Disabling AC-name and AC-cookie Tags from PPPoE PADS

Similar documents
Flow-Based per Port-Channel Load Balancing

Image Verification. Finding Feature Information. Restrictions for Image Verification

RADIUS Server Load Balancing

Configuring Aggressive Load Balancing

Configuring Auto-MDIX

DHCP Server Port-Based Address Allocation

RADIUS Server Load Balancing

Firewall Authentication Proxy for FTP and Telnet Sessions

BGP Link Bandwidth. Finding Feature Information. Prerequisites for BGP Link Bandwidth

You can specify IPv4 and IPv6 addresses while performing various tasks in this feature. The resource

Configuring Aggressive Load Balancing

Configuring DNS. Finding Feature Information

Call Flows for Simple IP Users

VRRPv3: Object Tracking Integration

NAT TCP SIP ALG Support

Ethernet Overhead Accounting

Transferring Files Using HTTP or HTTPS

Configuring VoIP Call Setup Monitoring

Configuring IKEv2 Load Balancer

Configuring IP SLA - Service Performance Testing

Firewall Stateful Inspection of ICMP

Router Recovery with ROM Monitor

SNMP Version 3. Finding Feature Information. Information About SNMP Version 3. Security Features in SNMP Version 3

Virtual Fragmentation Reassembly

Configuring Secure Socket Layer HTTP

Configuring a Load-Balancing Scheme

HTTP 1.1 Web Server and Client

Digitally Signed Cisco Software

How To Install Cisco Asr 9000 Series Router Software On A Mini Mini Mini (Cisco Ios) Router

Configuring Right-To-Use Licenses

How To Import Ipv4 From Global To Global On Cisco Vrf.Net (Vf) On A Vf-Net (Virtual Private Network) On Ipv2 (Vfs) On An Ipv3 (Vv

Configuring Auto-QoS

Configuring a Load-Balancing Scheme

Controlling Access to a Virtual Terminal Line

Configuring a Load-Balancing Scheme

Firewall Stateful Inspection of ICMP

Encrypted Preshared Key

IPSLA Y1731 On-Demand and Concurrent Operations

Easy Performance Monitor

Using Link Layer Discovery Protocol in Multivendor Networks

Easy Performance Monitor

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

MPLS VPN Route Target Rewrite

Easy Performance Monitor

Configuring SIP Registration Proxy on Cisco UBE

MPLS VPN over mgre. Finding Feature Information. Prerequisites for MPLS VPN over mgre

Table of Contents. Cisco Configuring the PPPoE Client on a Cisco Secure PIX Firewall

BGP Support for Next-Hop Address Tracking

Firewall Support for SIP

Configuring the Device for Access Point Discovery

co Sample Configurations for Cisco 7200 Broadband Aggreg

Configuring Enhanced Object Tracking

Device Interface IP Address Subnet Mask Default Gateway

Lab Load Balancing Across Multiple Paths

Lab Organizing CCENT Objectives by OSI Layer

BRI to PRI Connection Using Data Over Voice

Encrypted Preshared Key

QoS: CBQoS Management Policy-to- Interface Mapping Support Configuration Guide, Cisco IOS XE Release 3S (Cisco ASR 1000)

School of Information Technology and Engineering (SITE) CEG 4395: Computer Network Management. Lab 4: Remote Monitoring (RMON) Operations

Telnet, Console and AUX Port Passwords on Cisco Routers Configuration Example

- Advanced IOS Functions -

QoS: Color-Aware Policer

Configuring TACACS+, RADIUS, and Kerberos on Cisco Catalyst Switches

End of Sale/End of Life Report Tool Usage Notes for CiscoWorks NCM 1.6

Managing and Monitoring Network Management Features

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

Supported Platforms. Supported Standards, MIBs, and RFCs. Prerequisites. Related Features and Technologies. Related Documents. Improved Server Access

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Lab Advanced Telnet Operations

How To Configure Rmon On Cisco Me 2600X On Ios 2.5A (Cisco) With A Network Monitor On A Network Device (Network) On A Pnet (Network Monitor) On An Ip

Release Notes for Cisco C881G-U-K9

Configuring Password Encryption

Cisco Nexus 1000V Virtual Ethernet Module Software Installation Guide, Release 4.0(4)SV1(1)

Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data

Network Security and AAA

Enhanced Password Security - Phase I

Configuring a Leased Line

SonicOS 5.9 / / 6.2 Log Events Reference Guide with Enhanced Logging

About Cisco PIX Firewalls

CISCO IOS NETWORK SECURITY (IINS)

NetFlow Auditor Manual Getting Started

Lab Configuring Syslog and NTP (Instructor Version)

COMMANDS 1 Overview... 1 Default Commands... 2 Creating a Script from a Command Document Revision History... 10

Prestige 310. Cable/xDSL Modem Sharing Router. User's Guide Supplement

Configuring RADIUS Dial Up with Livingston Server Authentication

Management, Logging and Troubleshooting

Connecting to the Firewall Services Module and Managing the Configuration

Interconnecting Cisco Network Devices 1 Course, Class Outline

ITU-T G.8032 Ethernet Ring Protection Switching

Router Security Audit Logs

Lab Configure Intrusion Prevention on the PIX Security Appliance

BGP Link Bandwidth. Finding Feature Information. Contents

NetFlow Aggregation. Feature Overview. Aggregation Cache Schemes

Traffic Mirroring Commands on the Cisco IOS XR Software

Using RADIUS Agent for Transparent User Identification

Getting Started with Configuring Cisco IOS NetFlow and NetFlow Data Export

L2TP Dial-Out Load Balancing and Redundancy

Configuring PROFINET

How To Configure A Cisco Unified Ip Phone On A Cnet Box On A Microsoft Powerbook 2.5 (Powerbook) On A Mini Ip Phone (Mini Ip) On An Ip Phone With A Mini Cell Phone (Microsoft Power

Router Lab Reference Guide

Transcription:

Disabling AC-name and AC-cookie Tags from The AC-name and AC-cookie Tags from PPP over Ethernet (PPPoE) Active Directory Session (PADS) feature prevents a device from sending the access concentrator (AC) information in the PADS packet. Finding Feature Information, page 1 Restrictions for Disabling AC-name and AC-cookie Tags from, page 1 Information About Disabling AC-name and AC-cookie Tags from, page 2 How to Disable AC-name and AC-cookie Tags from, page 2 Configuration Example for Disabling AC-name and AC-cookie Tags from, page 4 Additional References for Disabling AC-name and AC-cookie Tags from, page 4 Feature Information for Disabling AC-name and AC-cookie Tags from, page 5 Finding Feature Information Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required. Restrictions for Disabling AC-name and AC-cookie Tags from The AC-name and AC-cookie Tags from feature is available only on ASR and UNIX platforms. 1

Information About Disabling AC-name and AC-cookie Tags from Disabling AC-name and AC-cookie Tags from The AC-name and AC-cookie Tags from feature is supported only if the PPPoE Server functionality is supported. Information About Disabling AC-name and AC-cookie Tags from In the Broadband Access (BBA) environment, PPPoE Active Discovery Offer (PADO) sent from the Broadband Remote Access Server (BRAS) includes the AC-cookie tags (0x0104) and the AC-name tag (0x0102) along with a service-name tag identical to the one in the PPPoE Active Directory Initiation (PADI) and any number of other service-name tags indicating other services that access concentrator (AC) offers. The AC-name is a string that uniquely identifies the particular AC. The AC-cookie tags are used by the AC to protect the denial-of-service (DoS) attacks. The PPPoE Active Directory Request (PADR) from the Customer Premise Equipment (CPE) host also includes AC-name and AC-cookie tags received in PADO. BRAS repeats the AC information in the PPPoE Active Discovery Session-Confirmation (PADS) packet sent in response to PADR received from client (CPE). When BRAS generates a unique session identifier for the PPPoE session, the AC-name and AC-cookie tags need not be sent in the PADS. This feature prevents sending the AC information in the device. How to Disable AC-name and AC-cookie Tags from Disabling AC-name and AC-cookie Tags from SUMMARY STEPS 1. enable 2. configure terminal 3. pppoe pads disable-ac-info 4. end DETAILED STEPS Step 1 Command or Action enable Device> enable Purpose Enables privileged EXEC mode. Enter your password if prompted. 2

Disabling AC-name and AC-cookie Tags from Verifying Disabling AC-name and AC-cookie Tags from Step 2 Command or Action configure terminal Purpose Enters global configuration mode. Step 3 Step 4 Device# configure terminal pppoe pads disable-ac-info Device(config)# pppoe pads disable-ac-info end Device(config)# end Defines a PPP over Ethernet (PPPoE) profile, and prevents the device from sending the AC-name and AC-cookie tags in the PADS packet. Exits global configuration mode and returns to privileged EXEC mode. Verifying Disabling AC-name and AC-cookie Tags from You can verify the Disabling AC-name and AC-cookie Tags from feature by enabling the debug pppoe tag command. Device> enable Device# debug pppoe tag *Sep 6 07:46:25.352: PPPoE 0: I PADI R:aabb.cc00.6401 L:ffff.ffff.ffff Et1/0 *Sep 6 07:46:25.352: Service tag: NULL Tag *Sep 6 07:46:25.352: PPPoE 0: O PADO, R:aabb.cc00.6501 L:aabb.cc00.6401 Et1/0 *Sep 6 07:46:25.352: Service tag: NULL Tag *Sep 6 07:46:25.353: PPPoE 0: I PADR R:aabb.cc00.6401 L:aabb.cc00.6501 Et1/0 *Sep 6 07:46:25.353: Service tag: NULL Tag *Sep 6 07:46:25.353: PPPoE : encap string prepared *Sep 6 07:46:25.353: [2]PPPoE 2: Access IE handle allocated *Sep 6 07:46:25.353: [2]PPPoE 2: AAA get retrieved attrs *Sep 6 07:46:25.353: [2]PPPoE 2: AAA get nas port details *Sep 6 07:46:25.353: [2]PPPoE 2: AAA get dynamic attrs *Sep 6 07:46:25.353: [2]PPPoE 2: AAA unique ID D allocated *Sep 6 07:46:25.353: [2]PPPoE 2: No AAA accounting method list *Sep 6 07:46:25.353: [2]PPPoE 2: Service request sent to SSS *Sep 6 07:46:25.354: [2]PPPoE 2: Created, Service: None R:aabb.cc00.6501 L:aabb.cc00.6401 Et1/0 *Sep 6 07:46:25.354: [2]PPPoE 2: State NAS_PORT_POLICY_INQUIRY Event SSS MORE KEYS *Sep 6 07:46:25.354: [2]PPPoE 2: data path set to PPP *Sep 6 07:46:25.354: [2]PPPoE 2: Segment (SSS class): PROVISION *Sep 6 07:46:25.354: [2]PPPoE 2: State PROVISION_PPP Event SSM PROVISIONED *Sep 6 07:46:25.354: [2]PPPoE 2: Disable AC info from PADS *Sep 6 07:46:25.354: [2]PPPoE 2: O PADS R:aabb.cc00.6401 L:aabb.cc00.6501 Et1/0 3

Configuration Example for Disabling AC-name and AC-cookie Tags from Disabling AC-name and AC-cookie Tags from Configuration Example for Disabling AC-name and AC-cookie Tags from Disabling AC-name and AC-cookie Tags from Device> enable Device# configure terminal Device(config)# pppoe pads disable-ac-info Device(config)# end Additional References for Disabling AC-name and AC-cookie Tags from Related Documents Related Topic Cisco IOS commands Document Title Cisco IOS Master Command List, All Releases Technical Assistance Description The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. Link http://www.cisco.com/support 4

Disabling AC-name and AC-cookie Tags from Feature Information for Disabling AC-name and AC-cookie Tags from Feature Information for Disabling AC-name and AC-cookie Tags from The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required. Table 1: Feature Information for Disabling AC-name and AC-cookie Tags from Feature Name AC-name and AC-cookie knob for Releases Cisco IOS XE Release 3.12S Feature Information This feature prevents a device from sending access concentrator information in the PADS packet. The following commands were introduced or modified: pppoe pads disable-ac-info. 5

Feature Information for Disabling AC-name and AC-cookie Tags from Disabling AC-name and AC-cookie Tags from 6

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information