No connection for ISDN dial up users

[aca]

Hi!
I have 3640 configured as access router using one ISDN PRI connection.Group of users, FTP_USERS is restricted on Tacacs to make only FTP connections.
Access list on router, which I am using at Tacacs :
access-list 101 permit tcp any host 10.1.1.5 eq ftp
access-list 101 permit tcp any host 10.1.1.5 eq ftp-data
When users from FTP_USERS group are using ISDN for dial up they don`t receive IP address from router and they can`t make connection. There is no such a problem when they are using async modems for dial up ! Other users have no problems whether they are making isdn or async dial up connection.
My flash file is c3640-i-mz.113-9.T.bin . I also used some other IOS but no changes.
If someone knows what might be a problem, I would be most grateful to you.
Thanks.
[sig][/sig]

 

[jroysdon]

Post your config and we might be able to help more (remove passwords, SPIDs, etc.). [sig][/sig]

 

[Aca1]

Here it is :

BB3640#sh run
Building configuration...

Current configuration:
!
version 11.3
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname BB3640
!
aaa new-model
aaa authentication login default tacacs+ local
aaa authentication ppp default if-needed tacacs+
aaa authorization exec default tacacs+ local
aaa authorization commands 1 default tacacs+
aaa authorization commands 15 default tacacs+ local
aaa authorization network default tacacs+
aaa accounting exec default start-stop tacacs+
aaa accounting commands 1 default start-stop tacacs+
aaa accounting commands 15 default start-stop tacacs+
aaa accounting network default start-stop tacacs+
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxx
!
username admin password 7 xxxxxxxxxx
username goran password 7 xxxxxxxxxx
ip subnet-zero

ip name-server 10.1.1.1
isdn switch-type primary-net5
chat-script show async1
!
!
controller E1 1/0
framing NO-CRC4
pri-group timeslots 1-31
!
!
interface FastEthernet1/0
ip address 10.1.1.43 255.255.0.0
!
interface Serial1/0:15
ip unnumbered FastEthernet1/0
encapsulation ppp
dialer rotary-group 0
isdn switch-type primary-net5
isdn incoming-voice modem
no cdp enable
!
interface Async1
ip unnumbered FastEthernet1/0
ip tcp header-compression passive
async mode dedicated
peer default ip address 10.1.1.16
!
interface Async2
ip unnumbered FastEthernet1/0
ip tcp header-compression passive
async mode dedicated
peer default ip address 10.1.1.15
!
interface Async4
ip unnumbered FastEthernet1/0
ip tcp header-compression passive
encapsulation ppp
async mode interactive
peer default ip address 10.1.1.94
ppp authentication chap pap callin
!
interface Group-Async1
ip unnumbered FastEthernet1/0
ip tcp header-compression passive
encapsulation ppp
async default routing
async mode interactive
peer default ip address pool isdn_dialup_users
no cdp enable
ppp authentication chap pap
group-range 65 76
!
interface Dialer0
ip unnumbered FastEthernet1/0
encapsulation ppp
dialer in-band
dialer idle-timeout 600
dialer map ip 10.11.0.1 name ISDN_institut 3015530
dialer map ip 10.12.0.1 name ISDN_sindikat 3031041
dialer-group 1
peer default ip address pool isdn_dialup_users
no cdp enable
ppp authentication chap pap
!
interface Dialer1
no ip address
no cdp enable
!
ip local pool isdn_dialup_users 10.1.1.217 10.1.1.246
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.1.5
ip route 10.11.0.0 255.255.0.0 10.11.0.1
ip route 10.11.0.1 255.255.255.255 Dialer0
ip route 10.12.0.0 255.255.0.0 10.12.0.1
ip route 10.12.0.1 255.255.255.255 Dialer0
!
access-list 101 permit tcp any host 10.1.1.5 eq ftp
access-list 101 permit tcp any host 10.1.1.5 eq ftp-data
dialer-list 1 protocol ip permit
tacacs-server host 10.1.1.77
tacacs-server key 172


!
line con 0
line 1 16
autoselect during-login
modem InOut
stopbits 1
speed 38400
flowcontrol hardware
line 65 76
exec-timeout 0 30
activation-character 10
autoselect during-login
autoselect ppp
modem InOut
line aux 0
line vty 0 4
!
end

and here is debug I get from cisco804 router when I try
to make ISDN dial up connection with username from FTP_USERS group

BB804_1#
05:11:24: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
05:11:24: BR0:1 PPP: Treating connection as a callout
05:11:24: BR0:1 PPP: Phase is ESTABLISHING, Active Open
05:11:24: BR0:1 PPP: No remote authentication for call-out
05:11:24: BR0:1 CHAP: Using alternate hostname proba
05:11:24: BR0:1 LCP: O CONFREQ [Closed] id 139 len 22
05:11:24: BR0:1 LCP: MagicNumber 0x519023C4 (0x0506519023C4)
05:11:24: BR0:1 LCP: MRRU 1524 (0x110405F4)
05:11:24: BR0:1 LCP: EndpointDisc 1 Local (0x13080170726F6261)
05:11:24: BR0:1 LCP: I CONFREQ [REQsent] id 29 len 15
05:11:24: BR0:1 LCP: AuthProto CHAP (0x0305C22305)
05:11:24: BR0:1 LCP: MagicNumber 0x6A1C2287 (0x05066A1C2287)
05:11:24: BR0:1 LCP: O CONFACK [REQsent] id 29 len 15
05:11:24: BR0:1 LCP: AuthProto CHAP (0x0305C22305)
05:11:24: BR0:1 LCP: MagicNumber 0x6A1C2287 (0x05066A1C2287)
05:11:24: BR0:1 LCP: I CONFREJ [ACKsent] id 139 len 16
05:11:24: BR0:1 LCP: MRRU 1524 (0x110405F4)
05:11:24: BR0:1 LCP: EndpointDisc 1 Local (0x13080170726F6261)
05:11:24: BR0:1 LCP: O CONFREQ [ACKsent] id 140 len 10
05:11:24: BR0:1 LCP: MagicNumber 0x519023C4 (0x0506519023C4)
05:11:24: BR0:1 LCP: I CONFACK [ACKsent] id 140 len 10
05:11:24: BR0:1 LCP: MagicNumber 0x519023C4 (0x0506519023C4)
05:11:24: BR0:1 LCP: State is Open
05:11:24: BR0:1 PPP: Phase is AUTHENTICATING, by the peer
05:11:25: BR0:1 CHAP: I CHALLENGE id 15 len 27 from "BB3640"
05:11:25: BR0:1 CHAP: Using alternate hostname proba
05:11:25: BR0:1 CHAP: Username BB3640 not found
05:11:25: BR0:1 CHAP: Using default password
05:11:25: BR0:1 CHAP: O RESPONSE id 15 len 26 from "proba"
05:11:26: BR0:1 CHAP: I SUCCESS id 15 len 4
05:11:26: BR0:1 PPP: Phase is UP
05:11:26: BR0:1 IPCP: O CONFREQ [Closed] id 68 len 10
05:11:26: BR0:1 IPCP: Address 0.0.0.0 (0x030600000000)
05:11:26: BR0:1 IPCP: I CONFREQ [REQsent] id 13 len 10
05:11:26: BR0:1 IPCP: Address 10.1.1.43 (0x03060A01012B)
05:11:26: BR0:1 IPCP: O CONFACK [REQsent] id 13 len 10
05:11:26: BR0:1 IPCP: Address 10.1.1.43 (0x03060A01012B)
05:11:26: BR0:1 IPCP: I CONFNAK [ACKsent] id 68 len 10
05:11:26: BR0:1 IPCP: Address 10.1.1.238 (0x03060A0101EE)
05:11:26: BR0:1 IPCP: O CONFREQ [ACKsent] id 69 len 10
05:11:26: BR0:1 IPCP: Address 10.1.1.238 (0x03060A0101EE)
05:11:26: BR0:1 IPCP: I CONFACK [ACKsent] id 69 len 10
05:11:26: BR0:1 IPCP: Address 10.1.1.238 (0x03060A0101EE)
05:11:26: BR0:1 IPCP: State is Open
05:11:26: BR0 IPCP: Install negotiated IP interface address 10.1.1.238
05:11:26: BR0:1 IPCP: I TERMREQ [Open] id 14 len 4
05:11:26: BR0:1 IPCP: O TERMACK [Open] id 14 len 4
05:11:26: BR0:1 IPCP: State is Closed
05:11:26: BR0 IPCP: Install route to 10.1.1.43
05:11:26: BR0 IPCP: Remove route to 10.1.1.43
05:11:26: BR0:1 PPP: Unsupported or un-negotiated protocol. Link ip
05:11:26: BR0:1 PPP: Trying to negotiate NCP for Link ip
05:11:26: BR0:1 IPCP: State is Listen
05:11:26: BR0:1 IPCP: TIMEout: State Listen
05:11:26: BR0:1 IPCP: O CONFREQ [Listen] id 70 len 10
05:11:26: BR0:1 IPCP: Address 0.0.0.0 (0x030600000000)
05:11:26: BR0:1 IPCP: I TERMACK [REQsent] id 70 len 4
05:11:27: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state
to up
05:11:28: BR0:1 IPCP: TIMEout: State REQsent
05:11:28: BR0:1 IPCP: O CONFREQ [REQsent] id 71 len 10
05:11:28: BR0:1 IPCP: Address 0.0.0.0 (0x030600000000)
05:11:28: BR0:1 IPCP: I TERMACK [REQsent] id 71 len 4
05:11:30: BR0:1 IPCP: TIMEout: State REQsent
05:11:30: BR0:1 IPCP: O CONFREQ [REQsent] id 72 len 10
05:11:30: BR0:1 IPCP: Address 0.0.0.0 (0x030600000000)
05:11:30: BR0:1 IPCP: I TERMACK [REQsent] id 72 len 4
05:11:32: BR0:1 IPCP: TIMEout: State REQsent
05:11:32: BR0:1 IPCP: O CONFREQ [REQsent] id 73 len 10
05:11:32: BR0:1 IPCP: Address 0.0.0.0 (0x030600000000)
05:11:32: BR0:1 PPP: Unsupported or un-negotiated protocol. Link ip
05:11:32: BR0:1 IPCP: I TERMACK [REQsent] id 73 len 4
05:11:34: BR0:1 IPCP: TIMEout: State REQsent
05:11:34: BR0:1 IPCP: O CONFREQ [REQsent] id 74 len 10
05:11:34: BR0:1 IPCP: Address 0.0.0.0 (0x030600000000)
05:11:34: BR0:1 IPCP: I TERMACK [REQsent] id 74 len 4
05:11:36: BR0:1 IPCP: TIMEout: State REQsent
05:11:36: BR0:1 IPCP: O CONFREQ [REQsent] id 75 len 10
05:11:36: BR0:1 IPCP: Address 0.0.0.0 (0x030600000000)
05:11:36: BR0:1 IPCP: I TERMACK [REQsent] id 75 len 4
05:11:38: BR0:1 IPCP: TIMEout: State REQsent
05:11:38: BR0:1 IPCP: O CONFREQ [REQsent] id 76 len 10
05:11:38: BR0:1 IPCP: Address 0.0.0.0 (0x030600000000)
05:11:38: BR0:1 IPCP: I TERMACK [REQsent] id 76 len 4
05:11:40: BR0:1 IPCP: TIMEout: State REQsent
05:11:40: BR0:1 IPCP: O CONFREQ [REQsent] id 77 len 10
05:11:40: BR0:1 IPCP: Address 0.0.0.0 (0x030600000000)
05:11:40: BR0:1 IPCP: I TERMACK [REQsent] id 77 len 4
05:11:42: BR0:1 IPCP: TIMEout: State REQsent
05:11:42: BR0:1 IPCP: O CONFREQ [REQsent] id 78 len 10
05:11:42: BR0:1 IPCP: Address 0.0.0.0 (0x030600000000)
05:11:42: BR0:1 IPCP: I TERMACK [REQsent] id 78 len 4
05:11:44: BR0:1 IPCP: TIMEout: State REQsent
05:11:44: BR0:1 IPCP: O CONFREQ [REQsent] id 79 len 10
05:11:44: BR0:1 IPCP: Address 0.0.0.0 (0x030600000000)
05:11:44: BR0:1 PPP: Unsupported or un-negotiated protocol. Link ip
05:11:44: BR0:1 IPCP: I TERMACK [REQsent] id 79 len 4
05:11:46: BR0:1 IPCP: TIMEout: State REQsent
05:11:46: BR0:1 IPCP: O CONFREQ [REQsent] id 80 len 10
05:11:46: BR0:1 IPCP: Address 0.0.0.0 (0x030600000000)
05:11:46: BR0:1 IPCP: I TERMACK [REQsent] id 80 len 4
05:11:48: BR0:1 IPCP: TIMEout: State REQsent
05:11:48: BR0:1 IPCP: State is Listen
BB804_1#

 

[Guest_imported]

i dont know alot about routers and things, but i dont see where access-lists 101 is even attached to an interface. also, what is the router name for the 800 router, i dont see that either. the debug message says that Username BB3640 not found, do you have a hostname password set for bb3640 on the 800 router?? im not much help, but that might be something to look for..

 

[Guest_imported]

access list 101 is used on tacacs not on interface
router name for 800 is BB804_1