RADIUS를 사용하여 PPP 콜백 구성

다운로드 옵션

PDF (334.7 KB)
다양한 디바이스에서 Adobe Reader로 보기
ePub (87.4 KB)
iPhone, iPad, Android, Sony Reader 또는 Windows Phone의 다양한 앱에서 보기
Mobi (Kindle) (84.2 KB)
Kindle 디바이스에서 보기 또는 다양한 디바이스의 Kindle 앱에서 보기

업데이트:2008년 2월 26일

문서 ID:12427

편견 없는 언어

본 제품에 대한 문서 세트는 편견 없는 언어를 사용하기 위해 노력합니다. 본 설명서 세트의 목적상, 편견 없는 언어는 나이, 장애, 성별, 인종 정체성, 민족 정체성, 성적 지향성, 사회 경제적 지위 및 교차성에 기초한 차별을 의미하지 않는 언어로 정의됩니다. 제품 소프트웨어의 사용자 인터페이스에서 하드코딩된 언어, RFP 설명서에 기초한 언어 또는 참조된 서드파티 제품에서 사용하는 언어로 인해 설명서에 예외가 있을 수 있습니다. 시스코에서 어떤 방식으로 포용적인 언어를 사용하고 있는지 자세히 알아보세요.

이 번역에 관하여

Cisco는 전 세계 사용자에게 다양한 언어로 지원 콘텐츠를 제공하기 위해 기계 번역 기술과 수작업 번역을 병행하여 이 문서를 번역했습니다. 아무리 품질이 높은 기계 번역이라도 전문 번역가의 번역 결과물만큼 정확하지는 않습니다. Cisco Systems, Inc.는 이 같은 번역에 대해 어떠한 책임도 지지 않으며 항상 원본 영문 문서(링크 제공됨)를 참조할 것을 권장합니다.

소개

이 문서에서는 RADIUS를 사용하여 PPP(Point-to-Point Protocol) 콜백을 수행하도록 라우터와 서버를 구성하는 예를 보여줍니다.

시작하기 전에

표기 규칙

문서 규칙에 대한 자세한 내용은 Cisco 기술 팁 표기 규칙을 참조하십시오.

사전 요구 사항

이 작업을 수행하려면

로컬 인증 및 콜백으로 초기 테스트를 수행합니다(즉, aaa new-model 명령 제거). 로컬 인증에서 콜백이 작동하지 않으면 RADIUS에서 작동하지 않습니다. 로컬 인증을 사용하는 이 예를 참조하십시오.
콜백 없이 RADIUS를 사용하여 추가 PPP 인증 테스트를 수행합니다. 사용자가 콜백 없이 인증 및/또는 권한 부여에 실패할 경우 인증 및 권한 부여가 콜백과 함께 작동하지 않습니다.
콜백에 대한 로컬 인증 및 RADIUS를 통한 PPP 인증이 작동하면 라우터의 로컬 사용자(예: 콜백 다이얼 문자열)의 정보를 서버의 사용자 프로필에 추가합니다.

참고: 이러한 테스트의 클라이언트는 PPP 연결에 대해 평소와 같이 설정된 NT 4.0 서버 DUN이었지만 Microsoft 콜백을 허용하기 위해 Server(서버) 아래에서 PPP/LCP 확장 사용을 확인했습니다. Microsoft 콜백은 Cisco IOS^® Software 릴리스 11.3.2.T 이상에서 지원됩니다. Microsoft Windows PC for Callback을 설정하는 방법에 대한 자세한 내용은 Microsoft 웹 사이트를 참조하십시오.

사용되는 구성 요소

이 구성은 아래 소프트웨어 버전을 사용하여 개발 및 테스트되었습니다.

Cisco IOS Software 릴리스 11.3.2.T 이상
Windows 2.x 이상용 CiscoSecure ACS UNIX 2.x 또는 CiscoSecure ACS

구성

이 섹션에는 이 문서에서 설명하는 기능을 구성하기 위한 정보가 표시됩니다.

참고: 이 문서에 사용된 명령에 대한 추가 정보를 보려면 명령 조회 도구(등록된 고객만 해당)를 사용하십시오.

네트워크 다이어그램

이 문서에서는 아래 다이어그램에 나와 있는 네트워크 설정을 사용합니다.

서버 설정 - CiscoSecure NT

사용자가 비밀번호를 가져오고 비밀번호를 확인합니다.
그룹 설정에서: 특성 006 Service-Type = Framed 특성 007 Framed-Protocol = PPP
화면의 마지막 상자, Cisco RADIUS Attributes(Cisco RADIUS 특성)에서 [009\001 - AV-Pair]를 선택하고 아래에 lcp:callback-dialstring=20367을 입력합니다.

서버 설치 - CiscoSecure UNIX

rtp-berry# ./ViewProfile -p 9900 -u callback
User Profile Information
user = callback{
profile_id = 34 
profile_cycle = 1 
radius=Cisco {
check_items= {
2="callback"
} 
reply_attributes= {
6=2
7=1
9,1="lcp:callback-dialstring=20367"
} 
} 

}

서버 설정 - Livingston RADIUS(Cisco av 쌍 포함)

callback2 Password = "callback2"
User-Service-Type = Framed-User,
Framed-Protocol = PPP,
cisco-avpair = "lcp:callback-dialstring=20367"

설정

라우터 컨피그레이션
rtpkrb#show run Building configuration... Current configuration: ! version 11.3 service timestamps debug uptime service timestamps log uptime no service password-encryption service udp-small-servers service tcp-small-servers ! hostname rtpkrb ! !--- AAA configuration. aaa new-model aaa authentication login default radius none aaa authentication ppp default radius none aaa authorization exec default radius none aaa authorization network default radius none enable secret 5 $1$pkX.$JdAySRE1SbdbDe7bj0wyt0 enable password ww ! ip host rtpkrb 10.31.1.5 ip domain-name RTP.CISCO.COM ip name-server 171.68.118.103 !--- Chat-scripts to be used for the dialout. chat-script offhook "" "ATH1" OK chat-script callback ABORT ERROR ABORT BUSY "" "ATZ" OK "ATDT \T" TIMEOUT 30 CONNECT \c ! interface Loopback0 ip address 1.1.1.1 255.255.255.0 ! interface Ethernet0 ip address 10.31.1.5 255.255.0.0 ! interface Serial0 no ip address no ip mroute-cache shutdown ! interface Serial1 no ip address shutdown ! interface Async1 ip unnumbered Ethernet0 encapsulation ppp async mode dedicated peer default ip address pool async no cdp enable ppp max-bad-auth 3 ppp callback accept ppp authentication pap ! ip local pool async 15.15.15.15 ip classless ip route 0.0.0.0 0.0.0.0 10.31.1.1 snmp-server community public RW snmp-server host 171.68.118.100 traps public radius-server host 171.68.118.101 auth-port 1645 acct-port 1646 radius-server key cisco ! line con 0 line 1 session-timeout 20 exec-timeout 20 0 password ww autoselect ppp script modem-off-hook offhook script callback callback modem InOut transport input all stopbits 1 speed 38400 flowcontrol hardware line 2 modem InOut speed 38400 flowcontrol hardware line 3 16 line aux 0 line vty 0 4 exec-timeout 0 0 timeout login response 100 password ww ! end

라우터 컨피그레이션

rtpkrb#show run
Building configuration...

Current configuration:
!
version 11.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname rtpkrb
!

!--- AAA configuration.

aaa new-model
aaa authentication login default radius none
aaa authentication ppp default radius none
aaa authorization exec default radius none
aaa authorization network default radius none
enable secret 5 $1$pkX.$JdAySRE1SbdbDe7bj0wyt0
enable password ww
!
ip host rtpkrb 10.31.1.5
ip domain-name RTP.CISCO.COM
ip name-server 171.68.118.103

!--- Chat-scripts to be used for the dialout.

chat-script offhook "" "ATH1" OK
chat-script callback ABORT ERROR ABORT BUSY "" "ATZ" OK "ATDT \T" 
   TIMEOUT 30 CONNECT \c
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Ethernet0
ip address 10.31.1.5 255.255.0.0
!
interface Serial0
no ip address
no ip mroute-cache
shutdown
!
interface Serial1
no ip address
shutdown
!
interface Async1
ip unnumbered Ethernet0
encapsulation ppp
async mode dedicated
peer default ip address pool async
no cdp enable
ppp max-bad-auth 3
ppp callback accept
ppp authentication pap
!
ip local pool async 15.15.15.15
ip classless
ip route 0.0.0.0 0.0.0.0 10.31.1.1
snmp-server community public RW
snmp-server host 171.68.118.100 traps public
radius-server host 171.68.118.101 auth-port 1645 acct-port 1646
radius-server key cisco
!
line con 0
line 1
session-timeout 20 
exec-timeout 20 0
password ww
autoselect ppp
script modem-off-hook offhook
script callback callback
modem InOut
transport input all
stopbits 1
speed 38400
flowcontrol hardware
line 2
modem InOut
speed 38400
flowcontrol hardware
line 3 16
line aux 0
line vty 0 4
exec-timeout 0 0
timeout login response 100
password ww
!
end

다음을 확인합니다.

현재 이 설정에 사용 가능한 확인 절차는 없습니다.

문제 해결

이 섹션에서는 설정 문제 해결에 사용할 수 있는 정보를 제공합니다.

트러블슈팅 명령

참고: debug 명령을 실행하기 전에 Debug 명령에 대한 중요 정보를 참조하십시오.

debug aaa authentication(aaa 인증 디버그)AAA 인증에 대한 정보를 표시합니다.
debug aaa authorization - AAA 권한 부여에 대한 정보를 표시합니다.
debug callback - 라우터가 모뎀 및 채팅 스크립트를 사용하여 터미널 회선에서 콜백하는 경우 콜백 이벤트를 표시합니다.
debug chat(디버그 채팅) - NAS(Network Access Server)와 PC 간에 보낸 문자를 표시합니다. 채팅-스크립트는 DTE(Data Terminal Equipment)-DTE 또는 DTE-DCE(Data Communications Equipment) 디바이스 간의 핸드셰이킹을 정의하는 예상 전송 문자열 쌍 집합입니다.
debug modem - 액세스 서버에서 모뎀 회선 활동을 관찰합니다.
debug ppp negotiation - PPP 시작 중에 전송된 PPP 패킷을 표시합니다. 여기서 PPP 옵션이 협상됩니다.
debug ppp authentication - CHAP(Challenge Authentication Protocol) 패킷 교환 및 PAP(Password Authentication Protocol) 교환을 비롯한 인증 프로토콜 메시지를 표시합니다.
debug radius - RADIUS와 관련된 자세한 디버깅 정보를 표시합니다.

디버그 출력 샘플

General OS:
Modem control/process activation debugging is on
AAA Authentication debugging is on
AAA Authorization debugging is on
PPP:
PPP protocol negotiation debugging is on
Chat Scripts:
Chat scripts activity debugging is on
Callback:
Callback activity debugging is on
Radius protocol debugging is on
rtpkrb#
04:04:42: TTY1: DSR came up
04:04:42: tty1: Modem: IDLE->READY
04:04:42: TTY1: Autoselect started
04:04:44: TTY1: Autoselect sample 7E
04:04:44: TTY1: Autoselect sample 7EFF
04:04:44: TTY1: Autoselect sample 7EFF7D
04:04:44: TTY1: Autoselect sample 7EFF7D23
04:04:44: TTY1 Autoselect cmd: ppp negotiate
04:04:44: TTY1: EXEC creation
04:04:46: %LINK-3-UPDOWN: Interface Async1, changed state to up
04:04:46: As1 PPP: Treating connection as a dedicated line
04:04:46: As1 PPP: Phase is ESTABLISHING, Active Open
04:04:46: As1 LCP: O CONFREQ [Closed] id 224 len 24
04:04:46: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
04:04:46: As1 LCP: AuthProto PAP (0x0304C023)
04:04:46: As1 LCP: MagicNumber 0xE0FE5C09 (0x0506E0FE5C09)
04:04:46: As1 LCP: PFC (0x0702)
04:04:46: As1 LCP: ACFC (0x0802)
04:04:46: As1 LCP: I CONFACK [REQsent] id 224 len 24
04:04:46: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
04:04:46: As1 LCP: AuthProto PAP (0x0304C023)
04:04:46: As1 LCP: MagicNumber 0xE0FE5C09 (0x0506E0FE5C09)
04:04:46: As1 LCP: PFC (0x0702)
04:04:46: As1 LCP: ACFC (0x0802)
04:04:47: As1 LCP: I CONFREQ [ACKrcvd] id 0 len 23
04:04:47: As1 LCP: ACCM 0x00000000 (0x020600000000)
04:04:47: As1 LCP: MagicNumber 0x00006CCD (0x050600006CCD)
04:04:47: As1 LCP: PFC (0x0702)
04:04:47: As1 LCP: ACFC (0x0802)
04:04:47: As1 LCP: Callback 6 (0x0D0306)
04:04:47: As1 LCP: O CONFACK [ACKrcvd] id 0 len 23
04:04:47: As1 LCP: ACCM 0x00000000 (0x020600000000)
04:04:47: As1 LCP: MagicNumber 0x00006CCD (0x050600006CCD)
04:04:47: As1 LCP: PFC (0x0702)
04:04:47: As1 LCP: ACFC (0x0802)
04:04:47: As1 LCP: Callback 6 (0x0D0306)
04:04:47: As1 LCP: State is Open
04:04:47: As1 PPP: Phase is AUTHENTICATING, by this end
04:04:47: As1 LCP: I IDENTIFY [Open] id 1 len 18 magic 
   0x00006CCD MSRASV4.00
04:04:47: As1 LCP: I IDENTIFY [Open] id 2 len 21 magic 
   0x00006CCD MSRAS-1-ZEKIE
04:04:47: As1 PAP: I AUTH-REQ id 15 len 24 from "callback2"
04:04:47: As1 PAP: Authenticating peer callback2
04:04:47: AAA/AUTHEN: create_user (0x14B1CC) user='callback2' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
04:04:47: AAA/AUTHEN/START (3229557248): port='Async1' list='' 
   action=LOGIN service=PPP
04:04:47: AAA/AUTHEN/START (3229557248): using "default" list
04:04:47: AAA/AUTHEN/START (3229557248): Method=RADIUS
04:04:47: RADIUS: Computed extended port value 0:1:
04:04:47: RADIUS: Initial Transmit id 156 171.68.118.101:1645, 
   Access-Request, len 79
04:04:47: Attribute 4 6 0A1F0105
04:04:47: Attribute 5 6 00000001
04:04:47: Attribute 61 6 00000000
04:04:47: Attribute 1 11 63616C6C
04:04:47: Attribute 2 18 47E86FBC
04:04:47: Attribute 6 6 00000002
04:04:47: Attribute 7 6 00000001
04:04:47: RADIUS: Received from id 156 171.68.118.101:1645, 
   Access-Accept, len 69
04:04:47: Attribute 6 6 00000002
04:04:47: Attribute 7 6 00000001
04:04:47: Attribute 26 37 00000009011F6C63
04:04:47: RADIUS: saved authorization data for user 14B1CC at 14A684
04:04:47: AAA/AUTHEN (3229557248): status = PASS
04:04:47: AAA/AUTHOR/LCP As1: Authorize LCP
04:04:47: AAA/AUTHOR/LCP As1 (101984404): Port='Async1' 
   list='' service=NET
04:04:47: AAA/AUTHOR/LCP: As1 (101984404) user='callback2'
04:04:47: AAA/AUTHOR/LCP: As1 (101984404) send AV service=ppp
04:04:47: AAA/AUTHOR/LCP: As1 (101984404) send AV protocol=lcp
04:04:47: AAA/AUTHOR/LCP (101984404) found list "default"
04:04:47: AAA/AUTHOR/LCP: As1 (101984404) Method=RADIUS

!--- Callback number is obtained from the RADIUS server.

04:04:47: RADIUS: cisco AVPair "lcp:callback-dialstring=20367"
04:04:47: AAA/AUTHOR (101984404): Post authorization status = PASS_REPL
04:04:47: AAA/AUTHOR/LCP As1: Processing AV service=ppp
04:04:47: AAA/AUTHOR/LCP As1: Processing AV callback-dialstring=20367
04:04:47: As1 PAP: O AUTH-ACK id 15 len 5
04:04:47: As1 MCB: User callback2 Callback Number - Server 20367
04:04:47: Async1 PPP: O MCB Request(1) id 47 len 7
04:04:47: Async1 MCB: O 1 2F 0 7 3 3 0 
04:04:47: As1 MCB: O Request Id 47 Callback Type Server-Num delay 0
04:04:47: Async1 PPP: I MCB Response(2) id 47 len 7
04:04:47: Async1 MCB: I 2 2F 0 7 3 3 C 
04:04:47: As1 MCB: Received response
04:04:47: As1 MCB: Response CBK-Server-Num 3 3 12
04:04:47: Async1 PPP: O MCB Ack(3) id 48 len 7
04:04:47: Async1 MCB: O 3 30 0 7 3 3 C 
04:04:47: As1 MCB: O Ack Id 48 Callback Type Server-Num delay 12
04:04:47: As1 MCB: Negotiated MCB with peer
04:04:47: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, 
   changed state to up
04:04:47: As1 LCP: I TERMREQ [Open] id 3 len 8 (0x00000000)
04:04:47: As1 LCP: O TERMACK [Open] id 3 len 4
04:04:47: As1 MCB: Peer terminating the link
04:04:47: As1 PPP: Phase is TERMINATING
04:04:47: As1 MCB: Link terminated by peer, Callback Needed

!--- Callback is initiated.

04:04:47: As1 MCB: Initiate Callback for callback2 at 20367 using Async
04:04:47: As1 MCB: Async-callback in progress
04:04:47: TTY1 Callback PPP process creation
04:04:47: As1 AAA/ACCT: Using PPP accounting list ""
04:04:47: TTY1 Callback process initiated, user: dialstring 20367
04:04:48: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, 
   changed state to down
04:04:48: TTY1: Async Int reset: Dropping DTR
04:04:49: As1 LCP: TIMEout: Time 0xE02574 State TERMsent
04:04:49: As1 LCP: State is Closed
04:04:49: As1 PPP: Phase is DOWN
04:04:49: As1 PPP: Phase is ESTABLISHING, Passive Open
04:04:49: As1 LCP: State is Listen
04:04:50: %LINK-5-CHANGED: Interface Async1, changed state to reset
04:04:50: As1 LCP: State is Closed
04:04:50: As1 PPP: Phase is DOWN
04:04:50: As1 IPCP: Remove route to 15.15.15.15
04:04:53: AAA/AUTHEN: free_user (0x14B1CC) user='callback2' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
04:04:53: TTY1 Callback forced wait = 4 seconds
04:04:55: %LINK-3-UPDOWN: Interface Async1, changed state to down
04:04:55: As1 LCP: State is Closed
04:04:55: As1 PPP: Phase is DOWN
04:04:57: CHAT1: Matched chat script offhook to string offhook
04:04:57: CHAT1: Asserting DTR
04:04:57: CHAT1: Chat script offhook started
04:04:57: CHAT1: Sending string: ATH1
04:04:57: CHAT1: Expecting string: OK
04:04:57: CHAT1: Completed match for expect: OK
04:04:57: CHAT1: Chat script offhook finished, status = Success
04:04:57: CHAT1: Matched chat script callback to string callback
04:04:57: CHAT1: Asserting DTR
04:04:57: CHAT1: Chat script callback started
04:04:57: CHAT1: Sending string: ATZ
04:04:57: CHAT1: Expecting string: OK
04:04:57: CHAT1: Completed match for expect: OK
04:04:57: CHAT1: Sending string: ATDT \T<20367>
04:04:57: CHAT1: Expecting string: CONNECT
04:05:14: CHAT1: Completed match for expect: CONNECT
04:05:14: CHAT1: Sending string: \c
04:05:14: CHAT1: Chat script callback finished, status = Success
04:05:14: TTY1 PPP Callback Successful - await exec/autoselect pickup
04:05:16: TTY1: DSR came up
04:05:16: TTY1: Callback in effect
04:05:16: tty1: Modem: IDLE->READY
04:05:16: TTY1: Autoselect started
04:05:16: As1 LCP: I CONFREQ [Closed] id 0 len 20
04:05:16: As1 LCP: ACCM 0x00000000 (0x020600000000)
04:05:16: As1 LCP: MagicNumber 0x000007A0 (0x0506000007A0)
04:05:16: As1 LCP: PFC (0x0702)
04:05:16: As1 LCP: ACFC (0x0802)
04:05:16: As1 LCP: Lower layer not up, discarding packet
04:05:18: %LINK-3-UPDOWN: Interface Async1, changed state to up
04:05:18: As1 PPP: Treating connection as a dedicated line
04:05:18: As1 PPP: Phase is ESTABLISHING, Active Open
04:05:18: As1 LCP: O CONFREQ [Closed] id 225 len 24
04:05:18: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
04:05:18: As1 LCP: AuthProto PAP (0x0304C023)
04:05:18: As1 LCP: MagicNumber 0xE0FED8A0 (0x0506E0FED8A0)
04:05:18: As1 LCP: PFC (0x0702)
04:05:18: As1 LCP: ACFC (0x0802)
04:05:18: As1 LCP: I CONFACK [REQsent] id 225 len 24
04:05:18: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
04:05:18: As1 LCP: AuthProto PAP (0x0304C023)
04:05:18: As1 LCP: MagicNumber 0xE0FED8A0 (0x0506E0FED8A0)
04:05:18: As1 LCP: PFC (0x0702)
04:05:18: As1 LCP: ACFC (0x0802)
04:05:19: As1 LCP: I CONFREQ [ACKrcvd] id 0 len 20
04:05:19: As1 LCP: ACCM 0x00000000 (0x020600000000)
04:05:19: As1 LCP: MagicNumber 0x000007A0 (0x0506000007A0)
04:05:19: As1 LCP: PFC (0x0702)
04:05:19: As1 LCP: ACFC (0x0802)
04:05:19: As1 LCP: O CONFACK [ACKrcvd] id 0 len 20
04:05:19: As1 LCP: ACCM 0x00000000 (0x020600000000)
04:05:19: As1 LCP: MagicNumber 0x000007A0 (0x0506000007A0)
04:05:19: As1 LCP: PFC (0x0702)
04:05:19: As1 LCP: ACFC (0x0802)
04:05:19: As1 LCP: State is Open
04:05:19: As1 PPP: Phase is AUTHENTICATING, by this end
04:05:19: As1 LCP: I IDENTIFY [Open] id 1 len 18 magic 
   0x000007A0 MSRASV4.00
04:05:19: As1 LCP: I IDENTIFY [Open] id 2 len 21 magic 
   0x000007A0 MSRAS-1-ZEKIE
04:05:19: As1 PAP: I AUTH-REQ id 16 len 24 from "callback2"
04:05:19: As1 PAP: Authenticating peer callback2
04:05:19: AAA/AUTHEN: create_user (0x14A640) user='callback2' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
04:05:19: AAA/AUTHEN/START (1256800753): port='Async1' list='' 
   action=LOGIN service=PPP
04:05:19: AAA/AUTHEN/START (1256800753): using "default" list
04:05:19: AAA/AUTHEN/START (1256800753): Method=RADIUS
04:05:19: RADIUS: Computed extended port value 0:1:
04:05:19: RADIUS: Initial Transmit id 157 171.68.118.101:1645, 
   Access-Request, len 79
04:05:19: Attribute 4 6 0A1F0105
04:05:19: Attribute 5 6 00000001
04:05:19: Attribute 61 6 00000000
04:05:19: Attribute 1 11 63616C6C
04:05:19: Attribute 2 18 C29C6276
04:05:19: Attribute 6 6 00000002
04:05:19: Attribute 7 6 00000001
04:05:19: RADIUS: Received from id 157 171.68.118.101:1645, 
   Access-Accept, len 69
04:05:19: Attribute 6 6 00000002
04:05:19: Attribute 7 6 00000001
04:05:19: Attribute 26 37 00000009011F6C63
04:05:19: RADIUS: saved authorization data for user 14A640 at 14B1CC
04:05:19: AAA/AUTHEN (1256800753): status = PASS
04:05:19: AAA/AUTHOR/LCP As1: Authorize LCP
04:05:19: AAA/AUTHOR/LCP As1 (1783017574): Port='Async1' 
   list='' service=NET
04:05:19: AAA/AUTHOR/LCP: As1 (1783017574) user='callback2'
04:05:19: AAA/AUTHOR/LCP: As1 (1783017574) send AV service=ppp
04:05:19: AAA/AUTHOR/LCP: As1 (1783017574) send AV protocol=lcp
04:05:19: AAA/AUTHOR/LCP (1783017574) found list "default"
04:05:19: AAA/AUTHOR/LCP: As1 (1783017574) Method=RADIUS
04:05:19: RADIUS: cisco AVPair "lcp:callback-dialstring=20367"
04:05:19: AAA/AUTHOR (1783017574): Post authorization status = PASS_REPL
04:05:19: AAA/AUTHOR/LCP As1: Processing AV service=ppp
04:05:19: AAA/AUTHOR/LCP As1: Processing AV callback-dialstring=20367
04:05:19: As1 PAP: O AUTH-ACK id 16 len 5
04:05:19: As1 PPP: Phase is UP
04:05:19: AAA/AUTHOR/FSM As1: (0): Can we start IPCP?
04:05:19: AAA/AUTHOR/FSM As1 (1621572650): Port='Async1' 
   list='' service=NET
04:05:19: AAA/AUTHOR/FSM: As1 (1621572650) user='callback2'
04:05:19: AAA/AUTHOR/FSM: As1 (1621572650) send AV service=ppp
04:05:19: AAA/AUTHOR/FSM: As1 (1621572650) send AV protocol=ip
04:05:19: AAA/AUTHOR/FSM (1621572650) found list "default"
04:05:19: AAA/AUTHOR/FSM: As1 (1621572650) Method=RADIUS
04:05:19: RADIUS: cisco AVPair "lcp:callback-dialstring=20367" 
   not applied for ip
04:05:19: AAA/AUTHOR (1621572650): Post authorization status = PASS_REPL
04:05:19: AAA/AUTHOR/FSM As1: We can start IPCP
04:05:19: As1 IPCP: O CONFREQ [Closed] id 24 len 10
04:05:19: As1 IPCP: Address 10.31.1.5 (0x03060A1F0105)
04:05:19: As1 IPCP: I CONFREQ [REQsent] id 3 len 40
04:05:19: As1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01)
04:05:19: As1 IPCP: Address 0.0.0.0 (0x030600000000)
04:05:19: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
04:05:19: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)
04:05:19: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
04:05:19: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)
04:05:19: AAA/AUTHOR/IPCP As1: Start. Her address 0.0.0.0, we want 0.0.0.0
04:05:19: AAA/AUTHOR/IPCP As1: Processing AV service=ppp
04:05:19: AAA/AUTHOR/IPCP As1: Authorization succeeded
04:05:19: AAA/AUTHOR/IPCP As1: Done. Her address 0.0.0.0, we want 0.0.0.0
04:05:19: As1 IPCP: Using pool 'async'
04:05:19: As1 IPCP: Pool returned 15.15.15.15
04:05:19: As1 IPCP: O CONFREJ [REQsent] id 3 len 28
04:05:19: As1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01)
04:05:19: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)
04:05:19: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
04:05:19: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)
04:05:19: As1 IPCP: I CONFACK [REQsent] id 24 len 10
04:05:19: As1 IPCP: Address 10.31.1.5 (0x03060A1F0105)
04:05:19: As1 IPCP: I CONFREQ [ACKrcvd] id 4 len 16
04:05:19: As1 IPCP: Address 0.0.0.0 (0x030600000000)
04:05:19: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
04:05:19: AAA/AUTHOR/IPCP As1: Start. Her address 0.0.0.0, 
   we want 15.15.15.15
04:05:19: AAA/AUTHOR/IPCP As1: Processing AV service=ppp
04:05:19: AAA/AUTHOR/IPCP As1: Authorization succeeded
04:05:19: AAA/AUTHOR/IPCP As1: Done. Her address 0.0.0.0, 
   we want 15.15.15.15
04:05:19: As1 IPCP: O CONFNAK [ACKrcvd] id 4 len 16
04:05:19: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F)
04:05:19: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667)
04:05:20: As1 IPCP: I CONFREQ [ACKrcvd] id 5 len 16
04:05:20: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F)
04:05:20: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667)
04:05:20: AAA/AUTHOR/IPCP As1: Start. Her address 15.15.15.15, 
   we want 15.15.15.15
04:05:20: AAA/AUTHOR/IPCP As1 (2922034935): Port='Async1' 
   list='' service=NET
04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) user='callback2'
04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) send AV service=ppp
04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) send AV protocol=ip
04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) send AV addr*15.15.15.15
04:05:20: AAA/AUTHOR/IPCP (2922034935) found list "default"
04:05:20: AAA/AUTHOR/IPCP: As1 (2922034935) Method=RADIUS
04:05:20: RADIUS: cisco AVPair "lcp:callback-dialstring=20367" 
   not applied for ip
04:05:20: AAA/AUTHOR (2922034935): Post authorization status = PASS_REPL
04:05:20: AAA/AUTHOR/IPCP As1: Reject 15.15.15.15, using 15.15.15.15
04:05:20: AAA/AUTHOR/IPCP As1: Processing AV service=ppp
04:05:20: AAA/AUTHOR/IPCP As1: Processing AV addr*15.15.15.15
04:05:20: AAA/AUTHOR/IPCP As1: Authorization succeeded
04:05:20: AAA/AUTHOR/IPCP As1: Done. Her address 15.15.15.15, 
   we want 15.15.15.15
04:05:20: As1 IPCP: O CONFACK [ACKrcvd] id 5 len 16
04:05:20: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F)
04:05:20: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667)
04:05:20: As1 IPCP: State is Open
04:05:20: As1 IPCP: Install route to 15.15.15.15
04:05:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, 
   changed state to up

사용자 지정 번호의 PPP 콜백

앞의 예는 미리 정의된 번호(서버에 지정)에서 콜백한 것입니다. 콜백은 사용자가 지정한 번호로 수행될 수도 있습니다. 즉, 콜백 번호는 인증 서버에서 null로 지정됩니다. 그러면 라우터가 사용자에게 콜백 번호를 묻습니다. 다시 한 번 말하지만 초기 테스트는 지정된 로컬 콜백으로 수행해야 합니다. 로컬 콜백과 null 콜백 문자열이 작동하지 않으면(즉, aaa new-model 명령 제거) RADIUS 콜백이 작동하지 않습니다. 라우터에 로컬인 null 콜백 문자열을 지정하려면

username callback callback-dialstring "" password 0 callback

PC의 Dial-Up-Networking(Windows NT 서버), User Preferences(사용자 기본 설정)에서 Callback(콜백) - maybe ask me during redial when server offers(서버가 제공하면 재다이얼 중에 문의할 수 있음) 상자를 선택합니다. 사용자가 인증되면 PC에 "Callback - You have entered by caller", the rest of message, then "Enter modem phone number"라는 창이 표시됩니다.

서버 컨피그레이션

서버 설정 - CiscoSecure NT

사용자가 비밀번호를 가져오고 비밀번호를 확인합니다.
그룹 설정에서: 특성 006 Service-Type = Framed 특성 007 Framed-Protocol = PPP
화면의 마지막 상자, Cisco RADIUS Attributes(Cisco RADIUS 특성)에서 [009\001 - AV-Pair]를 선택하고 아래에 lcp:callback-dialstring=을 입력합니다.

서버 설치 - CiscoSecure UNIX

rtp-berry# ./ViewProfile -p 9900 -u callback
User Profile Information
user = callback{
profile_id = 34 
profile_cycle = 1 
radius=Cisco {
check_items= {
2="callback"
} 
reply_attributes= {
6=2
7=1
9,1="lcp:callback-dialstring="
} 
} 

}

서버 설정 - Livingston RADIUS

callback2 Password = "callback2"
User-Service-Type = Framed-User,
Framed-Protocol = PPP,
cisco-avpair = "lcp:callback-dialstring="

디버그 출력 샘플

koala#show debug
General OS:
Modem control/process activation debugging is on
AAA Authentication debugging is on
AAA Authorization debugging is on
Dial on demand:
Dial on demand events debugging is on
PPP:
PPP authentication debugging is on
PPP protocol negotiation debugging is on
Chat Scripts:
Chat scripts activity debugging is on
Callback:
Callback activity debugging is on
Radius protocol debugging is on
koala#
02:23:01: TTY1: DSR came up
02:23:01: tty1: Modem: IDLE->READY
02:23:01: TTY1: Autoselect started
02:23:03: TTY1: Autoselect sample 7E
02:23:03: TTY1: Autoselect sample 7EFF
02:23:03: TTY1: Autoselect sample 7EFF7D
02:23:03: TTY1: Autoselect sample 7EFF7D23
02:23:03: TTY1 Autoselect cmd: ppp negotiate
02:23:03: TTY1: EXEC creation
02:23:05: %LINK-3-UPDOWN: Interface Async1, changed state to up
02:23:05: As1 PPP: Treating connection as a dedicated line
02:23:05: As1 PPP: Phase is ESTABLISHING, Active Open
02:23:05: As1 LCP: O CONFREQ [Closed] id 27 len 24
02:23:05: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
02:23:05: As1 LCP: AuthProto PAP (0x0304C023)
02:23:05: As1 LCP: MagicNumber 0xE0A14386 (0x0506E0A14386)
02:23:05: As1 LCP: PFC (0x0702)
02:23:05: As1 LCP: ACFC (0x0802)
02:23:05: As1 LCP: I CONFACK [REQsent] id 27 len 24
02:23:05: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
02:23:05: As1 LCP: AuthProto PAP (0x0304C023)
02:23:05: As1 LCP: MagicNumber 0xE0A14386 (0x0506E0A14386)
02:23:05: As1 LCP: PFC (0x0702)
02:23:05: As1 LCP: ACFC (0x0802)
02:23:06: As1 LCP: I CONFREQ [ACKrcvd] id 0 len 23
02:23:06: As1 LCP: ACCM 0x00000000 (0x020600000000)
02:23:06: As1 LCP: MagicNumber 0x0000152B (0x05060000152B)
02:23:06: As1 LCP: PFC (0x0702)
02:23:06: As1 LCP: ACFC (0x0802)
02:23:06: As1 LCP: Callback 6 (0x0D0306)
02:23:06: As1 LCP: O CONFACK [ACKrcvd] id 0 len 23
02:23:06: As1 LCP: ACCM 0x00000000 (0x020600000000)
02:23:06: As1 LCP: MagicNumber 0x0000152B (0x05060000152B)
02:23:06: As1 LCP: PFC (0x0702)
02:23:06: As1 LCP: ACFC (0x0802)
02:23:06: As1 LCP: Callback 6 (0x0D0306)
02:23:06: As1 LCP: State is Open
02:23:06: As1 PPP: Phase is AUTHENTICATING, by this end
02:23:06: As1 LCP: I IDENTIFY [Open] id 1 len 18 magic 
   0x0000152B MSRASV4.00
02:23:06: As1 LCP: I IDENTIFY [Open] id 2 len 21 magic 
   0x0000152B MSRAS-1-ZEKIE
02:23:06: As1 PAP: I AUTH-REQ id 64 len 22 from "userspec"
02:23:06: As1 PAP: Authenticating peer userspec
02:23:06: AAA/AUTHEN: create_user (0x16E284) user='userspec' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
02:23:06: AAA/AUTHEN/START (835406208): port='Async1' list='' 
   action=LOGIN service=PPP
02:23:06: AAA/AUTHEN/START (835406208): using "default" list
02:23:06: AAA/AUTHEN (835406208): status = UNKNOWN
02:23:06: AAA/AUTHEN/START (835406208): Method=RADIUS
02:23:06: RADIUS: Computed extended port value 0:1:
02:23:06: RADIUS: Initial Transmit id 25 171.68.120.194:1645, 
   Access-Request, len 78
02:23:06: Attribute 4 6 0A1F0105
02:23:06: Attribute 5 6 00000001
02:23:06: Attribute 61 6 00000000
02:23:06: Attribute 1 10 75736572
02:23:06: Attribute 2 18 E1377DA0
02:23:06: Attribute 6 6 00000002
02:23:06: Attribute 7 6 00000001
02:23:06: RADIUS: Received from id 25 171.68.120.194:1645, 
   Access-Accept, len 64
02:23:06: Attribute 6 6 00000002
02:23:06: Attribute 7 6 00000001
02:23:06: Attribute 26 32 00000009011A6C63
02:23:06: RADIUS: saved authorization data for user 16E284 at A1B44
02:23:06: AAA/AUTHEN (835406208): status = PASS
02:23:06: AAA/AUTHOR/LCP As1: Authorize LCP
02:23:06: AAA/AUTHOR/LCP As1 (2812925385): Port='Async1' 
   list='' service=NET
02:23:06: AAA/AUTHOR/LCP: As1 (2812925385) user='userspec'
02:23:06: AAA/AUTHOR/LCP: As1 (2812925385) send AV service=ppp
02:23:06: AAA/AUTHOR/LCP: As1 (2812925385) send AV protocol=lcp
02:23:06: AAA/AUTHOR/LCP (2812925385) found list "default"
02:23:06: AAA/AUTHOR/LCP: As1 (2812925385) Method=RADIUS

!--- Callback dialstring is empty (null).

02:23:06: RADIUS: cisco AVPair "lcp:callback-dialstring="
02:23:06: AAA/AUTHOR (2812925385): Post authorization status = PASS_REPL
02:23:06: AAA/AUTHOR/LCP As1: Processing AV service=ppp
02:23:06: AAA/AUTHOR/LCP As1: Processing AV callback-dialstring=
02:23:06: As1 PAP: O AUTH-ACK id 64 len 5

!--- Router recognizes that it is to receive number from client !--- and starts sending requests to PC.

02:23:06: As1 MCB: User userspec Callback Number - Client ANY
02:23:06: Async1 PPP: O MCB Request(1) id 92 len 9
02:23:06: Async1 MCB: O 1 5C 0 9 2 5 0 1 0 
02:23:06: As1 MCB: O Request Id 92 Callback Type Client-Num delay 0
02:23:07: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, 
   changed state to up

!--- Router receives response from PC.

02:23:09: Async1 PPP: I MCB Response(2) id 92 len 14
02:23:09: Async1 MCB: I 2 5C 0 E 2 A C 1 32 30 33 36 37 0 
02:23:09: As1 MCB: Received response

!--- Received callback number from the client.

02:23:09: As1 MCB: Response CBK-Client-Num 2 10 12, addr 1-20367
02:23:09: Async1 PPP: O MCB Ack(3) id 93 len 14
02:23:09: Async1 MCB: O 3 5D 0 E 2 A C 1 32 30 33 36 37 0 
02:23:09: As1 MCB: O Ack Id 93 Callback Type Client-Num delay 12
02:23:09: As1 MCB: Negotiated MCB with peer
02:23:09: As1 LCP: I TERMREQ [Open] id 3 len 8 (0x00000000)
02:23:09: As1 LCP: O TERMACK [Open] id 3 len 4
02:23:09: As1 MCB: Peer terminating the link
02:23:09: As1 PPP: Phase is TERMINATING
02:23:09: As1 MCB: Link terminated by peer, Callback Needed

!--- Callback is initiated.

02:23:09: As1 MCB: Initiate Callback for userspec at 20367 using Async
02:23:09: TTY1 Callback user dialstring 20367 from PPP negotiation
02:23:09: As1 MCB: Async-callback in progress
02:23:09: TTY1 Callback PPP process creation
02:23:09: As1 AAA/ACCT: Using PPP accounting list ""
02:23:09: TTY1 Callback process initiated, user: dialstring 20367
02:23:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, 
   changed state to down
02:23:10: TTY1: Async Int reset: Dropping DTR
02:23:11: As1 LCP: TIMEout: Time 0x831824 State TERMsent
02:23:11: As1 LCP: State is Closed
02:23:11: As1 PPP: Phase is DOWN
02:23:11: As1 VP: Cleaning already proceeding
02:23:11: As1 PPP: Phase is ESTABLISHING, Passive Open
02:23:11: AAA/AUTHEN: dup_user (0x16E558) user='userspec' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP 
   priv=1 source='AAA dup lcp_reset'
02:23:11: AAA/AUTHEN: Method=IF-NEEDED: no authentication needed. 
   user='userspec' port='Async1' rem_addr='async'
02:23:11: As1 LCP: State is Listen
02:23:11: AAA/AUTHEN: free_user (0x16E284) user='userspec' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
02:23:12: %LINK-5-CHANGED: Interface Async1, changed state to reset
02:23:12: As1 LCP: State is Closed
02:23:12: As1 PPP: Phase is DOWN
02:23:12: As1 VP: Cleaning already proceeding
02:23:12: As1 IPCP: Remove route to 15.15.15.15
02:23:15: AAA/AUTHEN: free_user (0x16E558) user='userspec' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
02:23:15: TTY1 Callback forced wait = 4 seconds
02:23:17: %LINK-3-UPDOWN: Interface Async1, changed state to down
02:23:17: As1 LCP: State is Closed
02:23:17: As1 PPP: Phase is DOWN
02:23:17: As1 VP: Cleaning already proceeding
02:23:19: CHAT1: Matched chat script offhook to string offhook
02:23:19: CHAT1: Asserting DTR
02:23:19: CHAT1: Chat script offhook started
02:23:19: CHAT1: Sending string: ATH1
02:23:19: CHAT1: Expecting string: OK
02:23:19: CHAT1: Completed match for expect: OK
02:23:19: CHAT1: Chat script offhook finished, status = Success
02:23:19: CHAT1: Matched chat script callback to string callback
02:23:19: CHAT1: Asserting DTR
02:23:19: CHAT1: Chat script callback started
02:23:19: CHAT1: Sending string: ATZ
02:23:19: CHAT1: Expecting string: OK
02:23:19: CHAT1: Completed match for expect: OK
02:23:19: CHAT1: Sending string: ATDT \T<20367>
02:23:19: CHAT1: Expecting string: CONNECT
02:23:35: CHAT1: Completed match for expect: CONNECT
02:23:35: CHAT1: Sending string: \c
02:23:35: CHAT1: Chat script callback finished, status = Success
02:23:35: TTY1 PPP Callback Successful - await exec/autoselect pickup
02:23:37: TTY1: DSR came up
02:23:37: TTY1: Callback in effect
02:23:37: tty1: Modem: IDLE->READY
02:23:37: TTY1: Autoselect started
02:23:37: As1 LCP: I CONFREQ [Closed] id 0 len 20
02:23:37: As1 LCP: ACCM 0x00000000 (0x020600000000)
02:23:37: As1 LCP: MagicNumber 0x00005156 (0x050600005156)
02:23:37: As1 LCP: PFC (0x0702)
02:23:37: As1 LCP: ACFC (0x0802)
02:23:37: As1 LCP: Lower layer not up, discarding packet
02:23:39: %LINK-3-UPDOWN: Interface Async1, changed state to up
02:23:39: As1 PPP: Treating connection as a dedicated line
02:23:39: As1 PPP: Phase is ESTABLISHING, Active Open
02:23:39: As1 LCP: O CONFREQ [Closed] id 28 len 24
02:23:39: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
02:23:39: As1 LCP: AuthProto PAP (0x0304C023)
02:23:39: As1 LCP: MagicNumber 0xE0A1CAB2 (0x0506E0A1CAB2)
02:23:39: As1 LCP: PFC (0x0702)
02:23:39: As1 LCP: ACFC (0x0802)
02:23:40: As1 LCP: I CONFACK [REQsent] id 28 len 24
02:23:40: As1 LCP: ACCM 0x000A0000 (0x0206000A0000)
02:23:40: As1 LCP: AuthProto PAP (0x0304C023)
02:23:40: As1 LCP: MagicNumber 0xE0A1CAB2 (0x0506E0A1CAB2)
02:23:40: As1 LCP: PFC (0x0702)
02:23:40: As1 LCP: ACFC (0x0802)
02:23:40: As1 LCP: I CONFREQ [ACKrcvd] id 0 len 20
02:23:40: As1 LCP: ACCM 0x00000000 (0x020600000000)
02:23:40: As1 LCP: MagicNumber 0x00005156 (0x050600005156)
02:23:40: As1 LCP: PFC (0x0702)
02:23:40: As1 LCP: ACFC (0x0802)
02:23:40: As1 LCP: O CONFACK [ACKrcvd] id 0 len 20
02:23:40: As1 LCP: ACCM 0x00000000 (0x020600000000)
02:23:40: As1 LCP: MagicNumber 0x00005156 (0x050600005156)
02:23:40: As1 LCP: PFC (0x0702)
02:23:40: As1 LCP: ACFC (0x0802)
02:23:40: As1 LCP: State is Open
02:23:40: As1 PPP: Phase is AUTHENTICATING, by this end
02:23:41: As1 LCP: I IDENTIFY [Open] id 1 len 18 magic 
   0x00005156 MSRASV4.00
02:23:41: As1 LCP: I IDENTIFY [Open] id 2 len 21 magic 
   0x00005156 MSRAS-1-ZEKIE
02:23:41: As1 PAP: I AUTH-REQ id 65 len 22 from "userspec"
02:23:41: As1 PAP: Authenticating peer userspec
02:23:41: AAA/AUTHEN: create_user (0x16E284) user='userspec' ruser='' 
   port='Async1' rem_addr='async' authen_type=PAP service=PPP priv=1
02:23:41: AAA/AUTHEN/START (2883652190): port='Async1' 
   list='' action=LOGIN service=PPP
02:23:41: AAA/AUTHEN/START (2883652190): using "default" list
02:23:41: AAA/AUTHEN (2883652190): status = UNKNOWN
02:23:41: AAA/AUTHEN/START (2883652190): Method=RADIUS
02:23:41: RADIUS: Computed extended port value 0:1:
02:23:41: RADIUS: Initial Transmit id 26 171.68.120.194:1645, 
   Access-Request, len 78
02:23:41: Attribute 4 6 0A1F0105
02:23:41: Attribute 5 6 00000001
02:23:41: Attribute 61 6 00000000
02:23:41: Attribute 1 10 75736572
02:23:41: Attribute 2 18 8150DA02
02:23:41: Attribute 6 6 00000002
02:23:41: Attribute 7 6 00000001
02:23:41: RADIUS: Received from id 26 171.68.120.194:1645, 
   Access-Accept, len 64
02:23:41: Attribute 6 6 00000002
02:23:41: Attribute 7 6 00000001
02:23:41: Attribute 26 32 00000009011A6C63
02:23:41: RADIUS: saved authorization data for user 16E284 at A1B44
02:23:41: AAA/AUTHEN (2883652190): status = PASS
02:23:41: AAA/AUTHOR/LCP As1: Authorize LCP
02:23:41: AAA/AUTHOR/LCP As1 (3660077691): Port='Async1' 
   list='' service=NET
02:23:41: AAA/AUTHOR/LCP: As1 (3660077691) user='userspec'
02:23:41: AAA/AUTHOR/LCP: As1 (3660077691) send AV service=ppp
02:23:41: AAA/AUTHOR/LCP: As1 (3660077691) send AV protocol=lcp
02:23:41: AAA/AUTHOR/LCP (3660077691) found list "default"
02:23:41: AAA/AUTHOR/LCP: As1 (3660077691) Method=RADIUS
02:23:41: RADIUS: cisco AVPair "lcp:callback-dialstring="
02:23:41: AAA/AUTHOR (3660077691): Post authorization status = PASS_REPL
02:23:41: AAA/AUTHOR/LCP As1: Processing AV service=ppp
02:23:41: AAA/AUTHOR/LCP As1: Processing AV callback-dialstring=
02:23:41: As1 PAP: O AUTH-ACK id 65 len 5
02:23:41: As1 PPP: Phase is UP
02:23:41: AAA/AUTHOR/FSM As1: (0): Can we start IPCP?
02:23:41: AAA/AUTHOR/FSM As1 (2418882911): Port='Async1' 
   list='' service=NET
02:23:41: AAA/AUTHOR/FSM: As1 (2418882911) user='userspec'
02:23:41: AAA/AUTHOR/FSM: As1 (2418882911) send AV service=ppp
02:23:41: AAA/AUTHOR/FSM: As1 (2418882911) send AV protocol=ip
02:23:41: AAA/AUTHOR/FSM (2418882911) found list "default"
02:23:41: AAA/AUTHOR/FSM: As1 (2418882911) Method=RADIUS
02:23:41: RADIUS: cisco AVPair "lcp:callback-dialstring=" 
   not applied for ip
02:23:41: AAA/AUTHOR (2418882911): Post authorization 
   status = PASS_REPL
02:23:41: AAA/AUTHOR/FSM As1: We can start IPCP
02:23:41: As1 IPCP: O CONFREQ [Closed] id 12 len 10
02:23:41: As1 IPCP: Address 10.31.1.5 (0x03060A1F0105)
02:23:41: As1 IPCP: I CONFREQ [REQsent] id 3 len 40
02:23:41: As1 IPCP: CompressType VJ 15 slots 
   CompressSlotID (0x0206002D0F01)
02:23:41: As1 IPCP: Address 0.0.0.0 (0x030600000000)
02:23:41: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
02:23:41: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)
02:23:41: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
02:23:41: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)
02:23:41: AAA/AUTHOR/IPCP As1: Start. Her address 0.0.0.0,
   we want 0.0.0.0
02:23:41: AAA/AUTHOR/IPCP As1: Processing AV service=ppp
02:23:41: AAA/AUTHOR/IPCP As1: Authorization succeeded
02:23:41: AAA/AUTHOR/IPCP As1: Done. Her address 0.0.0.0, 
   we want 0.0.0.0
02:23:41: As1 IPCP: Using pool 'async'
02:23:41: As1 IPCP: Pool returned 15.15.15.15
02:23:41: As1 IPCP: O CONFREJ [REQsent] id 3 len 28
02:23:41: As1 IPCP: CompressType VJ 15 slots 
   CompressSlotID (0x0206002D0F01)
02:23:41: As1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)
02:23:41: As1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
02:23:41: As1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)
02:23:41: As1 IPCP: I CONFACK [REQsent] id 12 len 10
02:23:41: As1 IPCP: Address 10.31.1.5 (0x03060A1F0105)
02:23:41: As1 IPCP: I CONFREQ [ACKrcvd] id 4 len 16
02:23:41: As1 IPCP: Address 0.0.0.0 (0x030600000000)
02:23:41: As1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
02:23:41: AAA/AUTHOR/IPCP As1: Start. Her address 0.0.0.0, 
   we want 15.15.15.15
02:23:41: AAA/AUTHOR/IPCP As1: Processing AV service=ppp
02:23:41: AAA/AUTHOR/IPCP As1: Authorization succeeded
02:23:41: AAA/AUTHOR/IPCP As1: Done. Her address 0.0.0.0, 
   we want 15.15.15.15
02:23:41: As1 IPCP: O CONFNAK [ACKrcvd] id 4 len 16
02:23:41: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F)
02:23:41: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667)
02:23:41: As1 IPCP: I CONFREQ [ACKrcvd] id 5 len 16
02:23:41: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F)
02:23:41: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667)
02:23:41: AAA/AUTHOR/IPCP As1: Start. Her address 15.15.15.15, 
   we want 15.15.15.15
02:23:41: AAA/AUTHOR/IPCP As1 (2792483333): Port='Async1' 
   list='' service=NET
02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) user='userspec'
02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) send AV service=ppp
02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) send AV protocol=ip
02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) send AV addr*15.15.15.15
02:23:41: AAA/AUTHOR/IPCP (2792483333) found list "default"
02:23:41: AAA/AUTHOR/IPCP: As1 (2792483333) Method=RADIUS
02:23:41: RADIUS: cisco AVPair "lcp:callback-dialstring=" 
   not applied for ip
02:23:41: AAA/AUTHOR (2792483333): Post authorization status = PASS_REPL
02:23:41: AAA/AUTHOR/IPCP As1: Reject 15.15.15.15, using 15.15.15.15
02:23:41: AAA/AUTHOR/IPCP As1: Processing AV service=ppp
02:23:41: AAA/AUTHOR/IPCP As1: Processing AV addr*15.15.15.15
02:23:41: AAA/AUTHOR/IPCP As1: Authorization succeeded
02:23:41: AAA/AUTHOR/IPCP As1: Done. Her address 15.15.15.15, 
   we want 15.15.15.15
02:23:41: As1 IPCP: O CONFACK [ACKrcvd] id 5 len 16
02:23:41: As1 IPCP: Address 15.15.15.15 (0x03060F0F0F0F)
02:23:41: As1 IPCP: PrimaryDNS 171.68.118.103 (0x8106AB447667)
02:23:41: As1 IPCP: State is Open
02:23:41: dialer Protocol up for As1
02:23:41: As1 IPCP: Install route to 15.15.15.15
02:23:42: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1, 
   changed state to up

RADIUS를 사용하여 PPP 콜백 구성

다운로드 옵션

편견 없는 언어

이 번역에 관하여

목차

소개

시작하기 전에

표기 규칙

사전 요구 사항

사용되는 구성 요소

구성

네트워크 다이어그램

서버 설정 - CiscoSecure NT

서버 설치 - CiscoSecure UNIX

서버 설정 - Livingston RADIUS(Cisco av 쌍 포함)

설정

다음을 확인합니다.

문제 해결

트러블슈팅 명령

디버그 출력 샘플

사용자 지정 번호의 PPP 콜백

서버 컨피그레이션

서버 설정 - CiscoSecure NT

서버 설치 - CiscoSecure UNIX

서버 설정 - Livingston RADIUS

디버그 출력 샘플

관련 정보

개정 이력

이 문서가 도움이 되셨습니까?

지원 문의

이 문서가 적용되는 제품