Callback Cisco to WinXP

Stefan A. lists at
Thu Aug 18 03:15:17 CEST 2005


I have to configure an async callback solution using Cisco IOS and
Up to now, the user can dial in and will be authenticated against my
freeradius server. Anything works fine.

After setting up the callback things on the router and on the radius server,
the user will still be granted access without any callback options.
Debugging the cisco callback during the session setup, I will get the

Se0/1 MCB: Start
Se0/1 MCB: Callback not authorized for this user stefancb

What I've done so far:
On WinXP, I left anything default, so that the user will be given the
choice, to be called back if the server makes an offer.

On the Cisco, I've configured:

interface Serial0/1
 physical-layer async
 ip address
 ip nat inside
 encapsulation ppp
 ip tcp adjust-mss 1452
 async mode interactive
 peer default ip address pool modemippool
 no keepalive
 ppp callback accept
 ppp authentication chap

chat-script offhook "" "ATH1" OK
chat-script callback ABORT ERROR ABORT BUSY "" "ATZ" OK "ATDT \T" TIMEOUT60

line 2
 script modem-off-hook offhook
 script callback callback
 modem InOut
 modem autoconfigure discovery
 transport input all
 autoselect during-login
 autoselect ppp
 speed 115200

The user is configured on the radius server:

stefancb	Auth-Type := Local, User-Password == "hello"
	Service-Type = Callback-Framed-User,
	Framed-Protocol = PPP,
	Cisco-AVPair = "ip:dns-servers=",
	Cisco-AVPair != "ip:wins-servers=",
	Cisco-AVPair != "lcp:callback-dialstring=0123456",

I've also tested 
	Service-Type = Framed-User,

What's wrong here?
How do I have to set up the user on my Radius Server?

Thank You.
Regards Stefan

More information about the Freeradius-Users mailing list