Radius / IAS and ISDN Callback

Discussion in 'Cisco' started by jt, Oct 17, 2003.

  1. jt

    jt Guest

    Hi ng,

    anyone practicing ISDN ppp callback using RADIUS Authentication
    via Microsoft IAS ? I do have the following setup on a 2611XM.

    The radius is working properly via * VPN * , meaning a PIX 501 behind the
    box
    is coupled with it do deliver the proof that IAS itself is OK.
    Now, I can dial in and authenticate via Radius/IAS, everything just fine.
    But when adding callback commands on the Dialer I get rejected
    ("--> Callback not authorized for user xyzwhattheheck --> Disconnect" )

    I assume I am missing certain radius / IAS read-out values, because checking
    the appropiate boxes
    within IAS ( Callback negotiation control ) does not bring me further. I
    would like
    to have the user data on the IAS including Callback-Dialstring and such.

    Any hints highly appreciated.


    ** aaa subsystem:
    aaa authentication ppp dialup if-needed group radius

    ** PHY interface
    interface BRI1/3
    description Port 4
    no ip address
    encapsulation ppp
    dialer pool-member 2
    isdn switch-type basic-net3
    peer default ip address pool dialinpool
    no cdp enable
    end

    ** LOGICAL Interface which is bound to it
    interface Dialer3
    description Callback Template
    ip unnumbered Loopback0
    encapsulation ppp
    no ip mroute-cache
    dialer pool 2
    dialer remote-name xxxxxxxxxxxx
    dialer callback-secure
    dialer caller xxxxxxxxx callback
    dialer-group 4
    peer default ip address pool dialinpool
    compress stac
    ppp callback accept
    ppp authentication pap chap dialup

    ** RADIUS Controls
    radius-server host xxxxxxxxx auth-port 1645 acct-port 1646
    radius-server retransmit 5
    radius-server timeout 90
    radius-server key xxxxxxxxxxxx
     
    jt, Oct 17, 2003
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.