Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Cisco Support Community site will be in read only mode on Dec14, 2017 from 12:01am PST to 11:30am for standard maintenance. Sorry for the inconvenience.

New Member

LAC with many LNS for PPPoE user

My schema likes that


Any suggestion to configure these devices (LAC, LNS and Radius) that satisfy these conditions followings:

- LAC terminates PPPoE session from user1 and distributes it an IP based on the informations from RADIUS

- LAC terminates PPPoE session from user2 and establishes a tunnel L2TP with a LNS whom IP is given by RADIUS (every group user has a LSN different)


I haved succeed to configure LAC that terminates PPPoE or establishes a tunnel L2TP with only one LNS (using initiate-to ip) but not both, not many LNS.

I want to combine 2 functions on LAC and LAC can communicate with many LNS, it?s possible or not?

Thanks so much for any suggestion


Re: LAC with many LNS for PPPoE user

Yes it is possible. You can do it based on different domain names used by the clients i.e. one domain ( is terminated on LAC and the other domain ( is forwarded to LNS.

Let's take a look to the link below.

Hope it helps, rate if does,


New Member

Re: LAC with many LNS for PPPoE user

Thanks so much for your answer but i have found the solution by configuring RADIUS and vpdn to terminates PPPOE on LAC.

Now, i have another question on PPPOE


All interface MTU on LAC (interface Virtual-Template) is 1460.

I can't ping any IP on LAC from PC with MTU greater 172 ????

ping -l 172 x.x.x.x

what's the problem ?

Please help me


Re: LAC with many LNS for PPPoE user

Answering your the first question:

You have to have one vpdn group configured for terminating pppoe and another for initiate lt2tp.

aaa authentication ppp dsl_auth group radius

aaa authorization network dsl_auth group radius

aaa accounting delay-start

aaa accounting update periodic 60

aaa accounting network dsl_acc start-stop group radius

aaa accounting resource dsl_acc start-stop group radius


vpdn enable

vpdn multihop

vpdn search-order domain


vpdn-group 1


protocol l2tp


initiate-to ip

local name testgw


vpdn-group 2

description Local ADSL testing


protocol pppoe

virtual-template 1



interface Virtual-Template1

description Local PPPOE termination

mtu 1492

ip unnumbered FastEthernet0/1.10

ppp authentication chap pap dsl_auth

ppp authorization dsl_auth

ppp accounting dsl_acc


I use for instance freeradius based on mysql db and it works well.

For the MTU related question.

As far as I know the most typical minimum MTU is 576 bytes.

If the packet size exceed the minimum MTU of the path it is being fragmented, however if the DF bit set in the header the packet will be dropped. In case of 172 bytes ping shouldn't be a problem. Try do make some icmp debug to see the LAC get the ismp at all.

Anyway on the LAC it is enough to set the MTU to 1492 (pppoe header 8 bytes) and on the LNS you have to use 1452 because of the l2tp overhead (new IP packet+UDP+l2tp=40 bytes).

Hope it helps, rate if does


CreatePlease to create content