[cisco-bba] vpdn multihop & aaa
Tassos Chatzithomaoglou
achatz at forthnet.gr
Wed Aug 4 09:15:29 EDT 2004
The network topology is:
LAC <--> LNS1 <--> LNS2
I have configured LNS1 for vpdn multihop, but i have come into the following "problem":
If i use "aaa authorization network default group tacacs+",
then LNS1 asks tacacs about the outgoing vpdn creation, instead of using the following
localy configured vpdn-group, so vpdn forwarding isn't working (tacacs provides the vpdn
info for the LAC also, so i'm getting a vpdn "loop" there).
vpdn-group LNS1-2-LNS2
request-dialin
protocol l2tp
domain test.gr
initiate-to ip x.x.x.x
local name LNS1
If i use "aaa authorization network default local group tacacs+",
then LNS1 uses the local vpdn-group and everything works fine.
Is there a way i can define an aaa authorization method (which will use local aaa)
explicity for this vpdn?
If i don't want to change the "aaa authorization network default group tacacs+", what else
can i do in order to make the outgoing vpdn use the local configured config instead of the
tacacs one? I though this was the default behaviour :-( until i tried it.
More information about the cisco-bba
mailing list