- This topic has 1 reply, 1 voice, and was last updated 20 years, 3 months ago by Andrew Zhilenko.
-
AuthorPosts
-
19th July 2004 at 07:49 #27656ismailGuest
Hello,
Thanks Andrew Zhilenko! I can define two application tcl. I use
standard app_remote_ip_authenticate.2.0.0.tcl downloaded from Cisco site. But I dont know how I can modify for different radius. I only downloaded the app tcl and used, It works. I didnt make any modification in tcl for method h323 or radius.
Tcl purpose is:
*********************************
“# This tcl script replaces the SESSION application for a VoIP call leg.
# If the remote (calling side) IP address is authenticated, it places the
# call.
# Authentication is done with the IP address, and the fixed password “cisco”.
# (Note: We really only want to authenticate the IP address. But since some
# RADIUS servers insist on a non-null password, we use the fixed password
# “cisco”.)
# If authentication fails, the script returns with an error code, and the
# call is rejected.
“************************************
I want define for each dial-peer or controller e1 port specific radius. I can define different methods or radius. But How can I apply them for different dialpeers. Pls, help me! thanksAndrew Zhilenko wrote:
>Yes, you can. You have to use >different applications on >different incoming voip dial->peers, and these applications >should use different auth. >method instead of “h323” (modify >the >app_remote_ip_authenticate.2.0.0.>tcl or get the remote IP auth. >application where you can >configure method from the CLI)…
aaa authentication login myh323one group rad1
aaa authentication login myh323two group rad2
…My gateway as5350 has two E1 interface.
I have defined
radius-server host zzzz auth-port 1812 acc-port 1813I work gw-to-gw.
call application voice remote_ip
flash:app_remote_ip_authenticate.2.0.0.tcldial-peer voice 200 voip
permission orig
huntstop
application remote_ip
incoming called-number ^9054T
!
dial-peer voice 1 pots
permission term
huntstop
destination-pattern 9054T
port 3/1:0
forward-digits 11
prefix ,I termnte calls with GSM channel bank.
controller E1 3/0
ds0-group 0 timeslots 1-15,17-28 type r2-digitalcontroller E1 3/1
ds0-group 1 timeslots 1-15,17-28 type r2-digitaltill here all thing is normal. I work properly. But now I want to work with the following scenario:
I will define two radius with
aaa group server radius rad1
server xxxx
aaa group server radius rad2
server yyyyI want to use rad1 for controller e1 3/0 and rad2 for controller e1 3/1.
Two different types of call come with prefix 3547#number(to e1 3/0) and 9878#number (to e1 3/1).But I dont know how can I define rad1 to e1 3/0 and rad2 to e1 3/1.
I think that I must define rad1 and rad2 to dial-peers separately. But how?
can you help me,pls?20th July 2004 at 19:24 #27657Andrew ZhilenkoGuestYou need two separate incoming voip dialpeers (separate them by incoming called-number), with the different applications on them. These applications must use different auth. methods – either modify the Cisco application, or search google for “advanced remote authenticate”
-
AuthorPosts
- The forum ‘Voice over IP’ is closed to new topics and replies.