[c-nsp] LNS av-pair vrf
Matthew Melbourne
matt at melbourne.org.uk
Fri Nov 11 04:15:32 EST 2011
On 11 November 2011 08:48, <cisco-nsp-request at puck.nether.net> wrote:
>
> Message: 4
> Date: Fri, 11 Nov 2011 10:04:51 +0200
> From: "Ghassan.khalil" <ghassan.khalil at gmail.com>
> To: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net>
> Subject: [c-nsp] LNS av-pair vrf
> Message-ID: <87362FEF-35E8-4030-90E9-FB565D70DA82 at gmail.com>
> Content-Type: text/plain; charset=us-ascii
>
> Dears,
> I have an ASR functioning as a LNS, the LNS is configured as a PE router as well.
> I need to assign certain users to their proper VRF through the AAA server as it should be applied on the virtual-access interface.
> So what is the av-pair syntax required to accomplish this and the configuration required from the ASR also.
You need to pass back some cisco-avpair attributes as part of RADIUS
authorisation:
cisco-avpair = "lcp:interface-config=ip vrf forwarding CUST1"
cisco-avpair = "lcp:interface-config=ip unnumbered loopback101"
The loopback101 interface (in this instance) also needs to be placed
in the CUST1 VRF. A different loopback would be required on the LNS
for each Customer VRF.
Cheers,
Matt
--
Matthew Melbourne
More information about the cisco-nsp
mailing list