache | ip policy route-map cache | ||
peer default ip address pool <pool name> | peer default ip address pool <pool name> | ||
| سطر ۵۰: | سطر ۴۹: | ||
ppp authorization ibs | ppp authorization ibs | ||
ppp accounting ibs | ppp accounting ibs | ||
| + | sessions auto cleanup | ||
| + | sessions max limit 6000 | ||
| + | |||
| + | |||
'''RADIUS CONFIGURATION:''' | '''RADIUS CONFIGURATION:''' | ||
| سطر ۶۱: | سطر ۶۴: | ||
| − | ''' | + | '''POD Sample :''' |
NOTE: Use same key as you have been set for radius server | NOTE: Use same key as you have been set for radius server | ||
NOTE: RSH setting is no longer needed if you are using POD | NOTE: RSH setting is no longer needed if you are using POD | ||
NOTE: Make sure ras attribute cisco_kill_user_by_radius in IBSng ras setting is set to 1 | NOTE: Make sure ras attribute cisco_kill_user_by_radius in IBSng ras setting is set to 1 | ||
| − | |||
aaa pod server server-key 0 IBS_KEY auth-type any | aaa pod server server-key 0 IBS_KEY auth-type any | ||
(Replaced by in 12.4 | (Replaced by in 12.4 | ||
aaa server radius dynamic-author | aaa server radius dynamic-author | ||
server-key IBS_KEY | server-key IBS_KEY | ||
| − | auth-type any | + | auth-type any) |
| − | ) | + | |
</div> | </div> | ||
نسخهٔ کنونی تا ۱۶ دسامبر ۲۰۱۵، ساعت ۱۳:۳۹
AAA Configuration: aaa new-model aaa authentication ppp ibs group radius aaa authorization network ibs group radius aaa accounting delay-start aaa accounting update periodic 1 aaa accounting network ibs start-stop group radius
RCMD configuration: no ip rcmd domain-lookup ip rcmd rsh-enable ip rcmd remote-host root 172.16.16.1 root enable
VPDN Configuration: vpdn enable
Note In some IOSes vpdn-group can be define and some others bba-group:
VPDN-GROUP as PPPOE concentrator: vpdn-group pppoe accept-dialin protocol pppoe virtual-template 1
VPDN-GROUP as PPTP concentrator: vpdn-group pptp Default PPTP VPDN group accept-dialin protocol pptp virtual-template 2 BBA-GROUP as PPPOE concentrator: bba-group pppoe global virtual-template 1 sessions max limit 1400 sessions per-vc limit 1400 sessions per-mac limit 1400 sessions per-vlan limit 1400
INTERFACE VIRTUAL-TEMPLATES: interface Virtual-Template1 mtu 1492 ip unnumbered FastEthernet0 ip policy route-map cache peer default ip address pool <pool name> ppp authentication ms-chap chap pap ibs ppp authorization ibs ppp accounting ibs sessions auto cleanup sessions max limit 6000
RADIUS CONFIGURATION: radius-server attribute 44 include-in-access-req radius-server host 172.16.16.1 auth-port 1812 acct-port 1813 radius-server key <radius secret> radius-server vsa send accounting radius-server vsa send authentication radius-server source-ports extended
POD Sample : NOTE: Use same key as you have been set for radius server NOTE: RSH setting is no longer needed if you are using POD NOTE: Make sure ras attribute cisco_kill_user_by_radius in IBSng ras setting is set to 1 aaa pod server server-key 0 IBS_KEY auth-type any (Replaced by in 12.4 aaa server radius dynamic-author server-key IBS_KEY auth-type any)
