forum.bitel.ru :: Просмотр темы - [6.0] ISG опция 82 и все все все (FIXED)

==> BGInetAccess/log/all.log <==
dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetAbstractDhcpProcessor - REQUEST:
Message type: BOOT_REQUEST
Dhcp message type: DHCP Request{3}
htype: 1, hlen: 6, hops: 1
xid: 1929576717, secs: 0, flags: 0
Client IP: 194.33.xx.5
Your IP: 0.0.0.0
Server IP: 0.0.0.0
Relay IP: 194.33.xx.1
Client MAC: {DC9FDB01C6E0}
{61}={01DC9FDB01C6E0}
Host name{12}={UBNT}
{60}={756468637020312E31312E32}
Parameter request list{55}={1, 3, 6, 12, 15, 28, 42}
Agent information{82}=
sub{1}={000400280101}
sub{2}={0006ECCD6D6F6902}

dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetDhcpDevice - Search serv on deviceId: 10; 1; interfaceId: 1
dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetDhcpProcessor - InetServ found: ContractId: 17; servId: 13
Switch: ECCD6D6F6902:-1,1
Options [8:10.08.2013-01.01.1970; ] TariffModuleTreeSet [10:06.06.2013-…; ]
Device state: 1; optionSet:8
dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetApplication - inetServ[id=13] balance ok: 2160.00 [0]
dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetApplication - TariffOptionMap: {}
dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetApplication - OptionSet: [8]
dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetDhcpProcessor - Updating of existing connection: InetConnection [id=3086-0, iface=10:1, sessId=77366496, start=11.08.2013 16:03:42, uname=null, addr=194.33.xx.5]
dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetAbstractDhcpProcessor - RESPONSE:
Message type: BOOT_RESPONSE
Dhcp message type: DHCP ACK{5}
htype: 1, hlen: 6, hops: 1
xid: 1929576717, secs: 0, flags: 0
Client IP: 194.33.xx.5
Your IP: 194.33.xx.5
Server IP: 0.0.0.0
Relay IP: 194.33.xx.1
Client MAC: {DC9FDB01C6E0}
Agent information{82}=
sub{1}={000400280101}
sub{2}={0006ECCD6D6F6902}
Router{3}=194.33.xx.1
Subnet mask{1}=255.255.255.0
DNS{6}={C2215414}
IP Address Lease Time{51}=600
Server Identifier{54}={C2215421}

radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] RadiusListenerWorker - REQUEST:
Packet type: Access-Request
Identifier: 113
Authenticator: {D8 20 7B 8F C4 E0 26 DF 77 A7 6F 9F 19 97 B2 9B}
Attributes:
User-Name=194.33.xx.5
NAS-Identifier=BRAS-1.ug.ru
NAS-Port-Id=0/0/0/40
User-Password=pass
Event-Timestamp=1376276415
NAS-IP-Address=194.33.xx.1
NAS-Port=18923
Service-Type=5
Framed-IP-Address=194.33.xx.5
Acct-Session-Id=0/0/0/40_C2215402000049EE
NAS-Port-Type=33
cisco-avpair=circuit-id-tag=000400280101
cisco-avpair=remote-id-tag=0006eccd6d6f6902
cisco-avpair=vendor-class-id-tag=udhcp 1.11.2
cisco-NAS-Port=0/0/0/40
cisco-SSG-Account-Info=S194.33.xx.5

radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusProcessor - REQUEST_AFTER_PREPROCESS:
Packet type: Access-Request
Identifier: 113
Authenticator: {D8 20 7B 8F C4 E0 26 DF 77 A7 6F 9F 19 97 B2 9B}
Attributes:
User-Name=194.33.xx.5
NAS-Identifier=BRAS-1.ug.ru
NAS-Port-Id=0/0/0/40
User-Password=pass
Event-Timestamp=1376276415
NAS-IP-Address=194.33.xx.1
NAS-Port=18923
Service-Type=5
Framed-IP-Address=194.33.xx.5
Acct-Session-Id=0/0/0/40_C2215402000049EE
NAS-Port-Type=33
cisco-avpair=circuit-id-tag=000400280101
cisco-avpair=remote-id-tag=0006eccd6d6f6902
cisco-avpair=vendor-class-id-tag=udhcp 1.11.2
cisco-NAS-Port=0/0/0/40
cisco-SSG-Account-Info=S194.33.xx.5

Common options: {agentRemoteId=eccd6d6f6902, agentCircuitId=00280101}
radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusProcessor - [username=194.33.xx.5] Authenticated as inetServId:13
radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetNas - Found agentDevice:10
radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetApplication - inetServ[id=13] balance ok: 2160.00 [0]
radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetApplication - TariffOptionMap: {}
radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetApplication - OptionSet: [8]
radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusProcessor - Write new waiting connection to DB
radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusProcessor - New connection id=3962
radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusProcessor - Return code=0
radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusProcessor - RESPONSE_BEFORE_POSTPROCESS:
Packet type: Access-Accept
Identifier: 113
Authenticator: {}
Attributes:
Acct-Interim-Interval=60
Framed-IP-Address=194.33.xx.5
Idle-Timeout=1300
cisco-avpair=subscriber:accounting-list=ipoe-isg-aaa
cisco-SSG-Account-Info=AISG-10MBPS

Process time auth: 7

radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusListenerWorker - RESPONSE:
Packet type: Access-Accept
Identifier: 113
Authenticator: {C9 79 D0 BF 22 DD 9B CA A2 50 19 C9 1B 60 34 E8}
Attributes:
Acct-Interim-Interval=60
Framed-IP-Address=194.33.xx.5
Idle-Timeout=1300
cisco-avpair=subscriber:accounting-list=ipoe-isg-aaa
cisco-SSG-Account-Info=AISG-10MBPS

Process time auth: 8

aaa group server radius ipoe-radius
server-private 194.33.xx.22 auth-port 1812 acct-port 1813 non-standard key xx
ip radius source-interface Loopback0
!
aaa group server radius ipoe-services-radius
server-private 194.33.xx.22 auth-port 1811 acct-port 1813 non-standard key xx
ip radius source-interface Loopback0
!
aaa authentication login ssh local
aaa authentication login ipoe-isg-aaa group ipoe-radius
aaa authorization exec ssh local
aaa authorization network ipoe-isg-aaa group ipoe-radius
aaa authorization subscriber-service default local group ipoe-services-radius
aaa accounting delay-start
aaa accounting update periodic 2
aaa accounting network ipoe-isg-aaa start-stop group ipoe-radius
!
aaa nas port extended
!
!
!
aaa server radius dynamic-author
client 194.33.xx.22 server-key x
ignore session-key
ignore server-key
!
aaa session-id unique
clock timezone MSK 4 0
!
!
!
ip dhcp smart-relay
ip dhcp relay information option
ip dhcp relay information policy keep
no ip dhcp relay information check
ip dhcp relay information trust-all
!
!
!
ip domain name ug.ru
ip name-server 194.33.xx.20
ip cef
login block-for 5 attempts 3 within 5
ipv6 multicast rpf use-bgp
no ipv6 cef
!
!
subscriber authorization enable
multilink bundle-name authenticated
!
redirect server-group NO-MONEY
server ip 194.33.xx.22 port 8080
!
ip tcp selective-ack
ip tcp timestamp
ip ssh time-out 60
ip ssh version 2
class-map type traffic match-any TRAFFIC-FOR-REDIRECT
match access-group input name traffic-for-redirect
!
class-map type traffic match-any ALL-TRAFFIC
match access-group input 101
match access-group output 102
!
class-map type traffic match-any OPENGARDEN-TRAFFIC
match access-group input 155
match access-group output 156
!
class-map type traffic match-any LOCAL-TRAFFIC
match access-group output 2110
!
class-map type control match-all TAL-SUBSCRIBERS
match source-ip-address 194.33.xx.0 255.255.255.0
!
class-map type control match-all ISG-IP-UNAUTH
match timer UNAUTH-TIMER
match authen-status unauthenticated
!
policy-map type service L4REDIRECT
20 class type traffic TRAFFIC-FOR-REDIRECT
redirect to group NO-MONEY
!
!
policy-map type service OPENGARDEN
40 class type traffic OPENGARDEN-TRAFFIC
accounting aaa list ipoe-isg-aaa
police input 1024000
police output 1024000
!
class type traffic default in-out
drop
!
!
policy-map type service ISG-LOCAL
100 class type traffic LOCAL-TRAFFIC
accounting aaa list ipoe-isg-aaa
police input 102400000
police output 102400000
!
!
policy-map type control IPoE-ISG
class type control ISG-IP-UNAUTH event timed-policy-expiry
1 service disconnect
!
class type control always event session-start
10 authorize aaa list ipoe-isg-aaa password pass identifier source-ip-address
20 set-timer UNAUTH-TIMER 1
!
class type control always event service-stop
1 service-policy type service unapply identifier service-name
10 log-session-state
!
class type control always event session-restart
10 authorize aaa list ipoe-isg-aaa password pass identifier source-ip-address
20 set-timer UNAUTH-TIMER 1
!
!
!
interface Loopback0
description --For ISG Purposes--
ip address 194.33.xx.1 255.255.255.0
!
interface GigabitEthernet0/0.40
description --ISG Test Services--
encapsulation dot1Q 40
ip unnumbered Loopback0
ip helper-address 194.33.xx.22
no ip proxy-arp
service-policy type control IPoE-ISG
ip subscriber l2-connected
initiator dhcp class-aware
!
ip forward-protocol nd
!
!
radius-server attribute 44 include-in-access-req default-vrf
radius-server attribute 44 extend-with-addr
radius-server attribute 6 on-for-login-auth
radius-server attribute 6 mandatory
radius-server attribute 8 include-in-access-req
radius-server attribute 32 include-in-access-req
radius-server attribute 32 include-in-accounting-req
radius-server attribute 55 include-in-acct-req
radius-server attribute 55 access-request include
radius-server attribute 25 access-request include
radius-server attribute nas-port format e UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU
radius-server attribute 61 extended
radius-server host 194.33.xx.22 auth-port 1812 acct-port 1813 key xx
radius-server host 194.33.xx.22 auth-port 1811 acct-port 1813 key xx
radius-server vsa send cisco-nas-port
radius-server vsa send accounting
radius-server vsa send authentication

Автор:	Magistr [ 12 авг 2013, 09:18 ]
Заголовок сообщения:	[6.0] ISG опция 82 и все все все (FIXED)
Настроил биллинг и циску по статье http://wiki.bitel.ru/index.php/ISG,_схема_со_стартом_сессии_и_ее_авторизацией_по_IP,_выдача_адресов_на_основе_option82 Сессия поднимаеться Код: ==> BGInetAccess/log/all.log <== dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetAbstractDhcpProcessor - REQUEST: Message type: BOOT_REQUEST Dhcp message type: DHCP Request{3} htype: 1, hlen: 6, hops: 1 xid: 1929576717, secs: 0, flags: 0 Client IP: 194.33.xx.5 Your IP: 0.0.0.0 Server IP: 0.0.0.0 Relay IP: 194.33.xx.1 Client MAC: {DC9FDB01C6E0} {61}={01DC9FDB01C6E0} Host name{12}={UBNT} {60}={756468637020312E31312E32} Parameter request list{55}={1, 3, 6, 12, 15, 28, 42} Agent information{82}= sub{1}={000400280101} sub{2}={0006ECCD6D6F6902} dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetDhcpDevice - Search serv on deviceId: 10; 1; interfaceId: 1 dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetDhcpProcessor - InetServ found: ContractId: 17; servId: 13 Switch: ECCD6D6F6902:-1,1 Options [8:10.08.2013-01.01.1970; ] TariffModuleTreeSet [10:06.06.2013-…; ] Device state: 1; optionSet:8 dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetApplication - inetServ[id=13] balance ok: 2160.00 [0] dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetApplication - TariffOptionMap: {} dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetApplication - OptionSet: [8] dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetDhcpProcessor - Updating of existing connection: InetConnection [id=3086-0, iface=10:1, sessId=77366496, start=11.08.2013 16:03:42, uname=null, addr=194.33.xx.5] dhcp 08-12/07:00:17 INFO [dhcpLstnr-p-11-t-10] InetAbstractDhcpProcessor - RESPONSE: Message type: BOOT_RESPONSE Dhcp message type: DHCP ACK{5} htype: 1, hlen: 6, hops: 1 xid: 1929576717, secs: 0, flags: 0 Client IP: 194.33.xx.5 Your IP: 194.33.xx.5 Server IP: 0.0.0.0 Relay IP: 194.33.xx.1 Client MAC: {DC9FDB01C6E0} Agent information{82}= sub{1}={000400280101} sub{2}={0006ECCD6D6F6902} Router{3}=194.33.xx.1 Subnet mask{1}=255.255.255.0 DNS{6}={C2215414} IP Address Lease Time{51}=600 Server Identifier{54}={C2215421} Затем идет запрос на авторизацию сервиса Код: radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] RadiusListenerWorker - REQUEST: Packet type: Access-Request Identifier: 113 Authenticator: {D8 20 7B 8F C4 E0 26 DF 77 A7 6F 9F 19 97 B2 9B} Attributes: User-Name=194.33.xx.5 NAS-Identifier=BRAS-1.ug.ru NAS-Port-Id=0/0/0/40 User-Password=pass Event-Timestamp=1376276415 NAS-IP-Address=194.33.xx.1 NAS-Port=18923 Service-Type=5 Framed-IP-Address=194.33.xx.5 Acct-Session-Id=0/0/0/40_C2215402000049EE NAS-Port-Type=33 cisco-avpair=circuit-id-tag=000400280101 cisco-avpair=remote-id-tag=0006eccd6d6f6902 cisco-avpair=vendor-class-id-tag=udhcp 1.11.2 cisco-NAS-Port=0/0/0/40 cisco-SSG-Account-Info=S194.33.xx.5 radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusProcessor - REQUEST_AFTER_PREPROCESS: Packet type: Access-Request Identifier: 113 Authenticator: {D8 20 7B 8F C4 E0 26 DF 77 A7 6F 9F 19 97 B2 9B} Attributes: User-Name=194.33.xx.5 NAS-Identifier=BRAS-1.ug.ru NAS-Port-Id=0/0/0/40 User-Password=pass Event-Timestamp=1376276415 NAS-IP-Address=194.33.xx.1 NAS-Port=18923 Service-Type=5 Framed-IP-Address=194.33.xx.5 Acct-Session-Id=0/0/0/40_C2215402000049EE NAS-Port-Type=33 cisco-avpair=circuit-id-tag=000400280101 cisco-avpair=remote-id-tag=0006eccd6d6f6902 cisco-avpair=vendor-class-id-tag=udhcp 1.11.2 cisco-NAS-Port=0/0/0/40 cisco-SSG-Account-Info=S194.33.xx.5 И ответ Код: Common options: {agentRemoteId=eccd6d6f6902, agentCircuitId=00280101} radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusProcessor - [username=194.33.xx.5] Authenticated as inetServId:13 radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetNas - Found agentDevice:10 radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetApplication - inetServ[id=13] balance ok: 2160.00 [0] radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetApplication - TariffOptionMap: {} radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetApplication - OptionSet: [8] radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusProcessor - Write new waiting connection to DB radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusProcessor - New connection id=3962 radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusProcessor - Return code=0 radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusProcessor - RESPONSE_BEFORE_POSTPROCESS: Packet type: Access-Accept Identifier: 113 Authenticator: {} Attributes: Acct-Interim-Interval=60 Framed-IP-Address=194.33.xx.5 Idle-Timeout=1300 cisco-avpair=subscriber:accounting-list=ipoe-isg-aaa cisco-SSG-Account-Info=AISG-10MBPS Process time auth: 7 radius 08-12/07:01:02 INFO [rdsLstnr-p-9-t-1] InetRadiusListenerWorker - RESPONSE: Packet type: Access-Accept Identifier: 113 Authenticator: {C9 79 D0 BF 22 DD 9B CA A2 50 19 C9 1B 60 34 E8} Attributes: Acct-Interim-Interval=60 Framed-IP-Address=194.33.xx.5 Idle-Timeout=1300 cisco-avpair=subscriber:accounting-list=ipoe-isg-aaa cisco-SSG-Account-Info=AISG-10MBPS Process time auth: 8 И все ничего непроисходит, и опять чз время идет запрос по кругу. Неделю с цискарем мучали циску и подгоняли конфиг, ничего особо не меняется. конфиг циски Код: aaa group server radius ipoe-radius server-private 194.33.xx.22 auth-port 1812 acct-port 1813 non-standard key xx ip radius source-interface Loopback0 ! aaa group server radius ipoe-services-radius server-private 194.33.xx.22 auth-port 1811 acct-port 1813 non-standard key xx ip radius source-interface Loopback0 ! aaa authentication login ssh local aaa authentication login ipoe-isg-aaa group ipoe-radius aaa authorization exec ssh local aaa authorization network ipoe-isg-aaa group ipoe-radius aaa authorization subscriber-service default local group ipoe-services-radius aaa accounting delay-start aaa accounting update periodic 2 aaa accounting network ipoe-isg-aaa start-stop group ipoe-radius ! aaa nas port extended ! ! ! aaa server radius dynamic-author client 194.33.xx.22 server-key x ignore session-key ignore server-key ! aaa session-id unique clock timezone MSK 4 0 ! ! ! ip dhcp smart-relay ip dhcp relay information option ip dhcp relay information policy keep no ip dhcp relay information check ip dhcp relay information trust-all ! ! ! ip domain name ug.ru ip name-server 194.33.xx.20 ip cef login block-for 5 attempts 3 within 5 ipv6 multicast rpf use-bgp no ipv6 cef ! ! subscriber authorization enable multilink bundle-name authenticated ! redirect server-group NO-MONEY server ip 194.33.xx.22 port 8080 ! ip tcp selective-ack ip tcp timestamp ip ssh time-out 60 ip ssh version 2 class-map type traffic match-any TRAFFIC-FOR-REDIRECT match access-group input name traffic-for-redirect ! class-map type traffic match-any ALL-TRAFFIC match access-group input 101 match access-group output 102 ! class-map type traffic match-any OPENGARDEN-TRAFFIC match access-group input 155 match access-group output 156 ! class-map type traffic match-any LOCAL-TRAFFIC match access-group output 2110 ! class-map type control match-all TAL-SUBSCRIBERS match source-ip-address 194.33.xx.0 255.255.255.0 ! class-map type control match-all ISG-IP-UNAUTH match timer UNAUTH-TIMER match authen-status unauthenticated ! policy-map type service L4REDIRECT 20 class type traffic TRAFFIC-FOR-REDIRECT redirect to group NO-MONEY ! ! policy-map type service OPENGARDEN 40 class type traffic OPENGARDEN-TRAFFIC accounting aaa list ipoe-isg-aaa police input 1024000 police output 1024000 ! class type traffic default in-out drop ! ! policy-map type service ISG-LOCAL 100 class type traffic LOCAL-TRAFFIC accounting aaa list ipoe-isg-aaa police input 102400000 police output 102400000 ! ! policy-map type control IPoE-ISG class type control ISG-IP-UNAUTH event timed-policy-expiry 1 service disconnect ! class type control always event session-start 10 authorize aaa list ipoe-isg-aaa password pass identifier source-ip-address 20 set-timer UNAUTH-TIMER 1 ! class type control always event service-stop 1 service-policy type service unapply identifier service-name 10 log-session-state ! class type control always event session-restart 10 authorize aaa list ipoe-isg-aaa password pass identifier source-ip-address 20 set-timer UNAUTH-TIMER 1 ! ! ! interface Loopback0 description --For ISG Purposes-- ip address 194.33.xx.1 255.255.255.0 ! interface GigabitEthernet0/0.40 description --ISG Test Services-- encapsulation dot1Q 40 ip unnumbered Loopback0 ip helper-address 194.33.xx.22 no ip proxy-arp service-policy type control IPoE-ISG ip subscriber l2-connected initiator dhcp class-aware ! ip forward-protocol nd ! ! radius-server attribute 44 include-in-access-req default-vrf radius-server attribute 44 extend-with-addr radius-server attribute 6 on-for-login-auth radius-server attribute 6 mandatory radius-server attribute 8 include-in-access-req radius-server attribute 32 include-in-access-req radius-server attribute 32 include-in-accounting-req radius-server attribute 55 include-in-acct-req radius-server attribute 55 access-request include radius-server attribute 25 access-request include radius-server attribute nas-port format e UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU radius-server attribute 61 extended radius-server host 194.33.xx.22 auth-port 1812 acct-port 1813 key xx radius-server host 194.33.xx.22 auth-port 1811 acct-port 1813 key xx radius-server vsa send cisco-nas-port radius-server vsa send accounting radius-server vsa send authentication Вопрос куда копать ? Или менять схему ? Могу дать доступ ps ios 15.2S

Автор:	Boatswain [ 12 авг 2013, 12:55 ]
Заголовок сообщения:	Re: [6.0] ISG опция 82 и все все все
Запрос/ответ radius представлены для авторизации Сессии. Кто слушает на порту 1811 и авторизует Сервис? Код: server-private 194.33.xx.22 auth-port 1811 Скопировать BGInetAccess в отдельный каталог, скажем BGInetServiceAccess. Прописать слушать на порту 1811, и id сервиса отдельный. В биллинге необходимо создать отдельный договор для авторизации сервисов. В модуле Inet договора прописать логины и пароли для них. В опциях сервиса указать номер опции где лежит описание параметров сервиса.

Автор:	Magistr [ 12 авг 2013, 13:01 ]
Заголовок сообщения:	Re: [6.0] ISG опция 82 и все все все
Boatswain писал(а): Запрос/ответ radius представлены для авторизации Сессии. Кто слушает на порту 1811 и авторизует Сервис? Код: server-private 194.33.xx.22 auth-port 1811 Скопировать BGInetAccess в отдельный каталог, скажем BGInetServiceAccess. Прописать слушать на порту 1811, и id сервиса отдельный. В биллинге необходимо создать отдельный договор для авторизации сервисов. В модуле Inet договора прописать логины и пароли для них. В опциях сервиса указать номер опции где лежит описание параметров сервиса. Именно так и сделано, нету запросов на 1811

Автор:	Boatswain [ 12 авг 2013, 13:33 ]
Заголовок сообщения:	Re: [6.0] ISG опция 82 и все все все
diff с рабочим конфигом циски Код: aaa server radius dynamic-author client x.x.x.x client x.x.x.x client x.x.x.x client x.x.x.x server-key * auth-type any ! aaa session-id common

Автор:	Magistr [ 12 авг 2013, 13:44 ]
Заголовок сообщения:	Re: [6.0] ISG опция 82 и все все все
Boatswain писал(а): diff с рабочим конфигом циски Код: aaa server radius dynamic-author client x.x.x.x client x.x.x.x client x.x.x.x client x.x.x.x server-key * auth-type any ! aaa session-id common Непомогло, ранее эти опции менял и пробовал могу включить дебаг на циске только какой конкретно и кинуть сюда лог. Если включить локальные сервисы, то циска их авторизует и начинает слать аккаунтинг.

forum.bitel.ru http://forum.bitel.ru/

[6.0] ISG опция 82 и все все все (FIXED) http://forum.bitel.ru/viewtopic.php?f=44&t=8347	Страница 1 из 1

Автор:	Boatswain [ 12 авг 2013, 14:31 ]
Заголовок сообщения:	Re: [6.0] ISG опция 82 и все все все
debug subscriber aaa authorization event debug subscriber service debug radius verbose Могут дать ответ.

Автор:	Magistr [ 12 авг 2013, 14:53 ]
Заголовок сообщения:	Re: [6.0] ISG опция 82 и все все все
Boatswain писал(а): debug subscriber aaa authorization event debug subscriber service debug radius verbose Могут дать ответ. О помогло, нехватало опции Service-Type=1

Автор:	Boatswain [ 12 авг 2013, 14:59 ]
Заголовок сообщения:	Re: [6.0] ISG опция 82 и все все все
В ЛС загляните.

Автор:	Magistr [ 12 авг 2013, 15:07 ]
Заголовок сообщения:	Re: [6.0] ISG опция 82 и все все все
Ответил там уже

Страница 1 из 1	Часовой пояс: UTC + 5 часов [ Летнее время ]
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/