From: Engelhard M. Labiro (engelhard@xxxxxxxxxxxxxx)
Date: Sun Apr 28 2002 - 11:35:23 GMT-3
Members,
As subject says, I can`t make a callback to the callback client
if "dialer callback-secure" configured on callback-server.
There is no problem for callback-server to initiate a callback
if that command is not configured.
I know that this must be relate to dialer map ip name class
and map-class configuration, but already spent a whole day
trying to figure this out without success.
Any help would be appreciate.
The following are the configurations, debug results, etc:
1. Network config
Please refer to Solie`s book Lab 17.
green-bay------FR (ISDN backup)-------san-diego
green-bay is the callback-server , IOS 12.1(12a)
san-diego is the callback-client , IOS 12.2(5)
2. "debug dialer" result
>From green-bay console:
green-bay#sd
Dial on demand:
Dial on demand events debugging is on
green-bay#1d00h: BR0/0:caller id callback to 12 but callback secure
green-bay#1d00h: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up
green-bay#1d00h: %ISDN-6-DISCONNECT: Interface BRI0/0:1 disconnected from 12 s
an-diego, call lasted 1 seconds
1d00h: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to down
green-bay#1d00h: BR0/0:1 DDR: disconnecting call
green-bay#
>From san-diego console (first initiate a trigger packet by ping).
san-diego#ping 10.10.20.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.20.2, timeout is 2 seconds:
1d00h: BR0/0 DDR: Dialing cause ip (s=10.10.10.5, d=10.10.20.2)
1d00h: BR0/0 DDR: Attempting to dial 11
1d00h: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up
1d00h: BR0/0:1 DDR: Callback negotiated - Disconnecting now
1d00h: BR0/0:1 DDR: disconnecting call.
1d00h: %ISDN-6-CONNECT: Interface BRI0/0:1 is now connected to 11 green-bay
1d00h: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to down
1d00h: DDR: Callback client for green-bay 11 created
1d00h: BR0/0:1 DDR: disconnecting call....
Success rate is 0 percent (0/5)
san-diego#
1d00h: DDR: No callback received from green-bay 11
1d00h: DDR: Freeing callback to green-bay 11
san-diego#
3. Router configuration
san-diego router as follow:
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname san-diego
!
!
username green-bay password 0 pass1
ip subnet-zero
!
!
no ip domain-lookup
!
ip audit notify log
ip audit po max-events 100
ip ssh time-out 120
ip ssh authentication-retries 3
!
isdn switch-type ntt
interface Serial0/0
no ip address
encapsulation frame-relay
no fair-queue
clockrate 2000000
!
interface Serial0/0.1 point-to-point
ip address 10.10.10.2 255.255.255.252
frame-relay interface-dlci 604
!
interface BRI0/0
ip address 10.10.10.5 255.255.255.252
encapsulation ppp
ip ospf cost 9999
ip ospf demand-circuit
dialer idle-timeout 60
dialer wait-for-carrier-time 10
dialer map ip 10.10.10.6 name green-bay broadcast 11
dialer load-threshold 1 outbound
dialer-group 1
isdn switch-type ntt
ppp callback request
ppp authentication chap
ppp multilink
!
!
router ospf 1
log-adjacency-changes
network 10.10.10.0 0.0.0.3 area 0
network 10.10.10.4 0.0.0.3 area 0
network 192.168.10.0 0.0.0.127 area 1
!
ip classless
ip http server
ip pim bidir-enable
!
dialer-list 1 protocol ip permit
!
green-bay configuration:
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname green-bay
!
!
username san-diego password 0 pass1
!
!
!
!
memory-size iomem 30
ip subnet-zero
no ip domain-lookup
!
isdn switch-type ntt
!
interface Serial0/0
bandwidth 56000
no ip address
encapsulation frame-relay
no fair-queue
!
interface Serial0/0.1 point-to-point
ip address 10.10.10.1 255.255.255.252
frame-relay interface-dlci 406
!
!
interface BRI0/0
ip address 10.10.10.6 255.255.255.252
encapsulation ppp
ip ospf cost 9999
ip ospf demand-circuit
dialer callback-secure
dialer idle-timeout 60
dialer enable-timeout 5
dialer map ip 10.10.10.5 name san-diego class CALLBACK broadcast 12
dialer load-threshold 1 outbound
dialer-group 1
isdn switch-type ntt
isdn caller 12 callback
ppp callback accept
ppp authentication chap
!
!
router eigrp 2
redistribute ospf 1 metric 10000 1000 255 1 1500 match internal external 1 ext
ernal 2
network 192.168.20.0
no auto-summary
no eigrp log-neighbor-changes
!
router ospf 1
log-adjacency-changes
redistribute eigrp 2 subnets
network 10.10.10.0 0.0.0.3 area 0
network 10.10.10.4 0.0.0.3 area 0
!
ip classless
ip http server
!
map-class dialer CALLBACK
dialer callback-server username
dialer-list 1 protocol ip permit
!
!
Thanks in advance.
Engelhard M. Labiro$B!!(B(engelhard@netmarks.co.jp)
Security Group, Technical Solution Center, Netmarks Inc.
2-13-34 Konan, Minato-Ku, Tokyo 108-0075
Tel: +81-3-5461-2575, Fax: +81-3-5461-2093
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:21 GMT-3