Novell is now a part of Micro Focus

RADIUS and Cisco Dialback

Novell Cool Solutions: Feature

Digg This - Slashdot This

Posted: 26 Aug 2003

Jaco Lange and Deenan Arnachellan

[Editor's Note: This excellent article was originally submitted to Cool Solutions without the authors' names, so we published it anonymously. Here it is again, with the proper bylines and contact information.]

Here's how to implement dialback to a user via Cisco 2600:


1. Under Dial access profile, add the following attributes:

Service type Framed
Framed-Protocol PPP
Cisco-AV-Pair lcp:callback-dialstring=
(This config allows the user to put in any number)

2. On the User object -> Remote Access -1

Set Dialback to Dialback Any Number
Enable use dial in port for dial back

3. On the User object -> Dial Access Services

Enable dial access control
Chose the relevant dial access system
Under Configured services choose your dialaccess profile.
Add the following attribute for the user lcp:send-secret=<password> (e.g.. lcp:send-secret=nomoresecrets)


Current configuration: 
version 12.0 
service timestamps debug uptime 
service timestamps log uptime 
no service password-encryption 
hostname Router 
aaa new-model 
aaa authentication login none none 
aaa authentication ppp default group radius local 
aaa authorization network default group radius 
enable secret 5 XXXX. 
ip subnet-zero 
no ip domain-lookup 

isdn switch-type basic-net3 
isdn voice-call-failure 0 
interface Loopback0 
 ip address 
 no ip directed-broadcast 
interface Ethernet0/0 
 ip address 
 no ip directed-broadcast 
 no ip mroute-cache 
 no cdp enable 
interface BRI0/0 
 no ip address 
 no ip directed-broadcast 
 encapsulation ppp 
 dialer rotary-group 1 
 isdn switch-type basic-net3 
!interface Serial0/0 
 no ip address 
 no ip directed-broadcast 
 no ip mroute-cache 
interface Dialer1 
 ip unnumbered Loopback0 
 no ip directed-broadcast 
 encapsulation ppp 
 dialer in-band 
 dialer aaa 
 dialer idle-timeout 60 
 dialer enable-timeout 5 
 dialer hold-queue 20 
 dialer-group 1 
 peer default ip address pool default 
 ppp callback accept 
 ppp authentication chap callin 
ip local pool default 
ip classless 
no ip http server 

dialer-list 1 protocol ip permit 
snmp-server engineID local 0000000902000004C0538600 
snmp-server community public RO 
radius-server host 
auth-port 1645 acct-port 1646 key mbw 
no scheduler allocate

If you have any questions you may contact Jaco at, or Deenan at

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions.

© Copyright Micro Focus or one of its affiliates