[j-nsp] Disabling client-to-client communication in E320 LNS

Chris Kawchuk juniperdude at gmail.com
Tue Feb 2 17:57:54 EST 2010


Unfortunately E320's use "JunOSe" (aka the Unisphere OS); so you cant use nice JunOS policy language =)

Probably a knob somewhere in the l2tp/pppoe configuration (the template config) to enable this; much like check-rpf, etc..

Worst comes to worse, apply an ACL in the pppoe/l2tp customer template, disallowing destinations in your subscriber-block-dynamic-range-pool-whathaveyou. Just becomes a configuration management problem whenever your IP blocks change from your AAA/RADIUS/DHCP for subscriber routes.

- Chris.

On 2010-02-02, at 11:03 AM, Truman Boyes wrote:

> How about a policy that is applied to all l2tp terminated subscribers that restricts communication between the subscribers?
> 
> On 2/02/2010, at 4:11 PM, Faizal Rachman wrote:
> 
>> Hi All,
>> Anybody know how to disable client-to-client communication in E320 which act
>> as LNS ?
>> 
>> Thanks,
>> FaizalR
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>> 
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp



More information about the juniper-nsp mailing list