Есть Cisco2522 планируеться использоваться как сервер доступа. Удаленных клиентов 30-50 человек и прописывать их в конфиге Cisco
username *** password ***
очень неудобно и тяжело, опять же статистику вести неудобно, решено подружить эту Циску с Такаксом.Building configuration...
Current configuration:
!
version 11.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname Demsk_GW
!
aaa new-model
aaa authentication login default tacacs+
aaa authentication login no_tacacs enable
aaa authentication ppp default tacacs+
aaa authorization exec tacacs+
aaa authorization network tacacs+
aaa accounting exec start-stop tacacs+
aaa accounting network start-stop tacacs+
enable secret 5 ****
enable password 7 ****
!
ip subnet-zero
ip rcmd rsh-enable
ip rcmd remote-host admin 195.161.37.18 root enable
ip domain-name zsptus.ru
ip name-server 195.161.38.195
async-bootp subnet-mask 255.255.255.248
async-bootp gateway 195.161.38.249
async-bootp dns-server 195.161.37.18 195.161.38.195
!
interface Ethernet0
ip address 195.161.37.17 255.255.255.240
!
interface Serial0
ip address 195.161.38.250 255.255.255.252
no fair-queue
!
interface Serial1
no ip address
shutdown
!
interface Serial2
physical-layer async
description "1 line for DialUp"
ip unnumbered Ethernet0
ip tcp header-compression passive
encapsulation ppp
async mode interactive
peer default ip address 195.161.37.33
no cdp enable
ppp authentication pap chap
!
interface Serial3
physical-layer async
ip unnumbered Ethernet0
ip tcp header-compression passive
encapsulation ppp
async mode interactive
peer default ip address 195.161.37.34
no cdp enable
ppp authentication chap pap
!
interface Serial4
no ip address
shutdown
!
interface Serial5
no ip address
shutdown
!
interface Serial6
no ip address
shutdown
!
interface Serial7
no ip address
shutdown
!
interface Serial8
no ip address
shutdown
!
interface Serial9
no ip address
shutdown
!
interface BRI0
no ip address
shutdown
!
no ip classless
ip route 0.0.0.0 0.0.0.0 Serial0 permanent
!
tacacs-server host 195.161.37.18
tacacs-server key Konglomerat
!
line con 0
login authentication no_tacacs
line 2 3
exec-timeout 0 0
autoselect during-login
autoselect ppp
modem InOut
modem autoconfigure type default
transport input all
rxspeed 115200
txspeed 115200
line aux 0
line vty 0 4
!
endк циске подключены два внешних модема US Robotics Courier V Everythig.
Когда на циску поступает звонок модем берет трубку, соединяеться, но никакой строчки типа введите login: введите пароль ничего не выводит.
в чем ошибка, где копать?
а debug что по этому говорит?
>а debug что по этому говорит?
debug aaa
debug tacacs
-----04:44:35: AAA/AUTHEN: create_user user='' ruser='' port='tty2' rem_addr='async'
authen_type=ASCII service=LOGIN priv=1
04:44:35: AAA/AUTHEN/START (0): port='tty2' list='' action=LOGIN service=LOGIN
04:44:35: AAA/AUTHEN/START (0): using "default" list
04:44:35: AAA/AUTHEN/START (3114548554): Method=TACACS+
04:44:35: TAC+: send AUTHEN/START packet ver=192 id=3114548554
04:44:35: TAC+: Using default tacacs server list.
04:44:35: TAC+: Opening TCP/IP to 195.161.37.18/49 timeout=5
04:44:35: TAC+: Opened TCP/IP handle 0x198CF8 to 195.161.37.18/49
04:44:35: TAC+: 195.161.37.18 (3114548554) AUTHEN/START/LOGIN/ASCII queued
04:44:35: TAC+: (3114548554) AUTHEN/START/LOGIN/ASCII processedtimed out
04:44:35: TAC+: ver=192 id=3114548554 received AUTHEN status = GETUSER
04:44:35: AAA/AUTHEN (3114548554): status = GETUSER
04:44:45: AAA/AUTHEN/ABORT: (3114548554) because Carrier dropped.
04:44:45: TAC+: send abort reason=Carrier dropped
04:44:45: TAC+: 195.161.37.18 (3114548554) AUTHEN/CONT queued
04:44:45: TAC+: (3114548554) AUTHEN/CONT processed
04:44:45: TAC+: Closing TCP/IP 0x198CF8 connection to 195.161.37.18/49
04:44:45: AAA/AUTHEN: free user tty2 async authen_type=ASCII service=LOGIN pri
v=1
04:46:54: AAA/AUTHEN: create_user user='' ruser='' port='tty2' rem_addr='async'
authen_type=ASCII service=LOGIN priv=1
04:46:54: AAA/AUTHEN/START (0): port='
04:46:54: AAA/AUTHEN/START (0): using "def
ault" list
04:46:54: AAA/AUTHEN/START (2970370170): Method=TACACS+
04:46:54: TAC+: send AUTHEN/START packet ver=192 id=2970370170
04:46:54: TAC+: Using default tacacs server list.
04:46:54: TAC+: Opening TCP/IP to 195.161.34.18/49 timeout=5
04:46:54: TAC+: Opened TCP/IP handle 0x1974E0 to 195.161.37.18/49
04:46:54: TAC+: 195.161.37.18 (2970370170) AUTHEN/START/LOGIN/ASCII queued
04:46:54: TAC+: (2970370170) AUTHEN/START/LOGIN/ASCII processed
04:46:54: TAC+: ver=192 id=2970370170 received AUTHEN status = GETUSER
04:46:54: AAA/AUTHEN (2970370170): status = GETUSER
04:47:18: AAA/AUTHEN/ABORT: (2970370170) because Carrier dropped.
04:47:18: TAC+: send abort reason=Carrier dropped
04:47:18: TAC+: 195.161.37.18 (2970370170) AUTHEN/CONT queued
04:47:18: TAC+: (2970370170) AUTHEN/CONT processed
04:47:18: TAC+: Closing TCP/IP 0x1974E0 connection to 195.161.37.18/49
04:47:18: AAA/AUTHEN: free user tty2 async authen_type=ASCII service=LOGIN pri
v=1
04:48:18: AAA/AUTHEN: create_user user='' ruser='' port='tty2' rem_addr='async'
authen_type=ASCII service=LOGIN priv=1
04:48:18: AAA/AUTHEN/START (0): port='tty2' list='' action=LOGIN service=LOGIN
04:48:18: AAA/AUTHEN/START (0): using "default" list
04:48:18: AAA/AUTHEN/START (2012423662): Method=TACACS+
04:48:18: TAC+: send AUTHEN/START packet ver=192 id=2012423662
04:48:18: TAC+: Using default tacacs server list.
04:48:18: TAC+: Opening TCP/IP to 195.161.37.18/49 timeout=5
04:48:18: TAC+: Opened TCP/IP handle 0x19710C to 195.161.37.18/49
04:48:18: TAC+: 195.161.37.18 (2012423662) AUTHEN/START/LOGIN/ASCII queued
04:48:18: TAC+: (2012423662) AUTHEN/START/LOGIN/ASCII processed
04:48:18: TAC+: ver=192 id=2012423662 received AUTHEN status = GETUSER
04:48:18: AAA/AUTHEN (2012423662): status = GETUSER
04:48:40: AAA/AUTHEN/CONT (2012423662): continue_login
04:48:40: AAA/AUTHEN (2012423662): status = GETUSER
04:48:40: AAA/AUTHEN (2012423662): Method=TACACS+
04:48:40: TAC+: send AUTHEN/CONT packet id=2012423662
04:48:40: TAC+: 195.161.34.18 (2012423662) AUTHEN/CONT queued
04:48:40: TAC+: (2012423662) AUTHEN/CONT processed
04:48:40: TAC+: ver=192 id=2012423662 received AUTHEN status = GETPASS
04:48:40: AAA/AUTHEN (2012423662): status = GETPASS
04:48:43: AAA/AUTHEN/CONT (2012423662): continue_login
04:48:43: AAA/AUTHEN (2012423662): status = GETPASS
04:48:43: AAA/AUTHEN (2012423662): Method=TACACS+
04:48:43: TAC+: send AUTHEN/CONT packet id=2012423662
04:48:43: TAC+: 195.161.37.18 (2012423662) AUTHEN/CONT queued
04:48:43: TAC+: (2012423662) AUTHEN/CONT processed
04:48:43: TAC+: ver=192 id=2012423662 received AUTHEN status = FAIL
04:48:43: AAA/AUTHEN (2012423662): status = FAIL
04:48:45: TAC+: Closing TCP/IP 0x19710C connection to 195.161.37.18/49
04:48:45: AAA/AUTHEN: free user `````````````````````````````````````````` tty2
async authen_type=ASCII service=LOGIN priv=1
04:48:45: AAA/AUTHEN: create_user user='' ruser='' port='tty2' rem_addr='async'
authen_type=ASCII service=LOGIN priv=1
04:48:45: AAA/AUTHEN/START (0): port='tty2' list='' action=LOGIN service=LOGIN
04:48:45: AAA/AUTHEN/START (0): using "default" list
04:48:45: AAA/AUTHEN/START (162038937): Method=TACACS+
04:48:45: TAC+: send AUTHEN/START packet ver=192 id=162038937
04:48:45: TAC+: Using default tacacs server list.
04:48:45: TAC+: Opening TCP/IP to 195.161.37.18/49 timeout=5
04:48:45: TAC+: Opened TCP/IP handle 0x194154 to 195.161.37.18/49
04:48:45: TAC+: 195.161.34.18 (162038937) AUTHEN/START/LOGIN/ASCII queued
04:48:46: TAC+: (162038937) AUTHEN/START/LOGIN/ASCII processed
04:48:46: TAC+: ver=192 id=162038937 received AUTHEN status = GETUSER
04:48:46: AAA/AUTHEN (162038937): status = GETUSER
04:49:18: TAC+: Closing TCP/IP 0x194154 connection to 195.161.37.18/49
04:49:18: AAA/AUTHEN: free user tty2 async authen_type=ASCII service=LOGIN pri
v=1
04:49:18: AAA/AUTHEN: create_user user='' ruser='' port='tty2' rem_addr='async'
authen_type=ASCII service=LOGIN priv=1
04:49:18: AAA/AUTHEN/START (0): port='tty2' list='' action=LOGIN service=LOGIN
04:49:18: AAA/AUTHEN/START (0): using "default" list
04:49:18: AAA/AUTHEN/START (3573213394): Method=TACACS+
04:49:18: TAC+: send AUTHEN/START packet ver=192 id=3573213394
04:49:18: TAC+: Using default tacacs server list.
04:49:18: TAC+: Opening TCP/IP to 195.161.37.18/49 timeout=5
04:49:18: TAC+: Opened TCP/IP handle 0x1978E8 to 195.161.37.18/49
04:49:18: TAC+: 195.161.37.18 (3573213394) AUTHEN/START/LOGIN/ASCII queued
04:49:18: TAC+: (3573213394) AUTHEN/START/LOGIN/ASCII processed
04:49:18: TAC+: ver=192 id=3573213394 received AUTHEN status = GETUSER
04:49:18: AAA/AUTHEN (3573213394): status = GETUSER
04:49:45: AAA/AUTHEN/ABORT: (3573213394) because Carrier dropped.
04:49:46: TAC+: send abort reason=Carrier dropped
04:49:46: TAC+: 195.161.37.18 (3573213394) AUTHEN/CONT queued
04:49:46: TAC+: (3573213394) AUTHEN/CONT processed
04:49:46: TAC+: Closing TCP/IP 0x1978E8 connection to 195.161.37.18/49
04:49:46: AAA/AUTHEN: free user tty2 async authen_type=ASCII service=LOGIN priv=1
>04:44:35: TAC+: Opened TCP/IP handle 0x198CF8 to 195.161.37.18/49
>04:44:35: TAC+: 195.161.37.18 (3114548554) AUTHEN/START/LOGIN/ASCII queued
>04:44:35: TAC+: (3114548554) AUTHEN/START/LOGIN/ASCII processedtimed out
>04:44:35: TAC+: ver=192 id=3114548554 received AUTHEN status = GETUSER
>04:44:35: AAA/AUTHEN (3114548554): status = GETUSER
>04:44:45: AAA/AUTHEN/ABORT: (3114548554) because Carrier dropped.
^^^^^^^^^^^^^^^
>04:44:45: TAC+: send abort reason=Carrier dropped
>04:44:45: TAC+: 195.161.37.18 (3114548554) AUTHEN/CONT queued
>04:44:45: TAC+: (3114548554) AUTHEN/CONT processed
>04:44:45: TAC+: Closing TCP/IP 0x198CF8 connection to 195.161.37.18/49дело-то похоже не в такаксе (по крайней мере на данном этапе).
смотри на настройки линии, модемов...