[rbak-nsp] Forward policy via Radius
Golem
golem at mtm-info.pl
Tue May 21 07:26:41 EDT 2013
Hi
Im trying to setup simple forward policy via radius for clips access.
While learning redback stuff I created simple ICMP filter.
context routerek
...
!
policy access-list ICMPDROP
seq 10 permit icmp host 212.77.100.101 class ICMP
!
In global config:
!
forward policy GeneralPolicy
ip access-group ICMPDROP routerek
class ICMP
drop
!
port ethernet 2/1
no shutdown
encapsulation dot1q
dot1q pvc 55 encapsulation multi
bind interface ge1 routerek
forward policy GeneralPolicy in
service clips dhcp source-mac context routerek
!
Radius response is:
Sending Access-Accept of id 93 to 178.219.0.23 port 1812
Service-Type = Outbound-User
Framed-IP-Address = 178.219.2.194
Qos-Policy-Policing = "2M-in"
Qos-Policy-Metering = "2M-out"
Subscriber-Profile-Name = "routed"
Forward-Policy = "ICMPDROP"
DHCP_Max_Leases = 1
Redback deny access and debug aaa shows:
May 21 12:51:57: %AAA-7-RAD_ATTR: rad_parse_vsa: Receive Redback attr 92 (Forward_Policy), tag = 32, status = bad attribute
Where is problem ?
--
Best regards,
Ozga Rafal mailto:golem at mtm-info.pl
More information about the redback-nsp
mailing list