Hi all, I have an IPSec to MPLS solution running on our PE router. Currently IPSec is (Cisco VPN client over the internet) connected with a given VRF based on the group name used. This works, but isn't really ideal for me, it would be much more elegant if forwarding to a particular VRF was based on a user's radius profile. I've done quite a bit of reading on cisco, the only thing I can find is here:
And that's what I'm already running. Is my idea achievable? And if so, is it as simple as setting a VSA on a user's radius profile? Any pointers to documentation or configuration examples would be fantastic! Thanks for the help! Jerome
Hi Stig, thanks for the reponse, I'd prefer to stick with the Radius if possible.
I've added those changes to a test radius account. I'm assuming the Loopback interface referred to is in "MYVRF"?
So, the VPN client connects, but a "show ip route vrf MYVRF" on the IPSec to MPLS router doesn't show a route to the vpn client (I am using reverse-route in the dynamic map). However, "show ip route" shows a route to the VPN client address. This indicates to me it's being installed in the global routing table. Wierd.
With XR 4.2.0 the ASR9000 is releasing a new line of hardware models. This amongst others is the RSP440, the next generation RSP with faster switch fabric along with Typhoon based Linecards, the next generation network processor.
The Cisco EPN system incorporates a network architecture designed to consolidate multiples services on a single Multiprotocol Label Switching (MPLS) transport network. This network is designed primarily based on...
Internet security is important with the increasing attacks that are happening every day. Many internet and browsing security solutions exist, but some are not very easy to use or maybe the question is how can I enable them?