[cisco-bba] Sample LNS and Client Router configuration
Neilrey Espino
Neilrey.Espino at FundSERV.com
Thu Jan 19 10:11:20 EST 2006
Hi Kristofer,
I got some follow-up questions on the sample config.
1. How Many vpdn group should I create ? Telco gave me 12 vlans looks
like I have 12 tunnel connection to our telco, would this mean I should
configure 12 vpdn's ?
2. The <Telco-LAC-hostname> should this be a hostname or can also be an
IP ?
Thanks in advance.
neilrey
-----Original Message-----
From: Kristofer Sigurdsson [mailto:kristo at ipf.is]
Sent: Thursday, January 19, 2006 4:39 AM
To: Neilrey Espino
Cc: cisco-bba at puck.nether.net
Subject: Re: [cisco-bba] Sample LNS and Client Router configuration
Hi,
On the LNS, you need to create a VPDN group to terminate
the connection:
vpdn-group Telco-DSL-LNS
accept-dialin
protocol l2tp
virtual-template 1
terminate-from hostname <Telco-LAC-hostname>
local name Telco-DSL-LNS-hostname
lcp renegotiation always
l2tp tunnel password <tunnel password>
!
As you can see, the VPDN group references a virtual-template, which is a
template for the virtual-access interfaces that will be your customer's
access interfaces. You need to create this virtual template:
interface Virtual-Template1
description Telco DSL
mtu 1492
ip unnumbered Loopback0
no peer default ip address
ppp authentication pap chap ms-chap Telco-DSL-AAA
ppp authorization Telco-DSL-AAA
ppp accounting Telco-DSL-AAA
end
Here, you reference AAA groups, Telco-DSL-AAA, for authentication,
authorization and accounting. This configuration leaves it to the AAA
server (RADIUS/TACACS+) to decide the client's IP address, if you don't
want that, you can remove the "no peer default ip address" and put in a
reference to a local IP pool. Also, this configuration uses the
loopback0's IP address as an IP for for the virtual access interfaces
facing the customers.
You need to create the AAA groups:
aaa authentication ppp Telco-DSL-AAA group Telco-RADIUS
aaa authorization network Telco-DSL-AAA group Telco-RADIUS
aaa accounting network Telco-DSL-AAA start-stop group Telco-RADIUS
The AAA groups all reference the same RADIUS group, Telco-RADIUS:
aaa group server radius Telco-RADIUS
server-private <radius IP 1> auth-port 1812 acct-port 1813 key <key>
server-private <radius IP 2> auth-port 1812 acct-port 1813 key <key>
ip radius source-interface Loopback0
!
That's about it for the LNS. Regarding the client, these might help you
out:
http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_
chapter09186a00804fd93f.html
On Wed, 2006-01-18 at 18:04 -0500, Neilrey Espino wrote:
>
>
> Hi Guys,
>
> We have just closed a deal with our telco to use a DSL
> infrastructure and replace our remote offices which uses the
> ISDN.
>
> As a starter, We highly appreaciate if someone could send us a
> sample config for the LNS router and a cisco client router.
>
> We just wanted to get some ideas on how the configuration
> would look like.
>
> Many thanks in advance.
> ________________________________
> Neilrey
>
>
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
More information about the cisco-bba
mailing list