[c-nsp] "Forward" vpdn sessions based on realm?

Mat Walker matw at iseek.com.au
Thu Nov 15 03:50:46 EST 2012 

This is definitely possible, and we do this on a large number of platforms.

An example config would be;

vpdn enable
vpdn multihop
vpdn logging
vpdn logging local
vpdn logging user
vpdn logging tunnel-drop
no vpdn history failure cause normal
vpdn history failure table-size 50
vpdn search-order domain

vpdn-group TESTGROUP
 description Test Group for VPDN Multihop
 request-dialin
  protocol l2tp
  domain xyz.com
 initiate-to ip x.x.x.x
 source-ip y.y.y.y
 local name 7206L2TP
 l2tp tunnel password 7 xxxxxxxxxxxxxxxxxxxxxx
 l2tp tunnel timeout no-session never


This setup uses static configuration, however you can do the same thing via radius, and allows you to scale to many termination points and dynamically change the destinations. We use both, let me know if you want a sample radius setup. 

We have dial platforms that use "vpdn search-order dnis", but in this setup, the router checks the @domain of the username and then creates an L2TP tunnel to the "initiate-to" IP. 

It is possible to terminate PPP sessions and forward them on via L2TP on the same chassis. 


Mat


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of CiscoNSP_list CiscoNSP_list
Sent: Thursday, 15 November 2012 8:34 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] "Forward" vpdn sessions based on realm?



Hi Guys,

We currently run 7200's as LNS for DSL services (Carrier has multiple LACs and sends session requests for various realms to our LNS's, which we then auth via radius).

Is it possible for one of our 7200's to receive vpdn sessions for a given realm, but then establish an L2TP tunnel to one of our other LNS's and have the session terminate there? (So L2TP tunnel from LAC(Carrier)->LNS(7200), then based on realm, the 7200 creates another L2TP tunnel to one of our other 7200's where the session will be auth'd/terminated) 

Thanks in advance. 		 	   		  
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list