ISDN Dailer Chap problem

Hi, I just setup 2 Cisco 2610's with ISDN Backup (Braintree & Nashville with Braintree calling Nashville).

For some reason the Dialer interface ppp keeps getting refused due to a CHAP error (I am pretty sure).

Here is the log

*Feb 1 00:04:54.847: BR1/0:1 PPP: Using dialer call direction *Feb 1 00:04:54.847: BR1/0:1 PPP: Treating connection as a callout *Feb 1 00:04:54.847: BR1/0:1 PPP: Session handle[A900001C] Session id[11] *Feb 1 00:04:54.847: BR1/0:1 PPP: Authorization required *Feb 1 00:04:54.871: BR1/0:1 CHAP: O CHALLENGE id 11 len 30 from "Braintree" *Feb 1 00:04:54.887: BR1/0:1 CHAP: I CHALLENGE id 104 len 30 from "Nashville" *Feb 1 00:04:54.891: BR1/0:1 CHAP: Using hostname from interface CHAP *Feb 1 00:04:54.891: BR1/0:1 CHAP: Using password from AAA *Feb 1 00:04:54.891: BR1/0:1 CHAP: O RESPONSE id 104 len 30 from "Braintree" *Feb 1 00:04:54.911: BR1/0:1 CHAP: I FAILURE id 104 len 25 msg is "Authentication failed" *Feb 1 00:04:55.143: %LINK-3-UPDOWN: Interface BRI1/0:1, changed state to down

From the log it looks like its trying to use a password from AAA even though I don't

have AAA configured on either router (no aaa new-model).

Does anyone have any suggestions? Here is the config of the 2 routers (Nashville & Braintree)

For the Braintree Dialer interface I am specifying the CHAP user id and password ppp chap hostname Braintree ppp chap password 0 MyPassword

Yet it seems to be trying to pull the chap password from AAA

Thanks in advance

######## Braintree Router #####################

version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Braintree ! boot-start-marker boot-end-marker ! enable secret 5 $1$NjZ/$rGarK3TBKPyH9PJX0e8Tl. ! clock timezone est -5 clock summer-time edt recurring no network-clock-participate slot 1 no network-clock-participate wic 0 no aaa new-model ip subnet-zero ip cef ! no ip domain lookup ! ! isdn switch-type basic-dms100 ! username Nashville password 0 MyPassword username Somerset password 0 MyPassword ! crypto isakmp policy 1 encr 3des hash md5 authentication pre-share group 2 crypto isakmp key MyPassword address 192.168.1.2 no-xauth crypto isakmp key MyPassword address 10.1.5.2 no-xauth crypto isakmp key MyPassword address 10.1.5.3 no-xauth ! ! crypto ipsec transform-set Generic esp-3des esp-md5-hmac ! crypto map Genericmap 1 ipsec-isakmp set peer 192.168.1.2 set transform-set Generic match address 101 ! crypto map Genericmap2 1 ipsec-isakmp set peer 10.1.5.2 set peer 10.1.5.3 set transform-set Generic match address 101 ! ! interface FastEthernet0/0 ip address XXX.XXX.XXX.XXX 255.255.255.0 duplex auto speed auto ! interface Serial0/0 backup delay 5 90 backup interface Dialer1 ip address 192.168.1.1 255.255.255.0 no fair-queue service-module t1 clock source internal service-module t1 timeslots 1-24 crypto map Genericmap ! interface BRI1/0 no ip address encapsulation ppp dialer pool-member 1 min-link 2 isdn switch-type basic-dms100 isdn spid1 80055512120101 5551212 isdn spid2 80055512130101 5551213 no fair-queue ppp authentication chap ppp multilink crypto map Genericmap2 ! interface BRI1/1 no ip address encapsulation ppp no ip mroute-cache shutdown isdn switch-type basic-dms100 no fair-queue ppp authentication chap ppp multilink crypto map Genericmap2 ! interface BRI1/2 no ip address no ip mroute-cache shutdown isdn switch-type basic-dms100 no fair-queue ! interface BRI1/3 no ip address shutdown isdn switch-type basic-dms100 ! interface Dialer1 ip address 10.1.5.1 255.255.255.0 encapsulation ppp dialer pool 1 dialer string 18005551214 dialer string 18005551215 dialer-group 1 ppp authentication chap ppp chap hostname Braintree ppp chap password 0 MyPassword ppp multilink crypto map Genericmap2 ! ip http server no ip http secure-server ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 200 ip route xxx.xxx.xxx.0 255.255.255.0 xxx.xxx.xxx.xxx ip route xxx.xxx.0.0 255.255.0.0 192.168.1.2 ! ! access-list 101 permit ip any any access-list 101 permit icmp any any access-list 102 permit esp any any access-list 102 permit udp any any eq isakmp access-list 103 permit esp any any access-list 103 permit udp any any eq isakmp dialer-list 1 protocol ip permit ! ! ! ! ! dial-peer cor custom ! ! ! ! ! line con 0 line aux 0 line vty 0 4 password MyPassword login ! ! end

########## Nashville Router ###################################### Using 2476 out of 29688 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Nashville ! boot-start-marker boot-end-marker ! enable secret 5 $1$FLZV$QH0/QZnf/TEbBYAJFJ.Rf/ ! no network-clock-participate slot 1 no network-clock-participate wic 0 no aaa new-model ip subnet-zero ip cef ! ! no ip domain lookup ! ! isdn switch-type basic-dms100 ! username Braintree password 0 MyPassword

! crypto isakmp policy 1 encr 3des hash md5 authentication pre-share group 2 crypto isakmp key MyPassword address 192.168.1.1 no-xauth crypto isakmp key MyPassword address 10.1.5.1 no-xauth ! ! crypto ipsec transform-set Generic esp-3des esp-md5-hmac ! crypto map Genericmap 1 ipsec-isakmp set peer 192.168.1.1 set transform-set Generic match address 101 ! crypto map Genericmap2 1 ipsec-isakmp set peer 10.1.5.1 set transform-set Generic match address 101 ! interface FastEthernet0/0 ip address 160.254.129.156 255.255.255.248 duplex auto speed auto ! interface Serial0/0 ip address 192.168.1.2 255.255.255.0 no fair-queue service-module t1 clock source internal service-module t1 timeslots 1-24 crypto map Genericmap ! interface BRI1/0 no ip address encapsulation ppp dialer pool-member 1 priority 255 isdn switch-type basic-dms100 isdn spid1 80055512140101 5551214 isdn spid2 80055512150101 5551215 no fair-queue ppp authentication chap ppp multilink crypto map Genericmap2 ! interface BRI1/1 no ip address shutdown isdn switch-type basic-ni ! interface BRI1/2 no ip address shutdown isdn switch-type basic-ni ! interface BRI1/3 no ip address shutdown isdn switch-type basic-ni ! interface Dialer1 ip address 10.1.5.2 255.255.255.0 encapsulation ppp dialer pool 1 dialer-group 1 ppp authentication chap ppp chap password 0 MyPassword ppp multilink ppp multilink links maximum 2 ppp multilink links minimum 2 crypto map Genericmap2 ! ip http server no ip http secure-server ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 200 ip route xxx.xxx.xxx.0 255.255.255.0 192.168.1.1 ip route xxx.xxx.0.0 255.255.0.0 xxx.xxx.xxx.xxx ! access-list 101 permit ip any any access-list 102 permit esp any any access-list 102 permit udp any any eq isakmp access-list 103 permit esp any any access-list 103 permit udp any any eq isakmp dialer-list 1 protocol ip permit ! ! line con 0 line aux 0 line vty 0 4 password MyPassword login ! ! end

Reply to
spoliskey
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.