cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Ask the Expert- SD-WAN

182
Views
5
Helpful
1
Replies
Highlighted
Beginner

How To Configure VPDN Groups to use Different RADIUS Servers

 

Hi

 

The scenario here is I have a VPDN tunnel from 1 broadband provider which is using an old RADIUS and then I have anew VPDN tunnel from a different broadband provider who I want to put on a new RADIUS server.  The long term plan is to move all the broadband connections to the new provider and decommission the old RADIUS as part of the same project.  However I cant see for the life of me where/how I would configure this to happen.

 

Any Help would be greatly appreciated.   I’m doing this on a ASR-1001

 

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Beginner

Re: How To Configure VPDN Groups to use Different RADIUS Servers

I have resolved this issue by doing the following:

 

Create the RADIUS servers:

 

radius server ISE01

 address ipv4 ###.###.###.### auth-port 1812 acct-port 1813

 timeout 10

 key ####

!

radius server ISE02

 address ipv4 ###.###.###.### auth-port 1812 acct-port 1813

 timeout 10

 key ####

 

Now create a group with those servers in

aaa group server radius VPDN-NewISE-Radz

 server name ISE01

 server name ISE02

 

Now create an authentication list with that group in

aaa authentication ppp NewISERadzAuthList group VPDN-NewISE-Radz none

 

Now add this authentication list to the Virtual-Template

interface Virtual-Template3

ppp authentication chap NewISERadzAuthList

 

 

1 REPLY 1
Beginner

Re: How To Configure VPDN Groups to use Different RADIUS Servers

I have resolved this issue by doing the following:

 

Create the RADIUS servers:

 

radius server ISE01

 address ipv4 ###.###.###.### auth-port 1812 acct-port 1813

 timeout 10

 key ####

!

radius server ISE02

 address ipv4 ###.###.###.### auth-port 1812 acct-port 1813

 timeout 10

 key ####

 

Now create a group with those servers in

aaa group server radius VPDN-NewISE-Radz

 server name ISE01

 server name ISE02

 

Now create an authentication list with that group in

aaa authentication ppp NewISERadzAuthList group VPDN-NewISE-Radz none

 

Now add this authentication list to the Virtual-Template

interface Virtual-Template3

ppp authentication chap NewISERadzAuthList

 

 

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards