Monitoring and maintaining lns – Cisco 10000 User Manual

Page 215

Advertising
background image

5-51

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Chapter 5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server

L2TP Network Server

LNS Configuration to Support RADIUS Tunnel Authentication

The following example is an LNS configuration that supports RADIUS tunnel authentication. In this
configuration, a RADIUS server group is defined by using the aaa group server radius VPDN-Group
command. The aaa authorization network mymethodlist group VPDN-Group command queries
RADIUS for network authorization.

aaa group server radius VPDN-Group

server 64.102.48.91 auth-port 1645 acct-port 1646

aaa authorization network mymethodlist group VPDN-Group

vpdn tunnel authorization network mymethodlist

vpdn tunnel authorization virtual-template 10

RADIUS Configuration to Support Tunnel Authentication

The following example is a RADIUS configuration that allows the LNS to terminate L2TP tunnels from
a LAC. In this configuration, VirtualTemplate10 is used to clone a VAI on the LNS.

myLACname Password = “cisco”

Service-Type = Outbound,

Tunnel-Type = :0:l@TP,

Tunnel-Medium-Type = :o:IP,

Tunnel-Client-Auth-ID = :0:”myLACname”,

Tunnel-Password = :0:”mytunnelpassword”,

Cisco:Cisco-Avpair = “vpdn:vpdn-vtemplate=10”

Note

For additional authentication examples, see the “Configuring Authentication” chapter in the Cisco IOS
Security Configure Guide, Release 12.2.

Monitoring and Maintaining LNS

To monitor and maintain the features configured on the LNS, enter the following commands in privileged
EXEC mode:

Command

Purpose

Router# show accounting

Displays accounting records for users currently logged in.
Displays active accountable events on the network and helps
collect information in the event of a data loss on the accounting
server.

Router# show interfaces virtual-access number

[configuration]

Displays status, traffic data, and configuration information about
the virtual access interface you specify.

Router# show ip route vrf vrf-name

Displays the IP routing table associated with a VRF.

Router# show radius statistics

Displays the RADIUS statistics for accounting and
authentication packets.

Router# show vpdn

Displays all tunnel and session information for all active sessions
and tunnels.

Router# show vpdn session

Displays information about active L2TP sessions in a virtual
private dialup network (VPDN).

Router# show vpdn session all username username

Displays statistics about all active L2TP tunnels for the username
you specify.

Advertising
Popular Brands
Popular manuals