Modem Script and System Script Support in Large-Scale Dial-Out
This feature module describes the Modem Script and System Script Support in Large-Scale Dial-Out feature and includes the following sections:
Feature Overview
Modem connection and system login chat scripts are often used when asynchronous dial-on-demand routing (DDR) is configured. Currently, however, the large-scale dial-out network architecture does not allow chat scripts for a particular session to be passed through the network. Cisco IOS Release 12.2(2)T allows modem and system chat scripts to pass through large-scale dial-out networks by allocating two new authentication, authorization, and accounting (AAA) attributes for outbound service.
The AAA attributes define specific AAA elements in a user profile. Large-scale dial-out supports Cisco attribute-value (AV) pairs and TACACS+ attributes. The Modem Script and System Script Support in Large-Scale Dial-Out feature provides two new outbound service attributes for passing chat scripts: modem-script and system-script.
Benefits
The Modem Script and System Script Support in Large-Scale Dial-Out feature allows users to use modem and system chat scripts by linking them to AAA service outbound attributes for use by Cisco network access servers in large-scale dial-out networks.
Related Documents
- Cisco IOS Dial Technologies Configuration Guide, Release 12.2
- Cisco IOS Security Configuration Guide, Release 12.2
- CiscoSecure ACS for Windows NT User Guide 2.0
Supported Standards, MIBs, and RFCs
Standards
No new or modified standards are supported by this feature.
MIBs
No new or modified MIBs are supported by this feature.
To obtain lists of supported MIBs by platform and Cisco IOS release, and to download MIB modules, go to the Cisco MIB website on Cisco.com at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.
RFCs
No new or modified RFCs are supported by this feature.
Configuration Tasks
See the following sections for configuration tasks for the Modem Script and System Script Support in Large-Scale Dial-Out feature. Each task in the list is identified as either optional or required.
Once these tasks are complete, you will need to complete the configuration tasks required for large-scale dial-out. See the chapter “Configuring Large-Scale Dial-Out” in the Cisco IOS Dial Technologies Configuration Guide, Cisco IOS Release 12.2.
Creating the Dial-Out Profile
To specify a name for the modem script and, if needed, a system script using cisco-avpair attributes for outbound service, use the following syntax to enter these attributes in the dial-out profile:
cisco-avpair = "outbound:modem-script=script-name"
cisco-avpair = "outbound:system-script=script-name"
To specify a name for the modem script and, if needed, a system script using TACACS+ attributes for outbound service, use the following syntax to enter these attributes in the dial-out profile:
service = outbound {
modem-script = script-name
system-script = script-name
}
Timesaver Remember that the dial-out profile name must have the characters “-out” appended to it and that the only required attribute for a profile is the Cisco AV pair outbound:dial-number
.
See the section “Dial-Out Profile Examples” for examples of dial-out profiles.
For more information about defining profiles, see the Cisco IOS Security Configuration Guide and the chapter “Configuring Large-Scale Dial-Out” in the Cisco IOS Dial Services Configuration Guide: Network Services.
Creating the Chat Script
To configure the modem or system script name in the Cisco network access server (NAS), use the following command in global configuration mode:
|
|
Router(config)# chat-script script-name expect-send |
Provides commands to dial a modem and commands to log on to remote systems when using DDR. |
See the section “Chat Script Example” for an example of a chat script that works with a dial-out-profile.
Verifying Modem and System Chat Scripts with Large-Scale Dial-Out
To verify correct operation of the dial-out profile and modem chat script, use the debug aaa authorization command. See the “Verification Example” for a sample of the output from this command.
Monitoring and Maintaining Large-Scale Dial-Out Sessions
To monitor and maintain large-scale dial-out sessions, use the following commands in EXEC mode as needed:
|
|
Router# clear dialer sessions |
Removes all dialer sessions and disconnects links. |
Router# debug aaa authorization |
Displays configuration information and information about AAA/TACACS+ authorization. |
Router# show dialer sessions |
Displays all dialer sessions. |
Configuration Examples
This section provides the following configuration examples:
Dial-Out Profile Examples
The following is an example of a Cisco AV pair dial-out profile named “evergreen” that defines a modem script named “dialer-script”:
evergreen-out Password = "cisco",
User-Service-Type = Outbound-User
cisco-avpair = "outbound:dial-number=5551212",
cisco-avpair = "outbound:addr=5.1.1.1",
cisco-avpair = "outbound:send-secret=cisco",
cisco-avpair = "outbound:modem-script=dialer-script"
The following is an example of how to define the same profile for TACACS+:
modem-script = dialer-script
service = ppp protocol = ip {
default attribute = permit
Chat Script Example
The following example creates a chat script for the Cisco NAS that references the dialer-script modem script created in the dial-out profile:
chat-script dialer-script "" AT OK ATDT\T TIMEOUT 60 CONNECT
Verification Example
Once connection is made, you can verify the configuration using the debug aaa authorization privileged EXEC command:
Router# debug aaa authorization
00:01:07: %LSDialout: temporary debug to verify the data integrity
00:01:07: dial number = 5551212
00:01:07: dialnum_count = 1
00:01:07: modem_script = dialer-script
00:01:07: system_script =
00:01:07: ip_address = 5.1.1.1
00:01:07: send_secret = cisco
Appendix
The following new Cisco AV pairs and TACACS+ attributes are added to the large-scale dial outbound service attributes:
Modem Script Attribute
Specifies a name for the modem script.
cisco-avpair = "outbound:modem-script=VALUE"
service = outbound {
modem-script = VALUE
}
Modem script name that you assign.
System Script Attribute
Specifies a name for the system script.
cisco-avpair = "outbound:system-script=VALUE"
service = outbound {
system-script = VALUE
}
System script name that you assign.
Glossary
AAA —authentication, authorization, and accounting. Suite of network security services that provide the primary framework through which access control can be set up on your Cisco router or access server.
attributes —Data items sent between a network access server and a daemon that are used to direct AAA activities.
authentication, authorization, and accounting —See AAA.
chat script —Strings of text used to send commands for modem dialing, logging in to remote systems, and initializing asynchronous devices connected to an asynchronous line.
dial-out profile —Attributes that define specific AAA elements in a user profile. Large-scale dial-out supports a subset of Ascend AV pairs, RADIUS attributes, and a map class attribute providing outbound dialing services.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
© 2005–2009 Cisco Systems, Inc. All rights reserved.