Cisco 10000 User Manual

5-35

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Chapter 5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server

L2TP Network Server

Verifying and Troubleshooting per VRF AAA

To verify and troubleshoot the per VRF AAA feature, enter the following commands in privileged EXEC
mode.

Note

Due to the large output of some of the commands, many events are not displayed on the console. Instead,
the messages are logged to a console log file. To limit the rate that the Cisco 10000 series router logs
system messages, enter the logging rate-limit command. For more information, see the
“Troubleshooting and Fault Management Commands in the Cisco IOS Configuration Fundamentals
Command Reference, Release 12.2.

Caution

Because debugging output is assigned high priority in the CPU process, it can render the system
unusable. For this reason, use debug commands only to troubleshoot specific problems or during
troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use
debug commands during periods of lower network traffic and fewer users. Debugging during these
periods decreases the likelihood that increased debug command processing overhead will affect system
use.

Step 10

Router(config)# radius-server attribute

44 include-in-access-req vrf

vrf-name

Sends RADIUS attribute 44 in access request packets before user
authentication and enables the specification on a per VRF basis.

The vrf vrf-name keyword and argument specify the per VRF
configuration.

Step 11

Router(config)# radius-server

domain-stripping vrf

vrf-name

(Optional) Enables VRF-aware domain-stripping.

The vrf vrf-name keyword and argument specify the per VRF
configuration.

Command

Purpose

Command

Purpose

Router# show ip route vrf vrf-name

Displays the IP routing table associated with a VRF.

Router# debug aaa accounting

Displays information on accountable events as they occur.

Router# debug aaa authorization

Displays information on AAA authorization.

Router# debug ppp negotiation

Displays information on traffic and exchanges in an internetwork
implementing PPP.

Router# debug radius

Displays information associated with RADIUS.

Router# debug vpdn event

Displays L2TP errors and events that are a part of normal tunnel
establishment or shutdown for VPNs.

Router# debug vpdn error

Displays debug traces for VPN.