Hi,
We have a situation where we have an ASR1002 that terminates DSL services and also forwards some onwards to other routers. Our requirement is to forward all sessions with realm @realm1.com to another router (routerB) and terminate all sessions with realm @realm2.com on the ASR1002.
The config to forward the @realm1 users is on the ASR1002 in a VPDN group.
All this is currently working.
We now have a requirement to take a handful of users that use the realm @realm2.com and send them to routerB (same place the @realm1 users are going). To do this, we need to use vpdn authen-before-forward which sends the full username and realm to the radius server. Doing this breaks the forwarding of all @realm1 users to routerB.
Does anyone have any suggestion on how we can achieve what I have described above - unfortunately we can't use radius to make the forwarding decisions as it's a third party radius server that doesn't have that feature available to us.
Thanks,
Jono