[cisco-bba] Choosing LNS On A Per-Domain Basis
Vaibhav Bagaria
vaibhav.bagaria at bendigotelco.com.au
Tue Oct 1 19:29:10 EDT 2013
Hi Dominic,
We achieved this in the past using two different technologies. One was VPDN multihop and using RADIUS to forward the sessions to the desired LNS. The other was to setup our own LAC device which received the L2TP tunnel from upstream provider and then initiate a tunnel each to the two LNS devices based on domain name.
Example config:
vpdn multihop
vpdn-group incomingtunnel
accept-dialin
protocol l2tp
virtual-template 1
terminate-from hostname providerlac
local name mylac
lcp renegotiation on-mismatch
vpdn-group mylns1
request-dialin
protocol l2tp
domain domain1.com
initiate-to ip 1.1.1.1
l2tp tunnel password mypassword
Hope that helps.
Regards,
Vaibhav
From: cisco-bba [mailto:cisco-bba-bounces at puck.nether.net] On Behalf Of Dominic
Sent: Tuesday, 1 October 2013 7:48 AM
To: cisco-bba at puck.nether.net
Subject: [cisco-bba] Choosing LNS On A Per-Domain Basis
We are using the Cisco ASR 1004 for LNS. For business reasons, we have tw sets of PPPOE users authenticating against the LNS -the only difference being the @ domain part. So for example:
(a.) user at domain1.com<mailto:user at domain1.com>
(b.) user at domain2.com<mailto:user at domain2.com>
Irrespective of their domain, all users come in via the same LACs, and via the same L2TP tunnels. We do not own the LACS, and are not able to make or request any changes on the LAC-side.
Here is what we are trying to do: we would like to choose the terminating LNS based on the domain name. So all users @ domain1, for example, should authenticate to LNS1, while all users @ domain2 should authenticate to LNS2. As I said, we do not manage the LACs. Also, the ip address of my LNS(es) are statically defined in the LACs, and not negotiated dynamically at authentication time.
So is there anyway to choose the LNS according to the domain presented in the username? Is there some way to force users at domain1 to LNS #1, and users at domain2 to LNS #2? If so, can anyone share some pointers as to we accomplish it?
Thanks in advance.
Dominic
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-bba/attachments/20131001/1c9e5c9f/attachment.html>
More information about the cisco-bba
mailing list