Inet-Admins mailing list archive (inet-admins@info.east.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cisco BRI to Ascend Max authentication
> See below:
>
> On the BRI interface, you need to add the following command to do LQM:
> ppp quality "%"
>
> Where "%" is replaced with the percentage of errors over which the router
> will disconnect the call.
>
> >From your trace:
> >May 12 13:41:17 border 6144: PPP BRI1/0: B-Channel 1: received config for
> type = 0 (??)
> >May 12 13:41:17 border 6145: PPP BRI1/0: B-Channel 1: rcvd unknown option
> 0 rejected
>
> Type 0 is RESERVED in the PPP RFC.
>
> Try adding the LQM on the Cisco router. If that doesn't work, send me
> email.
That does not work.
My IOS (c3620 11.1.8.AA IP-only) has no command "ppp quality" in interface config.
Moreover, some of the Cisco guys wrote to me that Cisco dropped LQM support,
"due to increasing quality of digital lines" ;)
>
> In the future, you might want to join and send email to one of the Cisco
> lists for Cisco-specific questions:
> as5200-request@wwa.com For AS5200 questions
> cisco-request@spot.colorado.edu For Cisco general questions
> cisco-nsp-request@cic.net For Cisco ISP/NSP questions
> At 01:54 PM 5/12/97 +0400, Basil V. Dolmatov wrote:
> >On Mon, 12 May 1997, Tim Buchalka wrote:
> >
> >> Can you post the setup on your Cisco to the list.
> >This is full information I can get from people from other side,
> >as well as my config... We have tried to set standard point-to-point
> >link instead of unnumbered one... Seems that problem is not in CHAP/PAP,
> >connections stops before it, on LCP stage...
> >
> >Ascend side:
> >
> >ppgirmd Password = "<skipped>"
> > User-Service = Framed-User,
> > Framed-Protocol = PPP,
> > Framed-Address = 195.208.68.2,
> > Framed-Netmask = 255.255.255.252,
> > Ascend-PPP-Address = 195.208.68.1
> > Framed-Routing = None
> >
> >Mon May 12 13:33:27 1997
> > NAS-Identifier = 194.220.40.7
> > NAS-Port = 10305
> > Acct-Status-Type = Stop
> > Acct-Delay-Time = 0
> > Acct-Session-Id = "232187631"
> > Ascend-Disconnect-Cause = 41
> > Ascend-Connect-Progress = 77
> > Ascend-Data-Rate = 64000
> > Ascend-PreSession-Time = 1
> > Ascend-Pre-Input-Octets = 184
> > Ascend-Pre-Output-Octets = 390
> > Ascend-Pre-Input-Packets = 12
> > Ascend-Pre-Output-Packets = 12
> >
> > Ascend-Disconnect-Cause = 41
> > 41 DIS_PPP_LCP_NEGOTIATION_FAIL, /* fail to converge on LCP
> negotiations
> >
> >
> > > PPPIF: open: routeid 9, incoming YES
> >PPPIF-96: lqm on
> >PPPIF-96: vj comp on
> >PPPIF-96: _initAuthentication
> >PPPIF-96: auth mode 3
> >PPPIF-96: PAP/CHAP/MS-CHAP auth, incoming
> >PPPIF-96: Link Is up.
> >PPPIF-96: LCP closed: Configuration negotiations failed,
> >>
> >Cisco side:
> >
> >!
> >version 11.1
> >no service udp-small-servers
> >no service tcp-small-servers
> >!
> >hostname ppgirmd
> >!
> >clock timezone MSK 3
> >clock summer-time MSD recurring last Sun Mar 3:00 last Sun Sep 3:00
> >aaa new-model
> >aaa authentication username-prompt Login:
> >aaa authentication login default tacacs+ enable
> >aaa authentication ppp default if-needed tacacs+
> >aaa authorization commands 0 tacacs+ if-authenticated local
> >aaa authorization commands 1 tacacs+ if-authenticated local
> >aaa authorization commands 15 tacacs+ none
> >aaa authorization network tacacs+
> >enable secret <skipped>
> >enable password <skipped>
> >username ppgirmd password <skipped>
> >!
> >isdn switch-type basic-net3
> >!
> >interface Loopback0
> > no ip address
> >!
> >interface Ethernet0/0
> > ip address 194.87.45.20 255.255.255.240
> > no cdp enable
> >!
> >interface BRI1/0
> > ip address 195.208.68.2 255.255.255.252
> > encapsulation ppp
> > ppp authentication chap callin
> > dialer idle-timeout 600
> > dialer map ip 195.208.68.1 92329696
> > dialer-group 1
> > no cdp enable
> > ppp multilink
> >!
> >interface BRI1/1
> > shutdown
> > ip unnumbered Ethernet0/0
> > no cdp enable
> ><skipped>
> >ip classless
> >ip subnet-zero
> >no ip source-route
> >!
> >no access-list 100
> >access-list 100 deny ip any host 255.255.255.255
> >access-list 100 permit ip any any
> >dialer-list 1 protocol ip list 100
> >!
> >no cdp run
> >end
> >
> >Cisco debug ppp authen + debug ppp negot
> >
> >May 12 13:41:14 border 6136: %LINK-3-UPDOWN: Interface BRI1/0: B-Channel
> 1, changed state to up
> >May 12 13:41:15 border 6137: PPP BRI1/0: B-Channel 1: No remote
> authentication for call-out
> >May 12 13:41:15 border 6138: ppp: sending CONFREQ, type = 5
> (CI_MAGICNUMBER), value = 0x65B40F27
> >May 12 13:41:15 border 6139: ppp: sending CONFREQ, type = 17
> (CI_MULTILINK_MRRU), value = 0x640
> >May 12 13:41:15 border 6140: ppp: sending CONFREQ, type = 19
> (CI_ENDPOINT_DISC)
> >May 12 13:41:17 border 6141: ppp: sending CONFREQ, type = 5
> (CI_MAGICNUMBER), value = 0x65B40F27
> >May 12 13:41:17 border 6142: ppp: sending CONFREQ, type = 17
> (CI_MULTILINK_MRRU), value = 0x640
> >May 12 13:41:17 border 6143: ppp: sending CONFREQ, type = 19
> (CI_ENDPOINT_DISC)
> >May 12 13:41:17 border 6144: PPP BRI1/0: B-Channel 1: received config for
> type = 0 (??)
> >May 12 13:41:17 border 6145: PPP BRI1/0: B-Channel 1: rcvd unknown option
> 0 rejected
> >May 12 13:41:17 border 6146: PPP BRI1/0: B-Channel 1: received config for
> type = 1 (MRU) value = 1524 acked
> >May 12 13:41:17 border 6147: PPP BRI1/0: B-Channel 1: received config for
> type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
> >May 12 13:41:17 border 6148: PPP BRI1/0: B-Channel 1: received config for
> type = 4 (QUALITYTYPE) nacked
> >May 12 13:41:17 border 6149: PPP BRI1/0: B-Channel 1: received config for
> type = 17 (MULTILINK_MRRU) value = 1524 acked
> >May 12 13:41:17 border 6150: PPP BRI1/0: B-Channel 1: received config for
> type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
> >May 12 13:41:17 border 6151: PPP BRI1/0: B-Channel 1: state = REQsent
> fsm_rconfack(0xC021): rcvd id 127
> >May 12 13:41:17 border 6152: ppp: config ACK received, type = 5
> (CI_MAGICNUMBER), value = 0x65B40F27
> >May 12 13:41:17 border 6153: ppp: config ACK received, type = 17
> (CI_MULTILINK_MRRU), value = 0x640
> >May 12 13:41:17 border 6154: ppp: config ACK received, type = 19
> (CI_ENDPOINT_DISC)
> >May 12 13:41:17 border 6155: PPP BRI1/0: B-Channel 1: received config for
> type = 1 (MRU) value = 1524 acked
> >May 12 13:41:17 border 6156: PPP BRI1/0: B-Channel 1: received config for
> type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
> >May 12 13:41:17 border 6157: PPP BRI1/0: B-Channel 1: received config for
> type = 4 (QUALITYTYPE) nacked
> >May 12 13:41:17 border 6158: PPP BRI1/0: B-Channel 1: received config for
> type = 17 (MULTILINK_MRRU) value = 1524 acked
> >May 12 13:41:17 border 6159: PPP BRI1/0: B-Channel 1: received config for
> type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
> >May 12 13:41:17 border 6160: PPP BRI1/0: B-Channel 1: received config for
> type = 1 (MRU) value = 1524 acked
> >May 12 13:41:17 border 6161: PPP BRI1/0: B-Channel 1: received config for
> type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
> >May 12 13:41:17 border 6162: PPP BRI1/0: B-Channel 1: received config for
> type = 4 (QUALITYTYPE) nacked
> >May 12 13:41:17 border 6163: PPP BRI1/0: B-Channel 1: received config for
> type = 17 (MULTILINK_MRRU) value = 1524 acked
> >May 12 13:41:17 border 6164: PPP BRI1/0: B-Channel 1: received config for
> type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
> >May 12 13:41:17 border 6165: PPP BRI1/0: B-Channel 1: received config for
> type = 1 (MRU) value = 1524 acked
> >May 12 13:41:17 border 6166: PPP BRI1/0: B-Channel 1: received config for
> type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
> >May 12 13:41:17 border 6167: PPP BRI1/0: B-Channel 1: received config for
> type = 4 (QUALITYTYPE) nacked
> >May 12 13:41:17 border 6168: PPP BRI1/0: B-Channel 1: received config for
> type = 17 (MULTILINK_MRRU) value = 1524 acked
> >May 12 13:41:17 border 6169: PPP BRI1/0: B-Channel 1: received config for
> type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
> >May 12 13:41:17 border 6170: PPP BRI1/0: B-Channel 1: received config for
> type = 1 (MRU) value = 1524 acked
> >May 12 13:41:17 border 6171: PPP BRI1/0: B-Channel 1: received config for
> type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
> >May 12 13:41:17 border 6172: PPP BRI1/0: B-Channel 1: received config for
> type = 4 (QUALITYTYPE) nacked
> >May 12 13:41:17 border 6173: PPP BRI1/0: B-Channel 1: received config for
> type = 17 (MULTILINK_MRRU) value = 1524 acked
> >May 12 13:41:17 border 6174: PPP BRI1/0: B-Channel 1: received config for
> type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
> >May 12 13:41:17 border 6175: PPP BRI1/0: B-Channel 1: received config for
> type = 1 (MRU) value = 1524 acked
> >May 12 13:41:17 border 6176: PPP BRI1/0: B-Channel 1: received config for
> type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
> >May 12 13:41:17 border 6177: PPP BRI1/0: B-Channel 1: received config for
> type = 4 (QUALITYTYPE) nacked
> >May 12 13:41:17 border 6178: PPP BRI1/0: B-Channel 1: received config for
> type = 17 (MULTILINK_MRRU) value = 1524 acked
> >May 12 13:41:17 border 6179: PPP BRI1/0: B-Channel 1: received config for
> type = 19 (ENDPOINT_DISC)
> >May 12 13:41:17 border 6180: value = 00c0.7b5c.025e acked
> >May 12 13:41:17 border 6181: PPP BRI1/0: B-Channel 1: received config for
> type = 1 (MRU) value = 1524 acked
> >May 12 13:41:17 border 6182: PPP BRI1/0: B-Channel 1: received config for
> type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
> >May 12 13:41:17 border 6183: PPP BRI1/0: B-Channel 1: received config for
> type = 4 (QUALITYTYPE) nacked
> >May 12 13:41:17 border 6184: PPP BRI1/0: B-Channel 1: received config for
> type = 17 (MULTILINK_MRRU) value = 1524 acked
> >May 12 13:41:17 border 6185: PPP BRI1/0: B-Channel 1: received config for
> type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
> >May 12 13:41:17 border 6186: PPP BRI1/0: B-Channel 1: received config for
> type = 1 (MRU) value = 1524 acked
> >May 12 13:41:17 border 6187: PPP BRI1/0: B-Channel 1: received config for
> type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
> >May 12 13:41:17 border 6188: PPP BRI1/0: B-Channel 1: received config for
> type = 4 (QUALITYTYPE) nacked
> >May 12 13:41:17 border 6189: PPP BRI1/0: B-Channel 1: received config for
> type = 17 (MULTILINK_MRRU) value = 1524 acked
> >May 12 13:41:17 border 6190: PPP BRI1/0: B-Channel 1: received config for
> type = 19 (ENDPOINT_DISC) value = 00c0.7b5c.025e acked
> >May 12 13:41:17 border 6191: PPP BRI1/0: B-Channel 1: received config for
> type = 1 (MRU) value = 1524 acked
> >May 12 13:41:17 border 6192: PPP BRI1/0: B-Channel 1: received config for
> type = 3 (AUTHTYPE) value = 0xC223 digest = 5 acked
> >May 12 13:41:17 border 6193: PPP BRI1/0: B-Channel 1: received config for
> type = 4 (QUALITYTYPE) nacked
> >May 12 13:41:17 border 6194: PPP BRI1/0: B-Channel 1: received config for
> type = 17 (MULTILINK_MRRU) value = 1524 acked
> >May 12 13:41:17 border 6195: PPP BRI1/0: B-Channel 1: received config for
> type = 19 (ENDPOINT_DISC)
> >May 12 13:41:17 border 6196: value = 00c0.7b5c.025e acked
> >May 12 13:41:17 border 6197: PPP BRI1/0: B-Channel 1: No remote
> authentication for call-out
> >May 12 13:41:17 border 6198: %ISDN-6-DISCONNECT: Interface BRI1/0:
> B-Channel 1 disconnected from 92329696 00c0.7b5c.025e, call lasted 2
> seconds
> >May 12 13:41:18 border 6199: %LINK-3-UPDOWN: Interface BRI1/0: B-Channel
> 1, changed state to down
> >
> >
> >The reason of such behaviour is totally dark for me, so any help would
> be
> >gladly appreciated.
> >
> >> I am successfully talking to an Ascend Max 4000
> >> via BRI with a Cisco 2503, so I know it can be
> >> done!
> >>
> >>
> >> ----------
> >> > From: Basil V. Dolmatov <dol@east.ru>
> >> > To: inet-access@earth.com
> >> > Subject: Cisco BRI to Ascend Max authentication
> >> > Date: Monday, May 12, 1997 1:31 AM
> >> >
> >> > Hello!
> >> >
> >> > Does anybody overcome the incompatibility between Cisco and Ascend
> >> > realization of PAP/CHAP authentication?
> >> >
> >> > The problem is:
> >> >
> >> > Cisco 3620 (IOS 11.1.8) doing ISDN call via BRI interface
> >> > cannot authenticate with Ascend Max 4000. :(
> >> > Switching dual Cisco authenitcation off does not help (i.e.
> >> > "ppp authentication chap callin" is already set on interface).
> >> > Neither CHAP nor PAP works. :(
> >> >
> >> > Earlier, when connecting from Cisco 2511 via ISDN modem, I have
> overcome
> >> > this, using chat-script for login to Ascend. On BRI interface I
> cannot
> >> > use chat-scripts (at least I did not find the possibility to do
> this).
> >>
> >>
> >> ============================== ISP Mailing List
> ==============================
> >> Email ``unsubscribe'' to inet-access-request@earth.com to be removed.
> >> Do not post flames to the list -- if you must flame, use private
> email.
> >>
> >
> >--------------------------------------
> >Basil (Vasily) Dolmatov dol@east.ru +7-095-956-4951
> >[BVD12, VVD2-RIPN] [BVD11, VVD1-RIPE]
> >
> >East Connection ISP, Moscow, Russia. ()
> >
> >
> >
> >============================== ISP Mailing List
> ==============================
> >Email ``unsubscribe'' to inet-access-request@earth.com to be removed.
> >Wrap your text at 80 columns, don't post messages with long lines.
> >
> >
> -------------------------------------------------------
> Hascall H. ("Chip") Sharp voice: +1 (919) 472-3121
> Consulting Engineer-ISP fax: +1 (919) 472-2177
> Cisco Systems email: chsharp@cisco.com
> 7025 Kit Creek Road
> Research Triangle Park, NC 27709-4987 USA
> ---------------------------------------------------------
>
> =============================================================================
> "inet-admins" Internet access mailing list. Maintained by East Connection ISP.
> Mail "unsubscribe inet-admins" to Majordomo@east.ru if you want to quit.
>
>
--
--------------------------------------
Basil (Vasily) Dolmatov dol@east.ru +7-095-956-4951
[BVD12] [VVD1-RIPE]
East Connection ISP, Moscow, Russia.
=============================================================================
"inet-admins" Internet access mailing list. Maintained by East Connection ISP.
Mail "unsubscribe inet-admins" to Majordomo@east.ru if you want to quit.
|
