-
Error 718
سلام
میشه بگید مشکل این Config چیه که همش error 718 نشون میده
بعد چک کردن user & pass به کاربر error 718 نشون میده
از اکانتینگ که نیست چون موقعی که sh radius st میگیرم نشون میده که اطلاعات برای چک کاربر انجام شده
حالا من Config میزارم ببینید مشکل چیه
[CODE]
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Router
!
aaa new-model
aaa authentication ppp default group radius
aaa authorization network default group radius none
aaa accounting delay-start
aaa accounting update periodic 1
aaa accounting network default start-stop group radius
enable secret 5 $$%$$$1$R/to$UweB5B4kaaeeTzp2IAM1Y.
enable password 7 000F1B0917530A$$&*&0B0E2545
!
username admin privilege 15 password 7 051B03162C4AERT$D40584A534243585A51
spe 1/0 2/9
firmware location flash:mica-modem-pw.2.9.4.0.bin
!
!
resource-pool disable
!
clock timezone IRT 3 30
ip subnet-zero
ip name-server 80.191.222.6
ip name-server 217.218.127.104
ip name-server 192.9.9.3
ip name-server 4.2.2.2
ip name-server 4.2.2.4
!
async-bootp dns-server 80.191.222.6 217.218.127.104 192.9.9.3 4.2.2.2
isdn switch-type primary-net5
isdn gateway-max-interworking
modemcap entry mica-e1:MSC=&F&D2S34=18000S40=10S54=172S53=0
modemcap entry mica-noKflex:MSC=&F&D2s53=0
modemcap entry mica-v92:MSC=&f&d2s29=12s63=0s54=172s53=0s34=18000s40=10
modemcap entry mica-v90:MSC=&f&d2s29=12s63=0s54=8s53=0s40=0s34=1800
!
controller E1 0
framing NO-CRC4
clock source line primary
pri-group timeslots 1-31
!
controller E1 1
shutdown
clock source line secondary 1
pri-group timeslots 1-31
!
controller E1 2
shutdown
pri-group timeslots 1-31
!
controller E1 3
shutdown
pri-group timeslots 1-31
!
!
!
interface Ethernet0
bandwidth 640
ip address 80.191.222.10 255.255.255.0 secondary
ip address 80.191.223.1 255.255.255.0 secondary
ip address 80.191.222.1 255.255.255.128
ip nat outside
no ip route-cache
no ip mroute-cache
!
interface Serial0:15
ip unnumbered Ethernet0
encapsulation ppp
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no fair-queue
ppp authentication chap pap
ppp multilink
!
interface Serial1:15
ip unnumbered Ethernet0
encapsulation ppp
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no fair-queue
ppp authentication chap pap
ppp multilink
!
interface Serial2:15
ip unnumbered Ethernet0
encapsulation ppp
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no fair-queue
ppp authentication chap pap
ppp multilink
!
interface Serial3:15
ip unnumbered Ethernet0
encapsulation ppp
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no fair-queue
ppp authentication chap pap
ppp multilink
!
interface FastEthernet0
no ip address
no ip route-cache
no ip mroute-cache
shutdown
duplex auto
speed auto
!
interface Group-Async0
ip unnumbered Ethernet0
ip nat inside
encapsulation ppp
no ip route-cache
ip tcp header-compression
no ip mroute-cache
async mode dedicated
peer default ip address pool test
fair-queue
compress mppc
ppp reliable-link
ppp authentication pap
ppp multilink
group-range 1 120
!
ip local pool test 80.191.223.5 80.191.223.60
ip classless
ip route 0.0.0.0 0.0.0.0 80.191.222.2
no ip http server
!
!
ip access-list extended Virus
deny udp any any eq 1433
deny udp any any eq 1434
deny udp any any eq tftp
deny tcp any any eq 135
deny udp any any eq 135
deny udp any any eq netbios-ns
deny udp any any eq netbios-dgm
deny tcp any any eq 139
deny udp any any eq netbios-ss
deny tcp any any eq 445
deny tcp any any eq 593
deny tcp any any eq 4444
deny tcp any any eq 1243
deny tcp any any eq 554
deny udp any any eq 8554
deny tcp any any eq 27374
deny tcp any any eq 1919
deny tcp any any eq 1433
deny tcp any any eq 1425
deny tcp any any eq 6667
deny tcp any any eq 8943
deny tcp any any eq 4662
deny tcp any any eq 1034
deny tcp any any eq 9999
permit icmp any host 80.191.222.1
permit icmp any host 80.191.222.2
permit icmp any host 80.191.222.3
permit icmp any host 80.191.222.4
permit icmp any host 80.191.222.5
permit icmp any host 80.191.222.6
permit icmp any host 80.191.222.7
permit icmp any host 80.191.222.8
deny icmp any any
permit ip any any
access-list 15 permit 80.191.222.5
access-list 90 permit 80.191.222.3
access-list 100 permit ip 80.191.223.0 0.0.0.255 any
access-list 112 deny tcp any any eq 445
access-list 112 deny tcp any any eq 6669
access-list 112 deny tcp any any eq 2222
access-list 112 deny tcp any any eq 7000
access-list 112 deny tcp any any eq 16959
access-list 112 deny tcp any any eq 27374
access-list 112 deny tcp any any eq 6711
access-list 112 deny tcp any any eq 6712
access-list 112 deny tcp any any eq 6776
access-list 112 deny tcp any any eq 16660
access-list 112 deny tcp any any eq 65000
access-list 112 deny tcp any any eq 27665
access-list 112 deny tcp any any eq 33270
access-list 112 deny tcp any any eq 39168
access-list 112 deny tcp any any eq 26300
access-list 112 deny tcp any any eq 1433
access-list 112 deny tcp any any eq 135
access-list 112 deny tcp any any eq 139
access-list 112 deny tcp any any eq 593
access-list 112 deny tcp any any eq 4444
access-list 112 deny udp any any eq 1434
access-list 112 deny udp any any eq 31335
access-list 112 deny udp any any eq 27444
access-list 112 deny udp any any eq 135
access-list 112 deny udp any any eq netbios-ns
access-list 112 deny udp any any eq netbios-dgm
access-list 112 deny udp any any eq netbios-ss
access-list 112 deny udp any any eq 5000
access-list 112 deny udp any any eq tftp
access-list 147 permit tcp any any eq 5100
access-list 147 permit tcp any any eq 5000
access-list 147 permit tcp any any eq 5001
access-list 147 permit tcp any any eq 5050
access-list 147 permit udp any any eq 5000
access-list 147 permit udp any any eq 5055
access-list 147 permit tcp any any eq 6667
access-list 147 permit tcp any any eq 5004
access-list 147 permit tcp any any eq 4662
access-list 147 permit udp any any eq 9466
access-list 147 permit tcp any any eq 1723
access-list 147 permit gre any any
route-map dark permit 101
set ip next-hop 80.191.222.3
!
snmp-server community XXXXXX RW 90
snmp-server community !@#$%^&*( RW 15
snmp-server location Iran
snmp-server contact Cisco
snmp-server enable traps tty
radius-server host ABC.DEF.GHI.JKL auth-port 1812 acct-port 1813 key 123456789
radius-server retransmit 3
radius-server timeout 60
!
line con 0
logging synchronous
autocommand ppp
autoselect during-login
autoselect ppp
line 1 120
session-timeout 30
no flush-at-activation
absolute-timeout 200
modem Dialin
modem autoconfigure type mica-e1
autocommand ppp default
transport preferred none
transport input all
transport output none
autoselect during-login
autoselect ppp
line aux 0
line vty 0 4
password 7 1315120B060D0A7B78727D62667446
!
[/CODE]
-
آقاي دارك لاو اين كانفيگت رو درست كن
اين كه همه چيش معلومه
ip و قسمت رمز رو كه كد شده بردار.SNMP رو هم حتما commonityرد بردار.
الان هر كي بخواد مي تونه وارد روترن بشه
-
نمی تونه
چون snmp برای 2 Ip مجاز کردم
بعدش یوز و پسورد عض کردم
-
[B]DUNS ERROR 718[/B]
[LEFT][FONT=Courier New][SIZE=2][B]718[/B] - PPP timeout.[/SIZE][/FONT][/LEFT]
[SIZE=2]This error indicates a PPP conversation was started, but was terminated because the remote server did not respond within an appropriate time. This can be caused by poor line quality or a problem with the server (ISP). This error can occur when your modem has connected to the ISP and has sent username and password, but there is no response from the server. [/SIZE]
[SIZE=2]Sometimes, re-dialing will be successful. [/SIZE] [LEFT][SIZE=2]This error can also occur if your ISP account has expired, or if the username or password you are using is invalid.[/SIZE]
[SIZE=2]This error can occur if you have LCP extensions enabled in the TCP/IP Properties of the connectoid and your ISP does not support LCP extensions.[/SIZE]
[SIZE=2]This error may also occur if you have one or more network cards in your machine, and the cards do not have TCP/IP protocol enabled, or if the TCP/IP settings are incorrect. (Go to Networking in Control Panel to examine the properties of your network adapters; or, if you are not using the network card(s), disable them in Control Panel->System->Hardware.)[/SIZE]
[SIZE=2][/SIZE] [/LEFT]
[RIGHT][B][SIZE=2][/SIZE][/B]
[B][SIZE=2][/SIZE][/B]
[B][SIZE=2][/SIZE][/B]
[B][SIZE=2][/SIZE][/B]
[B][SIZE=2][/SIZE][/B] [/RIGHT]
[LEFT]az che accounting estefadeh mikoni?[/LEFT]
-
masalan default nttac 1645-6(port) hast aya ina ro cgeck kardi?
-
چی؟
Acounting من IBSng
پورت 1812 1813
میشه بیشتر توضیح بدید
-
[LEFT]che noskhe ibsng estefadeh mikoni?
[/LEFT]
[SIZE=2][LEFT]ISDN:
enable rsh to be able to force clear an isdn connection:
ip rcmd rsh-enable
ip rcmd remote-host root xxx.xxx.xxx.xxx(ibs server ip address) root enable
configure aaa commands as dialup
aaa new-model aaa authentication ppp default group radius
aaa authorization network default if-authenticated
aaa accounting delay-start
aaa accounting network default start-stop group radius
aaa accounting update periodic 1
[/LEFT]
[SIZE=2][LEFT]DIALUP:
add ras with snmp community and radius key
add ports as async
these are sample necassary config lines for cisco dialup service
NOTE: snmp must be RW for ibs to be able to kill users
strongkey is the same as you set in ibs ras
xxx.xxx.xxx.xxx is your ibs server ip address
---------------------------------------
aaa new-model
aaa authentication ppp default group radius
aaa authorization network default if-authenticated
aaa accounting delay-start
aaa accounting network default start-stop group radius
access-list 90 permit xxx.xxx.xxx.xxx
snmp-server community strongkey RW 90
snmp-server enable traps tty
radius-server host xxx.xxx.xxx.xxx auth-port 1812 acct-port 1813 key 0 strongkey[/LEFT]
[/SIZE][LEFT]
ppp authentication chap pap>>ppp authentication pap
async mode dedicated>> async mode interactive
dar zemn access-list shoma be interface emal nakardi yani alaki neveshti
va hamchnin baraye route map ye access-list bezar savab dare
[/LEFT]
[/SIZE]
-
ماله من A1.24
ولی از Acounting نیست
-
ina ro anjam bedeh
ppp authentication chap pap>>ppp authentication pap
async mode dedicated>> async mode interactive
dar zemn access-list shoma be interface emal nakardi yani alaki neveshti
va hamchnin baraye route map ye access-list bezar savab dare
[URL="http://forum.persianadmins.ir/forumdisplay.php?f=5"]inja[/URL] ham ye negah bendaz configha ro
dar zemn shoma mitonid eshkalate config squid mano baram begirid? az to mataleb hamin site jam o jor kardam
-
718 معمولا برای دسترسی نداشتن به نرم افزار Accounting هست
-
خوب الان میتونم فارسی بنویسم
کانفیگ چند تا مشکل داره یکیش اینه که
async mode dedicated>> async mode interactive
اینطوری باید باشه تا اونجایی که من اطلاع دارم
خود سیسکو میگه
configure interactive mode on the asyn interfaces.interactives mean that users can dial in and get toa shell or ppp seasion on that line
اینم بهتره اینجوری باشه
ppp authentication chap pap>>ppp authentication pap
در ضمن access-list ها هم به هیچ جا اختصاص داده نشده واین یعنی acl=کشک
-
کانفیگ مشکل نداره. نمی دون آیا IBS از Password Authentication Protocol پیشتیبانی می کنه یا نه ولی بطور کلی همه radius server ها از PAP و CHAP می توننن استفاده کنن.
از دستور TEST AAA Group Radius {username} {passwoor} Legacy تو خط فرمان اکسس سرورت استفاده کن ببین accept می کنه یا نه. می تونی LOG نرم radius sever رو هم برای اطمینان چک کنی.
این error در موقعی نشون داده می شه که Acess server نمی تونه radius رو ببینه . اگه error داشت ببین از AS می تونی سرور رو Ping کنی یا نه.
-
عزیزان مشکل برطرف شد
مشکل از مخابرات بود
ISDN کرده بود
Acounting برداشتم ISP Pack گذاشتم
دسته همه طلا
-
سلام دوستان كاربران isp من هم زنگ مي زنند بغضي وقتها ميگن حطا 718 دارن من متوجه نشدم كه جناب دارك لاو چطوري مشكل را فهميدي ميشه بيشتر توضيح بدي تا من هم متوجه بشم ممنون ميشم
-
تو این موقع ببینید سرورتون رو پینگ دارین جناب ولی زاده !!!