Mailing List Archive: A separate Virtual-Template for a PPPoE user

A separate Virtual-Template for a PPPoE user

Dec 29, 2007, 3:10 PM

Post #1 of 4 (4319 views)

Hi,

I am using Cisco 7200 running IOS: c7200-jk9s-mz.123-21. I am
authenticating and assigning IP addresses to PPPoE users via RADIUS
using "aaa" configurations and a virtual template that handles the
pppoe protocol. However, one customer (say customer A) is being
treated specially and he is being authenticated locally and gets his
ip address via a locally configured pool. Now the problem is that we
want to give IP addresses to other PPPoE customers via locally
configured pools. How can I ensure that the customer A gets the same
IP address every time after being authenticated locally (this is a
restriction that the customer A has to be authenticated lcoally).

Since the customer, in my case, is on a dedicated ATM subinterface,
can I direct this customer to use a dedicated virtual-template where I
mention his dedicated local pool?

Is it possible that the user gets authenticated locally but gets his
IP address from RADIUS?

Any other solution?

Regards,

Junaid
_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba

Re: A separate Virtual-Template for a PPPoE user [ In reply to ]

achatz at forthnet

Dec 29, 2007, 3:44 PM

Post #2 of 4 (4136 views)

Permalink

You can use "aaa authen ppp local group radius" so the local database is searched first.

You can also use different bba-groups (each one uses its own vtemplate) and configure the new one as
a pppoe group under the customer's interface.

--
Tassos

Junaid wrote on 30/12/2007 1:10 ðì:
> Hi,
>
> I am using Cisco 7200 running IOS: c7200-jk9s-mz.123-21. I am
> authenticating and assigning IP addresses to PPPoE users via RADIUS
> using "aaa" configurations and a virtual template that handles the
> pppoe protocol. However, one customer (say customer A) is being
> treated specially and he is being authenticated locally and gets his
> ip address via a locally configured pool. Now the problem is that we
> want to give IP addresses to other PPPoE customers via locally
> configured pools. How can I ensure that the customer A gets the same
> IP address every time after being authenticated locally (this is a
> restriction that the customer A has to be authenticated lcoally).
>
> Since the customer, in my case, is on a dedicated ATM subinterface,
> can I direct this customer to use a dedicated virtual-template where I
> mention his dedicated local pool?
>
> Is it possible that the user gets authenticated locally but gets his
> IP address from RADIUS?
>
> Any other solution?
>
>
>
> Regards,
>
> Junaid
> _______________________________________________
> cisco-bba mailing list
> cisco-bba@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
>
_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba

Re: A separate Virtual-Template for a PPPoE user [ In reply to ]

junaid.x86 at gmail

Dec 29, 2007, 4:23 PM

Post #3 of 4 (4139 views)

Permalink

Yes, I am currently doing local authentication first. However, can I
use vpdn-group and bba-group simultaneously or do I have to migrate
from vpdn to bba altogether. Using vpdn configuration, I am unable to
find a way to use a specific virtual template for a particular port.

--

Regards,
Junaid

On Dec 30, 2007 4:44 AM, Tassos Chatzithomaoglou <achatz@forthnet.gr> wrote:
> You can use "aaa authen ppp local group radius" so the local database is searched first.
>
> You can also use different bba-groups (each one uses its own vtemplate) and configure the new one as
> a pppoe group under the customer's interface.
>
> --
> Tassos
>
>
> Junaid wrote on 30/12/2007 1:10 ðì:
>
> > Hi,
> >
> > I am using Cisco 7200 running IOS: c7200-jk9s-mz.123-21. I am
> > authenticating and assigning IP addresses to PPPoE users via RADIUS
> > using "aaa" configurations and a virtual template that handles the
> > pppoe protocol. However, one customer (say customer A) is being
> > treated specially and he is being authenticated locally and gets his
> > ip address via a locally configured pool. Now the problem is that we
> > want to give IP addresses to other PPPoE customers via locally
> > configured pools. How can I ensure that the customer A gets the same
> > IP address every time after being authenticated locally (this is a
> > restriction that the customer A has to be authenticated lcoally).
> >
> > Since the customer, in my case, is on a dedicated ATM subinterface,
> > can I direct this customer to use a dedicated virtual-template where I
> > mention his dedicated local pool?
> >
> > Is it possible that the user gets authenticated locally but gets his
> > IP address from RADIUS?
> >
> > Any other solution?
> >
> >
> >
> > Regards,
> >
> > Junaid
> > _______________________________________________
> > cisco-bba mailing list
> > cisco-bba@puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-bba
> >
>
_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba

Re: A separate Virtual-Template for a PPPoE user [ In reply to ]

achatz at forthnet

Dec 30, 2007, 1:37 AM

Post #4 of 4 (4145 views)

Permalink

You have to use bba only, which is more flexible for PPPoE, imho.

--
Tassos

Junaid wrote on 30/12/2007 2:23 ðì:
> Yes, I am currently doing local authentication first. However, can I
> use vpdn-group and bba-group simultaneously or do I have to migrate
> from vpdn to bba altogether. Using vpdn configuration, I am unable to
> find a way to use a specific virtual template for a particular port.
>
>
_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba