[c-nsp] Fw: LNS Error %VPDN-3-NORESOURCE:

ar ar_djp at yahoo.com
Sat Jun 16 11:19:01 EDT 2012 

Update:

I tested by removing the VRF feature in the Radius account.
So it will establish an L2TP session in the global space and not a member of a VRF.
It works!!!

My assumptions now are:
- Its either my IOS dont support L2TP session to be a member of a VRF.
- Or; I missed something in the config.

Since I have a working setup, there's no really fancy config when I want my l2tp sessions to be a member of the client's own vrf.

My understanding is;

I just need to configure the VRFs (RD,RT) and loopback interface per VRF on the LNS.
Configure  vpdn-group and virtual template interface commands on the LNS.
Then tell radius to use that VRF for that specific account.


Did I missed anything?







________________________________
 From: ar <ar_djp at yahoo.com>
To: cisco-nsp <cisco-nsp at puck.nether.net> 
Sent: Saturday, June 16, 2012 10:53 PM
Subject: [c-nsp] Fw:  LNS Error %VPDN-3-NORESOURCE:
 




Attached is the complete debug output.

Below is the config.
There's one vrf configured.
And I am attaching the l2tp client to this vrf.

Since global l2tp (no vrf) was able to authenticate, can this be a possible IOS issue?

vpdn-group 1
 description 
 accept-dialin
  protocol l2tp
  virtual-template 1
 terminate-from hostname XXX
 source-ip x.x.x.x
 local name LNS1
 lcp renegotiation on-mismatch
 l2tp tunnel password 7 02081B3C22517C54
 l2tp tunnel timeout no-session 600
 ip tos
reflect


interface Virtual-Template1
 mtu 1462
 ip unnumbered Loopback0
 ip tcp adjust-mss 1422
 no peer default ip address
 keepalive 60
 ppp authentication chap NEW

end



aaa group server radius RADIUS1
 server-private x.x.x.xauth-port 1812 acct-port 1813 key 7 123456781C

aaa authentication ppp NEW group RADIUS1


!
interface Loopback101
 ip vrf forwarding VRF-C
 ip address 10.16.1.101 255.255.255.255

ip vrf VRF-C
 rd 100:109
 route-target export 100:109
 route-target import 100:109







________________________________
From: Oliver Boehmer (oboehmer) <oboehmer at cisco.com>
To: ar <ar_djp at yahoo.com>; cisco-nsp <cisco-nsp at puck.nether.net> 
Cc: Tim Warnock <timoid at timoid.org> 
Sent: Saturday, June 16, 2012 2:35 PM
Subject: RE: [c-nsp] LNS Error %VPDN-3-NORESOURCE:

Can you please share the full set of debugs I asked earlier as well as
full config (unicast, if you prefer)..

tx!
    oli
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list