[c-nsp] Can Cisco be used for LAC features?
James Bensley
jwbensley at gmail.com
Wed Dec 10 06:49:17 EST 2014
> Hi James,
>
>> Does Cisco IOS not support more typical wholesale LAC features
>> operting on the output of RADIUS and also supporting the concept of
>> query RADIUS IP 1.1.1.1 for all @domain1.net user and query RADIUS
>> 2.2.2.2 for all @domain2.net user queries?
>
>
> I believe this is more easily handled by your RADIUS server proxying
> requests to the desired RADIUS server based on the @realm. Certainly
> FreeRADIUS is a lot more configurable than IOS in this respect.
Yeah having stepped back for a minute I agree, RADIUS proxy is the way
to handle that.
>> I am labbing this with 7200 series routers running
>> c7200-advipservicesk9-mz.152-4.M7.bin. We also have ASRs but I was
>> hoping to stick to these very well known platforms first then try the
>> ASRs.
>
>
> For LAC/LNS applications I'd recommend looking at the S trains instead of
> the M trains. Many of the service provider features/bugfixes are only
> present in these trains. We use c7200-advipservicesk9-mz.151-3.S3.bin with
> good success. 15.2S is probably worth a look now, we standardised on this
> release a couple of years ago and just haven't moved because everything we
> need works for us.
Interesting point, I shall downlaod and test some S images, thanks!
James.
More information about the cisco-nsp
mailing list