Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Cisco>
  3. BBA
L2TP forwarding based on domain
quentin.carpent at vtx-telecom
Feb 27, 2008, 2:29 AM
Post #1 of 3 (3946 views)
Permalink
Hi all,

Let me explain you my problem:

- I have a VPDN group terminating a tunnel coming from several LAC
and I would like to forward then to another VPDN group (multihop)
- The user radius can have two differents form:
- abc/xxxxx@xyz.net
- xxxxxx@domain.net

- I would like to have that:
- radius beginning with "abc" forwarded to a first VPDN
group (domain abc)
- radius ending with "domain.net" forwarded to a second VPDN
group (domain domain.net)

The problem is how I extract the domain part from the user radius. I
have try with:

vpdn domain-delimiter @ suffix
vpdn domain-delimiter / prefix

But. a issue appears with the abc/xxxxx@xyz.net radius because it
contains the @ delimiter and the decision forwarding is false (based on
@ and not /). By the way, I can't do any modifications on the LAC
(wholesale).

Have you any idea?

Thanks by advance.

Quentin Carpent
Re: L2TP forwarding based on domain [ In reply to ]
achatz at forthnet
Feb 27, 2008, 5:24 AM
Post #2 of 3 (3767 views)
Permalink
You have to enable per user vpdn and then do the magic on your radius servers.

Have a look below:
http://www.cisco.com/en/US/tech/tk801/tk703/technologies_configuration_example09186a0080094860.shtml

--
Tassos


Quentin Carpent wrote on 27/2/2008 12:29 ìì:
> Hi all,
>
> Let me explain you my problem:
>
> - I have a VPDN group terminating a tunnel coming from several LAC
> and I would like to forward then to another VPDN group (multihop)
> - The user radius can have two differents form:
> - abc/xxxxx@xyz.net <mailto:abc/xxxxx@xyz.net>
> - xxxxxx@domain.net <mailto:xxxxxx@domain.net>
>
> - I would like to have that:
> - radius beginning with "abc" forwarded to a first VPDN
> group (domain abc)
> - radius ending with "domain.net" forwarded to a second VPDN
> group (domain domain.net)
>
> The problem is how I extract the domain part from the user radius. I
> have try with:
>
> vpdn domain-delimiter @ suffix
> vpdn domain-delimiter / prefix
>
> But. a issue appears with the abc/xxxxx@xyz.net
> <mailto:abc/xxxxx@xyz.net> radius because it contains the @ delimiter
> and the decision forwarding is false (based on @ and not /). By the way,
> I can't do any modifications on the LAC (wholesale).
>
> Have you any idea?
>
> Thanks by advance.
>
> Quentin Carpent
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> cisco-bba mailing list
> cisco-bba@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba
Re: L2TP forwarding based on domain [ In reply to ]
quentin.carpent at vtx-telecom
Feb 27, 2008, 5:46 AM
Post #3 of 3 (3779 views)
Permalink
Ok, thanks.

But, we don't make authentication at this time because we are not managing theses radius servers (wholesale).

Can't we say to IOS to look for the prefix first and for the suffix then (if not prefix found) ?

Thanks

Quentin

-----Message d'origine-----
De : Tassos Chatzithomaoglou [mailto:achatz@forthnet.gr]
Envoyé : mercredi, 27. février 2008 14:24
À : Quentin Carpent
Cc : cisco-bba@puck.nether.net
Objet : Re: [cisco-bba] L2TP forwarding based on domain

You have to enable per user vpdn and then do the magic on your radius servers.

Have a look below:
http://www.cisco.com/en/US/tech/tk801/tk703/technologies_configuration_example09186a0080094860.shtml

--
Tassos


Quentin Carpent wrote on 27/2/2008 12:29 μμ:
> Hi all,
>
> Let me explain you my problem:
>
> - I have a VPDN group terminating a tunnel coming from several LAC
> and I would like to forward then to another VPDN group (multihop)
> - The user radius can have two differents form:
> - abc/xxxxx@xyz.net <mailto:abc/xxxxx@xyz.net>
> - xxxxxx@domain.net <mailto:xxxxxx@domain.net>
>
> - I would like to have that:
> - radius beginning with "abc" forwarded to a first VPDN
> group (domain abc)
> - radius ending with "domain.net" forwarded to a second
> VPDN group (domain domain.net)
>
> The problem is how I extract the domain part from the user radius. I
> have try with:
>
> vpdn domain-delimiter @ suffix
> vpdn domain-delimiter / prefix
>
> But. a issue appears with the abc/xxxxx@xyz.net
> <mailto:abc/xxxxx@xyz.net> radius because it contains the @ delimiter
> and the decision forwarding is false (based on @ and not /). By the
> way, I can't do any modifications on the LAC (wholesale).
>
> Have you any idea?
>
> Thanks by advance.
>
> Quentin Carpent
>
>
>
> ----------------------------------------------------------------------
> --
>
> _______________________________________________
> cisco-bba mailing list
> cisco-bba@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal