[c-nsp] Injecting Routes Remotely
Stephen J. Wilcox
steve at telecomplete.co.uk
Sat Feb 26 20:25:06 EST 2005
On Sat, 26 Feb 2005, Matthew Crocker wrote:
> > Go back and reread the thread, in the very first message the op tells us
> > that the RAS supports no routing protocols.
>
> If the RAS doesn't support any dynamic routing protocol then it can't be done
> with a routing protocol (OSPF would have been ideal).
>
> One way to do it is with NAT. Customer connects to RAS and gets an IP
> assigned by the RAS, no routing protocols needed. RAS sends RADIUS accounting
> packet out with customer ID and IP address allocated. RADIUS server
> configures 1:1 NAT on router for customers real IP (static, roaming) and their
> current RAS assigned IP. www.freeradius.org can launch an external app to
> process 'interesting' packets. The easiest way would be to put a Linux box
> inline with the packet stream from the RAS to the router. If you didn't want
> the linux box to be Inline for non NATted traffic you could but it next to the
> router and configure some source based routing rules to forward 'interesting'
> traffic through the NAT box.
if you put the linux box inline why bother with nat, you can just perform the
static routing towards the nas thats required.. i posted a workable solution
before that was basically that.
Steve
More information about the cisco-nsp
mailing list