Generic selectors
Exact matches only
Search in title
Search in content

radius + e1 extra

  • This topic is empty.
Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #27656 Reply
    ismail
    Guest

    Hello,
    Thanks Andrew Zhilenko! I can define two application tcl. I use
    standard app_remote_ip_authenticate.2.0.0.tcl downloaded from Cisco site. But I dont know how I can modify for different radius. I only downloaded the app tcl and used, It works. I didnt make any modification in tcl for method h323 or radius.
    Tcl purpose is:
    *********************************
    “# This tcl script replaces the SESSION application for a VoIP call leg.
    # If the remote (calling side) IP address is authenticated, it places the
    # call.
    # Authentication is done with the IP address, and the fixed password “cisco”.
    # (Note: We really only want to authenticate the IP address. But since some
    # RADIUS servers insist on a non-null password, we use the fixed password
    # “cisco”.)
    # If authentication fails, the script returns with an error code, and the
    # call is rejected.
    “************************************
    I want define for each dial-peer or controller e1 port specific radius. I can define different methods or radius. But How can I apply them for different dialpeers. Pls, help me! thanks

    Andrew Zhilenko wrote:
    >Yes, you can. You have to use >different applications on >different incoming voip dial->peers, and these applications >should use different auth. >method instead of “h323” (modify >the >app_remote_ip_authenticate.2.0.0.>tcl or get the remote IP auth. >application where you can >configure method from the CLI)


    aaa authentication login myh323one group rad1
    aaa authentication login myh323two group rad2

    My gateway as5350 has two E1 interface.
    I have defined
    radius-server host zzzz auth-port 1812 acc-port 1813

    I work gw-to-gw.

    call application voice remote_ip
    flash:app_remote_ip_authenticate.2.0.0.tcl

    dial-peer voice 200 voip
    permission orig
    huntstop
    application remote_ip
    incoming called-number ^9054T
    !
    dial-peer voice 1 pots
    permission term
    huntstop
    destination-pattern 9054T
    port 3/1:0
    forward-digits 11
    prefix ,

    I termnte calls with GSM channel bank.

    controller E1 3/0
    ds0-group 0 timeslots 1-15,17-28 type r2-digital

    controller E1 3/1
    ds0-group 1 timeslots 1-15,17-28 type r2-digital

    till here all thing is normal. I work properly. But now I want to work with the following scenario:
    I will define two radius with
    aaa group server radius rad1
    server xxxx
    aaa group server radius rad2
    server yyyy

    I want to use rad1 for controller e1 3/0 and rad2 for controller e1 3/1.
    Two different types of call come with prefix 3547#number(to e1 3/0) and 9878#number (to e1 3/1).

    But I dont know how can I define rad1 to e1 3/0 and rad2 to e1 3/1.
    I think that I must define rad1 and rad2 to dial-peers separately. But how?
    can you help me,pls?

    #27657 Reply
    Andrew Zhilenko
    Guest

    You need two separate incoming voip dialpeers (separate them by incoming called-number), with the different applications on them. These applications must use different auth. methods – either modify the Cisco application, or search google for “advanced remote authenticate”

Viewing 2 posts - 1 through 2 (of 2 total)
Reply To: radius + e1 extra
Your information:




<a href="" title="" rel="" target=""> <blockquote cite=""> <code> <pre class=""> <em> <strong> <del datetime="" cite=""> <ins datetime="" cite=""> <ul> <ol start=""> <li> <img src="" border="" alt="" height="" width="">