Table Of Contents
Supported Standards, MIBs, and RFCs
RADIUS Progress Codes
Feature History
12.2(11)T
This feature was introduced.
12.2(27)SBA
This feature was integrated into Cisco IOS Release 12.2(27)SBA.
Finding Support Information for Platforms and Cisco IOS Software Images
Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.
Contents
•
Supported Standards, MIBs, and RFCs
Feature Overview
The RADIUS Progress Codes feature adds additional progress codes—10, 30, 33, 41, 60, 65, 67—to RADIUS attribute 196 (Ascend-Connect-Progress), which indicates the connection state before the call is disconnected via progress codes.
Attribute 196 is sent in network, exec, and resource accounting "start" and "stop" records. This attribute can facilitate call failure debugging because each progress code identifies accounting information relevant to the connection state of a call. The attribute is activated by default; when an accounting "start" or "stop" accounting record is requested, authentication, authorization, and accounting (AAA) will add attribute 196 into the record as part of the standard attribute list.
Note
The newly supported progress codes are defined in Table 1.
Note
Benefits
The RADIUS Progress Codes feature adds support for the following progress codes to RADIUS attribute 196 (Ascend-Connect-Progress): 10, 30, 33, 41, 60, 65, 67. Attribute 196 is valuable because the progress codes, which are sent in accounting "start" and "stop" records, facilitate the debugging of call failures.
Related Documents
•
•
•
Supported Platforms
•
•
•
•
Supported Standards, MIBs, and RFCs
Standards
None
MIBs
None
To obtain lists of supported MIBs by platform and Cisco IOS release, and to download MIB modules, go to the Cisco MIB website on Cisco.com at the following URL:
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
RFCs
No new or modified RFCs are supported by this feature.
Prerequisites
Before attribute 196 (Ascend-Connect-Progress) can be sent in accounting "start" and "stop" records, you must perform the following tasks:
•
•
For information on completing these tasks, refer to the AAA sections of the Cisco IOS Security Configuration Guide, Release 12.2.
When these tasks are completed, attribute 196 is active by default.
Configuration Tasks
None
Verifying Attribute 196
To verify attribute 196 in accounting "start" and "stop records, use one of the following commands in privileged EXEC mode:
Configuration Examples
This section provides the following configuration example:
Sample Debug Output Example
The following example is a sample debug output from the debug ppp negotiation command. This debug output is used to verify that accounting "stop" records have been generated and that attribute 196 (Ascend-Connect-Progress) has a value of 65.
Tue Aug 7 06:21:03 2001NAS-IP-Address = 10.0.58.62NAS-Port = 20018Vendor-Specific = ""NAS-Port-Type = ISDNUser-Name = "peer_16a"Called-Station-Id = "5213124"Calling-Station-Id = "5212175"Acct-Status-Type = StopAcct-Authentic = RADIUSService-Type = Framed-UserAcct-Session-Id = "00000014"Framed-Protocol = PPPFramed-IP-Address = 60.0.0.2Acct-Input-Octets = 3180Acct-Output-Octets = 3186Acct-Input-Packets = 40Acct-Output-Packets = 40Ascend-Connect-Pr = 65Acct-Session-Time = 49Acct-Delay-Time = 0Timestamp = 997190463Request-Authenticator = UnverifiedCommand Reference
None
Glossary
AAA—authentication, authorization, and accounting. Suite of network security services that provide the primary framework through which access control can be set up on your Cisco router or access server.
attribute—RADIUS Internet Engineering Task Force (IETF) attributes are the original set of 255 standard attributes that are used to communicate AAA information between a client and a server. Because IETF attributes are standard, the attribute data is predefined and well known; thus all clients and servers who exchange AAA information via IETF attributes must agree on attribute data such as the exact meaning of the attributes and the general bounds of the values for each attribute.
EXEC accounting—Provides information about user EXEC terminal sessions of the network access server.
IPCP—IP Control Protocol. A protocol that establishes and configures IP over PPP.
LCP—link control protocol. A protocol that establishes, configures, and tests data-link connections for use by PPP.
network accounting—Provides information for all PPP, Serial Line Internet Protocol (SLIP), or AppleTalk Remote Access Protocol (ARAP) sessions, including packet and byte counts.
PPP—Point-to-Point Protocol. Successor to SLIP that provides router-to-router and host-to-network connections over synchronous and asynchronous circuits. Whereas SLIP was designed to work with IP, PPP was designed to work with several network layer protocols, such as IP, IPX, and ARA. PPP also has built-in security mechanisms, such as CHAP and PAP. PPP relies on two protocols: LCP and NCP.
RADIUS—Remote Authentication Dial-In User Service. RADIUS is a distributed client/server system that secures networks against unauthorized access. In the Cisco implementation, RADIUS clients run on Cisco routers and send authentication requests to a central RADIUS server that contains all user authentication and network service access information.
resource accounting—Provides "start" and "stop" records for calls that have passed user authentication, and provides "stop" records for calls that fail to authenticate.
Copyright ©2001-2005 Cisco Systems, Inc. All rights reserved.