[c-nsp] L2TP arriving inside a VRF?
Wink
dwinkworth at wi.rr.com
Sat May 10 17:29:20 EDT 2008
http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ftvpdnmh.html
This seems to be what you are looking for, except it looks like you
already did this.
hmm....
Nathan wrote:
> Hi,
>
> I have PPP over L2TP arriving on a router on a dedicated interface,
> and radius tells the router in which VRF to place the PPP connection;
> so far so good.
>
> I would like to have the network on which the L2TP connections arrive
> placed into a VRF. The IP address that the L2TP sessions are
> established with would be in a VRF. Of course the PPP connections must
> still arrive in the same VRF as before. Radius requests could be made
> using the global table or in the L2TP vrf, it doesn't matter to me.
>
> The reason for this is that the L2TP tunnels are coming from a network
> that should not be accessed by my clients, and by very few of my
> routers, I'd prefer to keep it apart.
>
> On a hunch I tried setting a "vpn vrf XXXX" in the vpdn group, but it
> doesn't seem to be that simple.
>
> Is this easily done / well tested / well supported enough to be used
> in production?
>
> Thanks,
>
More information about the cisco-nsp
mailing list