Cisco 10000 User Manual
Page 180
5-16
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server
Layer 2 Access Concentrator
Configuring Sessions Per Tunnel Limiting in the RADIUS Service Profile
To use a RADIUS server to limit the number of sessions per tunnel, enter the following Cisco-AVpair
attributes in the RADIUS service profile:
•
vpdn:ip-addresses
•
vpdn:ip-address-limits
Note
You can configure the RADIUS server or the LAC to limit the number of sessions per tunnel. For
information on using the LAC for sessions per tunnel limiting, see the
“Configuring Sessions Per Tunnel
Limiting on the LAC” section on page 5-12
.
VPDN IP Addresses
The vpdn:ip-addresses attribute specifies the IP addresses of the LNS devices to receive the L2TP
connections. It has the following syntax:
Cisco-AVpair = “vpdn:ip-addresses=
address1[<delimiter>address2][<delimiter>address3]...”
The address argument is the IP address of the LNS.
The <delimiter>, (comma) and <delimiter> (space) arguments select load sharing among IP addresses.
The <delimiter>/ (slash) argument groups IP addresses on the left side in higher priority than the right
side.
Example 5-10 VPDN IP Addresses—RADIUS Freeware Format
In the following example, the LAC sends the:
•
First PPP session through a tunnel to 10.16.1.1
•
Second PPP session to 10.16.2.2
•
Third PPP session to 10.16.3.3
•
Fourth PPP session to 10.16.1.1
If the LAC fails to establish a tunnel with any of the IP addresses in the first group, it attempts to connect
to the IP addresses in the second group (10.16.4.4 and 10.16.5.5).
Cisco-AVpair=”vpdn:ip-addresses=10.16.1.1,10.16.2.2,10.16.3.3/10.16.4.4,10.16.5.5”
VPDN IP Address Limits
The vpdn:ip-address-limits attribute specifies the maximum number of sessions in each tunnel to the IP
addresses listed with the attribute. It has the following syntax:
Cisco-AVpair = “vpdn:ip-address-limits=
limit1[limit2][limit3]...”
The limit argument is the maximum number of sessions per tunnel to the corresponding IP address.
Example 5-11 VPDN IP Address Limits—RADIUS Freeware Format
Cisco-AVpair=”vpdn:ip-address-limits=10 20 30 40 50 “
.1.1.1,10.2.2.2,10.3.3.3/10.4.4.4,10.5.5.5”
Note
You must enter a space between the final limit entry and the end quotation marks.