Hello.

Playing with fresh out of box ASR 1002X.

It seems to be completely ignoring "lcp:interface-config" Cisco-AVPair attribute from the radius.

Jul  3 19:50:42: RADIUS: Received from id 1645/48 10.0.6.10:1812, Access-Accept, len 108
Jul  3 19:50:42: RADIUS:  authenticator DD 35 E0 9B 5E 28 39 38 - 5C 3D CE 12 8B 81 64 0A
Jul  3 19:50:42: RADIUS:  Framed-Protocol     [7]   6   PPP                       [1]
Jul  3 19:50:42: RADIUS:  Service-Type        [6]   6   Framed                    [2]
Jul  3 19:50:42: RADIUS:  Vendor, Cisco       [26]  34
Jul  3 19:50:42: RADIUS:   Cisco AVpair       [1]   28  "lcp:allow-subinterface=yes"
Jul  3 19:50:42: RADIUS:  Vendor, Cisco       [26]  42
Jul  3 19:50:42: RADIUS:   Cisco AVpair       [1]   36  "lcp:interface-config=ip nat inside"
Jul  3 19:50:42: RADIUS(00000076): Received from id 1645/48

asr-1002x-01#sho int vi2.1 configuration
Virtual-Access2.1 is a PPP over Ethernet link (sub)interface

Derived configuration : 299 bytes
!
interface Virtual-Access2.1
 ip unnumbered Loopback0
 no ip redirects
 ip verify unicast reverse-path
 peer default ip address pool pool192_168
 keepalive 60
 ppp authentication chap ms-chap-v2 FREERADIUS
 ppp authorization FREERADIUS
 ppp accounting FREERADIUS
 ppp ipcp dns 8.8.8.8 8.8.4.4
end

asr-1002x-01#sho ip nat statistics
Total active translations: 0 (0 static, 0 dynamic; 0 extended)
Outside interfaces:
  TenGigabitEthernet0/1/0.5
Inside interfaces:
Hits: 89220  Misses: 698

asr-1002x-01#sho run | inc subint
aaa policy interface-config allow-subinterface

What do i do wrong? Is there any way to switch virtual template by some AVPair?