[cisco-bba] Choosing LNS On A Per-Domain Basis

Tom Storey tom at snnap.net
Wed Apr 2 18:55:29 EDT 2014


You can also pass these forwarding details along via AV pairs from RADIUS.

Though if youve only got two domains and a couple of LNS it might be
easier to configure it statically on the LNS.

On 2 October 2013 02:05, Dominic <dominic at broadconnect.ca> wrote:
> Thanks, Vaibhav. This certainly helps. Will give it a shot.
>
>
>
>
>
> Dominic
>
> From: Vaibhav Bagaria [mailto:vaibhav.bagaria at bendigotelco.com.au]
> Sent: Tuesday, October 01, 2013 7:29 PM
> To: 'Dominic'; cisco-bba at puck.nether.net
> Subject: RE: [cisco-bba] Choosing LNS On A Per-Domain Basis
>
>
>
> Hi Dominic,
>
>
>
> We achieved this in the past using two different technologies. One was VPDN
> multihop and using RADIUS to forward the sessions to the desired LNS. The
> other was to setup our own LAC device which received the L2TP tunnel from
> upstream provider and then initiate a tunnel each to the two LNS devices
> based on domain name.
>
>
>
> Example config:
>
>
>
> vpdn multihop
>
>
>
> vpdn-group incomingtunnel
>
> accept-dialin
>
>   protocol l2tp
>
>   virtual-template 1
>
> terminate-from hostname providerlac
>
> local name mylac
>
> lcp renegotiation on-mismatch
>
>
>
> vpdn-group mylns1
>
> request-dialin
>
>   protocol l2tp
>
>   domain domain1.com
>
> initiate-to ip 1.1.1.1
>
> l2tp tunnel password mypassword
>
>
>
> Hope that helps.
>
>
>
> Regards,
>
> Vaibhav
>
>
>
> From: cisco-bba [mailto:cisco-bba-bounces at puck.nether.net] On Behalf Of
> Dominic
> Sent: Tuesday, 1 October 2013 7:48 AM
> To: cisco-bba at puck.nether.net
> Subject: [cisco-bba] Choosing LNS On A Per-Domain Basis
>
>
>
> We are using the Cisco ASR 1004 for LNS. For business reasons, we have tw
> sets of  PPPOE users authenticating against the LNS -the only difference
> being the @ domain part. So for example:
>
> (a.) user at domain1.com
>
> (b.) user at domain2.com
>
> Irrespective of their domain, all users come in via the same LACs, and via
> the same L2TP tunnels. We do not own the LACS, and are not able to make or
> request any changes on the LAC-side.
>
>
>
> Here is what  we are trying to do: we would like to choose the terminating
> LNS based on the domain name.  So all users  @ domain1, for example, should
> authenticate to LNS1, while all users @ domain2 should authenticate to LNS2.
> As I said, we do not manage the LACs. Also, the ip address of my LNS(es) are
> statically defined in the LACs, and not negotiated dynamically at
> authentication time.
>
> So is there anyway to choose the LNS according to the domain presented in
> the username?  Is there some way to force users at domain1 to LNS #1, and
> users at domain2 to LNS #2? If so, can anyone share some pointers as to we
> accomplish it?
>
>
>
> Thanks in advance.
>
> Dominic
>
>
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba


More information about the cisco-bba mailing list