Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Virtual Access Interface not cloned from Template

Thread Tools

Virtual Access Interface not cloned from Template

Matthew Melbourne
Posts: n/a
I have an issue with Virtual Profiles running on an AS5300, 12.1(20) with
CSACS 2.6 as the TACACS+ authenticatio mechanism. The access server serves
dial-up users (via a group-async interface) and ISDN dial-in users using
fixed static dialer profiles. I am trying to extend this to use virtual
profiles for some ISDN dial-in users (to principally download access-lists
and routes on a per-user basis).

However, after configuring virtual templates, the virtual access interface
is not cloned.

Are any special AAA authorization parameters required on the user's CSACS

Presumably the PPP authentication/authorization configuration used to
authenticate the user, as the details configured on the physical serial

ISDN Caller ID is used to bind inbound calls to the physical dialer
profile, but the users without static dialer profiles have an ISDN caller
statement under the physical interface, so the call is not rejected.

The user is authenticated and authorized but the virtual template is not

The relevant parts of the configuration are:

aaa new-model
aaa authentication login default local
aaa authentication login TELNET line
aaa authentication login DIALINPPP group tacacs+ local
aaa authentication ppp default local
aaa authentication ppp ROUTERPPP local
aaa authentication ppp DIALINPPP if-needed group tacacs+ local
aaa authorization exec DIALINPPP group tacacs+ if-authenticated
aaa authorization network ROUTERPPP if-authenticated
aaa authorization network DIALINPPP group tacacs+ local
aaa accounting network DIALINPPP start-stop group tacacs+
virtual-profile if-needed
virtual-profile virtual-template 1
virtual-profile aaa
interface Virtual-Template1
ip unnumbered Loopback0
interface Serial0:15
no ip address
encapsulation ppp
dialer pool-member 1
isdn switch-type primary-net5
isdn caller 5551234
isdn caller 5557890
isdn caller 5550001
isdn incoming-voice modem
isdn skip-async-callerid-check
compress stac
no cdp enable
ppp authentication chap DIALINPPP
ppp authorization DIALINPPP
ppp multilink
interface Dialer0
description Dialer Profile #0
ip unnumbered loopback0
dialer caller 5551234
interface Dialer1
description Dialer Profile #1
ip unnumbered loopback0
dialer caller 5557890



Matthew Melbourne
Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Session management when browser window is cloned Java 11 04-26-2006 07:11 PM
Virtual Template or Template Virtual C++ 4 01-23-2006 08:44 PM
dvd menu on cloned disc Pavel Ferenc DVD Video 0 11-11-2005 05:53 PM
Cloned disk "thinks" it is much smaller than it is. Nomen Nescio Computer Security 5 08-12-2005 08:08 PM
virtual template and virtual access for ADSL circuits Gary Cisco 1 04-28-2005 07:26 PM