Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
574
Views
5
Helpful
8
Replies

MPLS - remote access

ariela
Level 4
Level 4

‎05-15-2007 07:06 AM

Hi folks,

I've to realize a RAS/PE for dialup connections, and use a vrf selection authentication based.

Any advice will be appreciated

Regards

Andrea

Labels:
0 Helpful
8 Replies 8

mohammedmahmoud
Level 11
Level 11

‎05-15-2007 10:40 AM

Hi Andrea,

Are you talking about MPLS VPDN.

BR,

Mohammed Mahmoud.

0 Helpful

ariela
Level 4
Level 4
In response to mohammedmahmoud

‎05-16-2007 03:29 AM

Hi Mohammed,

well, I think yes ...

I've a number of mobile users, that via ISDN (dialup) would be authenticated and added to their VRF ...

Hope this clear enough

Thanks for your support

Andrea

0 Helpful

mohammedmahmoud
Level 11
Level 11
In response to ariela

‎05-16-2007 03:56 AM

Hi,

Well thats nice, i work for an ISP and we are doing this solution, some customers' sites access their VRF using ISDN (VPDN), you'll find here all what you need:

You'll need a LAC (Access server), LNS (PE router) and a RADIUS server (we are using Cisco CAR).

http://www.cisco.com/en/US/tech/tk801/tk703/tsd_technology_support_protocol_home.html

Please do not hesitate for any further questions.

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

ariela
Level 4
Level 4
In response to mohammedmahmoud

‎05-16-2007 04:25 AM

Hi,

thanks for your informations.

Is it possible to implement the RAS and the PE function on the same device (obviously with an external radius server for PPP authentication)?

Thanks

Andrea

0 Helpful

mohammedmahmoud
Level 11
Level 11
In response to ariela

‎05-16-2007 04:34 AM

Hi,

Yes this what exactly what we are doing, our LNS is also acting as a PE, but since we have more and more VPDN customers, we are thinking of separating the LNS (having a PE acting just as an LNS). We are using Cisco CAR as the RADIUS server.

Check the attached topology for general network layout.

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

Preview file
744 KB
0 Helpful

mohammedmahmoud
Level 11
Level 11
In response to mohammedmahmoud

‎05-16-2007 04:54 AM

Hi,

Sorry i guess that i got your question wrong, i think you meant having a single device acting as a LAC and a LNS at the same time, i don't think that this doable as the whole idea is built upon L2TP between both the LAC and the LNS.

The LAC provides authentication and access concentration for remote users. After a remote user is authenticated, that user's communications session is then forwarded to the LNS, which provides access to that user's VRF.

Although most remote access technologies bundle these functions into a single device, L2TP separates them into two physically separate devices LAC and LNS.

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

0 Helpful

ariela
Level 4
Level 4
In response to mohammedmahmoud

‎05-16-2007 05:48 AM

Yes, but I've to implement that on the same device.

maybe this is a good point of view, is it?

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080087c8b.html

Any advice will be appreciated

Regards

Andrea

0 Helpful

mohammedmahmoud
Level 11
Level 11
In response to ariela

‎05-17-2007 10:25 AM

Hi Andrea,

I didn't see this before, please keep me updated if it worked out.

Good Luck :)

BR,

Mohammed Mahmoud.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents