• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 696
  • Last Modified:

AS5300 - Dialup client is not recieving the proper gateway!

Hi,

Here is the network topo :

Client --> Dual-E1 --> Cisco AS5300  --> Radiator Radius --> Internet

Now today, the client connects to the NAS, authenticates & he recieves an IP from an ip local pool range. He also recieves the
DNS server, there is only 1 tiny issue.

The Client does not get an appropriate "Default Gateway" :

Ip Address : 213.xxx.175.38
Default Mask: 255.255.255.255
Default Gateway : 213.xxx.175.38

Honestly, I'm no cisco expert, you might find my questions dumb, but trust me they are worth
500 points.

Attached is my current cisco conf :

Building configuration...

Current configuration : 3351 bytes
!
version 12.1
service config
service timestamps debug uptime
service timestamps log uptime
service password-encryption
no service dhcp
!
hostname nas_test
!
logging console errors
aaa new-model
aaa authentication ppp ppp_auth_mth group radius
aaa authentication ppp ppp_auth_mth_local local
aaa authentication ppp test group radius
aaa accounting update newinfo
aaa accounting network default start-stop group radius
enable password 7 xxxxxxxxxxxxxxxxxxxxxx
!
username testnbayle password 7 xxxxxxxxxxxxxxxxxxxxxxxxx
username admin-local password 7 xxxxxxxxxxxxxxxxxxxxxxxx
spe 1/0 2/9
 firmware location flash:mica-modem-pw.2.7.2.2.bin
!
!
resource-pool disable
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
ip name-server 213.xxx.172.1
ip name-server 213.xxx.20.3
!
isdn switch-type primary-net5
mta receive maximum-recipients 0
!
controller E1 0
 clock source line primary
!
controller E1 1
 clock source line secondary 1
!
controller E1 2
 clock source line secondary 2
!
controller E1 3
 clock source line secondary 3
!
controller E1 4
 clock source line secondary 4
!
controller E1 5
 clock source line secondary 5
!
controller E1 6
 framing NO-CRC4
 clock source line secondary 7
 pri-group timeslots 1-31
!
controller E1 7
 framing NO-CRC4
 clock source line secondary 7
 pri-group timeslots 1-31
!
!
!
!
!
interface Loopback0
 ip address 213.xxx.175.62 255.255.255.224
!
interface Ethernet0
 no ip address
 shutdown
!
interface Serial0
 no ip address
 shutdown
 no fair-queue
 clockrate 2015232
!
interface Serial1
 no ip address
 shutdown
 no fair-queue
 clockrate 2015232
!
interface Serial2
 no ip address
 shutdown
 no fair-queue
 clockrate 2015232
!
interface Serial3
 no ip address
 shutdown
 no fair-queue
 clockrate 2015232
!
interface Serial6:15
 description Interface pour les free : vers xx60572624
 no ip address
 encapsulation ppp
 isdn switch-type primary-net5
 isdn incoming-voice modem
!
interface Serial7:15
 description Interface pour les forfaits : vers xx68572624
 no ip address
 encapsulation ppp
 isdn switch-type primary-net5
 isdn incoming-voice modem
!
interface FastEthernet0
 ip address 213.xxx.160.33 255.255.255.224
 duplex auto
 speed auto
!
interface Group-Async6
 description Interface pour les free : vers xx60572624
 ip unnumbered Loopback0
 encapsulation ppp
 no ip mroute-cache
 async mode dedicated
 peer default ip address pool pool_client_free
 ppp authentication pap ppp_auth_mth
 group-range 181 210
!
interface Group-Async7
 description Interface pour les forfaits : vers xx68572624
 ip unnumbered Loopback0
 encapsulation ppp
 no ip mroute-cache
 async mode dedicated
 peer default ip address pool pool_client_forfait
 ppp authentication pap ppp_auth_mth
 group-range 211 240
!
ip local pool pool_client_forfait 213.xxx.175.33 213.xxx.175.61
ip local pool pool_client_free 213.xxx.175.1 213.xxx.175.30
ip classless
ip route 0.0.0.0 0.0.0.0 213.xxx.160.62
no ip http server
!
snmp-server community public RO
!
radius-server host 213.xxx.172.7 auth-port 1645 acct-port 1646 non-standard
radius-server retransmit 3
radius-server attribute 44 include-in-access-req
radius-server key bijorvinson!
!
line con 0
line 1 180
line 181 210
 no exec
 no flush-at-activation
 modem Dialin
 rotary 6
 autohangup
line 211 240
 no exec
 no flush-at-activation
 modem Dialin
 rotary 7
 autohangup
line aux 0
line vty 0 4
!
end
0
umoorjani
Asked:
umoorjani
  • 8
  • 4
1 Solution
 
mikebernhardtCommented:
On the client, do you have "Use default gateway on remote network " checked in the dialup configuration?

Do I get a bag of Maui onions if I help you?
0
 
umoorjaniAuthor Commented:
hehe :) , on the dial up connection the "Use default gateway on remote network" is set already.
0
 
mikebernhardtCommented:
The only other thing I can think of is perhaps your radius configuration needs to be altered somehow. I can't see anything wrong with your configuration.
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
mikebernhardtCommented:
If only I was getting onions, I might think of something else...

just kidding!

I compared your config with examples on Cisco's web site and as I said, the Cisco part looks fine. Have you tried it using local authentication or just with radius?
0
 
mikebernhardtCommented:
One other thing- when you say the client doesn't get an appropriate default gateway- do you mean he doesn't get one at all, or that he gets his own address as a default gateway? If the latter, does it work?
0
 
umoorjaniAuthor Commented:
I tried using it with radius authentication, to be precise, the radiusd is Radiator (http://www.open.com.au/radiator/)
I am really troubled with this.
0
 
mikebernhardtCommented:
What about my other question?
0
 
umoorjaniAuthor Commented:
it get's his own ip address as his default-gateway. I want it to get the router ip address.
0
 
mikebernhardtCommented:
The reason I asked is that the IP address has a 32-bit mask. That means it can only be it's own default gateway. So it's doing what it should be doing as far as that goes. So the big question is, Does it work?
0
 
umoorjaniAuthor Commented:
It does not work that is for sure, what mask should I use for this to work ? A simple 255.255.255.0 would do ?
0
 
mikebernhardtCommented:
The mask defines the network. The client address and the gateway have to be in the same network.

the only thing I can think of, though it doesn't match the Cisco example, is to:

Make the mask on the loopback1 address bigger, so that the pool address range is a part of the loopback1 subnet. Then you can try making the default gateway the same as the loopback address.
0
 
mikebernhardtCommented:
Here's an example that inlcudes the Radius piece:
http://www.cisco.com/en/US/tech/tk713/tk507/technologies_configuration_example09186a0080093c78.shtml

The radius part is basic. I'm assuming that radiator is similar to other open-source radius implementations, I haven't used it. But I seem to remember that you can speicify a subnet mask and default gateway there. If the above works manually, then you can configure radius to send the client the correct mask and default gateway.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 8
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now