[j-nsp] Disabling client-to-client communication in E320 LNS
Chris Kawchuk
juniperdude at gmail.com
Tue Feb 2 17:57:54 EST 2010
Unfortunately E320's use "JunOSe" (aka the Unisphere OS); so you cant use nice JunOS policy language =)
Probably a knob somewhere in the l2tp/pppoe configuration (the template config) to enable this; much like check-rpf, etc..
Worst comes to worse, apply an ACL in the pppoe/l2tp customer template, disallowing destinations in your subscriber-block-dynamic-range-pool-whathaveyou. Just becomes a configuration management problem whenever your IP blocks change from your AAA/RADIUS/DHCP for subscriber routes.
- Chris.
On 2010-02-02, at 11:03 AM, Truman Boyes wrote:
> How about a policy that is applied to all l2tp terminated subscribers that restricts communication between the subscribers?
>
> On 2/02/2010, at 4:11 PM, Faizal Rachman wrote:
>
>> Hi All,
>> Anybody know how to disable client-to-client communication in E320 which act
>> as LNS ?
>>
>> Thanks,
>> FaizalR
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list