Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
531
Views
0
Helpful
1
Replies

L2TP termination and forwarding

jonathan johnson
Level 1
Level 1

‎08-15-2017 11:26 PM - edited ‎03-05-2019 09:00 AM

Hi,

We have a situation where we have an ASR1002 that terminates DSL services and also forwards some onwards to other routers.  Our requirement is to forward all sessions with realm @realm1.com to another router (routerB) and terminate all sessions with realm @realm2.com on the ASR1002.

The config to forward the @realm1 users is on the ASR1002 in a VPDN group.

 All this is currently working.

We now have a requirement to take a handful of users that use the realm @realm2.com and send them to routerB (same place the @realm1 users are going).  To do this, we need to use vpdn authen-before-forward which sends the full username and realm to the radius server.  Doing this breaks the forwarding of all @realm1 users to routerB.

Does anyone have any suggestion on how we can achieve what I have described above - unfortunately we can't use radius to make the forwarding decisions as it's a third party radius server that doesn't have that feature available to us.

Thanks,

Jono

Labels:
0 Helpful
1 Reply 1

jonathan johnson
Level 1
Level 1

‎08-17-2017 01:17 AM

It looks like what I'm trying to achieve can not be done without the use of radius (unless anyone can advise otherwise).  It seems the vpdn authen-before-forward command forces all auth to be sent to radius first.

0 Helpful
Customers Also Viewed These Support Documents