[cisco-bba] Cisco as LAC

Tony td_miles at yahoo.com
Thu Dec 4 16:53:00 EST 2014 

Hi James,
There is an example here:http://www.cisco.com/c/en/us/support/docs/security-vpn/remote-authentication-dial-user-service-radius/4675-vpdn-rad.html

which shows the LAC, LNS & RADIUS configs required. In this example they have two local (terminated on LAC) users and one that is handed off to another LNS.
Hopefully you should be able to extrapolate it to what you need.

regards,Tony.
      From: James Bensley <jwbensley at gmail.com>
 To: cisco-bba at puck.nether.net 
 Sent: Friday, 5 December 2014, 3:12
 Subject: [cisco-bba] Cisco as LAC
   
Hi All,

I posted this to the Cisco NSP list but I should try here too!

We take wholesale ADSL from multiple provides but also are an LLU
provider with on-net ADSL.

I'm trying to configure up an LAC in our lab but not getting anywhere...

I have seen an old post here where a guy wants to set up an LAC but
its pretty strait forward, just forwarding tunnels on to an LNS:
http://www.gossamer-threads.com/lists/cisco/bba/82134

I am trying in the lab to create a LAC config that will query our
RADIUS for PPP authentication because the RADIUS will return different
tunnel end points based on the user authenticating in.

With the RADIUS responses to our wholesale providers
user at customer1.net will prefer LNS1 and user at customer2.net will prefer
LNS2. I wish to re-create this internally. All config examples and
guides I can find on the internet are for creating static VPDN groups
that initiate a tunnel to 1.2.3.4 for uses that mactch domain
customer1.net. I would have to create a VPDN group for every domain.

Does Cisco IOS not support more typical wholesale LAC features
operting on the output of RADIUS and also supporting the concept of
query RADIUS IP 1.1.1.1 for all @domain1.net user and query RADIUS
2.2.2.2 for all @domain2.net user queries?

I am labbing this with 7200 series routers running
c7200-advipservicesk9-mz.152-4.M7.bin. We also have ASRs but I was
hoping to stick to these very well known platforms first then try the
ASRs.

Cheers,
James.
_______________________________________________
cisco-bba mailing list
cisco-bba at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba


   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-bba/attachments/20141204/be8c194c/attachment.html>

More information about the cisco-bba mailing list