06-12-2007 06:40 AM
My schema likes that
PC(PPPoE)---Modem---DSLAM(ATM)----LAC(7206)--------------LNS
Any suggestion to configure these devices (LAC, LNS and Radius) that satisfy these conditions followings:
- LAC terminates PPPoE session from user1 and distributes it an IP based on the informations from RADIUS
- LAC terminates PPPoE session from user2 and establishes a tunnel L2TP with a LNS whom IP is given by RADIUS (every group user has a LSN different)
-
I haved succeed to configure LAC that terminates PPPoE or establishes a tunnel L2TP with only one LNS (using initiate-to ip) but not both, not many LNS.
I want to combine 2 functions on LAC and LAC can communicate with many LNS, it?s possible or not?
Thanks so much for any suggestion
06-15-2007 02:47 AM
Yes it is possible. You can do it based on different domain names used by the clients i.e. one domain (@domain1.net) is terminated on LAC and the other domain (@domain2.net) is forwarded to LNS.
Let's take a look to the link below.
http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guide09186a0080087465.html
Hope it helps, rate if does,
Krisztian
06-15-2007 04:04 AM
Thanks so much for your answer but i have found the solution by configuring RADIUS and vpdn to terminates PPPOE on LAC.
Now, i have another question on PPPOE
PC(PPPOE)-Modem-DSLAM(ATM)-LAC(7200)
All interface MTU on LAC (interface Virtual-Template) is 1460.
I can't ping any IP on LAC from PC with MTU greater 172 ????
ping -l 172 x.x.x.x
what's the problem ?
Please help me
06-15-2007 04:44 AM
Answering your the first question:
You have to have one vpdn group configured for terminating pppoe and another for initiate lt2tp.
aaa authentication ppp dsl_auth group radius
aaa authorization network dsl_auth group radius
aaa accounting delay-start
aaa accounting update periodic 60
aaa accounting network dsl_acc start-stop group radius
aaa accounting resource dsl_acc start-stop group radius
!
vpdn enable
vpdn multihop
vpdn search-order domain
!
vpdn-group 1
request-dialin
protocol l2tp
domain domain.com
initiate-to ip
local name testgw
!
vpdn-group 2
description Local ADSL testing
accept-dialin
protocol pppoe
virtual-template 1
!
!
interface Virtual-Template1
description Local PPPOE termination
mtu 1492
ip unnumbered FastEthernet0/1.10
ppp authentication chap pap dsl_auth
ppp authorization dsl_auth
ppp accounting dsl_acc
!
I use for instance freeradius based on mysql db and it works well.
For the MTU related question.
As far as I know the most typical minimum MTU is 576 bytes.
If the packet size exceed the minimum MTU of the path it is being fragmented, however if the DF bit set in the header the packet will be dropped. In case of 172 bytes ping shouldn't be a problem. Try do make some icmp debug to see the LAC get the ismp at all.
Anyway on the LAC it is enough to set the MTU to 1492 (pppoe header 8 bytes) and on the LNS you have to use 1452 because of the l2tp overhead (new IP packet+UDP+l2tp=40 bytes).
Hope it helps, rate if does
Krisztian
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide