vpdn l2tp realm parsing

ilkadmin-cco · ‎09-12-2008

i have realms like user@aaa

and user%b1@ccc and user%b2@ccc .

i would like the LNS to find the first

% or @ from left to right,

not the default from right to left, but cann't find out how to konfigure it.

(the LNS asks the radius server to know where to forward the l2tp session for that realm).

mchin345 · ‎09-18-2008

After receiving username and password during PPP LCP negotiations, the PDSN forwards authentication information to the local AAA server via an access request message. This, in turn, may be proxied to the AAA server in the user's home domain, via broker AAA servers, if necessary. On successful authentication, the user is authorized services based on user's service profile. If the user is configured for VPDN based access services, User Class information, along with other authorization parameters including tunneling options and tunneling parameters, are returned to the PDSN via an access accept message from the home AAA. The following types of VPDN services are supported at the PDSN

Please try Configuring the user.

Service-Type=Framed-User

to the user profile on the radius server.

With authen-before-forward, the access-server will

1) authenticate the user

2) check if this user is allowed to dial in using PPP at all (that's why

we need the Service-Type)

3) after that, evaluate any VPDN AV pairs and set up a VPDN tunnel if

required.

For more information refer the document to click this URL

http://www.cisco.com/en/US/docs/ios/12_4/12_4x/12_4_15_xn/pdsn3.5fcs.html#wp1967577