cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
522
Views
0
Helpful
1
Replies

L2TP termination and forwarding

Hi,

We have a situation where we have an ASR1002 that terminates DSL services and also forwards some onwards to other routers.  Our requirement is to forward all sessions with realm @realm1.com to another router (routerB) and terminate all sessions with realm @realm2.com on the ASR1002.

The config to forward the @realm1 users is on the ASR1002 in a VPDN group.

 All this is currently working.

We now have a requirement to take a handful of users that use the realm @realm2.com and send them to routerB (same place the @realm1 users are going).  To do this, we need to use vpdn authen-before-forward which sends the full username and realm to the radius server.  Doing this breaks the forwarding of all @realm1 users to routerB.

Does anyone have any suggestion on how we can achieve what I have described above - unfortunately we can't use radius to make the forwarding decisions as it's a third party radius server that doesn't have that feature available to us.

Thanks,

Jono

1 Reply 1

It looks like what I'm trying to achieve can not be done without the use of radius (unless anyone can advise otherwise).  It seems the vpdn authen-before-forward command forces all auth to be sent to radius first.