Ras , radius and cisco 3620 1

[olivierdan]

Hi everybody ,
I am trying to configure a 3620 whith ras and radius, but That doesn't work !!!
Fist I succed (i dont know how !) to have a answer from the router but nothing happend !! I have a fail authen. for chap

I can connect ON the router with radius, but I cant have an IP address
Here my conf. file
Building configuration...

Building configuration...

Current configuration : 2663 bytes
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname rtras0
!
logging rate-limit console 10 except errors
aaa new-model
aaa authentication login default enable group radius
aaa authentication login no_radius enable
aaa authentication ppp default group radius
aaa accounting exec default start-stop group radius
aaa accounting network default start-stop group radius
enable secret 5 $1$E.Tv$BgIpclgVdvATSmT/Yj6iV0
enable password password
!
username titi password 0 albert
ip subnet-zero
no ip routing
!
!
no ip finger
!
isdn switch-type primary-net5
!
!
controller E1 1/0
framing NO-CRC4
pri-group timeslots 1-31
!
controller E1 1/1
pri-group timeslots 1-30
!
!
interface Loopback0
no ip address
no ip route-cache
!
interface FastEthernet1/0
ip address 192.168.3.50 255.255.255.0
no ip route-cache
no ip mroute-cache
speed auto
half-duplex
!
interface Serial1/0:15
transmit-interface Group-Async0
ip unnumbered FastEthernet1/0
encapsulation ppp
no ip route-cache
dialer-group 1
isdn switch-type primary-net5
isdn incoming-voice modem
no fair-queue
compress stac
no cdp enable
ppp authentication pap chap ms-chap
!
interface Serial1/1:15
ip unnumbered Loopback0
encapsulation ppp
no ip route-cache
isdn switch-type primary-net5
ppp authentication pap chap ms-chap
!
interface Group-Async0
ip unnumbered FastEthernet1/0
encapsulation ppp
no ip route-cache
async mode interactive
peer default ip address pool pool1
ppp authentication pap chap ms-chap
group-range 1 30
!
interface Dialer0
ip unnumbered Loopback0
encapsulation ppp
no ip route-cache
no ip mroute-cache
dialer in-band
dialer-group 1
peer default ip address pool pool1
no fair-queue
no cdp enable
ppp authentication chap pap ms-chap
ppp multilink
!
interface Dialer1
ip unnumbered Loopback0
encapsulation ppp
no ip route-cache
dialer in-band
dialer-group 1
peer default ip address pool pool1
no fair-queue
no cdp enable
ppp authentication chap pap ms-chap
ppp multilink
!
ip local pool pool1 192.168.3.70 192.168.3.100
ip default-gateway 192.168.3.5
ip classless
ip default-network 192.168.3.0
no ip http server
!
!
map-class dialer DATA
access-list 101 permit ip any any
!
dialer dnis group dialer_d1
dialer-list 1 protocol ip list 101
radius-server host 192.168.3.52 auth-port 1645 acct-port 1646
radius-server retransmit 3
radius-server key 123456789
!
line con 0
login authentication radius
transport input none
line 1 30
modem Dialin
modem autoconfigure discovery
flowcontrol hardware
line aux 0
line vty 0 4
password cisco
!
end

 

[adikell]

I did not quite anderstand your question - what is the problem ?
Did'nt you get an ip from the pool or is it an authentication problem?
nevertheless i advise you to run this commands:

debug aaa authentication
debug aaa authorization
debug ppp authentication

See where are you falling at , and post the debugging instead of the conf

i must say that i'v dealt with that kind of a project :
2500 router as RAS , and IAS as a RADIUS
here are my configuration:


Using 1322 out of 32762 bytes
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname server
!
aaa new-model
aaa authentication login default radius local
aaa authentication ppp default if-needed radius local
aaa authorization exec default radius none
aaa authorization network default radius none
!
username adi password 0 cisco
username adi1 callback-dialstring 6873749 password 0 cisco
ip subnet-zero
!
!
!
interface Ethernet0
ip address 10.1.0.6 255.255.255.0
no ip directed-broadcast
!
interface Serial0
no ip address
no ip directed-broadcast
no ip mroute-cache
shutdown
no fair-queue
!
interface Serial1
no ip address
no ip directed-broadcast
shutdown
!
interface Group-Async1
ip unnumbered Ethernet0
no ip directed-broadcast
encapsulation ppp
dialer in-band
dialer-group 1
async mode interactive
peer default ip address pool ip-pool
ppp callback accept
ppp authentication ms-chap
group-range 1 8
!
ip local pool ip-pool 10.100.0.111 10.100.0.120
ip classless
!
dialer-list 1 protocol ip permit
radius-server host 10.1.0.66 auth-port 1645 acct-port 1646
radius-server key cisco
!
line con 0
transport input none
line 1 8
autoselect during-login
autoselect ppp
modem InOut
transport input all
speed 38400
flowcontrol hardware
line aux 0
line vty 0 4
!
end
server#

 

[olivierdan]

Thanks !, I am sorry that my english is so bad
I have used your config file : it's help me a lot. It's work "almost" fine :I have , for a while, desactived radius. But I have two new pb : one : When I connect the router gives me an IP address but it disconnect about 2 min after, and two : my default gateway is my new IP ?????


Thanks again !

 

[adikell]

hye again

I'm glad i'v managed to help you
unfortunatly , i understand only yourfirst question.
You should be more specific and give moe details in order to give you the proper solution.

Now , to set your "sesion time" between 1 seconds and almost 25 days you should enter your asynchronic interface and set the time in seconds messure of units.
According to the configuration that i have posted here is the example:


server(config-if)#int group-Async 1
server(config-if)#dialer idle-timeout ?

<1-2147483> Idle timeout before disconnecting a call

server(config-if)#dialer idle-timeout

Have fun

Adi