- This topic has 1 reply, 1 voice, and was last updated 16 years, 7 months ago by Andrew Zhilenko.
19th July 2004 at 07:49 #27656ismailGuest
Thanks Andrew Zhilenko! I can define two application tcl. I use
standard app_remote_ip_authenticate.2.0.0.tcl downloaded from Cisco site. But I dont know how I can modify for different radius. I only downloaded the app tcl and used, It works. I didnt make any modification in tcl for method h323 or radius.
Tcl purpose is:
“# This tcl script replaces the SESSION application for a VoIP call leg.
# If the remote (calling side) IP address is authenticated, it places the
# Authentication is done with the IP address, and the fixed password “cisco”.
# (Note: We really only want to authenticate the IP address. But since some
# RADIUS servers insist on a non-null password, we use the fixed password
# If authentication fails, the script returns with an error code, and the
# call is rejected.
I want define for each dial-peer or controller e1 port specific radius. I can define different methods or radius. But How can I apply them for different dialpeers. Pls, help me! thanks
Andrew Zhilenko wrote:
>Yes, you can. You have to use >different applications on >different incoming voip dial->peers, and these applications >should use different auth. >method instead of “h323” (modify >the >app_remote_ip_authenticate.2.0.0.>tcl or get the remote IP auth. >application where you can >configure method from the CLI)
aaa authentication login myh323one group rad1
aaa authentication login myh323two group rad2
My gateway as5350 has two E1 interface.
I have defined
radius-server host zzzz auth-port 1812 acc-port 1813
I work gw-to-gw.
call application voice remote_ip
dial-peer voice 200 voip
incoming called-number ^9054T
dial-peer voice 1 pots
I termnte calls with GSM channel bank.
controller E1 3/0
ds0-group 0 timeslots 1-15,17-28 type r2-digital
controller E1 3/1
ds0-group 1 timeslots 1-15,17-28 type r2-digital
till here all thing is normal. I work properly. But now I want to work with the following scenario:
I will define two radius with
aaa group server radius rad1
aaa group server radius rad2
I want to use rad1 for controller e1 3/0 and rad2 for controller e1 3/1.
Two different types of call come with prefix 3547#number(to e1 3/0) and 9878#number (to e1 3/1).
But I dont know how can I define rad1 to e1 3/0 and rad2 to e1 3/1.
I think that I must define rad1 and rad2 to dial-peers separately. But how?
can you help me,pls?20th July 2004 at 19:24 #27657Andrew ZhilenkoGuest
You need two separate incoming voip dialpeers (separate them by incoming called-number), with the different applications on them. These applications must use different auth. methods – either modify the Cisco application, or search google for “advanced remote authenticate”