Re: Cisco BRI to Ascend Max authentication

["Hascall \"Chip\" Sharp" <chsharp@cisco.com>]

See below:

On the BRI interface, you need to add the following command to do LQM:
	ppp quality "%"

Where "%" is replaced with the percentage of errors over which the router
will disconnect the call.

>From your trace:
>May 12 13:41:17 border 6144: PPP BRI1/0: B-Channel 1: received config for
type = 0 (??)
>May 12 13:41:17 border 6145: PPP BRI1/0: B-Channel 1: rcvd unknown option
0 rejected

Type 0 is RESERVED in the PPP RFC.

Try adding the LQM on the Cisco router.  If that doesn't work, send me
email.

In the future, you might want to join and send email to one of the Cisco
lists for Cisco-specific questions:
	as5200-request@wwa.com			For AS5200 questions
	cisco-request@spot.colorado.edu	For Cisco general questions
	cisco-nsp-request@cic.net		For Cisco ISP/NSP questions
At 01:54 PM 5/12/97 +0400, Basil V. Dolmatov wrote:
>On Mon, 12 May 1997, Tim Buchalka wrote:
>
>> Can you post the setup on your Cisco to the list.
>This is full information I can get from people from other side,
>as well as my config... We have tried to set standard point-to-point
>link instead of unnumbered one... Seems that problem is not in CHAP/PAP,
>connections stops before it, on LCP stage...
>
>Ascend side:
>
>ppgirmd Password = "<skipped>"
>        User-Service = Framed-User,
>        Framed-Protocol = PPP,
>        Framed-Address = 195.208.68.2,
>        Framed-Netmask = 255.255.255.252,
>        Ascend-PPP-Address = 195.208.68.1
>        Framed-Routing = None
>
>Mon May 12 13:33:27 1997
>        NAS-Identifier = 194.220.40.7
>        NAS-Port = 10305
>        Acct-Status-Type = Stop
>        Acct-Delay-Time = 0
>        Acct-Session-Id = "232187631"
>        Ascend-Disconnect-Cause = 41
>        Ascend-Connect-Progress = 77
>        Ascend-Data-Rate = 64000
>        Ascend-PreSession-Time = 1
>        Ascend-Pre-Input-Octets = 184
>        Ascend-Pre-Output-Octets = 390
>        Ascend-Pre-Input-Packets = 12
>        Ascend-Pre-Output-Packets = 12
>
>        Ascend-Disconnect-Cause = 41
>      41 DIS_PPP_LCP_NEGOTIATION_FAIL, /* fail to converge on LCP
negotiations
>
>
> > PPPIF: open: routeid 9, incoming YES
>PPPIF-96: lqm on
>PPPIF-96: vj comp on
>PPPIF-96: _initAuthentication
>PPPIF-96: auth mode 3
>PPPIF-96: PAP/CHAP/MS-CHAP auth, incoming
>PPPIF-96: Link Is up.
>PPPIF-96: LCP closed: Configuration negotiations failed,
>> 
>Cisco side:
>
>!
>version 11.1
>no service udp-small-servers
>no service tcp-small-servers
>!
>hostname ppgirmd
>!
>clock timezone MSK 3
>clock summer-time MSD recurring last Sun Mar 3:00 last Sun Sep 3:00
>aaa new-model
>aaa authentication username-prompt Login:
>aaa authentication login default tacacs+ enable
>aaa authentication ppp default if-needed tacacs+
>aaa authorization commands 0 tacacs+ if-authenticated local
>aaa authorization commands 1 tacacs+ if-authenticated local
>aaa authorization commands 15 tacacs+ none
>aaa authorization network tacacs+
>enable secret <skipped>
>enable password <skipped>
>username ppgirmd password <skipped>
>!
>isdn switch-type basic-net3
>!
>interface Loopback0
> no ip address
>!
>interface Ethernet0/0
> ip address 194.87.45.20 255.255.255.240
> no cdp enable
>!
>interface BRI1/0
> ip address 195.208.68.2 255.255.255.252
> encapsulation ppp
> ppp authentication chap callin
> dialer idle-timeout 600
> dialer map ip 195.208.68.1 92329696
> dialer-group 1
> no cdp enable
> ppp multilink
>!
>interface BRI1/1
> shutdown
> ip unnumbered Ethernet0/0
> no cdp enable
><skipped>
>ip classless
>ip subnet-zero
>no ip source-route
>!
>no access-list 100
>access-list 100 deny ip any host 255.255.255.255
>access-list 100 permit ip any any
>dialer-list 1 protocol ip list 100
>!
>no cdp run
>end
>
>Cisco debug ppp authen + debug ppp negot
>
>May 12 13:41:14 border 6136: %LINK-3-UPDOWN: Interface BRI1/0: B-Channel
1, changed state to up
>May 12 13:41:15 border 6137: PPP BRI1/0: B-Channel 1: No remote
authentication for call-out
>May 12 13:41:15 border 6138: ppp: sending CONFREQ, type = 5
(CI_MAGICNUMBER), value = 0x65B40F27
>May 12 13:41:15 border 6139: ppp: sending CONFREQ, type = 17
(CI_MULTILINK_MRRU), value = 0x640
>May 12 13:41:15 border 6140: ppp: sending CONFREQ, type = 19
(CI_ENDPOINT_DISC)
>May 12 13:41:17 border 6141: ppp: sending CONFREQ, type = 5
(CI_MAGICNUMBER), value = 0x65B40F27
>May 12 13:41:17 border 6142: ppp: sending CONFREQ, type = 17
(CI_MULTILINK_MRRU), value = 0x640
>May 12 13:41:17 border 6143: ppp: sending CONFREQ, type = 19
(CI_ENDPOINT_DISC)
>May 12 13:41:17 border 6144: PPP BRI1/0: B-Channel 1: received config for
type = 0 (??)
>May 12 13:41:17 border 6145: PPP BRI1/0: B-Channel 1: rcvd unknown option
0 rejected
>May 12 13:41:17 border 6146: PPP BRI1/0: B-Channel 1: received config for
type = 1 (MRU) value = 1524 acked
>May 12 13:41:17 border 6147: PPP BRI1/0: B-Channel 1: received config for
type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
>May 12 13:41:17 border 6148: PPP BRI1/0: B-Channel 1: received config for
type = 4 (QUALITYTYPE) nacked
>May 12 13:41:17 border 6149: PPP BRI1/0: B-Channel 1: received config for
type = 17 (MULTILINK_MRRU) value = 1524 acked
>May 12 13:41:17 border 6150: PPP BRI1/0: B-Channel 1: received config for
type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
>May 12 13:41:17 border 6151: PPP BRI1/0: B-Channel 1: state = REQsent
fsm_rconfack(0xC021): rcvd id 127
>May 12 13:41:17 border 6152: ppp: config ACK received, type = 5
(CI_MAGICNUMBER), value = 0x65B40F27
>May 12 13:41:17 border 6153: ppp: config ACK received, type = 17
(CI_MULTILINK_MRRU), value = 0x640
>May 12 13:41:17 border 6154: ppp: config ACK received, type = 19
(CI_ENDPOINT_DISC)
>May 12 13:41:17 border 6155: PPP BRI1/0: B-Channel 1: received config for
type = 1 (MRU) value = 1524 acked
>May 12 13:41:17 border 6156: PPP BRI1/0: B-Channel 1: received config for
type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
>May 12 13:41:17 border 6157: PPP BRI1/0: B-Channel 1: received config for
type = 4 (QUALITYTYPE) nacked
>May 12 13:41:17 border 6158: PPP BRI1/0: B-Channel 1: received config for
type = 17 (MULTILINK_MRRU) value = 1524 acked
>May 12 13:41:17 border 6159: PPP BRI1/0: B-Channel 1: received config for
type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
>May 12 13:41:17 border 6160: PPP BRI1/0: B-Channel 1: received config for
type = 1 (MRU) value = 1524 acked
>May 12 13:41:17 border 6161: PPP BRI1/0: B-Channel 1: received config for
type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
>May 12 13:41:17 border 6162: PPP BRI1/0: B-Channel 1: received config for
type = 4 (QUALITYTYPE) nacked
>May 12 13:41:17 border 6163: PPP BRI1/0: B-Channel 1: received config for
type = 17 (MULTILINK_MRRU) value = 1524 acked
>May 12 13:41:17 border 6164: PPP BRI1/0: B-Channel 1: received config for
type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
>May 12 13:41:17 border 6165: PPP BRI1/0: B-Channel 1: received config for
type = 1 (MRU) value = 1524 acked
>May 12 13:41:17 border 6166: PPP BRI1/0: B-Channel 1: received config for
type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
>May 12 13:41:17 border 6167: PPP BRI1/0: B-Channel 1: received config for
type = 4 (QUALITYTYPE) nacked
>May 12 13:41:17 border 6168: PPP BRI1/0: B-Channel 1: received config for
type = 17 (MULTILINK_MRRU) value = 1524 acked
>May 12 13:41:17 border 6169: PPP BRI1/0: B-Channel 1: received config for
type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
>May 12 13:41:17 border 6170: PPP BRI1/0: B-Channel 1: received config for
type = 1 (MRU) value = 1524 acked
>May 12 13:41:17 border 6171: PPP BRI1/0: B-Channel 1: received config for
type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
>May 12 13:41:17 border 6172: PPP BRI1/0: B-Channel 1: received config for
type = 4 (QUALITYTYPE) nacked
>May 12 13:41:17 border 6173: PPP BRI1/0: B-Channel 1: received config for
type = 17 (MULTILINK_MRRU) value = 1524 acked
>May 12 13:41:17 border 6174: PPP BRI1/0: B-Channel 1: received config for
type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
>May 12 13:41:17 border 6175: PPP BRI1/0: B-Channel 1: received config for
type = 1 (MRU) value = 1524 acked
>May 12 13:41:17 border 6176: PPP BRI1/0: B-Channel 1: received config for
type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
>May 12 13:41:17 border 6177: PPP BRI1/0: B-Channel 1: received config for
type = 4 (QUALITYTYPE) nacked
>May 12 13:41:17 border 6178: PPP BRI1/0: B-Channel 1: received config for
type = 17 (MULTILINK_MRRU) value = 1524 acked
>May 12 13:41:17 border 6179: PPP BRI1/0: B-Channel 1: received config for
type = 19 (ENDPOINT_DISC)
>May 12 13:41:17 border 6180:  value = 00c0.7b5c.025e acked
>May 12 13:41:17 border 6181: PPP BRI1/0: B-Channel 1: received config for
type = 1 (MRU) value = 1524 acked
>May 12 13:41:17 border 6182: PPP BRI1/0: B-Channel 1: received config for
type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
>May 12 13:41:17 border 6183: PPP BRI1/0: B-Channel 1: received config for
type = 4 (QUALITYTYPE) nacked
>May 12 13:41:17 border 6184: PPP BRI1/0: B-Channel 1: received config for
type = 17 (MULTILINK_MRRU) value = 1524 acked
>May 12 13:41:17 border 6185: PPP BRI1/0: B-Channel 1: received config for
type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
>May 12 13:41:17 border 6186: PPP BRI1/0: B-Channel 1: received config for
type = 1 (MRU) value = 1524 acked
>May 12 13:41:17 border 6187: PPP BRI1/0: B-Channel 1: received config for
type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
>May 12 13:41:17 border 6188: PPP BRI1/0: B-Channel 1: received config for
type = 4 (QUALITYTYPE) nacked
>May 12 13:41:17 border 6189: PPP BRI1/0: B-Channel 1: received config for
type = 17 (MULTILINK_MRRU) value = 1524 acked
>May 12 13:41:17 border 6190: PPP BRI1/0: B-Channel 1: received config for
type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
>May 12 13:41:17 border 6191: PPP BRI1/0: B-Channel 1: received config for
type = 1 (MRU) value = 1524 acked
>May 12 13:41:17 border 6192: PPP BRI1/0: B-Channel 1: received config for
type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
>May 12 13:41:17 border 6193: PPP BRI1/0: B-Channel 1: received config for
type = 4 (QUALITYTYPE) nacked
>May 12 13:41:17 border 6194: PPP BRI1/0: B-Channel 1: received config for
type = 17 (MULTILINK_MRRU) value = 1524 acked
>May 12 13:41:17 border 6195: PPP BRI1/0: B-Channel 1: received config for
type = 19 (ENDPOINT_DISC)
>May 12 13:41:17 border 6196:  value = 00c0.7b5c.025e acked
>May 12 13:41:17 border 6197: PPP BRI1/0: B-Channel 1: No remote
authentication for call-out
>May 12 13:41:17 border 6198: %ISDN-6-DISCONNECT: Interface BRI1/0:
B-Channel 1  disconnected from 92329696 00c0.7b5c.025e, call lasted 2
seconds
>May 12 13:41:18 border 6199: %LINK-3-UPDOWN: Interface BRI1/0: B-Channel
1, changed state to down
>
>
>The reason of such behaviour is totally dark for me, so any help would
be
>gladly appreciated.
>
>> I am successfully talking to an Ascend Max 4000
>> via BRI with a Cisco 2503, so I know it can be
>> done!
>> 
>> 
>> ----------
>> > From: Basil V. Dolmatov <dol@east.ru>
>> > To: inet-access@earth.com
>> > Subject: Cisco BRI to Ascend Max authentication
>> > Date: Monday, May 12, 1997 1:31 AM
>> > 
>> > Hello!
>> > 
>> > Does anybody overcome the incompatibility between Cisco and Ascend
>> > realization of PAP/CHAP authentication?
>> > 
>> > The problem is:
>> > 
>> > Cisco 3620 (IOS 11.1.8) doing ISDN call via BRI interface
>> > cannot authenticate with Ascend Max 4000. :(
>> > Switching dual Cisco authenitcation off does not help (i.e.
>> > "ppp authentication chap callin" is already set on interface).
>> > Neither CHAP nor PAP works. :(
>> > 
>> > Earlier, when connecting from Cisco 2511 via ISDN modem, I have
overcome
>> > this, using chat-script for login to Ascend. On BRI interface I
cannot
>> > use chat-scripts (at least I did not find the possibility to do
this).
>> 
>> 
>> ============================== ISP Mailing List
==============================
>> Email ``unsubscribe'' to inet-access-request@earth.com to be removed.
>> Do not post flames to the list -- if you must flame, use private
email.
>> 
>
>--------------------------------------
>Basil (Vasily)  Dolmatov   dol@east.ru        +7-095-956-4951
>[BVD12, VVD2-RIPN] [BVD11, VVD1-RIPE]
>
>East Connection ISP, Moscow, Russia. (http://www.east.ru)
>
>
>
>============================== ISP Mailing List
==============================
>Email ``unsubscribe'' to inet-access-request@earth.com to be removed.
>Wrap your text at 80 columns, don't post messages with long lines.
>
>
-------------------------------------------------------
Hascall H. ("Chip") Sharp	voice: +1 (919) 472-3121
Consulting Engineer-ISP		fax:   +1 (919) 472-2177
Cisco Systems			email:  chsharp@cisco.com
7025 Kit Creek Road		http://www.cisco.com/	
Research Triangle Park, NC  27709-4987  USA
---------------------------------------------------------

=============================================================================
"inet-admins" Internet access mailing list. Maintained by East Connection ISP.
Mail "unsubscribe inet-admins" to Majordomo@east.ru if you want to quit.

---

• Follow-Ups:
  • Re: Cisco BRI to Ascend Max authentication
    • From: Basil Dolmatov

• Prev by Date: OSPF: Cisco &lt;-> gated
• Next by Date: Re: Cisco BRI to Ascend Max authentication
• Previous by thread: Re: Cisco BRI to Ascend Max authentication
• Next by thread: Re: Cisco BRI to Ascend Max authentication
• Index(es):
  • Date
  • Thread