ДОброго времени ALL, собственно тема не нова но тем не менее, хочу услышать совет бывалых в данном вопросе. Есть нужда в поднятии callback на AS 2509, строю его в комплекте с FreeRadius, все работает кроме callback. Радиус чесно выдает ай пи и авторизирует моего клиента а вот циска колбэк не делает, в логах кое что нарыл но к чему оно мне пока не ясно, вот примеры конфигов cisco 2509
Current configuration:
!
version 11.2
service exec-callback
no service finger
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname udozvon_router
!
aaa new-model
aaa authentication login default local
aaa authentication enable default enable
aaa authentication ppp radius-ppp radius local
aaa authorization exec local
aaa authorization network radius local
aaa accounting network start-stop radius
enable password 7 142206030A143E2F27
!
username root privilege 15 password 7 xxxxxx
username test1 callback-dialstring 1615 password 7 xxxxxxxx
ip subnet-zero
ip domain-name test
ip name-server 10.x.1.65
ip name-server 10.x.1.68
ip multicast-routing
async-bootp dns-server 10.x.1.65 10.x.1.68
chat-script cisco-default ABORT ERROR "" "ATZ" OK "ATDT\T" TIMEOUT 30 \c CONNECT \c
chat-script def-pulse ABORT ERROR ABORT BUSY "" "ATZ" OK "ATDP\T" TIMEOUT 30 CONNECT \c
chat-script offhook "" "ATH1" OK
chat-script callback ABORT ERROR ABORT BUSY "" "ATZ" OK "ATDP\T" TIMEOUT 30 CONNECT \c
clock timezone EET 2
clock summer-time DST recurring last Sun Mar 3:00 last Sun Oct 3:00
!
interface Loopback0
ip address 10.x.0.100 255.255.255.255
!
interface Ethernet0
ip address 10.x.1.2 255.255.255.0
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
!
interface Async4
description Tel.Nomer = 14-73
ip unnumbered Ethernet0
encapsulation ppp
async mode interactive
no peer default ip address
ppp max-bad-auth 3
ppp callback accept
ppp authentication pap chap radius-ppp
!
ip default-gateway 10.x.1.1
ip classless
ip route 0.0.0.0 0.0.0.0 10.x.1.1
logging trap debugging
logging facility local1
logging 10.x.1.70
radius-server host 10.x.1.65 auth-port 1812 acct-port 1813
radius-server key xxxxx
!
line con 0
line 1 4
autoselect ppp
script modem-off-hook offhook
script callback callback
modem InOut
transport input all
rxspeed 57600
txspeed 57600
flowcontrol hardware
line 5 8
line aux 0
line vty 0 4
exec-timeout 0 0
transport input telnet
!
end
Далее конфиг радиуса
test Auth-Type := Local, User-Password == "xxxxx"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 10.x.254.1,
Framed-IP-Netmask = 255.255.255.0,
Framed-MTU = 1500,
Cisco-AVPair = "lcp:callback-dialstring=1615" <-- я так понял это ключевой момент
дозвон и авторизация проходят нормально, далее как я понимаю должен пройти обрыв и перезвон циски на указаный номер но этого не происходит
логи циски
Jan 23 08:24:24 10.x.1.2 64566: %LINK-3-UPDOWN: Interface Async4, changed state to up
Jan 23 08:24:25 10.x.1.2 64567: As4 PPP: Treating connection as a dedicated line
Jan 23 08:24:25 10.x.1.2 64568: As4 PPP: Phase is ESTABLISHING, Active Open
Jan 23 08:24:25 10.x.1.2 64569: As4 LCP: O CONFREQ [Closed] id 92 len 24
Jan 23 08:24:25 10.x.1.2 64570: As4 LCP: ACCM 0x000A0000 (0x0206000A0000)
Jan 23 08:24:25 10.x.1.2 64571: As4 LCP: AuthProto PAP (0x0304C023)
Jan 23 08:24:25 10.x.1.2 64572: As4 LCP: MagicNumber 0xA051C137 (0x0506A051C137)
Jan 23 08:24:25 10.x.1.2 64573: As4 LCP: PFC (0x0702)
Jan 23 08:24:25 10.x.1.2 64574: As4 LCP: ACFC (0x0802)
Jan 23 08:24:25 10.x.1.2 64575: As4 LCP: I CONFACK [REQsent] id 92 len 24
Jan 23 08:24:25 10.x.1.2 64576: As4 LCP: ACCM 0x000A0000 (0x0206000A0000)
Jan 23 08:24:25 10.x.1.2 64577: As4 LCP: AuthProto PAP (0x0304C023)
Jan 23 08:24:25 10.x.1.2 64578: As4 LCP: MagicNumber 0xA051C137 (0x0506A051C137)
Jan 23 08:24:25 10.x.1.2 64579: As4 LCP: PFC (0x0702)
Jan 23 08:24:25 10.x.1.2 64580: As4 LCP: ACFC (0x0802)
Jan 23 08:24:25 10.x.1.2 64581: As4 LCP: I CONFREQ [ACKrcvd] id 2 len 23
Jan 23 08:24:25 10.x.1.2 64582: As4 LCP: ACCM 0x00000000 (0x020600000000)
Jan 23 08:24:25 10.x.1.2 64583: As4 LCP: MagicNumber 0x1A2E25C4 (0x05061A2E25C4)
Jan 23 08:24:25 10.x.1.2 64584: As4 LCP: PFC (0x0702)
Jan 23 08:24:25 10.x.1.2 64585: As4 LCP: ACFC (0x0802)
Jan 23 08:24:25 10.x.1.2 64586: As4 LCP: Callback 6 (0x0D0306)
Jan 23 08:24:25 10.x.1.2 64587: As4 LCP: O CONFREJ [ACKrcvd] id 2 len 7
Jan 23 08:24:25 10.x.1.2 64588: As4 LCP: Callback 6 (0x0D0306)
Jan 23 08:24:25 10.x.1.2 64589: As4 LCP: I CONFREQ [ACKrcvd] id 3 len 20
Jan 23 08:24:25 10.x.1.2 64590: As4 LCP: ACCM 0x00000000 (0x020600000000)
Jan 23 08:24:25 10.x.1.2 64591: As4 LCP: MagicNumber 0x1A2E25C4 (0x05061A2E25C4)
Jan 23 08:24:25 10.x.1.2 64592: As4 LCP: PFC (0x0702)
Jan 23 08:24:25 10.x.1.2 64593: As4 LCP: ACFC (0x0802)
Jan 23 08:24:25 10.x.1.2 64594: As4 LCP: O CONFACK [ACKrcvd] id 3 len 20
Jan 23 08:24:25 10.x.1.2 64595: As4 LCP: ACCM 0x00000000 (0x020600000000)
Jan 23 08:24:25 10.x.1.2 64596: As4 LCP: MagicNumber 0x1A2E25C4 (0x05061A2E25C4)
Jan 23 08:24:25 10.x.1.2 64597: As4 LCP: PFC (0x0702)
Jan 23 08:24:25 10.x.1.2 64598: As4 LCP: ACFC (0x0802)
Jan 23 08:24:25 10.x.1.2 64599: As4 LCP: State is Open
Jan 23 08:24:25 10.x.1.2 64600: As4 PPP: Phase is AUTHENTICATING, by this end
Jan 23 08:24:26 10.x.1.2 64601: As4 LCP: I IDENTIFY [Open] id 4 len 18 magic 0x1A2E25C4 MSRASV5.10
Jan 23 08:24:26 10.x.1.2 64602: As4 LCP: I IDENTIFY [Open] id 5 len 24 magic 0x1A2E25C4 MSRAS-0-D7S8482J
Jan 23 08:24:26 10.x.1.2 64603: As4 PAP: I AUTH-REQ id 0 len 17 from "test"
Jan 23 08:24:26 10.x.1.2 64604: As4 PAP: Authenticating peer test
Jan 23 08:24:26 10.x.1.2 64605: RADIUS: Initial Transmit id 173 10.x.1.65:1812, Access-Request, len 74
Jan 23 08:24:26 10.x.1.2 64606: Attribute 4 6 0A090102
Jan 23 08:24:26 10.x.1.2 64607: Attribute 5 6 00000004
Jan 23 08:24:26 10.x.1.2 64608: Attribute 61 6 00000000
Jan 23 08:24:26 10.x.1.2 64609: Attribute 1 6 74657374
Jan 23 08:24:26 10.x.1.2 64610: Attribute 2 18 F2706D60
Jan 23 08:24:26 10.x.1.2 64611: Attribute 6 6 00000002
Jan 23 08:24:26 10.x.1.2 64612: Attribute 7 6 00000001
Jan 23 08:24:26 10.x.1.2 64613: RADIUS: Received from id 173 10.x.1.65:1812, Access-Accept, len 86
Jan 23 08:24:26 10.x.1.2 64614: Attribute 6 6 00000002
Jan 23 08:24:26 10.x.1.2 64615: Attribute 7 6 00000001
Jan 23 08:24:26 10.x.1.2 64616: Attribute 8 6 0A09FE01
Jan 23 08:24:26 10.x.1.2 64617: Attribute 9 6 FFFFFF00
Jan 23 08:24:26 10.x.1.2 64618: Attribute 12 6 000005DC
Jan 23 08:24:26 10.x.1.2 64619: Attribute 26 36 00000009011E6C63
Jan 23 08:24:26 10.x.1.2 64620: RADIUS: saved authorization data for user 4E518 at 11DCC8
Jan 23 08:24:26 10.x.1.2 64621: RADIUS: cisco AVPair "lcp:callback-dialstring=1615"
Jan 23 08:24:26 10.x.1.2 64622: As4 PAP: O AUTH-ACK id 0 len 5
Jan 23 08:24:26 10.x.1.2 64623: As4 PPP: Phase is UP
Jan 23 08:24:26 10.x.1.2 64624: RADIUS: Authorize IP address 10.x.254.1
Jan 23 08:24:26 10.x.1.2 64625: RADIUS: Framed-IP-Netmask 255.255.255.0
Jan 23 08:24:26 10.x.1.2 64626: RADIUS: route for 10.x.254.0 255.255.255.0
Jan 23 08:24:26 10.x.1.2 64627: RADIUS: cisco AVPair "lcp:callback-dialstring=1615" not applied for ip
Jan 23 08:24:26 10.x.1.2 64628: As4 IPCP: O CONFREQ [Closed] id 45 len 10
Jan 23 08:24:26 10.x.1.2 64629: As4 IPCP: Address 10.x.1.2 (0x03060A090102)
Jan 23 08:24:26 10.x.1.2 64630: RADIUS: cisco AVPair "lcp:callback-dialstring=1615" not applied for unknown
Jan 23 08:24:26 10.x.1.2 64631: As4 CDPCP: O CONFREQ [Closed] id 38 len 4
Jan 23 08:24:26 10.x.1.2 64632: RADIUS: Initial Transmit id 174 10.x.1.65:1813, Accounting-Request, len 84
Jan 23 08:24:26 10.x.1.2 64633: Attribute 4 6 0A090102
Jan 23 08:24:26 10.x.1.2 64634: Attribute 5 6 00000004
Jan 23 08:24:26 10.x.1.2 64635: Attribute 61 6 00000000
Jan 23 08:24:26 10.x.1.2 64636: Attribute 1 6 74657374
Jan 23 08:24:26 10.x.1.2 64637: Attribute 40 6 00000001
Jan 23 08:24:26 10.x.1.2 64638: Attribute 45 6 00000001
Jan 23 08:24:26 10.x.1.2 64639: Attribute 6 6 00000002
Jan 23 08:24:26 10.x.1.2 64640: Attribute 44 10 30303030
Jan 23 08:24:26 10.x.1.2 64641: Attribute 7 6 00000001
Jan 23 08:24:26 10.x.1.2 64642: Attribute 41 6 00000000
Jan 23 08:24:26 10.x.1.2 64643: RADIUS: Received from id 174 10.x.1.65:1813, Accounting-response, len 20
Jan 23 08:24:26 10.x.1.2 64644: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async4, changed state to up
Jan 23 08:24:26 10.x.1.2 64645: As4 PPP: Unsupported or un-negotiated protocol. Link cdp
Jan 23 08:24:26 10.x.1.2 64646: As4 CCP: I CONFREQ [Not negotiated] id 6 len 10
Jan 23 08:24:26 10.x.1.2 64647: As4 CCP: MS-PPC supported bits 0x00000001 (0x120600000001)
Jan 23 08:24:26 10.x.1.2 64648: As4 LCP: O PROTREJ [Open] id 93 len 16 protocol CCP (0x80FD0106000A120600000001)
Jan 23 08:24:26 10.x.1.2 64649: As4 IPCP: I CONFREQ [REQsent] id 7 len 40
Jan 23 08:24:26 10.x.1.2 64650: As4 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01)
Jan 23 08:24:26 10.x.1.2 64651: As4 IPCP: Address 0.0.0.0 (0x030600000000)
Jan 23 08:24:26 10.x.1.2 64652: As4 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
Jan 23 08:24:26 10.x.1.2 64653: As4 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)
Jan 23 08:24:26 10.x.1.2 64654: As4 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
Jan 23 08:24:26 10.x.1.2 64655: As4 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)
Jan 23 08:24:26 10.x.1.2 64656: AAA/AUTHOR/IPCP As4: Start. Her address 0.0.0.0, we want 0.0.0.0
Jan 23 08:24:26 10.x.1.2 64657: AAA/AUTHOR/IPCP As4: Done. Her address 0.0.0.0, we want 10.x.254.1
Jan 23 08:24:26 10.x.1.2 64658: AAA/AUTHOR/IPCP As4: Authorization succeeded
Jan 23 08:24:26 10.x.1.2 64659: As4 IPCP: O CONFREJ [REQsent] id 7 len 22
Jan 23 08:24:26 10.x.1.2 64660: As4 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01)
Jan 23 08:24:26 10.x.1.2 64661: As4 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)
Jan 23 08:24:26 10.x.1.2 64662: As4 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)
Jan 23 08:24:26 10.x.1.2 64663: As4 IPCP: I CONFACK [REQsent] id 45 len 10
Jan 23 08:24:26 10.x.1.2 64664: As4 IPCP: Address 10.x.1.2 (0x03060A090102)
Jan 23 08:24:26 10.x.1.2 64665: As4 LCP: I PROTREJ [Open] id 8 len 10 protocol CDPCP (0x820701260004)
Jan 23 08:24:26 10.x.1.2 64666: As4 CDPCP: State is Closed
Jan 23 08:24:26 10.x.1.2 64667: As4 IPCP: I CONFREQ [ACKrcvd] id 9 len 22
Jan 23 08:24:26 10.x.1.2 64668: As4 IPCP: Address 0.0.0.0 (0x030600000000)
Jan 23 08:24:26 10.x.1.2 64669: As4 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
Jan 23 08:24:26 10.x.1.2 64670: As4 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
Jan 23 08:24:26 10.x.1.2 64671: AAA/AUTHOR/IPCP As4: Start. Her address 0.0.0.0, we want 10.x.254.1
Jan 23 08:24:26 10.x.1.2 64672: AAA/AUTHOR/IPCP As4: Done. Her address 0.0.0.0, we want 10.x.254.1
Jan 23 08:24:26 10.x.1.2 64673: AAA/AUTHOR/IPCP As4: Authorization succeeded
Jan 23 08:24:26 10.x.1.2 64674: As4 IPCP: O CONFNAK [ACKrcvd] id 9 len 22
Jan 23 08:24:26 10.x.1.2 64675: As4 IPCP: Address 10.x.254.1 (0x03060A09FE01)
Jan 23 08:24:26 10.x.1.2 64676: As4 IPCP: PrimaryDNS 10.x.1.65 (0x81060A090141)
Jan 23 08:24:26 10.x.1.2 64677: As4 IPCP: SecondaryDNS 10.x.1.68 (0x83060A090144)
Jan 23 08:24:26 10.x.1.2 64678: As4 IPCP: I CONFREQ [ACKrcvd] id 10 len 22
Jan 23 08:24:26 10.x.1.2 64679: As4 IPCP: Address 10.x.254.1 (0x03060A09FE01)
Jan 23 08:24:26 10.x.1.2 64680: As4 IPCP: PrimaryDNS 10.x.1.65 (0x81060A090141)
Jan 23 08:24:26 10.x.1.2 64681: As4 IPCP: SecondaryDNS 10.x.1.68 (0x83060A090144)
Jan 23 08:24:27 10.x.1.2 64682: AAA/AUTHOR/IPCP As4: Start. Her address 10.x.254.1, we want 10.x.254.1
Jan 23 08:24:27 10.x.1.2 64683: AAA/AUTHOR/IPCP As4: Done. Her address 10.x.254.1, we want 10.x.254.1
Jan 23 08:24:27 10.x.1.2 64684: AAA/AUTHOR/IPCP As4: Authorization succeeded
Jan 23 08:24:27 10.x.1.2 64685: As4 IPCP: O CONFACK [ACKrcvd] id 10 len 22
Jan 23 08:24:27 10.x.1.2 64686: As4 IPCP: Address 10.x.254.1 (0x03060A09FE01)
Jan 23 08:24:27 10.x.1.2 64687: As4 IPCP: PrimaryDNS 10.x.1.65 (0x81060A090141)
Jan 23 08:24:27 10.x.1.2 64688: As4 IPCP: SecondaryDNS 10.x.1.68 (0x83060A090144)
Jan 23 08:24:27 10.x.1.2 64689: As4 IPCP: State is Open
Jan 23 08:24:27 10.x.1.2 64690: As4 IPCP: Install route to 10.x.254.1
Jan 23 08:25:04 10.x.1.2 64691: As3 PPP: Unsupported or un-negotiated protocol. Link cdp
Jan 23 08:25:04 10.x.1.2 64692: As4 PPP: Unsupported or un-negotiated protocol. Link cdp
Jan 23 08:25:04 10.x.1.2 64693: As4 PPP: Trying to negotiate NCP for Link cdp
Jan 23 08:25:04 10.x.1.2 64694: As4 CDPCP: State is Closed
что это такое и почему циска не принимает номер ?
Jan 23 08:24:26 10.x.1.2 64630: RADIUS: cisco AVPair "lcp:callback-dialstring=1615" not applied for unknown
Jan 23 08:24:26 10.x.1.2 64632: RADIUS: Initial Transmit id 174 10.x.1.65:1813, Accounting-Request, len 84
пробовал и без радиуса просто пользователя в циску добавить с параметром колбека тоже не хочет, вообщем прошу совету у всех кто наступал на подобные грабли.
Удачи!