[c-nsp] VRF aware IPsec
Andy Allison
aallison at lycos.co.uk
Thu Dec 23 14:14:26 EST 2004
Folks,
We are trying to authenticate & authorize IPsec clients against a Radius server & place them into a particular VRF
we used the following cisco-av-pair's
ipsec:key-exchange=ike
ipsec:key-exchange=preshared-key
ipsec:addr-pool=vpnpool
This all works ok but we are struggling to find a cisco-av-pair to place the client into a vrf we have tried
ip:vrf-id=vpn1
ipsec:vrf-id=vpn1
We used a crypto isakmp profile on the router to get around this but ideally would like to use a cisco-av-pair.
Appreciate any help,
Andy.
More information about the cisco-nsp
mailing list