hello,
i am trying to do the following:
the AP is a pppoe server, pppoe users get authenticated and accounted by the UM on an other machine. the cpe (RB411) is the pppoe client.
the server setup:
/ppp aaa
set accounting=yes interim-update=0s use-radius=yes
/radius
add accounting-backup=no accounting-port=1813 address=10.1.1.1 authentication-port=1812 called-id="" comment="Hotspot and PPPoE" disabled=no domain="" realm="" secret=12345 service=ppp,hotspot timeout=300ms
/ip pool
add name=PPPoE-Pool ranges=10.200.2.100-10.200.2.200
/ppp profile
add change-tcp-mss=yes comment="" dns-server=10.200.2.254 local-address=10.200.2.254 name=PPPoE-Profile only-one=default remote-address=PPPoE-Pool use-compression=no use-encryption=no use-vj-compression=no
/interface pppoe-server server
add authentication=pap,chap,mschap1,mschap2 default-profile=PPPoE-Profile disabled=no interface=wlan1.2 keepalive-timeout=10 max-mru=1480 max-mtu=1480 max-sessions=0 mrru=disabled one-session-per-host=yes service-name=internet
here the client setup:
/ppp profile
add change-tcp-mss=yes comment="" name=PPPoE-Profile only-one=default remote-address=10.200.2.254 use-compression=no use-encryption=no use-vj-compression=no
/interface pppoe-client
add ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 comment="" dial-on-demand=yes disabled=no interface=wlan1 max-mru=1480 max-mtu=1480 mrru=disabled name=pppoe-user password=xxxx profile=PPPoE-Profile service-name=internet use-peer-dns=yes user=dfu1001
the communication from the PPPoE client to the PPPoE-Server and from the server to the User Manager seem to wotk, here the log:
manager,debug,packet received Access-Request with id 18 from 10.200.0.9:53273
manager,debug,packet Signature = 0x364cbfc2d61f3c9d339eae3d373750eb
manager,debug,packet Service-Type = 2
manager,debug,packet Framed-Protocol = 1
manager,debug,packet NAS-Port = 88
manager,debug,packet NAS-Port-Type = 15
manager,debug,packet User-Name = "dfu1001"
manager,debug,packet Calling-Station-Id = "00:0C:42:1B:9F:8D"
manager,debug,packet Called-Station-Id = "internet"
manager,debug,packet NAS-Port-Id = "wlan1.2"
manager,debug,packet MS-CHAP-Challenge = 0xd7b3c0f415acbe560be6ab92c5aca6fb
manager,debug,packet MS-CHAP2-Response = 0x0100f1e219ea64c1536fbae1c3fe3f45
manager,debug,packet 5cf900000000000000009c14bf78cb31
manager,debug,packet 954fc317952a57e36e0696cc5e3ca937
manager,debug,packet 45f7
manager,debug,packet NAS-Identifier = "testrouter02"
manager,debug,packet NAS-IP-Address = 10.200.0.9
manager,debug received remote request 727 code=Access-Request from 10.200.0.9:53273
manager,debug sending Access-Accept to request 727
manager,debug,packet sending Access-Accept with id 18 to 10.200.0.9:53273
manager,debug,packet Signature = 0x936213e22395e0210f39982ef34c33d6
manager,debug,packet MS-CHAP2-Success = 0x01533d34423744323146303131434541
manager,debug,packet 38373543354331313943454439414637
manager,debug,packet 4541443135383542414232
manager,debug,packet MS-MPPE-Send-Key = 0xe9848fd65e685ea4a5398cf0903601c0
manager,debug,packet 7c94a9f549a3989d51f8230990f9a3c5
manager,debug,packet ca06
manager,debug,packet MS-MPPE-Recv-Key = 0xa1eacca1850faa3da2580823296a4d10
manager,debug,packet e1876fce9eda265f3fed1fab49a8cc57
manager,debug,packet ed59
manager,debug,packet Acct-Interim-Interval = 600
manager,debug,packet MT-Rate-Limit = " 1m/1m"
manager,debug,packet MT-Xmit-Limit = 1073727077
manager,debug,packet MT-Xmit-Limit-Gigawords = 0
manager,debug,packet MT-Recv-Limit = 1073615246
manager,debug,packet MT-Recv-Limit-Gigawords = 0
manager,debug,packet received Accounting-Request with id 19 from 10.200.0.9:42197
manager,debug,packet Signature = 0x2d760d524c7014449dce8fb0f6a77ccd
manager,debug,packet Service-Type = 2
manager,debug,packet Framed-Protocol = 1
manager,debug,packet NAS-Port = 88
manager,debug,packet NAS-Port-Type = 15
manager,debug,packet User-Name = "dfu1001"
manager,debug,packet Calling-Station-Id = "00:0C:42:1B:9F:8D"
manager,debug,packet Called-Station-Id = "internet"
manager,debug,packet NAS-Port-Id = "wlan1.2"
manager,debug,packet Acct-Session-Id = "81400002"
manager,debug,packet Framed-IP-Address = 10.200.2.200
manager,debug,packet Acct-Authentic = 1
manager,debug,packet Event-Timestamp = 1216714219
manager,debug,packet Acct-Status-Type = 1
manager,debug,packet NAS-Identifier = "testrouter02"
manager,debug,packet NAS-IP-Address = 10.200.0.9
manager,debug,packet Acct-Delay-Time = 0
manager,debug received remote request 728 code=Accounting-Request from 10.200.0.9:42197
manager,debug sending Accounting-Response to request 728
manager,debug,packet sending Accounting-Response with id 19 to 10.200.0.9:42197
manager,debug,packet Signature = 0xf76ea0843b33a2fad3dae19cfd8d72d3
if i look at the ip addresses on my test cpe i find this:
[admin@PPPoE-Test] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 192.168.100.1/24 192.168.100.0 192.168.100.255 ether1
1 D 10.64.64.72/32 10.200.2.254 0.0.0.0 pppoe-user
[admin@PPPoE-Test] >
i do NOT get an ip address from the pool specified. any suggestions how i can solve this problem ?
regards
Jan
Re: PPPoE setup: don't get address of specified pool.
Hi Jan, How is it going ?
I have setup a Radius server in a similar manner...
Make sure you set up the user with the correct pool name (which im sure you have)
Check if if you have any other pppoe profiles running on the access point
ensure that the pool name specified in the radius server "user account" matches the pool specified in the accesspoint/ pppoe server.
ensure that the pppoe server profile has a local address for the end of the pppoe tunnels terminating at the access point
I hope this helps,
Tom Smyth
I have setup a Radius server in a similar manner...
Make sure you set up the user with the correct pool name (which im sure you have)
Check if if you have any other pppoe profiles running on the access point
ensure that the pool name specified in the radius server "user account" matches the pool specified in the accesspoint/ pppoe server.
ensure that the pppoe server profile has a local address for the end of the pppoe tunnels terminating at the access point
I hope this helps,
Tom Smyth
Re: PPPoE setup: don't get address of specified pool.
hi tom,
i was ooo (out of office) all afternoon.
i have not specified the pool name in the UM. i will try that as a next step. what i have tried is to assign an address out of the pool in the radius. the AP does tell me that the address is "in use" but the actual CPE does not have that address. instead it hat some 10."something" address which can not be routed.
anyway, i will come back to this on Friday i hope.
thanks tom
i was ooo (out of office) all afternoon.
i have not specified the pool name in the UM. i will try that as a next step. what i have tried is to assign an address out of the pool in the radius. the AP does tell me that the address is "in use" but the actual CPE does not have that address. instead it hat some 10."something" address which can not be routed.
anyway, i will come back to this on Friday i hope.
thanks tom
Re: PPPoE setup: don't get address of specified pool.
Yes, Tom is right, it's working with User Manager, just tested and it works.