[cisco-bba] vpdn multihop
Eric Laporte
eric.laporte at deckpoint.com
Tue Jul 29 17:24:24 EDT 2003
Hello,
We would like to implement a vpdn multihop switch using radius attributes on a 7204vxr router acting as LNS.
The LNS should in normal condition simply terminate PPPoE clients overt L2TP (this works already) and depending on the user id ( not
domain.. ) we'd like to forward to another LNS using multihop.
is it possible to do that at all?
multihop documentation only mentions domain, hostname and dnis matching.
The following configuration we tried gives us errors that we don't understand:
RADIUS: cisco AVPair "vpdn:tunnel-id=test" not applied for lcp
thanks,
Eric
--- multihop router configuration -------------------------------------------------------------
ip address-pool local
virtual-profile virtual-template 1
multilink virtual-template 7
vpdn enable
vpdn multihop
!
vpdn-group incoming
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
lcp renegotiation on-mismatch
!
vpdn-group out_test
request-dialin
protocol l2tp
!
interface Virtual-Template1
ip unnumbered FastEthernet0/0
peer default ip address pool deckpoint
ppp authentication chap ms-chap
ppp multilink
--- radius log ------------------------------------------------------------------------------
rad_recv: Access-Request packet from host xxx.xxx.xxx.xxx:1645, id=29, length=78
NAS-IP-Address = xxx.xxx.xxx.xxx
NAS-Port = 1
NAS-Port-Type = Virtual
User-Name = "saml2tp"
CHAP-Password = 0x0e8c54282f65e16da39856fd0736e0ebd7
Service-Type = Framed-User
Framed-Protocol = PPP
Sending Access-Accept of id 29 to xxx.xxx.xxx.xxx:1645
Cisco-AVPair += "vpdn:tunnel-id=testsam"
Cisco-AVPair += "vpdn:l2tp-tunnel-password=secret"
Cisco-AVPair += "vpdn:tunnel-type=l2tp"
Cisco-AVPair += "vpdn:vpdn-group=out_test"
Cisco-AVPair += "vpdn:ip-addresses=xxx.xxx.xxx.xxx"
Service-Type := Outbound-User
Framed-Protocol := PPP
--- multihop router log ---------------------------------------------------------------------
Vi1 VPDN: Clone from Vtemplate 1
Vi1 VPDN: Bind interface direction=2
%LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
Vi1 VPDN: Looking for tunnel -- --
Vi1 VPDN: Looking for tunnel -- --
Vi1 VPDN: Continue PPP authentication for saml2tp
RADIUS: ustruct sharecount=2
Radius: radius_port_info() success=1 radius_nas_port=1
RADIUS: Initial Transmit Virtual-Access1 id 29 xxx.xxx.xxx.xxx:1645, Access-Request, len 78
Attribute 4 6 C226A802
Attribute 5 6 00000001
Attribute 61 6 00000005
Attribute 1 9 73616D6C
Attribute 3 19 0E8C5428
Attribute 6 6 00000002
Attribute 7 6 00000001
RADIUS: Received from id 29 xxx.xxx.xxx.xxx:1645, Access-Accept, len 203
Attribute 26 30 0000000901187670
Attribute 26 40 0000000901227670
Attribute 26 29 0000000901177670
Attribute 26 32 00000009011A7670
Attribute 26 40 0000000901227670
Attribute 6 6 00000005
Attribute 7 6 00000001
RADIUS: cisco AVPair "vpdn:tunnel-id=test" not applied for lcp
RADIUS: cisco AVPair "vpdn:l2tp-tunnel-password=secret" not applied for lcp
RADIUS: cisco AVPair "vpdn:tunnel-type=l2tp" not applied for lcp
RADIUS: cisco AVPair "vpdn:vpdn-group=out_test" not applied for lcp
RADIUS: cisco AVPair "vpdn:ip-addresses=xxx.xxx.xxx.xxx" not applied for lcp
Vi1 AAA/AUTHOR/LCP: Denied
Vi1 VPDN: Cleanup
Vi1 VPDN: Reset
Vi1 VPDN: Reset
Vi1 VPDN: Unbind interface
Vi1 VPDN: Unbind interface
Vi1 VPDN: Reset
Vi1 VPDN: Unbind interface
More information about the cisco-bba
mailing list