Re: [cisco-ttl] ppp compression

From: Devrim Yener KUCUK (dkucuk_at_cisco.com)
Date: Sat Sep 18 2004 - 16:10:35 GMT

  • Next message: Oguzhan Kayhan: "RE: [cisco-ttl] ppp compression"

    Merhaba

    Local olarak yapinca mppc calisiyor mu? ( yani TACACS kullanilmazsa ?)

    CCP TACACS tarafindan authorize olmamis gorunuyor.

    >>>>
    *Jan 1 23:14:30.510: TPLUS: received authorization response for 35: FAIL
    *Jan 1 23:14:30.514: As1/19 CCP: Received AAA AUTHOR Response FAIL
    *Jan 1 23:14:30.514: As1/19 AAA/AUTHOR/FSM: We cannot start CCP
    >>>

    ACs de

    New service: ppp
    New protocol: ccp

    seklinde tanim yaptiniz mi?

    >>>>>>>>>>>
    To configure CCP /MPPC with NT Tacacs
    - ppp ccp in "interface configuration" "new services" in lower cases for user and group
    - if "user" is not seen, it needs to be selcted in "interface configuration" "advanced options" "
    Per-user TACACS+/RADIUS Attributes"
    - in the user profile and/or group profile

    MPPC:
    <http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113t/113t_3/mppc.htm>

    You can also try with: compress mppc ignore-pfc
    >>>>>>>>>>>>>

    Calismazsa:
    daha detayli bir debug gerekecek
    deb isdn q931
    Debug ppp nego
    Debug ppp authen
    Debug ppp per-user
    deb ppp per-user
    Debug tacacs
    debug aaa authen
    debug aaa author

    Kolay gelsin

    devrim

      ----- Original Message -----
      From: Oguzhan Kayhan
      To: cisco-ttl_at_yahoogroups.com
      Sent: Saturday, September 18, 2004 12:38 PM
      Subject: RE: [cisco-ttl] ppp compression

      Evet debug loglarini attachment olarak gonderiyorum.

      Gordugum kadariyla dediginiz gibi compression icin auth olayindan kaynakli bir sorun var gibi gorunuyor

      AAA olarak cisco acs 3.2 kullaniyorum su anda.

      Ve optionslarinda compression ile ilgili bir authentication goremedim.

      Kacirdigim birsey mi var

      Sh ver outputunu da ekte gonderiyorum.

       

       

      ras1#sh ver

      Cisco Internetwork Operating System Software

      IOS (tm) 5350 Software (C5350-IS-M), Version 12.2(2)XB15, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

      TAC Support: http://www.cisco.com/tac

      Copyright (c) 1986-2003 by cisco Systems, Inc.

      Compiled Mon 08-Dec-03 17:37 by cmong

      Image text-base: 0x600089C8, data-base: 0x61200000

       

      ROM: System Bootstrap, Version 12.2(1r)1, RELEASE SOFTWARE (fc1)

      BOOTLDR: 5350 Software (C5350-BOOT-M), Version 12.2(2)XB2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

       

      ras1 uptime is 23 hours, 42 minutes

      System returned to ROM by power-on

      System image file is "flash:c5350-is-mz.122-2.XB15.bin"

       

      cisco AS5350 (R7K) processor (revision T) with 131072K/65536K bytes of memory.

      Processor board ID JAE07460LZH

      R7000 CPU at 250Mhz, Implementation 39, Rev 1.0, 256KB L2, 2048KB L3 Cache

      Last reset from power-on

      Channelized E1, Version 1.0.

      Bridging software.

      X.25 software, Version 3.0.0.

      SuperLAT software (copyright 1990 by Meridian Technology Corp).

      Primary Rate ISDN software, Version 1.1.

      Manufacture Cookie Info:

       EEPROM Type 0x0001, EEPROM Version 0x01, Board ID 0x32,

       Board Hardware Version 3.34, Item Number 800-5171-02,

       Board Revision C0, Serial Number JAE07460LZH,

       PLD/ISP Version 2.2, Manufacture Date 15-Nov-2003.

      Processor 0x14, MAC Address 0x0DBD6D746E

      Backplane HW Revision 1.0, Flash Type 5V

      2 FastEthernet/IEEE 802.3 interface(s)

      33 Serial network interface(s)

      60 terminal line(s)

      2 Channelized E1/PRI port(s)

      512K bytes of non-volatile configuration memory.

      32768K bytes of processor board System flash (Read/Write)

      8192K bytes of processor board Boot flash (Read/Write)

       

      Configuration register is 0x2102

       

       

    ------------------------------------------------------------------------------

      From: Devrim Yener KUCUK [mailto:dkucuk_at_cisco.com]
      Sent: Saturday, September 18, 2004 2:30 PM
      To: cisco-ttl_at_yahoogroups.com
      Subject: Re: [cisco-ttl] ppp compression

       

      Merhaba Oguzhan

       

      Soru 1:

      Mppc nin client tarafinda calismamasinin nedeni ne olabilir?

       

      Cevap 1:

      AAA kullaniyoruz, ve compression network authorization gerektirir.Burda sorun olabilir.

      Sorunu gormek icin asagidaki debuglari enable etmek gerekli

       

      deb isdn q931

      deb ppp neg

      deb ppp authen

      deb aaa author

      deb tacacs

       

      debuglari toplamadan once (msec formatta gormemiz icin)

      conf t

      service tim deb date msec

      service time log date msec

       

      bu sekilde nerde fail oldugunu rahatlikla gorururuz...

      (sh ver /sh run i her debugla birlikte tekrar gondermekte yarar var, ayni mailde olursa isimiz kolaylasir)

       

      Soru 2:

      Bir de, async connection icin idle time ayarini nereden yapabilirim?

       

      Cevap 2:

      Async-group u dialer interface olarak tanimladiktan sonra dialer idle-timeout komutunu kullanilabilir

      "dialer in-band" komutu gerekli.

       

      Not:

      Bu konfigle ISDN call sonlandiramazsiniz.

      interface Serial3/0:15

       no ip address

       encapsulation ppp

       dialer rotary-group 1 ==> Isdn call tum parametreleri dialer 1 dan alacak ama interface dialer 1 konfigi tamam degil, aklinizda olsun ( pool , ip address, authentication.....tanimlari eksik)

       

       

      Kolay gelsin

       

      Devrim

       

       

       

        ----- Original Message -----

        From: Oguzhan Kayhan

        To: cisco-ttl_at_yahoogroups.com

        Sent: Saturday, September 18, 2004 7:35 AM

        Subject: [cisco-ttl] ppp compression

         

        Selamlar,

        AS5350 var elimde bir tane. Config ettim, guzel calisti hersey ancak bir sIkIntIm var.

         

        Ip header compression haricinde herhangi bir compression calistiramiyorum

         Compress mppc dedigimde ise,

        Username verificationdan sonra registering network kisminda yaklasik 10-15 saniye civarinda bekliyor client, daha sonra connect oldugunda dialup propertiesten baktigimda compression yapamadigini goruyorum.

         

        Mppc nin client tarafinda calismamasinin nedeni ne olabilir?

         

        Bir de, async connection icin idle time ayarini nereden yapabilirim?

         

        AS nin configi su sekilde, gordugunuz yanlis eksik birsey varsa soylerseniz sevinirim.

         

        ras1#sh conf

        Using 3010 out of 520184 bytes

        !

        version 12.2

        service timestamps debug uptime

        service timestamps log uptime

        no service password-encryption

        !

        hostname ras1

        !

        no boot startup-test

        logging cns-events informational

        aaa new-model

        !

        !

        aaa authentication login default group tacacs+ local

        aaa authentication login consoleport none

        aaa authentication login no-tacacs+ enable

        aaa authentication ppp default if-needed group tacacs+

        aaa authorization exec default group tacacs+ local

        aaa authorization network default group tacacs+ local

        aaa session-id common

        enable secret 5 $1$AD0H$umAfNWsWJ27w2grWA1xtv.

        enable password xxxxx

        !

        !

        !

        resource-pool disable

        spe country e1-default

        !

        !

        !

        !

        !

        ds0 busyout-threshold 12

        ip subnet-zero

        ip cef

        ip domain-name xxxxx

        ip name-server 192.168.10.8

        !

        frame-relay switching

        isdn switch-type primary-net5

        !

        !

        !

        !

        !

        !

        !

        fax interface-type fax-mail

        mta receive maximum-recipients 0

        !

        controller E1 3/0

         framing NO-CRC4

         pri-group timeslots 1-31

        !

        controller E1 3/1

         shutdown

        !

        !

        !

        interface Loopback0

         ip address 172.22.99.1 255.255.255.255

        !

        interface Loopback1

         ip address 172.22.90.1 255.255.255.0

        !

        interface FastEthernet0/0

         ip address 192.168.8.88 255.255.252.0

         no ip mroute-cache

         duplex full

         speed 100

        !

        interface FastEthernet0/1

         ip address 10.10.10.3 255.255.255.0

         no ip mroute-cache

         duplex full

         speed 100

        !

        interface Serial0/0

         no ip address

         no ip mroute-cache

         shutdown

         clockrate 2000000

        !

        interface Serial0/1

         no ip address

         no ip mroute-cache

         shutdown

         clockrate 2000000

        !

        interface Serial3/0:15

         no ip address

         encapsulation ppp

         dialer rotary-group 1

         isdn switch-type primary-net5

         isdn overlap-receiving

         isdn incoming-voice modem

         isdn send-alerting

         isdn sending-complete

         no fair-queue

         compress mppc

         no cdp enable

         ppp multilink

        !

        interface Group-Async0

         ip unnumbered FastEthernet0/0

         no ip unreachables

         encapsulation ppp

         ip tcp header-compression

         compress mppc

         async default routing

         async mode dedicated

         peer default ip address pool isdn

         no fair-queue

         ppp authentication ms-chap chap pap

         ppp multilink

         group-range 1/00 1/59

        !

        interface Dialer1

         no ip address

         encapsulation ppp

        !

        ip local pool local 192.168.113.51 192.168.113.100

        ip local pool external 10.10.10.210 10.10.10.254

        ip local pool internet 192.168.113.2 192.168.113.30

        ip default-gateway 192.168.10.6

        ip classless

        ip route 0.0.0.0 0.0.0.0 192.168.10.6

        no ip http server

        !

        logging 192.168.10.8

        !

        tacacs-server host 192.168.10.8 single-connection

        tacacs-server key test

        snmp-server community xxxxx RO

        snmp-server trap link ietf

        snmp-server enable traps tty

        snmp-server host 192.168.10.3 version

        snmp mib persist event

        !

        call rsvp-sync

        !

        voice-port 3/0:D

         compand-type a-law

        !

        !

        mgcp profile default

        !

        dial-peer cor custom

        !

        !

        !

        !

        line con 0

        line aux 0

        line vty 0 4

         password xxxxx

        line 1/00

         modem InOut

        line 1/01 1/59

         modem InOut

         modem autoconfigure discovery

         transport input all

         autoselect ppp

        !

        scheduler allocate 10000 400

        ntp server 192.168.10.8

        end

               

        Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

        Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

        Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

        Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

        Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

        Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

              Yahoo! Groups Sponsor
                    ADVERTISEMENT
                   
             
             

    ----------------------------------------------------------------------------
        Yahoo! Groups Links

          a.. To visit your group on the web, go to:
          http://groups.yahoo.com/group/cisco-ttl/
            
          b.. To unsubscribe from this group, send an email to:
          cisco-ttl-unsubscribe_at_yahoogroups.com
            
          c.. Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.



    This archive was generated by hypermail 2.1.5 : Sat Sep 18 2004 - 20:11:32 GMT