02-03-2006 02:54 AM
Hi,
Can't find the LNS config directives those will lead to get complete(!) vpdn profile from radius.
The configuration is:
LAC-LNS/PE-LNS/CE
LNS/PE - provider edge lns that we want to configure using radius profile for vrf-aware multihop vpdn so that incoming tunnel is switched out to LNS/CE living inside one of the vrfs configured on LNS/PE.
The "vpdn tunnel authorization " command lets me get RADIUS profile for ingress session coming from LAC, but in order to switch the tunnel further to LNS/CE i have to config vpdn-group on LNS/PE. Is it possible to make a RADIUS profile that LNS/PE will use for both ingress and egress tunnels?
02-08-2006 07:50 AM
The steps to configure
enable
configure terminal
ip vrf vrf-name
rd route-distinguisher
exit
interface interface-name
ip vrf forwarding vrf-name
ip address ip-address mask [secondary]
exit
aaa group server tacacs+ group-name
server-private {ip-address | name} [nat] [single-connection] [port port-number] [timeout seconds] [key [0 | 7] string]
ip vrf forwarding vrf-name
ip tacacs source-interface subinterface-name
exit
02-08-2006 09:54 PM
i'm telling about getting profile for L2TP vpdn connections, those come from LAC and then are switched to another LNS.
There is no need to speak to customer's AAA server inside his vrf.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: