ASR 1002 OTV and OSPF routing adjacency
I have two data centers using ASR 1002x configured for unicast OTV as the DCI.... and all is operational.
A Nexus 9K is the core switch in DC1 and a 6500 is the core switch in DC2
I now need to route non-otv vlans between data centers.
Questions:
1. is forming OSPF adjacency's between the 9K and 6500 supported over the OTV overlay?
2. If not - what is a supported design?
I cannot find anything out there.....
Thanks in Advance
Hi Blaz,
In the debugs, I still see Framed-Compression attribute in the access-accept sent from radius:
Mar 19 11:22:37.737: RADIUS: Framed-Compression [13] 6 None [0]
Changing the compression from "Van-Jacobsen-TCP-IP" to 'None' is not enough. You need to remove the Framed-Compression attribute completely from the radius profile for the subscriber.
Could you try that?
Regards
Similar Messages
-
Adding VLAN to Po-Group and OSPF routing what is the correct way?
Hi Community,
I recently had an issue that brought down the links between a couple of switches...luckily this was done after hours and I did not save the config so was able to revert back.
The basic scope of my project is:
We are running out of IP's on the 192.168.1.0/24 sunbnet so wanted to create a seperate VLAN/Subnet for physical workstations.
He is what I orginally did;
1) On our core switch; (Switch1)
Create the VLAN,
VLAN interface,
DHCP pool,
excluded address'
2) On second switch (Switch 2)
Add VLAN name, no interface
3) I then updated the PO-group on Switch1 with new VLAN (this brought down the link before I was able to finish my config)
Therefore I was not able to complete the following:
add vlan to spanning-tree or updated OSPF routing
Here is what I assume to be the correct order?
1) On Core Switch (Switch 1)
Create VLAN
VLAN interface
DHCP pool
excluded address'
add vlan to spanning-tree
add vlan (passive interface) and sunbet to OSPF routing
2) On Switch 2
Add vlan name/interfaces with no ip
3) Update PO groups after the above has been configured
Add new VLAN to Po-Group on Switch 2
Add new VLAN to Po-Group on Switch 1
4) Last steps
Updated specific access ports with new VLAN and test
upon completion of testing, update all other access ports connected ot workstations with new VLAN
Questions:
Did my links go down because I added new VLAN to Po-group BEFORE updating spanning-tree and OSPF routing?
Can anyone verify the order as outlined in the section "Here is what I assume to be the correct order"So the order in which to apply TASKS is correct?
also just to clarify the following TASK based on your comments.
Step 4- Add new VLANs to OSPF as passive interface
On Switch 1 (core)
We have this line of code
router ospf 100
router-id 192.168.1.10
log-adjacency-changes
passive-interface Vlan10
passive-interface Vlan30
passive-interface Vlan50
passive-interface Vlan500
network 192.168.0.2 0.0.0.0 area 0
network 192.168.1.10 0.0.0.0 area 0
network 192.168.30.254 0.0.0.0 area 0
network 192.168.33.254 0.0.0.0 area 0
network 192.168.51.254 0.0.0.0 area 0
network 192.168.99.5 0.0.0.0 area 0
network 192.168.200.254 0.0.0.0 area 0
TASK: OSPF - Add new VLANs(40 & 41) to OSPF as Passive Interface
******* Begin Here *********
config t
router ospf 100
passive-interface vlan40
passive-interface vlan41
!WE SHOULD ADD THIS LINE OF CODE
network 192.168.40.254 0.0.0.0 area 0
network 192.168.41.254 0.0.0.0 area 0
******* End Here *********
RESULT:
router ospf 100
router-id 192.168.1.10
log-adjacency-changes
passive-interface Vlan10
passive-interface Vlan30
passive-interface Vlan40
passive-interface Vlan41
passive-interface Vlan50
passive-interface Vlan500
network 192.168.0.2 0.0.0.0 area 0
network 192.168.1.10 0.0.0.0 area 0
network 192.168.30.254 0.0.0.0 area 0
network 192.168.33.254 0.0.0.0 area 0
network 192.168.40.254 0.0.0.0 area 0
network 192.168.41.254 0.0.0.0 area 0
network 192.168.51.254 0.0.0.0 area 0
network 192.168.99.5 0.0.0.0 area 0
network 192.168.200.254 0.0.0.0 area 0
Better??
Again thanks...your feedback have been a tremendous help! -
ASR 1002 current license for LNS router ???
hi i want to ask about ASR 1002 license for LNS router .
i want to know how many pppoe session can handle without any license
i mean wts the current sessions allowed on the current router
and wt other options i have to upgrade this router so that it support more sessions and its prices.
regardshere is my current router :
Gateway-ASR1002#sh inventory
NAME: "Chassis", DESCR: "Cisco ASR1002 Chassis"
PID: ASR1002 , VID: V06, SN: FOX1807GBZW
NAME: "module F0", DESCR: "Cisco ASR1000 Embedded Services Processor, 5Gbps"
PID: ASR1000-ESP5 , VID: V04, SN: JAE18110AU1
NAME: "Power Supply Module 0", DESCR: "Cisco ASR1002 AC Power Supply"
PID: ASR1002-PWR-AC , VID: V03, SN: ART1804U03P
NAME: "Power Supply Module 1", DESCR: "Cisco ASR1002 AC Power Supply"
PID: ASR1002-PWR-AC , VID: V03, SN: ART1804U05H
NAME: "module 0", DESCR: "Cisco ASR1002 SPA Interface Processor 10"
PID: ASR1002-SIP10 , VID: , SN:
NAME: "SPA subslot 0/0", DESCR: "4-port Gigabit Ethernet Shared Port Adapter"
PID: 4XGE-BUILT-IN , VID: , SN:
NAME: "subslot 0/0 transceiver 0", DESCR: "GE T"
PID: SFP-GE-T , VID: , SN: MTC1229019N
NAME: "subslot 0/0 transceiver 1", DESCR: "GE T"
PID: SFP-GE-T , VID: , SN: MTC1231005A
NAME: "subslot 0/0 transceiver 2", DESCR: "GE T"
PID: SFP-GE-T , VID: , SN: MTC1229019M
NAME: "module R0", DESCR: "Cisco ASR1002 Route Processor 1"
PID: ASR1002-RP1 , VID: V06, SN: JAE18110F7G
Gateway-ASR1002# -
ASR 1002 Router doing multiple VRFs
I have an ASR 1002 router with Three VRFs coming into it. The first 2 VRFs are just terminating on the ASR with L3 sub interfaces. So no big deal with them. The third one is a VRF that needs to terminate on a separate router. The ASR that needs to split out this 3rd VRF is not allowed to have an IP address for it. So it just needs to forward off this as L2 to a separate physical port and then terminates on a different router.
So my question is what is the best way to accomplish this on the ASR? Could I setup a pseudo wire setup or is there an easier way to just split off this as separate VLAN to the other physical interface?Hi
You could try with bridging. Something like this
Interface bvi 1
no ip address
interface gig0
bridge-gropup 1
interface gig1
bridge-group 1
/Mikael -
Route Redistribution between RIP and OSPF
Hi all,
I'm building my home lab and having difficutly to get this part of router redistribution work.
I can't ping from PC, Server and SW1 to R2's int f0/0, f0/1 and SW2's G0/1.
I can't ping from R1 to R2's f0/1, SW2
Vice versa, I can't ping from SW2 to R2's f0/0, R1's f0/0 & f0/1, SW1, PC and Server.
Also, I can't ping from R2 to R1's f0/1, SW1, Server and PC.
I think the reason cause these ping's failure is I didn't config the Route Redistribution between RIP and OSPF(on R2)correctly. I strugled for hours to change comand around but still can't figure it out. I attached my Topology and config. file to you and please help!
smartd1011Hi,
On R1, you should not be advertising 10.0.0.0/24 via OSPF => redistribution will handle that
On R1, you should not be advertising 20.0.0.0/24 via EIGRP => redistribution will handle that
On R2, you should not be advertising 30.0.0.0/24 via OSPF => redistribution will handle that
On R2, you should not be advertising 20.0.0.0/24 via RIP=> redistribution will handle that
On R2, under your rip process, you should put a metric to RIP otherwise it would redistributed with infinite metric (i.e. 16). Btw, you did put a seed metric on your EIGRP redistribution which is fine.
Also if you're talking RIP with switch2 and would like to send rip updates to him, you remove your passive interface statement
your rip statement should be somethin like that :
router rip
version 2
redistribute ospf 1 metric 5
passive-interface FastEthernet0/0
network 30.0.0.0
no auto-summary
HTH -
Hello All.
I started using asr 1002-x with IOS XE instead of 7201 as ISG + AAA + RADIUS.
I had a question on IOS XE 3.11, 3.10, 3.9.
Command "radius-server vsa send ..." is in a configuration, however it isn't applied and doesn't appear in running-config.
cod-r8(config)#radius-server vsa send?
accounting Send in accounting requests
authentication Send in access requests
cisco-nas-port Send cisco-nas-port VSA (2)
<cr>
cod-r8(config)#radius-server vsa send accounting
cod-r8(config)#radius-server vsa send authentication
cod-r8(config)#radius-server vsa send cisco-nas-port
cod-r8(config)#do sh run | include vsa
radius-server vsa send cisco-nas-port</cr>
It turns out that vsa is included by default or doesn't work at all?
Thanks.
KonstantinHi Konstantin,
Regarding "It is strange that these commands cleaned from sh run view.": this is normal for many default configuration commands.
Mine is a lab device so I cannot really comment on stability or provide you a recommendation based on that. However, I see that the download section from Cisco.com mentiones the following release as the recommended based on quality, stability and longevity:
asr1002x-universal.03.07.04a.S.152-4.S4a.SPA.bin
The best would be for you to check this with yor cisco Account Team or Advanced Services Team as normally they are the proper point of contacts for SW advisory.
Regards. -
Hello
I have one Adtran Router on platform: NetVanta 4660 EoX L2/L3 Router having OS version R10.11.0.E. I want to replace this router with Cisco ASR 1002 router. There is EVC configured on Adtran router having the following configuration:
interface gigabit-eth 0/1
speed 1000 nonegotiate
no shutdown
interface gigabit-eth 0/1.2
ce-vlan-id 10
connect evc dolphin
ip address 1.1.1.1 255.255.255.252
no shutdown
interface gigabit-eth 0/1.3
ce-vlan-id 20
connect evc dolphin
ip address 2.2.2.1 255.255.255.252
shutdown
evc dolphin
s-tag 150
connect men-port gigabit-ethernet 0/1
no shutdown
Now we want to configure this type of configuration on ASR 1002. So can anybody help me to achieve this?
Regards
Mukesh Kumar
Network Engineer
Spooster IT ServicesHi
You could try with bridging. Something like this
Interface bvi 1
no ip address
interface gig0
bridge-gropup 1
interface gig1
bridge-group 1
/Mikael -
Routing query on EIGRP and OSPF
Hi,
Suppose i have 2 routers connected by using ethernet link. I have 2 internal network connected to each routers.
Now i am using OSPF routing protocol between the routers and i made adjancies only with the ethernet interface ip address ie /30 subent.
Now my query, will my internal network will get advertised by learning internally or do i want to advertise by using network command.
Again.. do i want to advertise with passive interface command or not. what is the difference in enabling ospf for all networks.
Attached a sample diagram which my setup clearly.
I want to know, what the is difference if i advertise the internal network with passive interface enabled and not.
May be the query is simple, but i am missing to understand one point and looking for the someone to explain that.
Also the sme using EIGRP, will it make any difference. As i understood the network command in IGP is same,
Regards,GanGan
You have choices about how you can get OSPF and EIGRP to advertise the LAN subnets that you have configured. Let me start with the obvious point that you must have a network statement for the subnet that connects the two routers. The network statement is necessary to have the routing protocol run on those connecting interfaces.
Beyond the connecting interfaces you have a choice about how to get the routing protocol to advertise the LAN subnets. You could use network statements that match the LAN subnets. This will result in the routing protocol running on the LAN interfaces as well as the connecting interface. This is the approach that is frequently used but not the only option. You can also redistribute connected into the routing protocol. Redistribute connected will result in the routing protocol advertising the subnets but the routing protocol will not run on the LAN interfaces. The other thing to consider is that if you redistribute the subnets they will be advertised as External routes in the routing protocol.
If you do use network statements for the LAN subnets then there is the question of whether to use passive interface for the LAN subnets. When you use passive interface the routing protocol does not send any hello messages on those interfaces, will not create any neighbor relationships on those interfaces, and will not accept any routing updates from those interfaces. If there are no routers connected on those interfaces and no other devices that need to participate in the routing protocol then passive interface may be a good option to consider as it reduces the overhead processing on the interface.
HTH
Rick -
Dear Cisco Support,
Want to find out if the cisco ASR 1002 router can work without the esp module installed.
Thanks
Edwin K PhiriThanks for taking the time to rate our posts, Edwin. :)
-
hi all,
my customer trying to remove the aaa and tacacs server from the device and fails.
router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
router(config)#no ip radius source-interface Loopback0 vrf DATA
router(config)#no ip radius source-interface Loopback0 vrf Mgmt
router(config)#do sh run | se radius
ip radius source-interface Loopback0 vrf BB2DATA
ip radius source-interface Loopback0 vrf Mgmt-intf
router(config)#no ip radiu
router(config)#no ip radius sou
router(config)#no ip radius source-interface loo
router(config)#no ip radius source-interface loo
router(config)#no ip radius source-interface loop
router(config)#no ip radius source-interface ?
<cr>
router(config)#no ip radius source-interface
router(config)#do sh run | se radius
ip radius source-interface Loopback0 vrf DATA
ip radius source-interface Loopback0 vrf Mgmt
we also tried removing the ip radius without the interface and still shows up with the above results.
rebooting is not an option as this is on a production environment.
currently he is on Cisco IOS Software, IOS-XE Software (PPC_LINUX_IOSD-ADVIPSERVICESK9-M), Version 15.2(1)S, RELEASE SOFTWARE (fc1)and I could not find any bug/s on cisco tools.
with kind regards,
LanceHi Lance,
Can you try like this as mentioned in the below command. This might solve your problem.
conf t# default ip radius source-interface Loopback0 vrf DATA
I made this attempt in a lab scenario it worked out.
R1(config)#do sh runn | in blue
ip vrf blue
ip radius source-interface Loopback0 vrf blue
R1(config)#def
R1(config)#defa
R1(config)#default ip radius source-interface loopback 0 vrf blue
R1(config)#do sh runn | in blue
ip vrf blue
R1(config)#ip vrf
Hope this helps
Regards
Karthik -
Migrate PPPoE/Virtual-Interface from 7206VXR to ASR 1002
Good Day,
I have been attempting to migrate services from an existing 7206VXR to a recently purchased ASR1002 and could use some help.
My mistake in assuming that the config would be similar to 7206VXR, but there are changes - mainly VRF and cisco-avpair attributes that need added to radius.
Our lab test, with the below ASR config will allow the user to authenticate successfully but does not assign IP address.
User Status
User is online
Last Connection
2012-09-21 10:27:47
Online Time
1 hours, 4 minutes, 15 seconds
Server (NAS)
206.251.40.52 (MAC: )
User Workstation
(MAC: )
User Upload
6.5 Kb
User Download
6.51 Kb
ID
HotSpot
Username
IP Address
Start Time
Stop Time
Total Time
Upload (Bytes)
Download (Bytes)
Termination
NAS IP Address
7837056
[email protected]
2012-09-21 10:27:47
1 hours, 4 minutes, 15 seconds
6.5 Kb
6.51 Kb
206.251.40.52
I have also tried assigning a static IP to the CPE, however the CPE cannot see 199.200.107.1.
No doubt the problem is something simple I appreciate any help or suggestions.
Radius Reply Attributes
Cisco-AVPair += ip:vrf-id=CV_VRF
Cisco-AVPair += ip:ip-unnumbered=Loopback 111 (generates unsupported sub-interface errors when used)
7206VXR Config-
aaa new-model
aaa authentication login default group radius
aaa authentication login con none
aaa authentication login vty line local
aaa authentication login localauth local
aaa authentication ppp default if-needed group radius
aaa authorization network default group radius
aaa authorization network noauth none
aaa accounting update periodic 5
aaa accounting network default
action-type start-stop
group radius
aaa accounting system default
action-type start-stop
group radius
bba-group pppoe 156
virtual-template 156
sessions per-vc limit 65000
sessions per-mac limit 65000
sessions per-vlan limit 65000
interface Loopback0
ip address 10.1.1.3 255.255.255.255
ip ospf network point-to-point
interface GigabitEthernet0/1
no ip address
no ip redirects
duplex full
speed 1000
media-type rj45
no negotiation auto
no cdp enable
interface GigabitEthernet0/1.20
description ROUTER GATEWAY
encapsulation dot1Q 20
ip address 206.251.40.51 255.255.255.248
no cdp enable
interface GigabitEthernet0/2
no ip address
no ip redirects
duplex full
speed 1000
media-type rj45
no negotiation auto
no cdp enable
interface GigabitEthernet0/2.156
encapsulation dot1Q 156
ip address 199.30.185.1 255.255.255.0 secondary
ip address 199.30.186.1 255.255.255.0 secondary
ip address 199.30.187.1 255.255.255.0 secondary
ip address 199.30.184.1 255.255.255.0
pppoe enable group 156
no cdp enable
interface Virtual-Template156
ip unnumbered GigabitEthernet0/2.156
no ip redirects
no ip route-cache cef
peer default ip address pool IP_POOL156
ppp mtu adaptive
ppp authentication pap
ip local pool IP_POOL156 199.30.184.2 199.30.184.254
ip local pool IP_POOL156 199.30.185.2 199.30.185.254
ip local pool IP_POOL156 199.30.186.2 199.30.186.254
ip local pool IP_POOL156 199.30.187.2 199.30.187.254
no ip forward-protocol nd
no ip http server
no ip http secure-server
ip route 199.30.184.0 255.255.252.0 Null0 200
ip prefix-list AS19045 seq 10 permit 199.30.184.0/22
ip radius source-interface GigabitEthernet0/1.20
radius-server host x.x.x.x auth-port 1812 acct-port 1813
radius-server retransmit 1
radius-server timeout 60
radius-server key ********
radius-server vsa send accounting
radius-server vsa send authentication
ASR 1002 Config (attempt)
aaa new-model
aaa group server radius AAA_CV_VRF
server 208.98.188.6 auth-port 1812 acct-port 1813
aaa authentication login default group AAA_CV_VRF
aaa authentication login con none
aaa authentication login vty line local
aaa authentication login localauth local
aaa authentication ppp default if-needed group AAA_CV_VRF
aaa authorization network default group AAA_CV_VRF
aaa authorization network noauth none
aaa accounting update newinfo periodic 60
aaa accounting network default start-stop group AAA_CV_VRF
aaa accounting connection default start-stop group AAA_CV_VRF
aaa accounting system default
action-type start-stop
group AAA_CV_VRF
aaa accounting resource default start-stop group AAA_CV_VRF
aaa session-id common
aaa policy interface-config allow-subinterface
clock timezone MST -7 0
clock summer-time MST recurring
no ip source-route
ip vrf CV_VRF
rd 1:1
virtual-profile if-needed
multilink bundle-name authenticated
bba-group pppoe 111
description TEST
virtual-template 111
sessions per-vc limit 65000
sessions per-mac limit 65000
sessions per-vlan limit 65000
sessions auto cleanup
interface Loopback0
ip address 10.1.1.4 255.255.255.255
ip ospf network point-to-point
interface Loopback111
description TEST
ip vrf forwarding CV_VRF
ip address 199.200.107.1 255.255.255.0
interface GigabitEthernet0/0/2
no ip address
no ip redirects
no negotiation auto
interface GigabitEthernet0/0/2.20
description ROUTER GATEWAY
encapsulation dot1Q 20
ip address 206.251.40.52 255.255.255.248
interface GigabitEthernet0/0/3
no ip address
no ip redirects
no negotiation auto
interface GigabitEthernet0/0/3.111
encapsulation dot1Q 111
ip vrf forwarding CV_VRF
no ip proxy-arp
pppoe enable group 111
interface Virtual-Template111
ip unnumbered GigabitEthernet0/0/3.111
no ip redirects
no ip route-cache cef
peer default ip address pool IP_POOL111
ppp mtu adaptive
ppp authentication pap
router ospf 19045
router-id 10.1.1.4
network 10.1.1.4 0.0.0.0 area 0.0.0.0
network 199.200.107.0 0.0.0.255 area 0.0.0.0
network 206.251.40.48 0.0.0.7 area 0.0.0.0
router bgp 19045
bgp log-neighbor-changes
network 199.200.104.0 mask 255.255.252.0
network 206.251.40.0 mask 255.255.248.0
neighbor 10.1.1.1 remote-as 19045
neighbor 10.1.1.1 description IBGP_PEER_ASR
neighbor 10.1.1.1 update-source Loopback0
neighbor 10.1.1.1 next-hop-self
ip local pool IP_POOL111 199.200.107.2 199.200.107.254
no ip forward-protocol nd
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 206.251.40.49
ip route 199.200.104.0 255.255.252.0 Null0 200
ip prefix-list AS19045 seq 10 permit 199.200.104.0/22
ip radius source-interface GigabitEthernet0/0/2.20
radius-server host x.x.x.x auth-port 1812 acct-port 1813 key ********
radius-server retransmit 1
radius-server timeout 60
radius-server vsa send accounting
radius-server vsa send authentication
Debug Info
*Sep 20 22:03:26.677: [910]PPPoE 1911: AAA get dynamic attrs
*Sep 20 22:03:26.678: [910]PPPoE 1911: O PADT R:6468.0cf7.8546 L:f866.f287.7c83 Gi0/0/3.111
*Sep 20 22:03:26.678: [910]PPPoE 1911: Destroying R:6468.0cf7.8546 L:f866.f287.7c83 111 Gi0/0/3.111
*Sep 20 22:03:26.678: PPPoE: Returning Vaccess Virtual-Access3
*Sep 20 22:03:26.679: [910]PPPoE 1911: AAA get dynamic attrs
*Sep 20 22:03:26.679: [910]PPPoE 1911: AAA account stopped
*Sep 20 22:03:26.679: RADIUS/ENCODE(00000791):Orig. component type = PPPoE
*Sep 20 22:03:26.679: RADIUS(00000791): Config NAS IP: 0.0.0.0
*Sep 20 22:03:26.679: RADIUS(00000791): Config NAS IPv6: ::
*Sep 20 22:03:26.679: RADIUS(00000791): sending
*Sep 20 22:03:26.682: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to down
*Sep 20 22:03:26.682: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, changed state to down
*Sep 20 22:03:26.683: RADIUS/ENCODE: Best Local IP-Address 206.251.40.52 for Radius-Server 208.98.188.6
*Sep 20 22:03:26.683: RADIUS(00000791): Sending a IPv4 Radius Packet
*Sep 20 22:03:26.683: RADIUS(00000791): Send Accounting-Request to 208.98.188.6:1813 id 1646/71,len 379
*Sep 20 22:03:26.683: RADIUS: authenticator A6 50 A4 C3 2A 30 AB DA - 59 BF E8 75 8A 91 AA 9B
*Sep 20 22:03:26.683: RADIUS: Acct-Session-Id [44] 10 "00000D51"
*Sep 20 22:03:26.683: RADIUS: Framed-Protocol [7] 6 PPP [1]
*Sep 20 22:03:26.683: RADIUS: Vendor, Cisco [26] 53
*Sep 20 22:03:26.683: RADIUS: Cisco AVpair [1] 47 "ppp-disconnect-cause=Lower Layer disconnected"
*Sep 20 22:03:26.683: RADIUS: User-Name [1] 19 "[email protected]"
*Sep 20 22:03:26.683: RADIUS: Acct-Authentic [45] 6 RADIUS [1]
*Sep 20 22:03:26.683: RADIUS: Vendor, Cisco [26] 32
*Sep 20 22:03:26.683: RADIUS: Cisco AVpair [1] 26 "connect-progress=Call Up"
*Sep 20 22:03:26.683: RADIUS: Vendor, Cisco [26] 31
*Sep 20 22:03:26.683: RADIUS: Cisco AVpair [1] 25 "nas-tx-speed=1000000000"
*Sep 20 22:03:26.683: RADIUS: Vendor, Cisco [26] 31
*Sep 20 22:03:26.683: RADIUS: Cisco AVpair [1] 25 "nas-rx-speed=1000000000"
*Sep 20 22:03:26.683: RADIUS: Acct-Session-Time [46] 6 615
*Sep 20 22:03:26.683: RADIUS: Acct-Input-Octets [42] 6 1040
*Sep 20 22:03:26.683: RADIUS: Acct-Output-Octets [43] 6 1066
*Sep 20 22:03:26.683: RADIUS: Acct-Input-Packets [47] 6 78
*Sep 20 22:03:26.684: RADIUS: Acct-Output-Packets [48] 6 79
*Sep 20 22:03:26.684: RADIUS: Acct-Terminate-Cause[49] 6 admin-reset [6]
*Sep 20 22:03:26.684: RADIUS: Vendor, Cisco [26] 39
*Sep 20 22:03:26.684: RADIUS: Cisco AVpair [1] 33 "disc-cause-ext=Local Admin Disc"
*Sep 20 22:03:26.684: RADIUS: Acct-Status-Type [40] 6 Stop [2]
*Sep 20 22:03:26.684: RADIUS: NAS-Port-Type [61] 6 Virtual [5]
*Sep 20 22:03:26.684: RADIUS: NAS-Port [5] 6 0
*Sep 20 22:03:26.684: RADIUS: NAS-Port-Id [87] 11 "0/0/3/111"
*Sep 20 22:03:26.684: RADIUS: Vendor, Cisco [26] 41
*Sep 20 22:03:26.684: RADIUS: Cisco AVpair [1] 35 "client-mac-address=6468.0cf7.8546"
*Sep 20 22:03:26.684: RADIUS: Connect-Info [77] 8 "CV_VRF"
*Sep 20 22:03:26.684: RADIUS: Service-Type [6] 6 Framed [2]
*Sep 20 22:03:26.684: RADIUS: NAS-IP-Address [4] 6 206.251.40.52
*Sep 20 22:03:26.684: RADIUS: Acct-Delay-Time [41] 6 0
*Sep 20 22:03:26.684: RADIUS(00000791): Started 60 sec timeout
*Sep 20 22:03:26.686: [910]PPPoE 1911: Segment (SSS class): UNBOUND
*Sep 20 22:03:26.686: [910]PPPoE 1911: Vi3 Block vaccess from being freed.
*Sep 20 22:03:26.687: [910]PPPoE 1911: Segment (SSS class): UNPROVISION
*Sep 20 22:03:26.687: [910]PPPoE 1911: failed to remove session from switching hash table.
*Sep 20 22:03:26.694: PPPoE 1911: I PADT R:6468.0cf7.8546 L:f866.f287.7c83 111 Gi0/0/3.111
*Sep 20 22:03:26.758: RADIUS: Received from id 1646/71 208.98.188.6:1813, Accounting-response, len 20
*Sep 20 22:03:26.758: RADIUS: authenticator E3 A2 A1 EE B0 3F 43 1C - 03 B6 84 A8 20 0D B8 90
*Sep 20 22:03:32.713: PPPoE 0: I PADI R:6468.0cf7.8546 L:ffff.ffff.ffff 111 Gi0/0/3.111
*Sep 20 22:03:32.713: Service tag: NULL Tag
*Sep 20 22:03:32.713: PPPoE 0: O PADO, R:f866.f287.7c83 L:6468.0cf7.8546 111 Gi0/0/3.111
*Sep 20 22:03:32.713: Service tag: NULL Tag
*Sep 20 22:03:32.722: PPPoE 0: I PADR R:6468.0cf7.8546 L:f866.f287.7c83 111 Gi0/0/3.111
*Sep 20 22:03:32.722: Service tag: NULL Tag
*Sep 20 22:03:32.722: PPPoE : encap string prepared
*Sep 20 22:03:32.722: [911]PPPoE 1912: Access IE handle allocated
*Sep 20 22:03:32.722: [911]PPPoE 1912: AAA get retrieved attrs
*Sep 20 22:03:32.722: [911]PPPoE 1912: AAA get nas port details
*Sep 20 22:03:32.722: [911]PPPoE 1912: Error adjusting nas port format did
*Sep 20 22:03:32.722: [911]PPPoE 1912: AAA get dynamic attrs
*Sep 20 22:03:32.722: [911]PPPoE 1912: AAA unique ID 792 allocated
*Sep 20 22:03:32.722: [911]PPPoE 1912: AAA method list set
*Sep 20 22:03:32.722: [911]PPPoE 1912: Service request sent to SSS
*Sep 20 22:03:32.723: [911]PPPoE 1912: Created, Service: None R:f866.f287.7c83 L:6468.0cf7.8546 111 Gi0/0/3.111
*Sep 20 22:03:32.723: [911]PPPoE 1912: State NAS_PORT_POLICY_INQUIRY Event SSS MORE KEYS
*Sep 20 22:03:32.724: [911]PPPoE 1912: data path set to PPP
*Sep 20 22:03:32.724: [911]PPPoE 1912: Segment (SSS class): PROVISION
*Sep 20 22:03:32.724: [911]PPPoE 1912: State PROVISION_PPP Event SSM PROVISIONED
*Sep 20 22:03:32.724: [911]PPPoE 1912: O PADS R:6468.0cf7.8546 L:f866.f287.7c83 Gi0/0/3.111
*Sep 20 22:03:32.724: [911]PPPoE 1912 <Gi0/0/3.111:111>: Unable to add line attributes from ANCP
*Sep 20 22:03:32.724: [911]PPPoE 1912: Unable to Add ANCP Line attributes to the PPPoE Authen attributes
*Sep 20 22:03:33.845: RADIUS/ENCODE(00000792):Orig. component type = PPPoE
*Sep 20 22:03:33.845: RADIUS: DSL line rate attributes successfully added
*Sep 20 22:03:33.845: RADIUS(00000792): Config NAS IP: 0.0.0.0
*Sep 20 22:03:33.845: RADIUS(00000792): Config NAS IPv6: ::
*Sep 20 22:03:33.845: RADIUS/ENCODE(00000792): acct_session_id: 3411
*Sep 20 22:03:33.845: RADIUS(00000792): sending
*Sep 20 22:03:33.845: RADIUS/ENCODE: Best Local IP-Address 206.251.40.52 for Radius-Server 208.98.188.6
*Sep 20 22:03:33.845: RADIUS(00000792): Sending a IPv4 Radius Packet
*Sep 20 22:03:33.845: RADIUS(00000792): Send Access-Request to 208.98.188.6:1812 id 1645/56,len 124
*Sep 20 22:03:33.846: RADIUS: authenticator 3E 87 16 F9 FF 1A F8 74 - D6 7F 38 C3 F0 98 6E 6F
*Sep 20 22:03:33.846: RADIUS: User-Name [1] 10 "dcdi.net"
*Sep 20 22:03:33.846: RADIUS: User-Password [2] 18 *
*Sep 20 22:03:33.846: RADIUS: NAS-Port-Type [61] 6 Virtual [5]
*Sep 20 22:03:33.846: RADIUS: NAS-Port [5] 6 0
*Sep 20 22:03:33.846: RADIUS: NAS-Port-Id [87] 11 "0/0/3/111"
*Sep 20 22:03:33.846: RADIUS: Vendor, Cisco [26] 41
*Sep 20 22:03:33.846: RADIUS: Cisco AVpair [1] 35 "client-mac-address=6468.0cf7.8546"
*Sep 20 22:03:33.846: RADIUS: Service-Type [6] 6 Outbound [5]
*Sep 20 22:03:33.846: RADIUS: NAS-IP-Address [4] 6 206.251.40.52
*Sep 20 22:03:33.846: RADIUS(00000792): Started 60 sec timeout
*Sep 20 22:03:34.868: RADIUS: Received from id 1645/56 208.98.188.6:1812, Access-Reject, len 20
*Sep 20 22:03:34.868: RADIUS: authenticator 02 CF 53 0A 6A 62 E5 DB - 2E 96 99 E4 09 D8 2E B1
*Sep 20 22:03:34.868: RADIUS(00000792): Received from id 1645/56
*Sep 20 22:03:34.869: RADIUS/ENCODE(00000792):Orig. component type = PPPoE
*Sep 20 22:03:34.869: RADIUS: DSL line rate attributes successfully added
*Sep 20 22:03:34.869: RADIUS(00000792): Config NAS IP: 0.0.0.0
*Sep 20 22:03:34.869: RADIUS(00000792): Config NAS IPv6: ::
*Sep 20 22:03:34.869: RADIUS/ENCODE(00000792): acct_session_id: 3411
*Sep 20 22:03:34.869: RADIUS(00000792): sending
*Sep 20 22:03:34.870: RADIUS/ENCODE: Best Local IP-Address 206.251.40.52 for Radius-Server 208.98.188.6
*Sep 20 22:03:34.870: RADIUS(00000792): Sending a IPv4 Radius Packet
*Sep 20 22:03:34.870: RADIUS(00000792): Send Access-Request to 208.98.188.6:1812 id 1645/57,len 139
*Sep 20 22:03:34.870: RADIUS: authenticator 8D 12 A1 E3 30 52 B0 F5 - 1C CD 8F 60 49 E9 F4 26
*Sep 20 22:03:34.870: RADIUS: Framed-Protocol [7] 6 PPP [1]
*Sep 20 22:03:34.870: RADIUS: User-Name [1] 19 "[email protected]"
*Sep 20 22:03:34.870: RADIUS: User-Password [2] 18 *
*Sep 20 22:03:34.870: RADIUS: NAS-Port-Type [61] 6 Virtual [5]
*Sep 20 22:03:34.870: RADIUS: NAS-Port [5] 6 0
*Sep 20 22:03:34.870: RADIUS: NAS-Port-Id [87] 11 "0/0/3/111"
*Sep 20 22:03:34.870: RADIUS: Vendor, Cisco [26] 41
*Sep 20 22:03:34.870: RADIUS: Cisco AVpair [1] 35 "client-mac-address=6468.0cf7.8546"
*Sep 20 22:03:34.870: RADIUS: Service-Type [6] 6 Framed [2]
*Sep 20 22:03:34.870: RADIUS: NAS-IP-Address [4] 6 206.251.40.52
*Sep 20 22:03:34.870: RADIUS(00000792): Started 60 sec timeout
*Sep 20 22:03:34.894: RADIUS: Received from id 1645/57 208.98.188.6:1812, Access-Accept, len 44
*Sep 20 22:03:34.894: RADIUS: authenticator AC 92 A9 7C 1F CB 46 6B - F6 68 03 D8 AF 0B F0 F5
*Sep 20 22:03:34.894: RADIUS: Vendor, Cisco [26] 24
*Sep 20 22:03:34.894: RADIUS: Cisco AVpair [1] 18 "ip:vrf-id=CV_VRF"
*Sep 20 22:03:34.894: RADIUS(00000792): Received from id 1645/57
*Sep 20 22:03:34.902: [911]PPPoE 1912: State LCP_NEGOTIATION Event SSS CONNECT LOCAL
*Sep 20 22:03:34.904: [911]PPPoE 1912: Segment (SSS class): UPDATED
*Sep 20 22:03:34.904: [911]PPPoE 1912: Segment (SSS class): BOUND
*Sep 20 22:03:34.904: [911]PPPoE 1912: data path set to Virtual Acess
*Sep 20 22:03:34.905: [911]PPPoE 1912: State LCP_NEGOTIATION Event SSM UPDATED
*Sep 20 22:03:34.905: [911]PPPoE 1912: AAA get dynamic attrs
*Sep 20 22:03:34.906: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to up
*Sep 20 22:03:34.907: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, changed state to up
*Sep 20 22:03:34.907: RADIUS/ENCODE(00000792):Orig. component type = PPPoE
*Sep 20 22:03:34.907: RADIUS(00000792): Config NAS IP: 0.0.0.0
*Sep 20 22:03:34.907: RADIUS(00000792): Config NAS IPv6: ::
*Sep 20 22:03:34.907: RADIUS(00000792): sending
*Sep 20 22:03:34.907: [911]PPPoE 1912: State PTA_BINDING Event STATIC BIND RESPONSE
*Sep 20 22:03:34.907: [911]PPPoE 1912: Connected PTA
*Sep 20 22:03:34.908: RADIUS/ENCODE: Best Local IP-Address 206.251.40.52 for Radius-Server 208.98.188.6
*Sep 20 22:03:34.913: RADIUS(00000792): Sending a IPv4 Radius Packet
*Sep 20 22:03:34.913: RADIUS(00000792): Send Accounting-Request to 208.98.188.6:1813 id 1646/72,len 189
*Sep 20 22:03:34.913: RADIUS: authenticator 5B 19 2B 31 5B 6C E7 46 - 5D 69 8D 66 99 13 2E F0
*Sep 20 22:03:34.913: RADIUS: Acct-Session-Id [44] 10 "00000D53"
*Sep 20 22:03:34.913: RADIUS: Framed-Protocol [7] 6 PPP [1]
*Sep 20 22:03:34.913: RADIUS: User-Name [1] 19 "[email protected]"
*Sep 20 22:03:34.913: RADIUS: Vendor, Cisco [26] 32
*Sep 20 22:03:34.913: RADIUS: Cisco AVpair [1] 26 "connect-progress=Call Up"
*Sep 20 22:03:34.913: RADIUS: Acct-Authentic [45] 6 RADIUS [1]
*Sep 20 22:03:34.913: RADIUS: Acct-Status-Type [40] 6 Start [1]
*Sep 20 22:03:34.913: RADIUS: NAS-Port-Type [61] 6 Virtual [5]
*Sep 20 22:03:34.913: RADIUS: NAS-Port [5] 6 0
*Sep 20 22:03:34.913: RADIUS: NAS-Port-Id [87] 11 "0/0/3/111"
*Sep 20 22:03:34.913: RADIUS: Vendor, Cisco [26] 41
*Sep 20 22:03:34.913: RADIUS: Cisco AVpair [1] 35 "client-mac-address=6468.0cf7.8546"
*Sep 20 22:03:34.913: RADIUS: Connect-Info [77] 8 "CV_VRF"
*Sep 20 22:03:34.913: RADIUS: Service-Type [6] 6 Framed [2]
*Sep 20 22:03:34.913: RADIUS: NAS-IP-Address [4] 6 206.251.40.52
*Sep 20 22:03:34.914: RADIUS: Acct-Delay-Time [41] 6 0
*Sep 20 22:03:34.914: RADIUS(00000792): Started 60 sec timeout
*Sep 20 22:03:34.994: RADIUS: Received from id 1646/72 208.98.188.6:1813, Accounting-response, len 20
*Sep 20 22:03:34.994: RADIUS: authenticator 8E E3 AD 24 76 EA C2 53 - AD 0F DD 57 AC 0D F3 BAsho debug
coreASR1002#sho debugging
General OS:
AAA subscriber profile cli debugging is on
PPPoE:
PPPoE protocol events debugging is on
PPPoE protocol errors debugging is on
Radius protocol debugging is on
Radius packet protocol debugging is onGood Day Manuel,
"...client is not getting IP address even though the sessions seems to be up. Is this correct?" Correct.
What I am seeing and suspecting is the problem has to do with 'ip:ip-unnumbered=interface'.
Trying with the ip:ip-unnumbered=Loopback111 or GigabitEthernet0/0/3.111 (for testing) debugging reports "Session creation failed due to full virtual-access interfaces not being supported...", as soon as the attribute is removed in radius the client authenticates but does not get an IP address. I would rather not use Loopback if possible.
GE0/0/3.111 is basically the client egress and GE0/0/2.20 is the ingress/router gateway
Also seeing this debug message, "...Unable to add line attributes from ANCP ... Unable to Add ANCP Line attributes to the PPPoE Authen attributes" which may or may not relate to ip-unnumbered attribute.
I hope the information isn't too much or confusing, sure appreciate the help.
debugging with ip:vrf-id=CV_VRF w/o ip:ip-unnumbered
*Sep 26 17:04:57.395: Vi3 PPP DISC: Lower Layer disconnected
*Sep 26 17:04:57.396: Vi3 PPP: Sending Acct Event[Down] id[5FB]
*Sep 26 17:04:57.396: PPP: NET STOP send to AAA.
*Sep 26 17:04:57.396: Vi3 LCP: O TERMREQ [Open] id 4 len 4
*Sep 26 17:04:57.396: Vi3 LCP: Event[CLOSE] State[Open to Closing]
*Sep 26 17:04:57.396: Vi3 PPP: Phase is TERMINATING
*Sep 26 17:04:57.397: Vi3 PPP: Block vaccess from being freed [0x10]
*Sep 26 17:04:57.398: Vi3 LCP: Event[DOWN] State[Closing to Initial]
*Sep 26 17:04:57.399: Vi3 PPP: Unlocked by [0x10] Still Locked by [0x0]
*Sep 26 17:04:57.399: Vi3 PPP: Free previously blocked vaccess
*Sep 26 17:04:57.399: Vi3 PPP: Phase is DOWN
*Sep 26 17:04:57.400: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to down
*Sep 26 17:04:57.401: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, changed state to down
*Sep 26 17:05:03.440: PPP: Alloc Context [38E95CFC]
*Sep 26 17:05:03.440: ppp514 PPP: Phase is ESTABLISHING
*Sep 26 17:05:03.440: ppp514 PPP: Using vpn set call direction
*Sep 26 17:05:03.440: ppp514 PPP: Treating connection as a callin
*Sep 26 17:05:03.440: ppp514 PPP: Session handle[1D0005EB] Session id[514]
*Sep 26 17:05:03.440: ppp514 LCP: Event[OPEN] State[Initial to Starting]
*Sep 26 17:05:03.441: ppp514 PPP LCP: Enter passive mode, state[Stopped]
*Sep 26 17:05:04.522: ppp514 LCP: I CONFREQ [Stopped] id 180 len 10
*Sep 26 17:05:04.522: ppp514 LCP: MagicNumber 0x0669ECAE (0x05060669ECAE)
*Sep 26 17:05:04.522: ppp514 LCP: O CONFREQ [Stopped] id 1 len 18
*Sep 26 17:05:04.522: ppp514 LCP: MRU 1492 (0x010405D4)
*Sep 26 17:05:04.522: ppp514 LCP: AuthProto PAP (0x0304C023)
*Sep 26 17:05:04.522: ppp514 LCP: MagicNumber 0x6ABFFB9F (0x05066ABFFB9F)
*Sep 26 17:05:04.522: ppp514 LCP: O CONFACK [Stopped] id 180 len 10
*Sep 26 17:05:04.522: ppp514 LCP: MagicNumber 0x0669ECAE (0x05060669ECAE)
*Sep 26 17:05:04.522: ppp514 LCP: Event[Receive ConfReq+] State[Stopped to ACKsent]
*Sep 26 17:05:04.525: ppp514 LCP: I CONFACK [ACKsent] id 1 len 18
*Sep 26 17:05:04.526: ppp514 LCP: MRU 1492 (0x010405D4)
*Sep 26 17:05:04.526: ppp514 LCP: AuthProto PAP (0x0304C023)
*Sep 26 17:05:04.526: ppp514 LCP: MagicNumber 0x6ABFFB9F (0x05066ABFFB9F)
*Sep 26 17:05:04.526: ppp514 LCP: Event[Receive ConfAck] State[ACKsent to Open]
*Sep 26 17:05:04.528: ppp514 PPP: Queue PAP code[1] id[15]
*Sep 26 17:05:04.529: ppp514 PPP: Phase is AUTHENTICATING, by this end
*Sep 26 17:05:04.529: ppp514 PAP: Redirect packet to ppp514
*Sep 26 17:05:04.529: ppp514 PAP: I AUTH-REQ id 15 len 31 from "[email protected]"
*Sep 26 17:05:04.529: ppp514 PAP: Authenticating peer [email protected]
*Sep 26 17:05:04.529: ppp514 PPP: Phase is FORWARDING, Attempting Forward
*Sep 26 17:05:04.529: ppp514 LCP: State is Open
*Sep 26 17:05:05.553: ppp514 PPP: Phase is AUTHENTICATING, Unauthenticated User
*Sep 26 17:05:05.553: ppp514 PPP: Sent PAP LOGIN Request
*Sep 26 17:05:05.584: ppp514 PPP: Received LOGIN Response PASS
*Sep 26 17:05:05.584: ppp514 PPP: Phase is FORWARDING, Attempting Forward
*Sep 26 17:05:05.594: Vi3 PPP: Phase is AUTHENTICATING, Authenticated User
*Sep 26 17:05:05.594: Vi3 PAP: O AUTH-ACK id 15 len 5
*Sep 26 17:05:05.595: Vi3 PPP: Phase is UP
*Sep 26 17:05:05.595: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to up
*Sep 26 17:05:05.596: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, changed state to up
*Sep 26 17:05:05.606: Vi3 IPCP: I CONFREQ [UNKNOWN] id 44 len 22
*Sep 26 17:05:05.606: Vi3 IPCP: Address 0.0.0.0 (0x030600000000)
*Sep 26 17:05:05.606: Vi3 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
*Sep 26 17:05:05.606: Vi3 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
*Sep 26 17:05:05.606: Vi3 LCP: O PROTREJ [Open] id 2 len 28 protocol IPCP
*Sep 26 17:05:05.606: Vi3 LCP: (0x012C0018030600000000810600000000)
*Sep 26 17:05:05.606: Vi3 LCP: (0x830600000000)
*Sep 26 17:05:05.607: Vi3 IPV6CP: I CONFREQ [UNKNOWN] id 26 len 14
*Sep 26 17:05:05.607: Vi3 IPV6CP: Interface-Id 5421:6C1B:5DCE:401A (0x010A54216C1B5DCE401A)
*Sep 26 17:05:05.607: Vi3 LCP: O PROTREJ [Open] id 3 len 20 protocol IPV6CP (0x011A0010010A54216C1B5DCE401A) debugging w/o ip:vrf-id=CV_VRF w/o ip:ip-unnumbered
*Sep 26 17:13:12.424: Vi3 PPP DISC: Lower Layer disconnected
*Sep 26 17:13:12.424: Vi3 PPP: Sending Acct Event[Down] id[5FE]
*Sep 26 17:13:12.425: PPP: NET STOP send to AAA.
*Sep 26 17:13:12.425: Vi3 LCP: O TERMREQ [Open] id 4 len 4
*Sep 26 17:13:12.425: Vi3 LCP: Event[CLOSE] State[Open to Closing]
*Sep 26 17:13:12.425: Vi3 PPP: Phase is TERMINATING
*Sep 26 17:13:12.426: Vi3 PPP: Block vaccess from being freed [0x10]
*Sep 26 17:13:12.426: Vi3 LCP: Event[DOWN] State[Closing to Initial]
*Sep 26 17:13:12.428: Vi3 PPP: Unlocked by [0x10] Still Locked by [0x0]
*Sep 26 17:13:12.428: Vi3 PPP: Free previously blocked vaccess
*Sep 26 17:13:12.428: Vi3 PPP: Phase is DOWN
*Sep 26 17:13:12.429: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to down
*Sep 26 17:13:12.430: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, changed state to down
*Sep 26 17:13:18.485: PPP: Alloc Context [38E95CFC]
*Sep 26 17:13:18.485: ppp515 PPP: Phase is ESTABLISHING
*Sep 26 17:13:18.486: ppp515 PPP: Using vpn set call direction
*Sep 26 17:13:18.486: ppp515 PPP: Treating connection as a callin
*Sep 26 17:13:18.486: ppp515 PPP: Session handle[AC0005EC] Session id[515]
*Sep 26 17:13:18.486: ppp515 LCP: Event[OPEN] State[Initial to Starting]
*Sep 26 17:13:18.486: ppp515 PPP LCP: Enter passive mode, state[Stopped]
*Sep 26 17:13:19.572: ppp515 LCP: I CONFREQ [Stopped] id 181 len 10
*Sep 26 17:13:19.572: ppp515 LCP: MagicNumber 0x171E542B (0x0506171E542B)
*Sep 26 17:13:19.572: ppp515 LCP: O CONFREQ [Stopped] id 1 len 18
*Sep 26 17:13:19.572: ppp515 LCP: MRU 1492 (0x010405D4)
*Sep 26 17:13:19.572: ppp515 LCP: AuthProto PAP (0x0304C023)
*Sep 26 17:13:19.572: ppp515 LCP: MagicNumber 0x6AC78AB2 (0x05066AC78AB2)
*Sep 26 17:13:19.572: ppp515 LCP: O CONFACK [Stopped] id 181 len 10
*Sep 26 17:13:19.572: ppp515 LCP: MagicNumber 0x171E542B (0x0506171E542B)
*Sep 26 17:13:19.572: ppp515 LCP: Event[Receive ConfReq+] State[Stopped to ACKsent]
*Sep 26 17:13:19.576: ppp515 LCP: I CONFACK [ACKsent] id 1 len 18
*Sep 26 17:13:19.576: ppp515 LCP: MRU 1492 (0x010405D4)
*Sep 26 17:13:19.576: ppp515 LCP: AuthProto PAP (0x0304C023)
*Sep 26 17:13:19.576: ppp515 LCP: MagicNumber 0x6AC78AB2 (0x05066AC78AB2)
*Sep 26 17:13:19.576: ppp515 LCP: Event[Receive ConfAck] State[ACKsent to Open]
*Sep 26 17:13:19.579: ppp515 PPP: Queue PAP code[1] id[16]
*Sep 26 17:13:19.601: ppp515 PPP: Phase is AUTHENTICATING, by this end
*Sep 26 17:13:19.601: ppp515 PAP: Redirect packet to ppp515
*Sep 26 17:13:19.601: ppp515 PAP: I AUTH-REQ id 16 len 31 from "[email protected]"
*Sep 26 17:13:19.601: ppp515 PAP: Authenticating peer [email protected]
*Sep 26 17:13:19.601: ppp515 PPP: Phase is FORWARDING, Attempting Forward
*Sep 26 17:13:19.601: ppp515 LCP: State is Open
*Sep 26 17:13:20.625: ppp515 PPP: Phase is AUTHENTICATING, Unauthenticated User
*Sep 26 17:13:20.625: ppp515 PPP: Sent PAP LOGIN Request
*Sep 26 17:13:20.650: ppp515 PPP: Received LOGIN Response PASS
*Sep 26 17:13:20.650: ppp515 PPP: Phase is FORWARDING, Attempting Forward
*Sep 26 17:13:20.657: Vi3 PPP: Phase is AUTHENTICATING, Authenticated User
*Sep 26 17:13:20.657: Vi3 PAP: O AUTH-ACK id 16 len 5
*Sep 26 17:13:20.658: Vi3 PPP: Phase is UP
*Sep 26 17:13:20.658: Vi3 IPCP: Protocol configured, start CP. state[Initial]
*Sep 26 17:13:20.658: Vi3 IPCP: Event[OPEN] State[Initial to Starting]
*Sep 26 17:13:20.658: Vi3 IPCP: O CONFREQ [Starting] id 1 len 10
*Sep 26 17:13:20.658: Vi3 IPCP: Address 199.200.107.1 (0x0306C7C86B01)
*Sep 26 17:13:20.658: Vi3 IPCP: Event[UP] State[Starting to REQsent]
*Sep 26 17:13:20.658: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to up
*Sep 26 17:13:20.660: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, changed state to up
*Sep 26 17:13:20.666: Vi3 IPCP: I CONFREQ [REQsent] id 45 len 22
*Sep 26 17:13:20.666: Vi3 IPCP: Address 0.0.0.0 (0x030600000000)
*Sep 26 17:13:20.666: Vi3 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
*Sep 26 17:13:20.666: Vi3 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
*Sep 26 17:13:20.666: Vi3 IPCP AUTHOR: Start. Her address 0.0.0.0, we want 0.0.0.0
*Sep 26 17:13:20.666: Vi3 IPCP AUTHOR: Done. Her address 0.0.0.0, we want 0.0.0.0
*Sep 26 17:13:20.666: Vi3 IPCP: Pool returned 199.200.107.20
*Sep 26 17:13:20.667: Vi3 IPCP: O CONFNAK [REQsent] id 45 len 22
*Sep 26 17:13:20.667: Vi3 IPCP: Address 199.200.107.20 (0x0306C7C86B14)
*Sep 26 17:13:20.667: Vi3 IPCP: PrimaryDNS 208.98.188.81 (0x8106D062BC51)
*Sep 26 17:13:20.667: Vi3 IPCP: SecondaryDNS 8.8.8.8 (0x830608080808)
*Sep 26 17:13:20.667: Vi3 IPCP: Event[Receive ConfReq-] State[REQsent to REQsent]
*Sep 26 17:13:20.667: Vi3 IPV6CP: I CONFREQ [UNKNOWN] id 27 len 14
*Sep 26 17:13:20.667: Vi3 IPV6CP: Interface-Id 096D:2933:E6FE:523D (0x010A096D2933E6FE523D)
*Sep 26 17:13:20.667: Vi3 LCP: O PROTREJ [Open] id 2 len 20 protocol IPV6CP (0x011B0010010A096D2933E6FE523D)
*Sep 26 17:13:20.668: Vi3 IPCP: I CONFACK [REQsent] id 1 len 10
*Sep 26 17:13:20.668: Vi3 IPCP: Address 199.200.107.1 (0x0306C7C86B01)
*Sep 26 17:13:20.668: Vi3 IPCP: Event[Receive ConfAck] State[REQsent to ACKrcvd]
*Sep 26 17:13:20.672: Vi3 IPCP: I CONFREQ [ACKrcvd] id 46 len 22
*Sep 26 17:13:20.672: Vi3 IPCP: Address 199.200.107.20 (0x0306C7C86B14)
*Sep 26 17:13:20.672: Vi3 IPCP: PrimaryDNS 208.98.188.81 (0x8106D062BC51)
*Sep 26 17:13:20.672: Vi3 IPCP: SecondaryDNS 8.8.8.8 (0x830608080808)
*Sep 26 17:13:20.672: Vi3 IPCP: O CONFACK [ACKrcvd] id 46 len 22
*Sep 26 17:13:20.672: Vi3 IPCP: Address 199.200.107.20 (0x0306C7C86B14)
*Sep 26 17:13:20.672: Vi3 IPCP: PrimaryDNS 208.98.188.81 (0x8106D062BC51)
*Sep 26 17:13:20.672: Vi3 IPCP: SecondaryDNS 8.8.8.8 (0x830608080808)
*Sep 26 17:13:20.672: Vi3 IPCP: Event[Receive ConfReq+] State[ACKrcvd to Open]
*Sep 26 17:13:20.689: Vi3 IPCP: State is Open
*Sep 26 17:13:20.691: %FMANRP_ESS-4-FULLVAI: Session creation failed due to Full Virtual-Access Interfaces not being supported. Check that all applied Virtual-Template and RADIUS features support Virtual-Access sub-interfaces. swidb= 0x41F07370, ifnum= 22
*Sep 26 17:13:20.691: Vi3 Added to neighbor route AVL tree: topoid 0, address 199.200.107.20
*Sep 26 17:13:20.691: Vi3 IPCP: Install route to 199.200.107.20
*Sep 26 17:13:20.693: Vi3 PPP DISC: Lower Layer disconnected
*Sep 26 17:13:20.693: Vi3 PPP: Sending Acct Event[Down] id[5FF]
*Sep 26 17:13:20.693: PPP: NET STOP send to AAA.
*Sep 26 17:13:20.694: Vi3 IPCP: Event[DOWN] State[Open to Starting]
*Sep 26 17:13:20.694: Vi3 IPCP: Event[CLOSE] State[Starting to Initial]
*Sep 26 17:13:20.694: Vi3 LCP: O TERMREQ [Open] id 3 len 4
*Sep 26 17:13:20.694: Vi3 LCP: Event[CLOSE] State[Open to Closing]
*Sep 26 17:13:20.694: Vi3 PPP: Phase is TERMINATING
*Sep 26 17:13:20.695: Vi3 PPP: Block vaccess from being freed [0x10]
*Sep 26 17:13:20.695: Vi3 Deleted neighbor route from AVL tree: topoid 0, address 199.200.107.20
*Sep 26 17:13:20.695: Vi3 IPCP: Remove route to 199.200.107.20
*Sep 26 17:13:20.696: Vi3 LCP: Event[DOWN] State[Closing to Initial]
*Sep 26 17:13:20.696: Vi3 PPP: Unlocked by [0x10] Still Locked by [0x0]
*Sep 26 17:13:20.696: Vi3 PPP: Free previously blocked vaccess
*Sep 26 17:13:20.696: Vi3 PPP: Phase is DOWN
*Sep 26 17:13:20.696: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to down
*Sep 26 17:13:20.698: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, changed state to down -
Configuring BGP and OSPF to BGP always prefer.
Hi,
I´m configuring a VPNv4 between two sites. In principal site I receive some prefixes through OSPF and in the backup site the same prefixes through OSPF. I´m redistributing OSPF routes through BGP to backup site.
In summary, in backup site the ASR9K receives the same prefixes through OSPF (local) and BGP but ASR must prefer BGP routes
instead of OSPF.
How can I configure it?.
Thanks.Hi Jaime,
a L3 network topology would possibly help to understand your goals and challenges. In general, in scenarios with OSPF and VPNv4 there's a challenge, that OSPF prefixes will be preferred indeed, if the two sites have a backdoor link. To overcome this, there's a feature in OSPF called 'sham-link', which makes the prefixes learned across the backbone(and hence via MP-BGP) more prefrred.
HTH,
Ivan. -
ASR 1002 ACL object-group for ZBFW
Hey guys,
Quick question. I just want to know if anyone has experience configuring object-groups for ACLs on the ASR 1002. I am trying to so this on ours to consolidate a large ACL we have. It only works if I specifically use the protocols within the configuration. If I add a service object-group to match my protocols it doesn't match. The same configuration works on a 2811 router.
I have a TAC case open and Cisco is telling me that object-groups are not supported on the ASRs but I have a hard time believing them if the commands clearly exist.
If anyone has experience in this please let me know.
Thanks,
Elton
Sent from Cisco Technical Support iPhone AppElton,
"Hi Joe,
Support will start in 3.9S (Q1CY2013). Thanks.
Cheers,
/Mani"
From:
Ask The Expert: Introduction to Cisco ASR 1000 Series Aggregation Services Routers -
ASR 1002 doesnt support "media type sfp " command ?!!
hi all ,
i have a new ASR 1002 , i want to use interfaces as fiber not as rj45
when i go to interface mode , i cant see "media type sfp " !!!!
does that mesn it dont support fiber ???
or i need to upgrade my IOS ??
====================
here is my version
Gateway-ASR1002#sh version
Cisco IOS XE Software, Version 03.11.00.S - Standard Support Release
Cisco IOS Software, ASR1000 Software (PPC_LINUX_IOSD-ADVENTERPRISEK9-M), Version 15.4(1)S, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 19-Nov-13 20:12 by mcpre
Cisco IOS-XE software, Copyright (c) 2005-2013 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: IOS-XE ROMMON
Gateway-ASR1002 uptime is 1 day, 2 hours, 19 minutes
Uptime for this control processor is 1 day, 2 hours, 23 minutes
System returned to ROM by reload at 19:55:40 UTC Thu Apr 3 2014
System image file is "bootflash:/asr1000rp1-adventerprisek9.03.11.00.S.154-1.S-std.bi"
Last reload reason: PowerOn
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco ASR1002 (2RU) processor with 1662145K/6147K bytes of memory.
Processor board ID FOX1807GBZW
4 Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
4194304K bytes of physical memory.
7757823K bytes of eUSB flash at bootflash:.
===============================ASR 1000 Series Router
ASR1001
ASR1002
ASR1002-F
ASR1002-X
SFP-GE-T
XE 2.1
SFP-GE-S
SFP-GE-L
SFP-GE-Z
CWDM SFP
DWDM SFP
XE 2.1
XE 2.1
GLC-BX-D
GLC-BX-U
XE 2.5
XE 2.5
GLC-SX-MMD
GLC-LH-SMD
GLC-ZX-SMD
XE 3.4S
XE 3.4S
GLC-EX-SMD
XE 3.5S
XE 3.5S
ASR 1000 platform with SPA cards
Software support on the ASR 1000 modular platforms is determined by the platform on which the SPA is installed. Refer to the SPA release notes for the correct software release.
http://www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/configuration/ASR1000/ASRspasw.pdf -
I have an issue with OSPF rountig on routers configured in hub and spoke topology.
An issue is on a routes which OSPF do not advertise from hub to spokes.
Subnets created on a hub router are not seen on spokes but new added subnet on spoke is seen in hub routing table.
Adding ip ospf network brodcast command on a hub virtual-template interface causes OSPF adjacency to down.
By the way, EIGRP works fine.
Has anyone encountered this issue with OSPF.
Please, look short config below;
-----------------------HUB-------------------------------
crypto ikev2 authorization policy default
route set interface
crypto ikev2 proposal ikev2_prop
encryption aes-cbc-256
integrity sha512
group 16
crypto ikev2 policy ikev2_policy
proposal ikev2_prop
crypto ikev2 keyring Flex_key
peer Spokes
address 192.168.50.197
pre-shared-key local 12345
pre-shared-key remote 12345
peer RTB
address 192.168.50.199
pre-shared-key local 12345
pre-shared-key remote 12345
crypto ikev2 profile Flex_IKEv2
match identity remote address 192.168.50.197 255.255.255.255
match identity remote address 192.168.50.199 255.255.255.255
authentication remote pre-share
authentication local pre-share
keyring local Flex_key
virtual-template 1
no crypto isakmp default policy
crypto ipsec transform-set ipsec_trans esp-aes 256 esp-sha512-hmac
mode tunnel
crypto ipsec profile default
set transform-set ipsec_trans
set ikev2-profile Flex_IKEv2
interface Loopback1
ip address 172.16.10.1 255.255.255.0
ip ospf 10 area 0
interface Loopback10
ip address 10.1.1.1 255.255.255.0
ip ospf 10 area 0
interface Loopback50
ip address 50.1.1.1 255.255.255.0
ip ospf 10 area 50
interface Embedded-Service-Engine0/0
no ip address
interface GigabitEthernet0/1
bandwidth 100000
ip address 192.168.50.198 255.255.255.0
duplex auto
speed auto
interface Virtual-Template1 type tunnel
ip unnumbered Loopback1
ip mtu 1400
ip tcp adjust-mss 1360
tunnel source GigabitEthernet0/1
tunnel mode ipsec ipv4
tunnel path-mtu-discovery
tunnel protection ipsec profile default
router ospf 10
redistribute connected subnets
network 10.1.1.0 0.0.0.255 area 0
sh cryp ike sa
IPv4 Crypto IKEv2 SA
Tunnel-id Local Remote fvrf/ivrf Status
1 192.168.50.198/500 192.168.50.197/500 none/none READY
Encr: AES-CBC, keysize: 256, Hash: SHA512, DH Grp:16, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/77565 sec
Tunnel-id Local Remote fvrf/ivrf Status
2 192.168.50.198/500 192.168.50.199/500 none/none READY
Encr: AES-CBC, keysize: 256, Hash: SHA512, DH Grp:16, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/77542 sec
IPv6 Crypto IKEv2 SA
sh ip rou
S* 0.0.0.0/0 [1/0] via 192.168.50.1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.1.1.0/24 is directly connected, Loopback10
L 10.1.1.1/32 is directly connected, Loopback10
50.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 50.1.1.0/24 is directly connected, Loopback50
L 50.1.1.1/32 is directly connected, Loopback50
100.0.0.0/32 is subnetted, 1 subnets
O IA 100.1.1.1 [110/2] via 172.16.10.254, 21:32:58, Virtual-Access1
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.10.0/24 is directly connected, Loopback1
L 172.16.10.1/32 is directly connected, Loopback1
192.168.50.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.50.0/24 is directly connected, GigabitEthernet0/1
L 192.168.50.198/32 is directly connected, GigabitEthernet0/1
200.1.1.0/32 is subnetted, 1 subnets
O IA 200.1.1.1 [110/2] via 172.16.10.253, 21:32:38, Virtual-Access2
201.1.1.0/32 is subnetted, 1 subnets
O IA 201.1.1.1 [110/2] via 172.16.10.253, 21:32:38, Virtual-Access2
220.1.1.0/32 is subnetted, 1 subnets
O IA 220.1.1.1 [110/2] via 172.16.10.253, 00:06:11, Virtual-Access2
---------------------------SPOKE---------------------------------------------
crypto ikev2 proposal ikev2_prop
encryption aes-cbc-256
integrity sha512
group 16
crypto ikev2 policy ikev2_policy
proposal ikev2_prop
crypto ikev2 keyring Flex_key
peer Spokes
address 192.168.50.198
pre-shared-key local 12345
pre-shared-key remote 12345
crypto ikev2 profile Flex_IKEv2
match identity remote address 192.168.50.198 255.255.255.0
authentication remote pre-share
authentication local pre-share
keyring local Flex_key
virtual-template 1
no crypto isakmp default policy
crypto ipsec transform-set ipsec_trans esp-aes 256 esp-sha512-hmac
mode tunnel
crypto ipsec profile default
set transform-set ipsec_trans
set ikev2-profile Flex_IKEv2
interface Loopback200
ip address 200.1.1.1 255.255.255.0
ip ospf 10 area 200
interface Loopback201
ip address 201.1.1.1 255.255.255.0
ip ospf 10 area 201
interface Loopback220
ip address 220.1.1.1 255.255.255.0
ip ospf 10 area 220
interface Tunnel1
ip address 172.16.10.253 255.255.255.0
ip mtu 1400
ip tcp adjust-mss 1360
tunnel source GigabitEthernet0/1
tunnel mode ipsec ipv4
tunnel destination 192.168.50.198
tunnel path-mtu-discovery
tunnel protection ipsec profile default shared
interface GigabitEthernet0/1
ip address 192.168.50.199 255.255.255.0
duplex auto
speed auto
router ospf 10
network 172.16.10.0 0.0.0.255 area 0
sh cryp ike sa
IPv4 Crypto IKEv2 SA
Tunnel-id Local Remote fvrf/ivrf Status
1 192.168.50.199/500 192.168.50.198/500 none/none READY
Encr: AES-CBC, keysize: 256, Hash: SHA512, DH Grp:16, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/77852 sec
IPv6 Crypto IKEv2 SA
sh ip route
S* 0.0.0.0/0 [1/0] via 192.168.50.1
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.10.0/24 is directly connected, Tunnel1
L 172.16.10.253/32 is directly connected, Tunnel1
192.168.50.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.50.0/24 is directly connected, GigabitEthernet0/1
L 192.168.50.199/32 is directly connected, GigabitEthernet0/1
200.1.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 200.1.1.0/24 is directly connected, Loopback200
L 200.1.1.1/32 is directly connected, Loopback200
201.1.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 201.1.1.0/24 is directly connected, Loopback201
L 201.1.1.1/32 is directly connected, Loopback201
220.1.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 220.1.1.0/24 is directly connected, Loopback220
L 220.1.1.1/32 is directly connected, Loopback220
sh ip ospf database ro 172.16.10.1
OSPF Router with ID (200.1.1.1) (Process ID 10)
Router Link States (Area 0)
Adv Router is not-reachable in topology Base with MTID 0
LS age: 336
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 172.16.10.1
Advertising Router: 172.16.10.1
LS Seq Number: 80000065
Checksum: 0x4B6E
Length: 60
Area Border Router
AS Boundary Router
Number of Links: 3
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.1.1.1
(Link Data) Network Mask: 255.255.255.255
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 100.1.1.1
(Link Data) Router Interface address: 0.0.0.18
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 200.1.1.1
(Link Data) Router Interface address: 0.0.0.17
Number of MTID metrics: 0
TOS 0 Metrics: 1I checked it out in the lab, at least the generic OSPF setup.
A few comments - do not "redistribute connected" not all of them - you can introduce recursive routing (i.e. introduce tunnel endpoint through the tunnel).
Spoke2#show ip ospf interface tu1Tunnel1 is up, line protocol is up Internet Address 10.1.1.177/32, Area 0, Attached via Network Statement Process ID 65001, Router ID 192.168.102.1, Network Type POINT_TO_POINT, Cost: 1000 Topology-MTID Cost Disabled Shutdown Topology Name 0 1000 no no Base Transmit Delay is 1 sec, State POINT_TO_POINT Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 oob-resync timeout 40 Hello due in 00:00:03 Supports Link-local Signaling (LLS) Cisco NSF helper support enabled IETF NSF helper support enabled Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 1, maximum is 1 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 172.25.1.1 Suppress hello for 0 neighbor(s)Spoke2#show ip route ospf(...)Gateway of last resort is 172.16.2.1 to network 0.0.0.0 10.0.0.0/32 is subnetted, 3 subnetsO 10.1.1.176 [110/3000] via 10.1.1.1, 00:01:38, Tunnel1O IA 192.168.0.0/24 [110/1010] via 10.1.1.1, 00:01:21, Tunnel1Hub#sh run | s r orouter ospf 65001 network 10.1.1.0 0.0.0.255 area 0 network 192.168.0.0 0.0.0.255 area 10
then I added
route-map CONNECTED_TO_OSPF, permit, sequence 10 Match clauses: interface Loopback999 Set clauses: Policy routing matches: 0 packets, 0 bytesHub#sh run | s r orouter ospf 65001 redistribute connected subnets route-map CONNECTED_TO_OSPF network 10.1.1.0 0.0.0.255 area 0 network 192.168.0.0 0.0.0.255 area 10
And checked on Spoke
Spoke1#show ip route ospf(...)Gateway of last resort is 172.16.1.1 to network 0.0.0.0 10.0.0.0/8 is variably subnetted, 4 subnets, 2 masksO 10.1.1.177/32 [110/3000] via 10.1.1.1, 00:05:06, Tunnel1O E2 10.255.255.0/24 [110/20] via 10.1.1.1, 00:00:04, Tunnel1O IA 192.168.0.0/24 [110/1010] via 10.1.1.1, 00:04:49, Tunnel1
Final note "shared" is not needed on point to point interfaces.
Maybe you are looking for
-
How to save Checkbox inputs as a Variants in WD ABAP
Hi, I am going through this nice blog [http://www.sdn.sap.com/irj/scn/weblogs;jsessionid=(J2EE3414700)ID0832150950DB20043138143752756391End?blog=/pub/wlg/10731] which helped me creating varaint options for SELECT -optins fields. Everything works fine
-
Operation ' Change Attribute TSTATE ' could not be carried out for Request
hi, i am unable to delete the request Id from DSO. and when i checked that, it says request is partially activated(error occured during the activation) and when i checked the logs i got the following error messages: Operation ' Change Attribute TST
-
Hi. I have heard that it is possible to call Java code from ABAP using JCo. I am interested in doing that. I have a few questions regarding this... 1) Where should the JCo be installed? At the SAP server or at the SAP Client side? 2) Is is possible t
-
Softmotion can't load examples
Hi , I want to open an example from Softmotion module , but i get this screen : If you wonder if i have Softmotion module , currently installed and/or activated , i post the following images : So i dont know why i can't open the example , any help wo
-
I'm new to podcasting help please?
I have a website that's podcast compatible(powered by moveable type) www.omniversal.net. I have media files(mp3. wav.) already uploaded to my server via FTP. I recently made a podcast through a host server but I want to host it myself. What do I need