[cisco-bba] Per-User Multihop VPDN

Arie Vayner ariev at vayner.net
Tue Feb 15 08:25:42 EST 2011


You also need the following command on the LNS:

*authen-before-forward *

http://www.cisco.com/en/US/docs/ios/vpdn/command/reference/vpd_a1.html#wp1047138

Arie

On Tue, Feb 15, 2011 at 12:30 PM, Paul Sherratt <lists at paul.sh> wrote:

> When a request comes in to RADIUS from the initial LNS, you just need
> to chuck back a set VPDN tunnel attributes and the multihop should
> 'just work'.
>
> There are two options,
> - RADIUS Attribute 66:
> http://www.cisco.com/en/US/docs/ios/12_1t/12_1t5/feature/guide/dtdt4.html
> -
> http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ftvpdnmh.html#wp1044693
>
> We primarily use the first, but if you need to multihop into a
> VRF-aware VPDN group, you'll need the latter.
>
> -pts
>
>
> On 15 February 2011 09:56, Matthew Melbourne <matt at melbourne.org.uk>
> wrote:
> > Hi,
> >
> > I have a scenario where I would like to forward particular user
> > sessions from one LNS to another (which is VRF-aware), ideally under
> > the control of the RADIUS server used by the initial LNS. Is it
> > possible to specify RADIUS attributes which will forward a user's
> > session to another LNS, using Multihop VPDN?
> >
> > Cheers,
> >
> > Matt
> >
> > --
> > Matthew Melbourne
> > _______________________________________________
> > cisco-bba mailing list
> > cisco-bba at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-bba
> >
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-bba/attachments/20110215/ab8464b7/attachment.html>


More information about the cisco-bba mailing list