Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

   


   


   















      :: Inet-Admins
Inet-Admins mailing list archive (inet-admins@info.east.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cisco BRI to Ascend Max authentication



On Mon, 12 May 1997, Tim Buchalka wrote:

> Can you post the setup on your Cisco to the list.
This is full information I can get from people from other side,
as well as my config... We have tried to set standard point-to-point
link instead of unnumbered one... Seems that problem is not in CHAP/PAP,
connections stops before it, on LCP stage...

Ascend side:

ppgirmd Password = "<skipped>"
        User-Service = Framed-User,
        Framed-Protocol = PPP,
        Framed-Address = 195.208.68.2,
        Framed-Netmask = 255.255.255.252,
        Ascend-PPP-Address = 195.208.68.1
        Framed-Routing = None

Mon May 12 13:33:27 1997
        NAS-Identifier = 194.220.40.7
        NAS-Port = 10305
        Acct-Status-Type = Stop
        Acct-Delay-Time = 0
        Acct-Session-Id = "232187631"
        Ascend-Disconnect-Cause = 41
        Ascend-Connect-Progress = 77
        Ascend-Data-Rate = 64000
        Ascend-PreSession-Time = 1
        Ascend-Pre-Input-Octets = 184
        Ascend-Pre-Output-Octets = 390
        Ascend-Pre-Input-Packets = 12
        Ascend-Pre-Output-Packets = 12

        Ascend-Disconnect-Cause = 41
      41 DIS_PPP_LCP_NEGOTIATION_FAIL, /* fail to converge on LCP negotiations


 > PPPIF: open: routeid 9, incoming YES
PPPIF-96: lqm on
PPPIF-96: vj comp on
PPPIF-96: _initAuthentication
PPPIF-96: auth mode 3
PPPIF-96: PAP/CHAP/MS-CHAP auth, incoming
PPPIF-96: Link Is up.
PPPIF-96: LCP closed: Configuration negotiations failed,
> 
Cisco side:

!
version 11.1
no service udp-small-servers
no service tcp-small-servers
!
hostname ppgirmd
!
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 3:00 last Sun Sep 3:00
aaa new-model
aaa authentication username-prompt Login:
aaa authentication login default tacacs+ enable
aaa authentication ppp default if-needed tacacs+
aaa authorization commands 0 tacacs+ if-authenticated local
aaa authorization commands 1 tacacs+ if-authenticated local
aaa authorization commands 15 tacacs+ none
aaa authorization network tacacs+
enable secret <skipped>
enable password <skipped>
username ppgirmd password <skipped>
!
isdn switch-type basic-net3
!
interface Loopback0
 no ip address
!
interface Ethernet0/0
 ip address 194.87.45.20 255.255.255.240
 no cdp enable
!
interface BRI1/0
 ip address 195.208.68.2 255.255.255.252
 encapsulation ppp
 ppp authentication chap callin
 dialer idle-timeout 600
 dialer map ip 195.208.68.1 92329696
 dialer-group 1
 no cdp enable
 ppp multilink
!
interface BRI1/1
 shutdown
 ip unnumbered Ethernet0/0
 no cdp enable
<skipped>
ip classless
ip subnet-zero
no ip source-route
!
no access-list 100
access-list 100 deny ip any host 255.255.255.255
access-list 100 permit ip any any
dialer-list 1 protocol ip list 100
!
no cdp run
end

Cisco debug ppp authen + debug ppp negot

May 12 13:41:14 border 6136: %LINK-3-UPDOWN: Interface BRI1/0: B-Channel 1, changed state to up
May 12 13:41:15 border 6137: PPP BRI1/0: B-Channel 1: No remote authentication for call-out
May 12 13:41:15 border 6138: ppp: sending CONFREQ, type = 5 (CI_MAGICNUMBER), value = 0x65B40F27
May 12 13:41:15 border 6139: ppp: sending CONFREQ, type = 17 (CI_MULTILINK_MRRU), value = 0x640
May 12 13:41:15 border 6140: ppp: sending CONFREQ, type = 19 (CI_ENDPOINT_DISC)
May 12 13:41:17 border 6141: ppp: sending CONFREQ, type = 5 (CI_MAGICNUMBER), value = 0x65B40F27
May 12 13:41:17 border 6142: ppp: sending CONFREQ, type = 17 (CI_MULTILINK_MRRU), value = 0x640
May 12 13:41:17 border 6143: ppp: sending CONFREQ, type = 19 (CI_ENDPOINT_DISC)
May 12 13:41:17 border 6144: PPP BRI1/0: B-Channel 1: received config for type = 0 (??)
May 12 13:41:17 border 6145: PPP BRI1/0: B-Channel 1: rcvd unknown option 0 rejected
May 12 13:41:17 border 6146: PPP BRI1/0: B-Channel 1: received config for type = 1 (MRU) value = 1524 acked
May 12 13:41:17 border 6147: PPP BRI1/0: B-Channel 1: received config for type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
May 12 13:41:17 border 6148: PPP BRI1/0: B-Channel 1: received config for type = 4 (QUALITYTYPE) nacked
May 12 13:41:17 border 6149: PPP BRI1/0: B-Channel 1: received config for type = 17 (MULTILINK_MRRU) value = 1524 acked
May 12 13:41:17 border 6150: PPP BRI1/0: B-Channel 1: received config for type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
May 12 13:41:17 border 6151: PPP BRI1/0: B-Channel 1: state = REQsent fsm_rconfack(0xC021): rcvd id 127
May 12 13:41:17 border 6152: ppp: config ACK received, type = 5 (CI_MAGICNUMBER), value = 0x65B40F27
May 12 13:41:17 border 6153: ppp: config ACK received, type = 17 (CI_MULTILINK_MRRU), value = 0x640
May 12 13:41:17 border 6154: ppp: config ACK received, type = 19 (CI_ENDPOINT_DISC)
May 12 13:41:17 border 6155: PPP BRI1/0: B-Channel 1: received config for type = 1 (MRU) value = 1524 acked
May 12 13:41:17 border 6156: PPP BRI1/0: B-Channel 1: received config for type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
May 12 13:41:17 border 6157: PPP BRI1/0: B-Channel 1: received config for type = 4 (QUALITYTYPE) nacked
May 12 13:41:17 border 6158: PPP BRI1/0: B-Channel 1: received config for type = 17 (MULTILINK_MRRU) value = 1524 acked
May 12 13:41:17 border 6159: PPP BRI1/0: B-Channel 1: received config for type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
May 12 13:41:17 border 6160: PPP BRI1/0: B-Channel 1: received config for type = 1 (MRU) value = 1524 acked
May 12 13:41:17 border 6161: PPP BRI1/0: B-Channel 1: received config for type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
May 12 13:41:17 border 6162: PPP BRI1/0: B-Channel 1: received config for type = 4 (QUALITYTYPE) nacked
May 12 13:41:17 border 6163: PPP BRI1/0: B-Channel 1: received config for type = 17 (MULTILINK_MRRU) value = 1524 acked
May 12 13:41:17 border 6164: PPP BRI1/0: B-Channel 1: received config for type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
May 12 13:41:17 border 6165: PPP BRI1/0: B-Channel 1: received config for type = 1 (MRU) value = 1524 acked
May 12 13:41:17 border 6166: PPP BRI1/0: B-Channel 1: received config for type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
May 12 13:41:17 border 6167: PPP BRI1/0: B-Channel 1: received config for type = 4 (QUALITYTYPE) nacked
May 12 13:41:17 border 6168: PPP BRI1/0: B-Channel 1: received config for type = 17 (MULTILINK_MRRU) value = 1524 acked
May 12 13:41:17 border 6169: PPP BRI1/0: B-Channel 1: received config for type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
May 12 13:41:17 border 6170: PPP BRI1/0: B-Channel 1: received config for type = 1 (MRU) value = 1524 acked
May 12 13:41:17 border 6171: PPP BRI1/0: B-Channel 1: received config for type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
May 12 13:41:17 border 6172: PPP BRI1/0: B-Channel 1: received config for type = 4 (QUALITYTYPE) nacked
May 12 13:41:17 border 6173: PPP BRI1/0: B-Channel 1: received config for type = 17 (MULTILINK_MRRU) value = 1524 acked
May 12 13:41:17 border 6174: PPP BRI1/0: B-Channel 1: received config for type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
May 12 13:41:17 border 6175: PPP BRI1/0: B-Channel 1: received config for type = 1 (MRU) value = 1524 acked
May 12 13:41:17 border 6176: PPP BRI1/0: B-Channel 1: received config for type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
May 12 13:41:17 border 6177: PPP BRI1/0: B-Channel 1: received config for type = 4 (QUALITYTYPE) nacked
May 12 13:41:17 border 6178: PPP BRI1/0: B-Channel 1: received config for type = 17 (MULTILINK_MRRU) value = 1524 acked
May 12 13:41:17 border 6179: PPP BRI1/0: B-Channel 1: received config for type = 19 (ENDPOINT_DISC)
May 12 13:41:17 border 6180:  value = 00c0.7b5c.025e acked
May 12 13:41:17 border 6181: PPP BRI1/0: B-Channel 1: received config for type = 1 (MRU) value = 1524 acked
May 12 13:41:17 border 6182: PPP BRI1/0: B-Channel 1: received config for type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
May 12 13:41:17 border 6183: PPP BRI1/0: B-Channel 1: received config for type = 4 (QUALITYTYPE) nacked
May 12 13:41:17 border 6184: PPP BRI1/0: B-Channel 1: received config for type = 17 (MULTILINK_MRRU) value = 1524 acked
May 12 13:41:17 border 6185: PPP BRI1/0: B-Channel 1: received config for type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
May 12 13:41:17 border 6186: PPP BRI1/0: B-Channel 1: received config for type = 1 (MRU) value = 1524 acked
May 12 13:41:17 border 6187: PPP BRI1/0: B-Channel 1: received config for type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
May 12 13:41:17 border 6188: PPP BRI1/0: B-Channel 1: received config for type = 4 (QUALITYTYPE) nacked
May 12 13:41:17 border 6189: PPP BRI1/0: B-Channel 1: received config for type = 17 (MULTILINK_MRRU) value = 1524 acked
May 12 13:41:17 border 6190: PPP BRI1/0: B-Channel 1: received config for type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
May 12 13:41:17 border 6191: PPP BRI1/0: B-Channel 1: received config for type = 1 (MRU) value = 1524 acked
May 12 13:41:17 border 6192: PPP BRI1/0: B-Channel 1: received config for type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
May 12 13:41:17 border 6193: PPP BRI1/0: B-Channel 1: received config for type = 4 (QUALITYTYPE) nacked
May 12 13:41:17 border 6194: PPP BRI1/0: B-Channel 1: received config for type = 17 (MULTILINK_MRRU) value = 1524 acked
May 12 13:41:17 border 6195: PPP BRI1/0: B-Channel 1: received config for type = 19 (ENDPOINT_DISC)
May 12 13:41:17 border 6196:  value = 00c0.7b5c.025e acked
May 12 13:41:17 border 6197: PPP BRI1/0: B-Channel 1: No remote authentication for call-out
May 12 13:41:17 border 6198: %ISDN-6-DISCONNECT: Interface BRI1/0: B-Channel 1  disconnected from 92329696 00c0.7b5c.025e, call lasted 2 seconds
May 12 13:41:18 border 6199: %LINK-3-UPDOWN: Interface BRI1/0: B-Channel 1, changed state to down


The reason of such behaviour is totally dark for me, so any help would be
gladly appreciated.

> I am successfully talking to an Ascend Max 4000
> via BRI with a Cisco 2503, so I know it can be
> done!
> 
> 
> ----------
> > From: Basil V. Dolmatov <dol@east.ru>
> > To: inet-access@earth.com
> > Subject: Cisco BRI to Ascend Max authentication
> > Date: Monday, May 12, 1997 1:31 AM
> > 
> > Hello!
> > 
> > Does anybody overcome the incompatibility between Cisco and Ascend
> > realization of PAP/CHAP authentication?
> > 
> > The problem is:
> > 
> > Cisco 3620 (IOS 11.1.8) doing ISDN call via BRI interface
> > cannot authenticate with Ascend Max 4000. :(
> > Switching dual Cisco authenitcation off does not help (i.e.
> > "ppp authentication chap callin" is already set on interface).
> > Neither CHAP nor PAP works. :(
> > 
> > Earlier, when connecting from Cisco 2511 via ISDN modem, I have overcome
> > this, using chat-script for login to Ascend. On BRI interface I cannot
> > use chat-scripts (at least I did not find the possibility to do this).
> 
> 
> ============================== ISP Mailing List ==============================
> Email ``unsubscribe'' to inet-access-request@earth.com to be removed.
> Do not post flames to the list -- if you must flame, use private email.
> 

--------------------------------------
Basil (Vasily)  Dolmatov   dol@east.ru        +7-095-956-4951
[BVD12, VVD2-RIPN] [BVD11, VVD1-RIPE]

East Connection ISP, Moscow, Russia. (http://www.east.ru)


=============================================================================
"inet-admins" Internet access mailing list. Maintained by East Connection ISP.
Mail "unsubscribe inet-admins" to Majordomo@east.ru if you want to quit.



 




Copyright © Lexa Software, 1996-2009.