如何在智慧服務網關(ISG)中根據域名選擇AAA清單

下載選項

PDF (253.2 KB)
在多種裝置上使用 Adobe Reader 檢視
ePub (124.5 KB)
在 iPhone、iPad、Android、Sony Reader 或 Windows Phone 上的各種應用程式中檢視
Mobi (Kindle) (155.8 KB)
在 Kindle 裝置或多部裝置的 Kindle 應用程式上檢視

已更新: 2017 年 10 月 20 日

文件 ID:212348

無偏見用語

本產品的文件集力求使用無偏見用語。針對本文件集的目的，無偏見係定義為未根據年齡、身心障礙、性別、種族身分、民族身分、性別傾向、社會經濟地位及交織性表示歧視的用語。由於本產品軟體使用者介面中硬式編碼的語言、根據 RFP 文件使用的語言，或引用第三方產品的語言，因此本文件中可能會出現例外狀況。深入瞭解思科如何使用包容性用語。

關於此翻譯

思科已使用電腦和人工技術翻譯本文件，讓全世界的使用者能夠以自己的語言理解支援內容。請注意，即使是最佳機器翻譯，也不如專業譯者翻譯的內容準確。Cisco Systems, Inc. 對這些翻譯的準確度概不負責，並建議一律查看原始英文文件（提供連結）。

簡介

本檔案提供了一種選擇驗證、授權和記帳(AAA)組及其所有附加功能（來源IP、RADIUS伺服器等）的方法，只需在傳入點對點通訊協定(PPP)訂閱者的擷取網域中進行選擇。

必要條件

需求

思科建議您瞭解以下主題：

虛擬私人撥號網路(VPDN)
智慧服務閘道(ISG)

提示：:請參閱智慧服務網關配置指南以熟悉ISG。

提示：請參閱VPDN組態設定指南，以瞭解基本VPDN功能。

採用元件

本文中的資訊係根據以下軟體和硬體版本：

運行IOS-XE版本03.17.01.S的ASR1K。
Free-radius伺服器。

本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除（預設）的組態來啟動。如果您的網路正在作用，請確保您已瞭解任何指令可能造成的影響。

設定

使用本節所述的資訊來設定本檔案中所述的功能。

附註：這隻對PPP使用者有效。

網路圖表

組態

附註：此設定通過在客戶端裝置(CPE)路由器上建立兩個不同dot1q標籤的子介面，並建立兩個具有不同PPP使用者名稱的撥號器介面，從而模擬兩個PPPoE（乙太網上的PPP）客戶端。這樣就可以模擬拓撲中兩個不同的客戶端。

這是CPE路由器上使用的配置。

interface Ethernet0/1.101
 description ppp using isg 
 encapsulation dot1Q 101
 pppoe enable group global
 pppoe-client dial-pool-number 2
!
interface Ethernet0/1.102
 description ppp using isg 
 encapsulation dot1Q 102
 pppoe enable
 pppoe-client dial-pool-number 3
!
!--- Following dialer will be used for first CPE with user name pppoe@local.com.
!
interface Dialer2 
 ip address negotiated
 encapsulation ppp
 shutdown
 dialer pool 2
 ppp pap sent-username pppoe@local.com password 0 cisco
!
!--- Following dialer will be used for second CPE with user name pppoe@lns.com.
!
interface Dialer3   
 ip address negotiated
 encapsulation ppp
 shutdown
 dialer pool 3
 ppp pap sent-username pppoe@lns.com password 0 cisco

這是LAC(ISG)裝置上使用的配置。

!
hostname lac
!
aaa new-model
!
!
aaa group server radius AAA-4-LOCAL    !=> Group that will treat the user with domain local.com
 server name RAD-4-LOCAL  
 ip radius source-interface Ethernet0/0
!
aaa group server radius AAA-4-FORWARD  !=> Group that will treat the user with domain lns.com
 server name RAD-4-FORWARD
 ip radius source-interface Loopback1
!
aaa authentication login default local
aaa authentication ppp default group radius
aaa authentication ppp AAA-4-LOCAL group AAA-4-LOCAL      !=> List will call the right group
aaa authentication ppp AAA-4-FORWARD group AAA-4-FORWARD  !=> List will call the right group
aaa authorization exec default local 
aaa authorization network default group radius 
!
aaa session-id common
!
vpdn enable
!
class-map type control match-all PPP-4-FORWARD  !=> class to match the domain to forward to lns 
 match unauthenticated-domain lns.com 
 match protocol ppp 
!
class-map type control match-all PPP-4-LOCAL    !=> class to match the domain for local termination
 match unauthenticated-domain local.com 
 match protocol ppp 
!
class-map type control match-all PPP            !=> class to match ppp packets.
 match protocol ppp 
!
policy-map type control PPPOE                   !=>  All pppoe will first hit this control policy 
 class type control PPP event session-start
  11 collect identifier unauthenticated-domain 
  12 service-policy type control DOMAIN         !=> Now we forward to another policy that will make the selection
 !
!
policy-map type control DOMAIN
 class type control PPP-4-LOCAL event session-start   !=> If domain is local.com we use this 
  20 authenticate aaa list AAA-4-LOCAL 
 !
 class type control PPP-4-FORWARD event session-start !=> If domain is lns.com we use this
  20 authenticate aaa list AAA-4-FORWARD 
 !
!
bba-group pppoe ppp-isg
 virtual-template 2
!
!
!
interface Loopback0
 ip address 172.19.1.2 255.255.255.255
!
interface Loopback1
 ip address 172.17.21.6 255.255.255.255          !=> radius request for domain lns.com use this
!
interface Ethernet0/0
 ip address 172.16.21.6 255.255.255.252          !=> radius request for domain local.com use this 
!
interface Ethernet0/1
 no ip address
!
interface Ethernet0/1.101
 encapsulation dot1Q 101
 pppoe enable group ppp-isg
!
interface Ethernet0/1.102
 encapsulation dot1Q 102
 pppoe enable group ppp-isg
!

interface Virtual-Template2
 ip unnumbered Loopback0
 ppp authentication pap
 service-policy type control PPPOE
!
radius server RAD-4-LOCAL
 address ipv4 172.16.21.5 auth-port 32645 acct-port 32646
 key cisco
!
radius server RAD-4-FORWARD
 address ipv4 172.16.21.5 auth-port 11645 acct-port 11646
 key cisco
!

這是LNS裝置上使用的配置。

!
hostname lns
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication ppp default group radius
aaa authorization exec default local 
aaa authorization network default group radius 
!
vpdn enable
!
vpdn-group default
 ! Default L2TP VPDN group
 accept-dialin
  protocol l2tp
  virtual-template 1
 l2tp tunnel password 0 cisco
!
interface Virtual-Template1
 ip unnumbered Loopback10
 peer default ip address pool allppp
 ppp mtu adaptive
 ppp authentication pap
!
radius server IOL-alanssie2
 address ipv4 172.16.21.9 auth-port 32645 acct-port 32646
 key cisco
!

驗證

本節提供的資訊可用於驗證您的配置是否正常工作，並且一個PPPoE會話在LAC上終止，而另一個會話根據域名轉發到LNS。

lac#show subscriber ses
Codes: Lterm - Local Term, Fwd - forwarded, unauth - unathenticated, authen -
authenticated, TC Ct. - Number of Traffic Classes on the main session

Current Subscriber Information: Total sessions 2
Uniq ID Interface    State    Service     Up-time  TC Ct. Identifier
39      Vi2.1        authen   Lterm       00:38:54 0      pppoe@local.com
40      PPPoE        authen   Fwd         00:38:01 0      pppoe@lns.com

此命令顯示VPDN通道是在LAC和LNS之間為pppoe@lns.com 使用者建立的。

lac#sh vpdn tunnel 

L2TP Tunnel Information Total tunnels 1 sessions 1

LocTunID   RemTunID   Remote Name   State  Remote Address  Sessn L2TP Class/
                                                           Count VPDN Group 
7085       24548      lns           est    172.19.1.1      1     VPDN ip addr 17
lac#

疑難排解

本節提供的資訊可用於對組態進行疑難排解。

附註：請參閱使用會話監控和分散式條件調試排除ISG故障一文，以排除ISG會話故障。

調試輸出示例

此調試輸出反映如何在LAC裝置上對基於域名local.com的本地使用者進行身份驗證和終止。

*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: Authen status update; is now "unauthen"
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: IDMGR: assert authen status "unauthen"
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: IDMGR:  send event Session Update
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: Username key not found in set domain key API
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: Username key not found in set domain key API
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: Updated NAS port for AAA ID 50
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: IDMGR:  send event Session Update
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: Client block is NULL in get client block with handle D8000027
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: Updated key list:
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]:   Input Interface = "Ethernet0/1.101"
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]:   Access-Type = 3 (PPPoE)
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]:   Protocol-Type = 0 (PPP Access Protocol)
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]:   Media-Type = 1 (Ethernet)
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]:   Authen-Status = 1 (Unauthenticated)
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]:   Nasport = PPPoEoVLAN: slot 0 adapter 0 port 1 sub-interface 101 IP 0.0.0.0 VPI 0 VCI 0 VLAN 101 
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: Username key not found in set domain key API
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: Username key not found in set domain key API
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: Client block is NULL in get client block with handle D8000027
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: Updated key list:
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]:   Input Interface = "Ethernet0/1.101"
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]:   Access-Type = 3 (PPPoE)
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]:   Protocol-Type = 0 (PPP Access Protocol)
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]:   Media-Type = 1 (Ethernet)
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]:   Authen-Status = 1 (Unauthenticated)
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]:   Nasport = PPPoEoVLAN: slot 0 adapter 0 port 1 sub-interface 101 IP 0.0.0.0 VPI 0 VCI 0 VLAN 101 
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]:   Session-Handle = 1358954575 (5100004F)
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: SM Policy invoke - Service Selection Request
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: Access type PPPoE
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: Successfully added key SUBTYPE_CONVERTED as FALSE
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: RULE: Looking for a rule for event session-start
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:  Intf CloneSrc Vt2: service-rule any: PPPOE
*Jan 17 14:36:24.339: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:   Evaluate "PPPOE" for session-start
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:    Match keys against "PPPOE":
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Input Interface = "Ethernet0/1.101"
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Converted-Session = 0 (NO)
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Protocol-Type = 0 (PPP Access Protocol)
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Media-Type = 1 (Ethernet)
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Authen-Status = 1 (Unauthenticated)
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Nasport = PPPoEoVLAN: slot 0 adapter 0 port 1 sub-interface 101 IP 0.0.0.0 VPI 0 VCI 0 VLAN 101 
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Session-Handle = 1358954575 (5100004F)
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: CONTROL-CLASS-MAP: : [0] match-all PPP
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: CONTROL-CLASS-MAP: : [0]  match identifier protocol ppp  [TRUE]
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: CONTROL-CLASS-MAP: : [0] match-all PPP
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: CONTROL-CLASS-MAP: : PPP [TRUE]
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:    Matched "PPPOE/PPP event session-start"
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:    Matched "PPPOE/PPP event session-start/11 collect identifier unauthenticated-domain "
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[0]: Start
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[0]: PPPOE/PPP event session-start/11 collect identifier unauthenticated-domain 
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: SIP [PPPoE] can provide more keys
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[0]: Need key Unauth-Domain
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[1]: Start
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[1]: PPPOE/PPP event session-start/11 collect identifier unauthenticated-domain 
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: Event <need keys>, State: initial-req to need-init-keys
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: Policy reply - Need More Keys
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: IDMGR: Need:  Unauth-Domain
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: Asking client for more keys
*Jan 17 14:36:24.340: SSS PM [uid:39][B4728100][AAA ID:50]: Policy reply - Need More Keys
*Jan 17 14:36:24.340: PPP: Alloc Context [B174CE60]
*Jan 17 14:36:24.340: ppp39 PPP: Phase is ESTABLISHING
*Jan 17 14:36:24.341: SSS PM: ANCP not enabled on 'Ethernet0/1.101' - not retrieving default shaper value
*Jan 17 14:36:24.341: ppp39 PPP: Using vpn set call direction
*Jan 17 14:36:24.341: ppp39 PPP: Treating connection as a callin
*Jan 17 14:36:24.341: ppp39 PPP: Session handle[99000027] Session id[39]
*Jan 17 14:36:24.341: ppp39 LCP: Event[OPEN] State[Initial to Starting]
*Jan 17 14:36:24.341: ppp39 PPP LCP: Enter passive mode, state[Stopped]
*Jan 17 14:36:24.342: ppp39 LCP: I CONFREQ [Stopped] id 1 len 10
*Jan 17 14:36:24.342: ppp39 LCP:    MagicNumber 0xBCD9A1B6 (0x0506BCD9A1B6)
*Jan 17 14:36:24.343: ppp39 LCP: O CONFREQ [Stopped] id 1 len 18
*Jan 17 14:36:24.343: ppp39 LCP:    MRU 1492 (0x010405D4)
*Jan 17 14:36:24.343: ppp39 LCP:    AuthProto PAP (0x0304C023)
*Jan 17 14:36:24.343: ppp39 LCP:    MagicNumber 0x010DA1F7 (0x0506010DA1F7)
*Jan 17 14:36:24.343: ppp39 LCP: O CONFACK [Stopped] id 1 len 10
*Jan 17 14:36:24.343: ppp39 LCP:    MagicNumber 0xBCD9A1B6 (0x0506BCD9A1B6)
*Jan 17 14:36:24.343: ppp39 LCP: Event[Receive ConfReq+] State[Stopped to ACKsent]
*Jan 17 14:36:24.343: ppp39 LCP: I CONFNAK [ACKsent] id 1 len 8
*Jan 17 14:36:24.343: ppp39 LCP:    MRU 1500 (0x010405DC)
*Jan 17 14:36:24.343: ppp39 LCP: O CONFREQ [ACKsent] id 2 len 18
*Jan 17 14:36:24.343: ppp39 LCP:    MRU 1500 (0x010405DC)
*Jan 17 14:36:24.343: ppp39 LCP:    AuthProto PAP (0x0304C023)
*Jan 17 14:36:24.343: ppp39 LCP:    MagicNumber 0x010DA1F7 (0x0506010DA1F7)
*Jan 17 14:36:24.343: ppp39 LCP: Event[Receive ConfNak/Rej] State[ACKsent to ACKsent]
*Jan 17 14:36:24.343: ppp39 LCP: I CONFACK [ACKsent] id 2 len 18
*Jan 17 14:36:24.343: ppp39 LCP:    MRU 1500 (0x010405DC)
*Jan 17 14:36:24.343: ppp39 LCP:    AuthProto PAP (0x0304C023)
*Jan 17 14:36:24.343: ppp39 LCP:    MagicNumber 0x010DA1F7 (0x0506010DA1F7)
*Jan 17 14:36:24.343: ppp39 LCP: Event[Receive ConfAck] State[ACKsent to Open]
*Jan 17 14:36:24.366: ppp39 PPP: Queue PAP code[1] id[1]
*Jan 17 14:36:24.369: ppp39 PPP: Phase is AUTHENTICATING, by this end
*Jan 17 14:36:24.369: ppp39 PAP: Redirect packet to ppp39
*Jan 17 14:36:24.369: ppp39 PAP: I AUTH-REQ id 1 len 26 from "pppoe@local.com"
*Jan 17 14:36:24.370: ppp39 PAP: Authenticating peer pppoe@local.com
*Jan 17 14:36:24.370: ppp39 PPP: Phase is FORWARDING, Attempting Forward
*Jan 17 14:36:24.370: ppp39 LCP: State is Open
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: Username key not found in set domain key API
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: Client block is NULL in get client block with handle D8000027
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: Updated key list:
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]:   Access-Type = 0 (PPP)
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]:   Input Interface = "Ethernet0/1.101"
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]:   Converted-Session = 0 (NO)
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]:   Media-Type = 1 (Ethernet)
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]:   Authen-Status = 1 (Unauthenticated)
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]:   Nasport = PPPoEoVLAN: slot 0 adapter 0 port 1 sub-interface 101 IP 0.0.0.0 VPI 0 VCI 0 VLAN 101 
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]:   Session-Handle = 1358954575 (5100004F)
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]:   Protocol-Type = 0 (PPP Access Protocol)
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]:   Unauth-User = "pppoe@local.com"
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]:   Unauth-Domain = "local.com"
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: SM Policy invoke - Got More Keys
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: Access type PPP
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[0]: Start
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[0]: PPPOE/PPP event session-start/11 collect identifier unauthenticated-domain 
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: State: need-init-keys to initial-req
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[0]: Have key Unauth-Domain
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[1]: Start
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[1]: PPPOE/PPP event session-start/11 collect identifier unauthenticated-domain 
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[2]: Start
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[2]: PPPOE/PPP event session-start/12 service-policy type control DOMAIN
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:    Match keys against "DOMAIN":
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Input Interface = "Ethernet0/1.101"
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Converted-Session = 0 (NO)
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Media-Type = 1 (Ethernet)
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Authen-Status = 1 (Unauthenticated)
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Nasport = PPPoEoVLAN: slot 0 adapter 0 port 1 sub-interface 101 IP 0.0.0.0 VPI 0 VCI 0 VLAN 101 
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Session-Handle = 1358954575 (5100004F)
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Protocol-Type = 0 (PPP Access Protocol)
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Unauth-User = "pppoe@local.com"
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:     Unauth-Domain = "local.com"
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: CONTROL-CLASS-MAP: : [0] match-all PPP-4-LOCAL
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: CONTROL-CLASS-MAP: : [0]  match identifier unauthenticated-domain local.com  [TRUE]
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: CONTROL-CLASS-MAP: : [0]  match identifier protocol ppp  [TRUE]
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: CONTROL-CLASS-MAP: : [0] match-all PPP-4-LOCAL
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: CONTROL-CLASS-MAP: : PPP-4-LOCAL [TRUE]
*Jan 17 14:36:24.370: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:    Matched "DOMAIN/PPP-4-LOCAL event session-start"
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[3]: Start
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[3]: DOMAIN/PPP-4-LOCAL event session-start/20 authenticate aaa list AAA-4-LOCAL 
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: SIP [PPP] can provide more keys
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[3]: Using AAA-Authen-Method-List AAA-4-LOCAL
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[3]: Need key Auth-User
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[4]: Start
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[4]: DOMAIN/PPP-4-LOCAL event session-start/20 authenticate aaa list AAA-4-LOCAL 
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: Event <need keys>, State: initial-req to need-init-keys
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: Policy reply - Need More Keys
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: IDMGR: Need:  Auth-User
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: IDMGR: ask for authen status
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: IDMGR:  request, Query Session Authenticated Status
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: IDMGR: reply, Query Session Authenticated Status = no-record-found
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: IDMGR:   session NOT authenticated
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: Event <idmgr didn't get keys>, State: need-init-keys to need-init-keys
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: Asking client for more keys
*Jan 17 14:36:24.371: SSS PM [uid:39][B4728100][AAA ID:50]: Policy reply - Need More Keys
*Jan 17 14:36:24.371: ppp39 PPP: Phase is AUTHENTICATING, Unauthenticated User
*Jan 17 14:36:24.371: AAA/AUTHEN/PPP (00000032): Pick method list 'AAA-4-LOCAL'  <= Correct list for local.com  
*Jan 17 14:36:24.371: RADIUS/ENCODE(00000032):Orig. component type = PPPoE
*Jan 17 14:36:24.371: RADIUS: DSL line rate attributes successfully added
*Jan 17 14:36:24.371: RADIUS(00000032): Config NAS IP: 172.16.21.6
*Jan 17 14:36:24.371: RADIUS(00000032): Config NAS IPv6: ::
*Jan 17 14:36:24.371: RADIUS/ENCODE(00000032): acct_session_id: 40
*Jan 17 14:36:24.371: RADIUS(00000032): sending
*Jan 17 14:36:24.371: RADIUS(00000032): Send Access-Request to 172.16.21.5:32645 id 1645/50, len 137
*Jan 17 14:36:24.371: RADIUS:  authenticator E2 2A B0 15 24 CA 79 8C - A5 61 E4 1E C5 52 BC EF
*Jan 17 14:36:24.371: RADIUS:  Framed-Protocol     [7]   6   PPP                       [1]
*Jan 17 14:36:24.371: RADIUS:  User-Name           [1]   17  "pppoe@local.com"
*Jan 17 14:36:24.371: RADIUS:  User-Password       [2]   18  *
*Jan 17 14:36:24.371: RADIUS:  NAS-Port-Type       [61]  6   Virtual                   [5]
*Jan 17 14:36:24.371: RADIUS:  NAS-Port            [5]   6   0                         
*Jan 17 14:36:24.371: RADIUS:  NAS-Port-Id         [87]  11  "0/0/1/101"
*Jan 17 14:36:24.371: RADIUS:  Vendor, Cisco       [26]  41  
*Jan 17 14:36:24.371: RADIUS:   Cisco AVpair       [1]   35  "client-mac-address=aabb.cc00.d210"
*Jan 17 14:36:24.371: RADIUS:  Service-Type        [6]   6   Framed                    [2]
*Jan 17 14:36:24.371: RADIUS:  NAS-IP-Address      [4]   6   172.16.21.6     <= Correct Nas for Local.com              
*Jan 17 14:36:24.371: RADIUS(00000032): Sending a IPv4 Radius Packet
*Jan 17 14:36:24.372: RADIUS(00000032): Started 5 sec timeout
*Jan 17 14:36:24.372: RADIUS: Received from id 1645/50 172.16.21.5:32645, Access-Accept, len 60
*Jan 17 14:36:24.372: RADIUS:  authenticator 1A EE FC 44 78 8A 56 DF - 41 57 45 27 4C A7 59 C6
*Jan 17 14:36:24.372: RADIUS:  Vendor, Cisco       [26]  34  
*Jan 17 14:36:24.372: RADIUS:   Cisco AVpair       [1]   28  "ip:ip-unnumbered=loopback0"
*Jan 17 14:36:24.372: RADIUS:  Framed-IP-Address   [8]   6   179.1.1.1                 
*Jan 17 14:36:24.372: RADIUS(00000032): Received from id 1645/50
*Jan 17 14:36:24.373: ppp39 PPP: Phase is FORWARDING, Attempting Forward
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: Authen status update; is now "authen"
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: IDMGR: assert authen status "authen"
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: IDMGR:  send event Session Update
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: IDMGR:  with username "pppoe@local.com"
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: Session activation: ok
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: Client block is NULL in get client block with handle D8000027
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: Updated key list:
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   AAA-Attr-List = FB0003D0
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:     ip-unnumbered        0   "loopback0"
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:     addr                 0   179.1.1.1
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   Access-Type = 0 (PPP)
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   Unauth-User = "pppoe@local.com"
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   Unauth-Domain = "local.com"
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   Input Interface = "Ethernet0/1.101"
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   Converted-Session = 0 (NO)
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   Media-Type = 1 (Ethernet)
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   Authen-Status = 0 (Authenticated)
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   Nasport = PPPoEoVLAN: slot 0 adapter 0 port 1 sub-interface 101 IP 0.0.0.0 VPI 0 VCI 0 VLAN 101 
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   Session-Handle = 1358954575 (5100004F)
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   AAA-Authen-Method-List = "AAA-4-LOCAL"
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   Protocol-Type = 0 (PPP Access Protocol)
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   Final = 1 (YES)
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   Auth-User = "pppoe@local.com"
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]:   Auth-Domain = "local.com"
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: SM Policy invoke - Got More Keys
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: Access type PPP: final key
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: Must apply config before continuing
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: Handling Config Request from Client
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: Event <got process config req>, State: need-init-keys to need-init-keys
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: Handling Process Config
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: Apply config request set to AAA list
Config:   ip-unnumbered        0   "loopback0"
Config:   addr                 0   179.1.1.1
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: Sending pppoe@local.com request to AAA
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: SSS PM: Allocating per-user profile info
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: SSS PM: Add per-user profile info to policy context
*Jan 17 14:36:24.373: SSS AAA AUTHOR [uid:39][AAA ID:50]: Root SIP PPPoE
*Jan 17 14:36:24.373: SSS AAA AUTHOR [uid:39][AAA ID:50]:  Enable PPPoE parsing
*Jan 17 14:36:24.373: SSS AAA AUTHOR [uid:39][AAA ID:50]:  Enable PPP parsing
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: ACTIVE HANDLE[0]: Snapshot captured in Active context
*Jan 17 14:36:24.373: SSS PM [uid:39][B4728100][AAA ID:50]: ACTIVE HANDLE[0]: Active context created
*Jan 17 14:36:24.373: SSS AAA AUTHOR [uid:39][AAA ID:50]: Event <make request>, state changed from idle to authorizing
*Jan 17 14:36:24.373: SSS AAA AUTHOR [uid:39][AAA ID:50]: Active key set to Auth-User
*Jan 17 14:36:24.373: SSS AAA AUTHOR [uid:39][AAA ID:50]: Authorizing key pppoe@local.com
*Jan 17 14:36:24.373: SSS AAA AUTHOR [uid:39][AAA ID:50]: Spoofed AAA reply sent for key pppoe@local.com
*Jan 17 14:36:24.373: SSS AAA AUTHOR [uid:39][AAA ID:50]: Received an AAA pass
*Jan 17 14:36:24.373: SSS AAA AUTHOR [uid:39][AAA ID:50]: [B4728100]:Reply message not exist
 Initial attr  ip-unnumbered        0   "loopback0"
 Initial attr  addr                 0   179.1.1.1
*Jan 17 14:36:24.373: SSS PM: PARAMETERIZED-QoS: QOS parameters
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE: VRF Parsing routine:
  ip-unnumbered        0   "loopback0"
  addr                 0   179.1.1.1
*Jan 17 14:36:24.374: SSS PM: No VPDN attributes or policy found
*Jan 17 14:36:24.374: SSS PM LTERM [uid:39][AAA ID:50]: Process Attr: ip-unnumbered        0   "loopback0"
*Jan 17 14:36:24.374: SSS AAA AUTHOR [uid:39][AAA ID:50]: Parsed service; Local
*Jan 17 14:36:24.374: SSS AAA AUTHOR [uid:39][AAA ID:50]: SIP PPP[A4700F0] parsed as Success
*Jan 17 14:36:24.374: SSS AAA AUTHOR [uid:39][AAA ID:50]: SIP PPP[B009900] parsed as Ignore
*Jan 17 14:36:24.374: SSS AAA AUTHOR [uid:39][AAA ID:50]: SIP PPPoE[A501AC0] parsed as Success
*Jan 17 14:36:24.374: SSS AAA AUTHOR [uid:39][AAA ID:50]: Event <found service>, state changed from authorizing to complete
*Jan 17 14:36:24.374: SSS AAA AUTHOR [uid:39][AAA ID:50]: Found service info for key pppoe@local.com
*Jan 17 14:36:24.374: SSS AAA AUTHOR [uid:39][AAA ID:50]: Active Handle present - AC000006
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Apply config handle [AF0003D3] now set to [270003DA]
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: ACTIVE HANDLE[0]: Snapshot reverted from Active context to policy context
*Jan 17 14:36:24.374: SSS AAA AUTHOR [uid:39][AAA ID:50]: Freeing Active Handle; SSS Policy Context Handle = D8000027
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: ACTIVE HANDLE[2829]: Released active handle
*Jan 17 14:36:24.374: SSS AAA AUTHOR [uid:39][AAA ID:50]: PM directive AAA:Local maps to PM:Local Terminate
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: PROFILE: store profile "pppoe@local.com"
*Jan 17 14:36:24.374: SSS PM: PROFILE-DB: is profile "pppoe@local.com" in DB
*Jan 17 14:36:24.374: SSS PM: PROFILE-DB:  Computed hash value = 353387640
*Jan 17 14:36:24.374: SSS PM: PROFILE-DB:  No, add new list
*Jan 17 14:36:24.374: SSS PM: PROFILE-DB:   create "pppoe@local.com"
*Jan 17 14:36:24.374: SSS PM: PROFILE-DB:    create "pppoe@local.com"/B48191BC hdl C80003DC ref 1
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: PROFILE:  create B481B90C, ref 1
*Jan 17 14:36:24.374: SSS AAA AUTHOR [uid:39][AAA ID:50]: Event <free request>, state changed from complete to terminal
*Jan 17 14:36:24.374: SSS AAA AUTHOR [uid:39][AAA ID:50]: Cancel request
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Handling Author Found Event
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Plumbing proposed by FSP
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Policy reply - Local Terminate
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: FSP info: B45EC130/Local data&colon; B45EC0E0 SVM: 00000000
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Feature info: B4814320 Type: IP Config
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]:             : Config level: Per-user
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]:             : IDB type: Sub-if or not required
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Apply of config finished; provide the found network service
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Network service found; continuing rule
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[0]: Continue
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[0]: DOMAIN/PPP-4-LOCAL event session-start/20 authenticate aaa list AAA-4-LOCAL 
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[0]: Run action with no altered name
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: State: need-init-keys to initial-req
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[0]: Have key Auth-User
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[1]: Continue
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[1]: DOMAIN/PPP-4-LOCAL event session-start/20 authenticate aaa list AAA-4-LOCAL 
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[1]: Back to parent rule
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[1]: Run next parent action
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[2]: Continue
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[2]: PPPOE/PPP event session-start/12 service-policy type control DOMAIN
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Client block is NULL in get client block with handle D8000027
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[2]: No more actions to run
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[3]: Continue
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[3]: PPPOE/PPP event session-start/12 service-policy type control DOMAIN
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[3]: Using previously offered directive Local Terminate
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[4]: Continue
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE[4]: PPPOE/PPP event session-start/12 service-policy type control DOMAIN
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Client block is NULL in get client block with handle D8000027
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Event <srvf found>, State: initial-req to wait-for-events
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Handling Service Direction
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Policy reply - Local Terminate
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Plumbing proposed by FSP
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: Policy reply - Local Terminate
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE: Looking for a rule for event session-service-found
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:  Intf CloneSrc Vt2: service-rule any: PPPOE
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:   Evaluate "PPPOE" for session-service-found
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:    Not matched "PPPOE/PPP event session-start"
*Jan 17 14:36:24.374: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:   No match for "PPPOE"
*Jan 17 14:36:24.375: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:  Intf InputI/f Et0/1.101: service-rule any: None
*Jan 17 14:36:24.375: SSS PM [uid:39][B4728100][AAA ID:50]: RULE:  Glob: service-rule any: None
*Jan 17 14:36:24.377: SSS PM [uid:39][B4728100][AAA ID:50]: SM Policy invoke - Apply Config Success
*Jan 17 14:36:24.377: SSS PM [uid:39][B4728100][AAA ID:50]: [PARAMETERIZED-QoS]: No rabapol context created yet for handle [D8000027], returning compatible
*Jan 17 14:36:24.377: SSS PM [uid:39][B4728100][AAA ID:50]: Event <got apply config success>, State: wait-for-events to wait-for-events
*Jan 17 14:36:24.377: SSS PM [uid:39][B4728100][AAA ID:50]: Handling Apply Config; SUCCESS
*Jan 17 14:36:24.377: SSS PM [uid:39][B4728100][AAA ID:50]: session start done
*Jan 17 14:36:24.377: SSS PM [uid:39][B4728100][AAA ID:50]: Removed attribute list just processed
*Jan 17 14:36:24.377: SSS PM [uid:39][B4728100][AAA ID:50]: no callback for callback north
*Jan 17 14:36:24.377: SSS PM [uid:39][B4728100][AAA ID:50]: Client block is NULL in get client block with handle D8000027
*Jan 17 14:36:24.377: SSS PM [uid:39][B4728100][AAA ID:50]: Null client block; Can't update RP
*Jan 17 14:36:24.377: SSS PM [uid:39][B4728100][AAA ID:50]: Client block is NULL in get client block with handle D8000027
*Jan 17 14:36:24.377: SSS PM [uid:39][B4728100][AAA ID:50]: No pending events to process
*Jan 17 14:36:24.377: SSS PM [uid:39][B4728100][AAA ID:50]: No pending eventst
*Jan 17 14:36:24.377: AAA/BIND(00000032): Bind i/f Virtual-Access2.1 
*Jan 17 14:36:24.377: Vi2.1 PPP: Phase is AUTHENTICATING, Authenticated User
*Jan 17 14:36:24.377: Vi2.1 PAP: O AUTH-ACK id 1 len 5
*Jan 17 14:36:24.378: Vi2.1 PPP: No AAA accounting method list 
*Jan 17 14:36:24.378: Vi2.1 PPP: Phase is UP
*Jan 17 14:36:24.378: Vi2.1 IPCP: Protocol configured, start CP. state[Initial]
*Jan 17 14:36:24.378: Vi2.1 IPCP: Event[OPEN] State[Initial to Starting]
*Jan 17 14:36:24.378: Vi2.1 IPCP: O CONFREQ [Starting] id 1 len 10
*Jan 17 14:36:24.378: Vi2.1 IPCP:    Address 172.19.1.2 (0x0306AC130102)
*Jan 17 14:36:24.378: Vi2.1 IPCP: Event[UP] State[Starting to REQsent]
*Jan 17 14:36:24.379: Vi2.1 IPCP: I CONFREQ [REQsent] id 1 len 10
*Jan 17 14:36:24.379: Vi2.1 IPCP:    Address 0.0.0.0 (0x030600000000)
*Jan 17 14:36:24.379: Vi2.1 IPCP AUTHOR: Start.  Her address 0.0.0.0, we want 0.0.0.0
*Jan 17 14:36:24.379: Vi2.1 IPCP AUTHOR: Done.  Her address 0.0.0.0, we want 179.1.1.1
*Jan 17 14:36:24.379: Vi2.1 IPCP: O CONFNAK [REQsent] id 1 len 10
*Jan 17 14:36:24.379: Vi2.1 IPCP:    Address 179.1.1.1 (0x0306B3010101)
*Jan 17 14:36:24.379: Vi2.1 IPCP: Event[Receive ConfReq-] State[REQsent to REQsent]
*Jan 17 14:36:24.379: Vi2.1 CDPCP: I CONFREQ [UNKNOWN] id 1 len 4
*Jan 17 14:36:24.379: Vi2.1 LCP: O PROTREJ [Open] id 3 len 10 protocol CDPCP (0x01010004)
*Jan 17 14:36:24.379: Vi2.1 IPCP: I CONFACK [REQsent] id 1 len 10
*Jan 17 14:36:24.379: Vi2.1 IPCP:    Address 172.19.1.2 (0x0306AC130102)
*Jan 17 14:36:24.379: Vi2.1 IPCP: Event[Receive ConfAck] State[REQsent to ACKrcvd]
*Jan 17 14:36:24.380: Vi2.1 IPCP: I CONFREQ [ACKrcvd] id 2 len 10
*Jan 17 14:36:24.380: Vi2.1 IPCP:    Address 179.1.1.1 (0x0306B3010101)
*Jan 17 14:36:24.380: Vi2.1 IPCP: O CONFACK [ACKrcvd] id 2 len 10
*Jan 17 14:36:24.380: Vi2.1 IPCP:    Address 179.1.1.1 (0x0306B3010101)
*Jan 17 14:36:24.380: Vi2.1 IPCP: Event[Receive ConfReq+] State[ACKrcvd to Open]
*Jan 17 14:36:24.401: Vi2.1 IPCP: State is Open
*Jan 17 14:36:24.401: Vi2.1 Added to neighbor route AVL tree: topoid 0, address 179.1.1.1
*Jan 17 14:36:24.401: Vi2.1 IPCP: Install route to 179.1.1.1

此調試輸出反映了基於域名lns.com的遠端使用者如何進行身份驗證並轉發到LNS裝置。

*Jan 17 14:37:17.353: SSS PM [uid:40][B4728388][AAA ID:51]: Authen status update; is now "unauthen"
*Jan 17 14:37:17.353: SSS PM [uid:40][B4728388][AAA ID:51]: IDMGR: assert authen status "unauthen"
*Jan 17 14:37:17.353: SSS PM [uid:40][B4728388][AAA ID:51]: IDMGR:  send event Session Update
*Jan 17 14:37:17.353: SSS PM [uid:40][B4728388][AAA ID:51]: Username key not found in set domain key API
*Jan 17 14:37:17.353: SSS PM [uid:40][B4728388][AAA ID:51]: Username key not found in set domain key API
*Jan 17 14:37:17.353: SSS PM [uid:40][B4728388][AAA ID:51]: Updated NAS port for AAA ID 51
*Jan 17 14:37:17.353: SSS PM [uid:40][B4728388][AAA ID:51]: IDMGR:  send event Session Update
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: Client block is NULL in get client block with handle 1D000028
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: Updated key list:
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]:   Input Interface = "Ethernet0/1.102"
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]:   Access-Type = 3 (PPPoE)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]:   Protocol-Type = 0 (PPP Access Protocol)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]:   Media-Type = 1 (Ethernet)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]:   Authen-Status = 1 (Unauthenticated)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]:   Nasport = PPPoEoVLAN: slot 0 adapter 0 port 1 sub-interface 102 IP 0.0.0.0 VPI 0 VCI 0 VLAN 102 
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: Username key not found in set domain key API
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: Username key not found in set domain key API
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: Client block is NULL in get client block with handle 1D000028
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: Updated key list:
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]:   Input Interface = "Ethernet0/1.102"
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]:   Access-Type = 3 (PPPoE)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]:   Protocol-Type = 0 (PPP Access Protocol)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]:   Media-Type = 1 (Ethernet)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]:   Authen-Status = 1 (Unauthenticated)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]:   Nasport = PPPoEoVLAN: slot 0 adapter 0 port 1 sub-interface 102 IP 0.0.0.0 VPI 0 VCI 0 VLAN 102 
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]:   Session-Handle = 385876049 (17000051)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: SM Policy invoke - Service Selection Request
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: Access type PPPoE
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: Successfully added key SUBTYPE_CONVERTED as FALSE
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE: Looking for a rule for event session-start
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:  Intf CloneSrc Vt2: service-rule any: PPPOE
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:   Evaluate "PPPOE" for session-start
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:    Match keys against "PPPOE":
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Input Interface = "Ethernet0/1.102"
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Converted-Session = 0 (NO)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Protocol-Type = 0 (PPP Access Protocol)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Media-Type = 1 (Ethernet)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Authen-Status = 1 (Unauthenticated)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Nasport = PPPoEoVLAN: slot 0 adapter 0 port 1 sub-interface 102 IP 0.0.0.0 VPI 0 VCI 0 VLAN 102 
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Session-Handle = 385876049 (17000051)
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: CONTROL-CLASS-MAP: : [0] match-all PPP
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: CONTROL-CLASS-MAP: : [0]  match identifier protocol ppp  [TRUE]
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: CONTROL-CLASS-MAP: : [0] match-all PPP
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: CONTROL-CLASS-MAP: : PPP [TRUE]
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:    Matched "PPPOE/PPP event session-start"
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:    Matched "PPPOE/PPP event session-start/11 collect identifier unauthenticated-domain "
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[0]: Start
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[0]: PPPOE/PPP event session-start/11 collect identifier unauthenticated-domain 
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: SIP [PPPoE] can provide more keys
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[0]: Need key Unauth-Domain
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[1]: Start
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[1]: PPPOE/PPP event session-start/11 collect identifier unauthenticated-domain 
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: Event <need keys>, State: initial-req to need-init-keys
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: Policy reply - Need More Keys
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: IDMGR: Need:  Unauth-Domain
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: Asking client for more keys
*Jan 17 14:37:17.354: SSS PM [uid:40][B4728388][AAA ID:51]: Policy reply - Need More Keys
*Jan 17 14:37:17.355: PPP: Alloc Context [B174D034]
*Jan 17 14:37:17.355: ppp40 PPP: Phase is ESTABLISHING
*Jan 17 14:37:17.355: SSS PM: ANCP not enabled on 'Ethernet0/1.102' - not retrieving default shaper value
*Jan 17 14:37:17.355: ppp40 PPP: Using vpn set call direction
*Jan 17 14:37:17.355: ppp40 PPP: Treating connection as a callin
*Jan 17 14:37:17.355: ppp40 PPP: Session handle[8E000028] Session id[40]
*Jan 17 14:37:17.355: ppp40 LCP: Event[OPEN] State[Initial to Starting]
*Jan 17 14:37:17.355: ppp40 PPP LCP: Enter passive mode, state[Stopped]
*Jan 17 14:37:17.357: ppp40 LCP: I CONFREQ [Stopped] id 1 len 10
*Jan 17 14:37:17.357: ppp40 LCP:    MagicNumber 0xBCDA70F0 (0x0506BCDA70F0)
*Jan 17 14:37:17.357: ppp40 LCP: O CONFREQ [Stopped] id 1 len 18
*Jan 17 14:37:17.357: ppp40 LCP:    MRU 1492 (0x010405D4)
*Jan 17 14:37:17.357: ppp40 LCP:    AuthProto PAP (0x0304C023)
*Jan 17 14:37:17.357: ppp40 LCP:    MagicNumber 0x010E7131 (0x0506010E7131)
*Jan 17 14:37:17.357: ppp40 LCP: O CONFACK [Stopped] id 1 len 10
*Jan 17 14:37:17.357: ppp40 LCP:    MagicNumber 0xBCDA70F0 (0x0506BCDA70F0)
*Jan 17 14:37:17.357: ppp40 LCP: Event[Receive ConfReq+] State[Stopped to ACKsent]
*Jan 17 14:37:17.357: ppp40 LCP: I CONFNAK [ACKsent] id 1 len 8
*Jan 17 14:37:17.357: ppp40 LCP:    MRU 1500 (0x010405DC)
*Jan 17 14:37:17.357: ppp40 LCP: O CONFREQ [ACKsent] id 2 len 18
*Jan 17 14:37:17.357: ppp40 LCP:    MRU 1500 (0x010405DC)
*Jan 17 14:37:17.357: ppp40 LCP:    AuthProto PAP (0x0304C023)
*Jan 17 14:37:17.357: ppp40 LCP:    MagicNumber 0x010E7131 (0x0506010E7131)
*Jan 17 14:37:17.357: ppp40 LCP: Event[Receive ConfNak/Rej] State[ACKsent to ACKsent]
*Jan 17 14:37:17.357: ppp40 LCP: I CONFACK [ACKsent] id 2 len 18
*Jan 17 14:37:17.357: ppp40 LCP:    MRU 1500 (0x010405DC)
*Jan 17 14:37:17.357: ppp40 LCP:    AuthProto PAP (0x0304C023)
*Jan 17 14:37:17.357: ppp40 LCP:    MagicNumber 0x010E7131 (0x0506010E7131)
*Jan 17 14:37:17.357: ppp40 LCP: Event[Receive ConfAck] State[ACKsent to Open]
*Jan 17 14:37:17.361: ppp40 PPP: Phase is AUTHENTICATING, by this end
*Jan 17 14:37:17.361: ppp40 LCP: State is Open
*Jan 17 14:37:17.388: ppp40 PAP: I AUTH-REQ id 1 len 24 from "pppoe@lns.com"
*Jan 17 14:37:17.388: ppp40 PAP: Authenticating peer pppoe@lns.com
*Jan 17 14:37:17.388: ppp40 PPP: Phase is FORWARDING, Attempting Forward
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]: Username key not found in set domain key API
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]: Client block is NULL in get client block with handle 1D000028
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]: Updated key list:
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]:   Access-Type = 0 (PPP)
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]:   Input Interface = "Ethernet0/1.102"
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]:   Converted-Session = 0 (NO)
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]:   Media-Type = 1 (Ethernet)
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]:   Authen-Status = 1 (Unauthenticated)
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]:   Nasport = PPPoEoVLAN: slot 0 adapter 0 port 1 sub-interface 102 IP 0.0.0.0 VPI 0 VCI 0 VLAN 102 
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]:   Session-Handle = 385876049 (17000051)
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]:   Protocol-Type = 0 (PPP Access Protocol)
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]:   Unauth-User = "pppoe@lns.com"
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]:   Unauth-Domain = "lns.com"
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]: SM Policy invoke - Got More Keys
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]: Access type PPP
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[0]: Start
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[0]: PPPOE/PPP event session-start/11 collect identifier unauthenticated-domain 
*Jan 17 14:37:17.388: SSS PM [uid:40][B4728388][AAA ID:51]: State: need-init-keys to initial-req
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[0]: Have key Unauth-Domain
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[1]: Start
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[1]: PPPOE/PPP event session-start/11 collect identifier unauthenticated-domain 
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[2]: Start
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[2]: PPPOE/PPP event session-start/12 service-policy type control DOMAIN
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:    Match keys against "DOMAIN":
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Input Interface = "Ethernet0/1.102"
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Converted-Session = 0 (NO)
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Media-Type = 1 (Ethernet)
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Authen-Status = 1 (Unauthenticated)
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Nasport = PPPoEoVLAN: slot 0 adapter 0 port 1 sub-interface 102 IP 0.0.0.0 VPI 0 VCI 0 VLAN 102 
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Session-Handle = 385876049 (17000051)
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Protocol-Type = 0 (PPP Access Protocol)
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Unauth-User = "pppoe@lns.com"
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:     Unauth-Domain = "lns.com"
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: CONTROL-CLASS-MAP: : [0] match-all PPP-4-LOCAL
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: CONTROL-CLASS-MAP: : [0]  match identifier unauthenticated-domain local.com  [FALSE] [DONE]
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: CONTROL-CLASS-MAP: : [0] match-all PPP-4-LOCAL
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: CONTROL-CLASS-MAP: : PPP-4-LOCAL [FALSE]
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:    No match "DOMAIN/PPP-4-LOCAL event session-start"
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: CONTROL-CLASS-MAP: : [0] match-all PPP-4-FORWARD
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: CONTROL-CLASS-MAP: : [0]  match identifier unauthenticated-domain lns.com  [TRUE]
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: CONTROL-CLASS-MAP: : [0]  match identifier protocol ppp  [TRUE]
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: CONTROL-CLASS-MAP: : [0] match-all PPP-4-FORWARD
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: CONTROL-CLASS-MAP: : PPP-4-FORWARD [TRUE]
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:    Matched "DOMAIN/PPP-4-FORWARD event session-start"
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[3]: Start
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[3]: DOMAIN/PPP-4-FORWARD event session-start/20 authenticate aaa list AAA-4-FORWARD 
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: SIP [PPP] can provide more keys
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[3]: Using AAA-Authen-Method-List AAA-4-FORWARD
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[3]: Need key Auth-User
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[4]: Start
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[4]: DOMAIN/PPP-4-FORWARD event session-start/20 authenticate aaa list AAA-4-FORWARD 
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: Event <need keys>, State: initial-req to need-init-keys
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: Policy reply - Need More Keys
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: IDMGR: Need:  Auth-User
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: IDMGR: ask for authen status
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: IDMGR:  request, Query Session Authenticated Status
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: IDMGR: reply, Query Session Authenticated Status = no-record-found
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: IDMGR:   session NOT authenticated
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: Event <idmgr didn't get keys>, State: need-init-keys to need-init-keys
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: Asking client for more keys
*Jan 17 14:37:17.389: SSS PM [uid:40][B4728388][AAA ID:51]: Policy reply - Need More Keys
*Jan 17 14:37:17.389: ppp40 PPP: Phase is AUTHENTICATING, Unauthenticated User
*Jan 17 14:37:17.389: AAA/AUTHEN/PPP (00000033): Pick method list 'AAA-4-FORWARD'  <== correct method 
*Jan 17 14:37:17.389: RADIUS/ENCODE(00000033):Orig. component type = PPPoE
*Jan 17 14:37:17.389: RADIUS: DSL line rate attributes successfully added
*Jan 17 14:37:17.390: RADIUS(00000033): Config NAS IP: 172.17.21.6
*Jan 17 14:37:17.390: RADIUS(00000033): Config NAS IPv6: ::
*Jan 17 14:37:17.390: RADIUS/ENCODE(00000033): acct_session_id: 41
*Jan 17 14:37:17.390: RADIUS(00000033): sending
*Jan 17 14:37:17.390: RADIUS(00000033): Send Access-Request to 172.16.21.5:11645 id 1645/51, len 135
*Jan 17 14:37:17.390: RADIUS:  authenticator 76 AF BF 7B 54 7B 38 A7 - 2A BB EF 93 CB BA 0A 45
*Jan 17 14:37:17.390: RADIUS:  Framed-Protocol     [7]   6   PPP                       [1]
*Jan 17 14:37:17.390: RADIUS:  User-Name           [1]   15  "pppoe@lns.com"
*Jan 17 14:37:17.390: RADIUS:  User-Password       [2]   18  *
*Jan 17 14:37:17.390: RADIUS:  NAS-Port-Type       [61]  6   Virtual                   [5]
*Jan 17 14:37:17.390: RADIUS:  NAS-Port            [5]   6   0                         
*Jan 17 14:37:17.390: RADIUS:  NAS-Port-Id         [87]  11  "0/0/1/102"
*Jan 17 14:37:17.390: RADIUS:  Vendor, Cisco       [26]  41  
*Jan 17 14:37:17.390: RADIUS:   Cisco AVpair       [1]   35  "client-mac-address=aabb.cc00.d210"
*Jan 17 14:37:17.390: RADIUS:  Service-Type        [6]   6   Framed                    [2]
*Jan 17 14:37:17.390: RADIUS:  NAS-IP-Address      [4]   6   172.17.21.6   <=== Correct NAS (source ip)               
*Jan 17 14:37:17.390: RADIUS(00000033): Sending a IPv4 Radius Packet
*Jan 17 14:37:17.390: RADIUS(00000033): Started 5 sec timeout
*Jan 17 14:37:17.391: RADIUS: Received from id 1645/51 172.16.21.5:11645, Access-Accept, len 105
*Jan 17 14:37:17.391: RADIUS:  authenticator 3C 38 A2 16 EA 26 BE 4A - FD 69 49 CA E5 69 E7 04
*Jan 17 14:37:17.391: RADIUS:  Service-Type        [6]   6   Outbound                  [5]
*Jan 17 14:37:17.391: RADIUS:  Tunnel-Type         [64]  6   00:L2TP                   [3]
*Jan 17 14:37:17.391: RADIUS:  Framed-Protocol     [7]   6   PPP                       [1]
*Jan 17 14:37:17.391: RADIUS:  Tunnel-Medium-Type  [65]  6   00:IPv4                   [1]
*Jan 17 14:37:17.391: RADIUS:  Tunnel-Client-Auth-I[90]  16  "lac-via-radius"
*Jan 17 14:37:17.391: RADIUS:  Tunnel-Password     [69]  21  00:*
*Jan 17 14:37:17.391: RADIUS:  Tunnel-Server-Endpoi[67]  12  "172.19.1.1"
*Jan 17 14:37:17.391: RADIUS:  Tunnel-Client-Endpoi[66]  12  "172.19.1.2"
*Jan 17 14:37:17.391: RADIUS(00000033): Received from id 1645/51
*Jan 17 14:37:17.391: ppp40 PPP: Phase is FORWARDING, Attempting Forward
*Jan 17 14:37:17.391: SSS PM [uid:40][B4728388][AAA ID:51]: Authen status update; is now "authen"
*Jan 17 14:37:17.391: SSS PM [uid:40][B4728388][AAA ID:51]: IDMGR: assert authen status "authen"
*Jan 17 14:37:17.391: SSS PM [uid:40][B4728388][AAA ID:51]: IDMGR:  send event Session Update
*Jan 17 14:37:17.391: SSS PM [uid:40][B4728388][AAA ID:51]: IDMGR:  with username "pppoe@lns.com"
*Jan 17 14:37:17.391: SSS PM [uid:40][B4728388][AAA ID:51]: Session activation: ok
*Jan 17 14:37:17.391: SSS PM [uid:40][B4728388][AAA ID:51]: Client block is NULL in get client block with handle 1D000028
*Jan 17 14:37:17.391: SSS PM [uid:40][B4728388][AAA ID:51]: Updated key list:
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   AAA-Attr-List = F50003F4
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:     service-type         0   5 [Outbound]
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:     tunnel-type          0   3 [l2tp]
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:     Framed-Protocol      0   1 [PPP]
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:     tunnel-medium-type   0   1 [IPv4]
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:     tunnel-id            0   "lac-via-radius"
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:     tunnel-password      0   <hidden>
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:     tunnel-server-endpoi 0   "172.19.1.1"
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:     tunnel-client-endpoi 0   "172.19.1.2"
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   Access-Type = 0 (PPP)
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   Unauth-User = "pppoe@lns.com"
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   Unauth-Domain = "lns.com"
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   Input Interface = "Ethernet0/1.102"
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   Converted-Session = 0 (NO)
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   Media-Type = 1 (Ethernet)
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   Authen-Status = 0 (Authenticated)
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   Nasport = PPPoEoVLAN: slot 0 adapter 0 port 1 sub-interface 102 IP 0.0.0.0 VPI 0 VCI 0 VLAN 102 
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   Session-Handle = 385876049 (17000051)
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   AAA-Authen-Method-List = "AAA-4-FORWARD"
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   Protocol-Type = 0 (PPP Access Protocol)
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   Final = 1 (YES)
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   Auth-User = "pppoe@lns.com"
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]:   Auth-Domain = "lns.com"
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: SM Policy invoke - Got More Keys
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: Access type PPP: final key
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: Must apply config before continuing
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: Handling Config Request from Client
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: Event <got process config req>, State: need-init-keys to need-init-keys
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: Handling Process Config
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: Apply config request set to AAA list
Config:   service-type         0   5 [Outbound]
Config:   tunnel-type          0   3 [l2tp]
Config:   Framed-Protocol      0   1 [PPP]
Config:   tunnel-medium-type   0   1 [IPv4]
Config:   tunnel-id            0   "lac-via-radius"
Config:   tunnel-password      0   <hidden>
Config:   tunnel-server-endpoi 0   "172.19.1.1"
Config:   tunnel-client-endpoi 0   "172.19.1.2"
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: Sending pppoe@lns.com request to AAA
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: SSS PM: Allocating per-user profile info
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: SSS PM: Add per-user profile info to policy context
*Jan 17 14:37:17.392: SSS AAA AUTHOR [uid:40][AAA ID:51]: Root SIP PPPoE
*Jan 17 14:37:17.392: SSS AAA AUTHOR [uid:40][AAA ID:51]:  Enable PPPoE parsing
*Jan 17 14:37:17.392: SSS AAA AUTHOR [uid:40][AAA ID:51]:  Enable PPP parsing
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: ACTIVE HANDLE[0]: Snapshot captured in Active context
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: ACTIVE HANDLE[0]: Active context created
*Jan 17 14:37:17.392: SSS AAA AUTHOR [uid:40][AAA ID:51]: Event <make request>, state changed from idle to authorizing
*Jan 17 14:37:17.392: SSS AAA AUTHOR [uid:40][AAA ID:51]: Active key set to Auth-User
*Jan 17 14:37:17.392: SSS AAA AUTHOR [uid:40][AAA ID:51]: Authorizing key pppoe@lns.com
*Jan 17 14:37:17.392: SSS AAA AUTHOR [uid:40][AAA ID:51]: Spoofed AAA reply sent for key pppoe@lns.com
*Jan 17 14:37:17.392: SSS AAA AUTHOR [uid:40][AAA ID:51]: Received an AAA pass
*Jan 17 14:37:17.392: SSS AAA AUTHOR [uid:40][AAA ID:51]: [B4728388]:Reply message not exist
 Initial attr  service-type         0   5 [Outbound]
 Initial attr  tunnel-type          0   3 [l2tp]
 Initial attr  Framed-Protocol      0   1 [PPP]
 Initial attr  tunnel-medium-type   0   1 [IPv4]
 Initial attr  tunnel-id            0   "lac-via-radius"
 Initial attr  tunnel-password      0   <hidden>
 Initial attr  tunnel-server-endpoi 0   "172.19.1.1"
 Initial attr  tunnel-client-endpoi 0   "172.19.1.2"
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: 
policy key list doesn't have IPv4 address
*Jan 17 14:37:17.392: SSS PM: PARAMETERIZED-QoS: QOS parameters
*Jan 17 14:37:17.392: SSS PM [uid:40][B4728388][AAA ID:51]: RULE: VRF Parsing routine:
  service-type         0   5 [Outbound]
  tunnel-type          0   3 [l2tp]
  Framed-Protocol      0   1 [PPP]
  tunnel-medium-type   0   1 [IPv4]
  tunnel-id            0   "lac-via-radius"
  tunnel-password      0   <hidden>
  tunnel-server-endpoi 0   "172.19.1.1"
  tunnel-client-endpoi 0   "172.19.1.2"
*Jan 17 14:37:17.392: SSS AAA AUTHOR [uid:40][AAA ID:51]: Parsed service; VPDN
*Jan 17 14:37:17.393: SSS AAA AUTHOR [uid:40][AAA ID:51]: SIP PPP[A4700F0] parsed as Success
*Jan 17 14:37:17.393: SSS AAA AUTHOR [uid:40][AAA ID:51]: SIP PPP[B009900] parsed as Ignore
*Jan 17 14:37:17.393: SSS AAA AUTHOR [uid:40][AAA ID:51]: SIP PPPoE[A501AC0] parsed as Success
*Jan 17 14:37:17.393: SSS AAA AUTHOR [uid:40][AAA ID:51]: Event <found service>, state changed from authorizing to complete
*Jan 17 14:37:17.393: SSS AAA AUTHOR [uid:40][AAA ID:51]: Found service info for key pppoe@lns.com
*Jan 17 14:37:17.393: SSS AAA AUTHOR [uid:40][AAA ID:51]: Active Handle present - FB000007
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: Apply config handle [750003F8] now set to [180003FE]
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: ACTIVE HANDLE[0]: Snapshot reverted from Active context to policy context
*Jan 17 14:37:17.393: SSS AAA AUTHOR [uid:40][AAA ID:51]: Freeing Active Handle; SSS Policy Context Handle = 1D000028
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: ACTIVE HANDLE[2829]: Released active handle
*Jan 17 14:37:17.393: SSS AAA AUTHOR [uid:40][AAA ID:51]: PM directive AAA:VPDN maps to PM:Forwarding
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: PROFILE: store profile "pppoe@lns.com"
*Jan 17 14:37:17.393: SSS PM: PROFILE-DB: is profile "pppoe@lns.com" in DB
*Jan 17 14:37:17.393: SSS PM: PROFILE-DB:  Computed hash value = 2347614612
*Jan 17 14:37:17.393: SSS PM: PROFILE-DB:  No, add new list
*Jan 17 14:37:17.393: SSS PM: PROFILE-DB:   create "pppoe@lns.com"
*Jan 17 14:37:17.393: SSS PM: PROFILE-DB:    create "pppoe@lns.com"/B48191D8 hdl 4D000400 ref 1
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: PROFILE:  create B481B924, ref 1
*Jan 17 14:37:17.393: SSS AAA AUTHOR [uid:40][AAA ID:51]: Event <free request>, state changed from complete to terminal
*Jan 17 14:37:17.393: SSS AAA AUTHOR [uid:40][AAA ID:51]: Cancel request
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: Handling Author Found Event
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: Plumbing proposed by FSP
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: Policy reply - Forwarding
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: FSP info: B45F7020/VPDN data&colon; B460E1C8 SVM: 00000000
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: Apply of config finished; provide the found network service
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: Network service found; continuing rule
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[0]: Continue
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[0]: DOMAIN/PPP-4-FORWARD event session-start/20 authenticate aaa list AAA-4-FORWARD 
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[0]: Run action with no altered name
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: State: need-init-keys to initial-req
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[0]: Have key Auth-User
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[1]: Continue
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[1]: DOMAIN/PPP-4-FORWARD event session-start/20 authenticate aaa list AAA-4-FORWARD 
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[1]: Back to parent rule
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[1]: Run next parent action
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[2]: Continue
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[2]: PPPOE/PPP event session-start/12 service-policy type control DOMAIN
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: Client block is NULL in get client block with handle 1D000028
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[2]: No more actions to run
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[3]: Continue
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[3]: PPPOE/PPP event session-start/12 service-policy type control DOMAIN
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[3]: Using previously offered directive Forwarding
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[4]: Continue
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE[4]: PPPOE/PPP event session-start/12 service-policy type control DOMAIN
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: Client block is NULL in get client block with handle 1D000028
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: Event <srvf found>, State: initial-req to wait-for-events
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: Handling Service Direction
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: Policy reply - Forwarding
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: Plumbing proposed by FSP
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: Policy reply - Forwarding
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE: Looking for a rule for event session-service-found
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:  Intf CloneSrc Vt2: service-rule any: PPPOE
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:   Evaluate "PPPOE" for session-service-found
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:    Not matched "PPPOE/PPP event session-start"
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:   No match for "PPPOE"
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:  Intf InputI/f Et0/1.102: service-rule any: None
*Jan 17 14:37:17.393: SSS PM [uid:40][B4728388][AAA ID:51]: RULE:  Glob: service-rule any: None
*Jan 17 14:37:17.393: SSS PM: ANCP not enabled on 'Ethernet0/1.102' - not retrieving default shaper value
*Jan 17 14:37:17.393: SSS PM: ANCP not enabled on 'Ethernet0/1.102' - not retrieving default shaper value
*Jan 17 14:37:17.394: ppp40 PPP: No AAA accounting method list 
*Jan 17 14:37:17.397: SSS PM: ANCP not enabled on 'Ethernet0/1.102' - not retrieving default shaper value
*Jan 17 14:37:17.397: SSS PM: ANCP not enabled on 'Ethernet0/1.102' - not retrieving default shaper value
*Jan 17 14:37:17.397: SSS PM [uid:40][B4728388][AAA ID:51]: SM Policy invoke - Apply Config Success
*Jan 17 14:37:17.397: SSS PM [uid:40][B4728388][AAA ID:51]: [PARAMETERIZED-QoS]: No rabapol context created yet for handle [1D000028], returning compatible
*Jan 17 14:37:17.397: SSS PM [uid:40][B4728388][AAA ID:51]: Event <got apply config success>, State: wait-for-events to wait-for-events
*Jan 17 14:37:17.397: SSS PM [uid:40][B4728388][AAA ID:51]: Handling Apply Config; SUCCESS
*Jan 17 14:37:17.397: SSS PM [uid:40][B4728388][AAA ID:51]: session start done
*Jan 17 14:37:17.397: SSS PM [uid:40][B4728388][AAA ID:51]: Removed attribute list just processed
*Jan 17 14:37:17.397: SSS PM [uid:40][B4728388][AAA ID:51]: no callback for callback north
*Jan 17 14:37:17.397: SSS PM [uid:40][B4728388][AAA ID:51]: Client block is NULL in get client block with handle 1D000028
*Jan 17 14:37:17.397: SSS PM [uid:40][B4728388][AAA ID:51]: Null client block; Can't update RP
*Jan 17 14:37:17.397: SSS PM [uid:40][B4728388][AAA ID:51]: Client block is NULL in get client block with handle 1D000028
*Jan 17 14:37:17.397: SSS PM [uid:40][B4728388][AAA ID:51]: No pending events to process
*Jan 17 14:37:17.397: SSS PM [uid:40][B4728388][AAA ID:51]: No pending eventst
*Jan 17 14:37:17.397: ppp40 PPP: Phase is FORWARDED, Session Forwarded

由思科工程師貢獻

Alain Lanssiers
Cisco TAC工程師
Edited by Waqas Daar
Cisco TAC工程師

這份文件是否有所幫助？

意見

讓思科協助您

開啟支援問題單
(需有思科服務合約)