04-02-2008 06:41 AM
We have one Client wished to run MPLS VPN. His head office is connected to our ISP Backbone via a leased line, all other branches are connected via ADSL. The IP addresses are assigned to the DSL when the user connects and the DSL gets a virtual interface on the PE when it connects
Whether MPLS VPN is possible with this dynamically created Virtual interface and Head office?
04-02-2008 11:27 AM
Hi,
I don't know if you are using ppp with radius authentications over DSL connections. If you are in this scenario, you can put a Virtual-access into a vrf using Cisco-AVPair in radius cfg.
This is an example of radius user definition:
Auth-Type = Local, User-Password =
Cisco-AVPair += "lcp:send-secret=
Cisco-AVPair += "lcp:interface-config#1=ip vrf forwarding
Cisco-AVPair += "lcp:interface-config#2=ip address
Based on "username", a Virtual-access is dynamically assigned to a vrf.
If you are not using IGP from PE to CE (over DSL link), you can also use radius to install a static route.
Hope this helps.
Regards,
Mirco.
04-02-2008 02:36 PM
Hi,
Agree with Micro, and further if you have issues with using Cisco-AVPair, you can apply the VRF under the virtual-template itself whether it is PPPoA or PPPoE.
BR,
Mohammed Mahmoud.
04-04-2008 11:19 PM
Dear Mahmoud ,
In any case I think we need to be depending on Cisco AVPair , But I'm using a third party radius software which doesn't support AVPair . I'm little bit confused about about how I can do a vrf under virtual-template without depending on Radius .
Regards,
Haris
04-05-2008 02:57 AM
Hi Haris,
It can be done by simply applying the "ip vrf forwarding x" command under the virtual-template interface itself, then when the virtual-access is cloned it will inherit the VRF under the virtual-template.
BR,
Mohammed Mahmoud.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide