Cisco Support Community
Community Member

generic L2TP multi-hop & LNS configuration

Hello- is it possible to specify the pre-authorization per vpdn group, i.e. to have a variable pre-auth behaviour based on incoming tunnel? Currently the AAA based pre-auth configuration seems to be common and default for the whole router (aaa authorization network default ...).

Actually, it would be even better if per-auth could be disabled per VPDN group.

In a generic context, this allows to always send tunnel attributes from a RADIUS server (based on domain name), even if the session is to be terminated locally on the same router (as an LNS). As a matter of fact, the tunnel switch tunnels would have to tunnel the second hop internally in the same router to be terminated into a vpdn-group.

I have been looking at the SSS documentation, but I didn't see a suitable solution.

Any suggestions? Thx.

CreatePlease to create content