Solved

AS5300 - Dialup client is not recieving the proper gateway!

Posted on 2006-06-14
15
685 Views
Last Modified: 2011-10-03
Hi,

Here is the network topo :

Client --> Dual-E1 --> Cisco AS5300  --> Radiator Radius --> Internet

Now today, the client connects to the NAS, authenticates & he recieves an IP from an ip local pool range. He also recieves the
DNS server, there is only 1 tiny issue.

The Client does not get an appropriate "Default Gateway" :

Ip Address : 213.xxx.175.38
Default Mask: 255.255.255.255
Default Gateway : 213.xxx.175.38

Honestly, I'm no cisco expert, you might find my questions dumb, but trust me they are worth
500 points.

Attached is my current cisco conf :

Building configuration...

Current configuration : 3351 bytes
!
version 12.1
service config
service timestamps debug uptime
service timestamps log uptime
service password-encryption
no service dhcp
!
hostname nas_test
!
logging console errors
aaa new-model
aaa authentication ppp ppp_auth_mth group radius
aaa authentication ppp ppp_auth_mth_local local
aaa authentication ppp test group radius
aaa accounting update newinfo
aaa accounting network default start-stop group radius
enable password 7 xxxxxxxxxxxxxxxxxxxxxx
!
username testnbayle password 7 xxxxxxxxxxxxxxxxxxxxxxxxx
username admin-local password 7 xxxxxxxxxxxxxxxxxxxxxxxx
spe 1/0 2/9
 firmware location flash:mica-modem-pw.2.7.2.2.bin
!
!
resource-pool disable
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
ip name-server 213.xxx.172.1
ip name-server 213.xxx.20.3
!
isdn switch-type primary-net5
mta receive maximum-recipients 0
!
controller E1 0
 clock source line primary
!
controller E1 1
 clock source line secondary 1
!
controller E1 2
 clock source line secondary 2
!
controller E1 3
 clock source line secondary 3
!
controller E1 4
 clock source line secondary 4
!
controller E1 5
 clock source line secondary 5
!
controller E1 6
 framing NO-CRC4
 clock source line secondary 7
 pri-group timeslots 1-31
!
controller E1 7
 framing NO-CRC4
 clock source line secondary 7
 pri-group timeslots 1-31
!
!
!
!
!
interface Loopback0
 ip address 213.xxx.175.62 255.255.255.224
!
interface Ethernet0
 no ip address
 shutdown
!
interface Serial0
 no ip address
 shutdown
 no fair-queue
 clockrate 2015232
!
interface Serial1
 no ip address
 shutdown
 no fair-queue
 clockrate 2015232
!
interface Serial2
 no ip address
 shutdown
 no fair-queue
 clockrate 2015232
!
interface Serial3
 no ip address
 shutdown
 no fair-queue
 clockrate 2015232
!
interface Serial6:15
 description Interface pour les free : vers xx60572624
 no ip address
 encapsulation ppp
 isdn switch-type primary-net5
 isdn incoming-voice modem
!
interface Serial7:15
 description Interface pour les forfaits : vers xx68572624
 no ip address
 encapsulation ppp
 isdn switch-type primary-net5
 isdn incoming-voice modem
!
interface FastEthernet0
 ip address 213.xxx.160.33 255.255.255.224
 duplex auto
 speed auto
!
interface Group-Async6
 description Interface pour les free : vers xx60572624
 ip unnumbered Loopback0
 encapsulation ppp
 no ip mroute-cache
 async mode dedicated
 peer default ip address pool pool_client_free
 ppp authentication pap ppp_auth_mth
 group-range 181 210
!
interface Group-Async7
 description Interface pour les forfaits : vers xx68572624
 ip unnumbered Loopback0
 encapsulation ppp
 no ip mroute-cache
 async mode dedicated
 peer default ip address pool pool_client_forfait
 ppp authentication pap ppp_auth_mth
 group-range 211 240
!
ip local pool pool_client_forfait 213.xxx.175.33 213.xxx.175.61
ip local pool pool_client_free 213.xxx.175.1 213.xxx.175.30
ip classless
ip route 0.0.0.0 0.0.0.0 213.xxx.160.62
no ip http server
!
snmp-server community public RO
!
radius-server host 213.xxx.172.7 auth-port 1645 acct-port 1646 non-standard
radius-server retransmit 3
radius-server attribute 44 include-in-access-req
radius-server key bijorvinson!
!
line con 0
line 1 180
line 181 210
 no exec
 no flush-at-activation
 modem Dialin
 rotary 6
 autohangup
line 211 240
 no exec
 no flush-at-activation
 modem Dialin
 rotary 7
 autohangup
line aux 0
line vty 0 4
!
end
0
Comment
Question by:umoorjani
  • 8
  • 4
15 Comments
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 16907995
On the client, do you have "Use default gateway on remote network " checked in the dialup configuration?

Do I get a bag of Maui onions if I help you?
0
 

Author Comment

by:umoorjani
ID: 16908273
hehe :) , on the dial up connection the "Use default gateway on remote network" is set already.
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 16912879
The only other thing I can think of is perhaps your radius configuration needs to be altered somehow. I can't see anything wrong with your configuration.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 28

Expert Comment

by:mikebernhardt
ID: 16912914
If only I was getting onions, I might think of something else...

just kidding!

I compared your config with examples on Cisco's web site and as I said, the Cisco part looks fine. Have you tried it using local authentication or just with radius?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 16912934
One other thing- when you say the client doesn't get an appropriate default gateway- do you mean he doesn't get one at all, or that he gets his own address as a default gateway? If the latter, does it work?
0
 

Author Comment

by:umoorjani
ID: 16913560
I tried using it with radius authentication, to be precise, the radiusd is Radiator (http://www.open.com.au/radiator/)
I am really troubled with this.
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 16913821
What about my other question?
0
 

Author Comment

by:umoorjani
ID: 16913892
it get's his own ip address as his default-gateway. I want it to get the router ip address.
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 16914072
The reason I asked is that the IP address has a 32-bit mask. That means it can only be it's own default gateway. So it's doing what it should be doing as far as that goes. So the big question is, Does it work?
0
 

Author Comment

by:umoorjani
ID: 16914660
It does not work that is for sure, what mask should I use for this to work ? A simple 255.255.255.0 would do ?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 16921677
The mask defines the network. The client address and the gateway have to be in the same network.

the only thing I can think of, though it doesn't match the Cisco example, is to:

Make the mask on the loopback1 address bigger, so that the pool address range is a part of the loopback1 subnet. Then you can try making the default gateway the same as the loopback address.
0
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 500 total points
ID: 16921725
Here's an example that inlcudes the Radius piece:
http://www.cisco.com/en/US/tech/tk713/tk507/technologies_configuration_example09186a0080093c78.shtml

The radius part is basic. I'm assuming that radiator is similar to other open-source radius implementations, I haven't used it. But I seem to remember that you can speicify a subnet mask and default gateway there. If the above works manually, then you can configure radius to send the client the correct mask and default gateway.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question