The article has been updated successfully.The DialOut/EZ Redirector is unable to dial-out through a Cisco server, the trace log shows a "Password OK" just before AT commands begin failing. What is the problem?
The underlying problem is that the "Password OK" from the Cisco server is being processed by Windows TAPI software as an "OK" from a modem, which it is not.
This problem can be solved by using aaa new-model authentication in the Cisco server. The aaa new-model functionality is a superset of the old model, so using new-model means no loss of functionality.
The following is a snippet of a configuration to authenticate using "aaa new-model" for local username authentication:
aaa new-model
aaa authentication login default local
aaa authentication login NONE none
aaa authentication ppp default if-needed local
line console 0
login authentication NONE
line 33 48 ! whatever range of modem lines that's being
used for dialout
login authentication default
...
Or for a just a local username database:
aaa new-model
aaa authentication login default local
aaa authentication ppp default if-needed local
...
For more information about implementing the Local AAA Subsystem click here.
Related Articles
No related articles were found.Attachments
No attachments were found.Visitor Comments
Article Details
Last Updated
1st of September, 2009
