Configuration examples for lns, Managed lns configuration example – Cisco 10000 User Manual

Page 209

Advertising
background image

5-45

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Chapter 5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server

L2TP Network Server

Configuration Examples for LNS

This section provides example configurations for the following features:

Managed LNS Configuration Example, page 5-45

Tunnel Accounting Configuration Examples, page 5-47

Tunnel Authentication Configuration Examples, page 5-50

Managed LNS Configuration Example

Example 5-17

is an example of how to configure the Managed LNS features on the Cisco 10000 series

router. In this example, the Cisco 10000 series router terminates the tunnel from the LAC and associates
the VRFs with the interfaces and the virtual template interfaces. This configuration also configures
RADIUS attribute screening and AAA accounting for the VRFs.

Example 5-17 Configuring Managed LNS on the Cisco 10000 Series Router

!Enables AAA.

aaa new-model

!

!Configures private server parameters.

aaa group server radius vpn1

server-private 192.168.1.128 auth-port 1645 acct-port 1646 key cisco

server-private 192.168.2.128 auth-port 1645 acct-port 1646 timeout 10 retransmit 3 key

!Configures RADIUS attribute screening.

cisco1

authorization reject vpn1-autho-list

accounting reject vpn1-account-list

ip vrf forwarding vpn1

!

!Configures private server parameters.

aaa group server radius vpn2

server-private 192.168.1.128 auth-port 1645 acct-port 1646 key cisco

server-private 192.168.2.128 auth-port 1645 acct-port 1646 timeout 10 retransmit 3 key

cisco1

ip vrf forwarding vpn2

!

!Configures AAA accounting for the VRFs.

aaa authentication ppp vpn1 group vpn1

aaa authentication ppp vpn2 group vpn2

aaa authorization network vpn1 group vpn1

aaa authorization network vpn2 group vpn2

aaa accounting update periodic 1

aaa accounting network vpn1 start-stop group vpn1

aaa accounting network vpn2 start-stop group vpn2

aaa accounting system default vrf vpn1 start-stop group vpn1

aaa accounting system default vrf vpn2 start-stop group vpn2

aaa session-id common

!

!Configures the VRFs.

ip vrf vpn1

rd 1100:1

!

ip vrf vpn2

rd 1100:2

vpdn enable

!

!Terminates the tunnel from the LAC.

vpdn-group 1

Advertising
Popular Brands
Popular manuals