Guest

Cisco IOS Software Releases 12.4 T

ANI Suppression During L2TP Setup

  • Viewing Options

  • PDF (241.7 KB)
  • Feedback
ANI Suppression During L2TP Setup

Table Of Contents

ANI Suppression During L2TP Setup

Contents

Information About ANI Suppression During L2TP Setup

Calling Number Suppression Levels

Benefits of ANI Suppression During L2TP Setup

How to Configure ANI Suppression During L2TP Setup

Configuring ANI Suppression During L2TP Setup on the RADIUS Server

Verifying ANI Suppression During L2TP Setup

Configuration Examples for ANI Suppression During L2TP Setup

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Command Reference

Feature Information for ANI Suppression During L2TP Setup

Glossary


ANI Suppression During L2TP Setup


First Published: April 11, 2005
Last Updated: February 27, 2006

The ANI Suppression During L2TP Setup feature provides the ability to suppress all or some part of the calling number field in the Layer 2 Tunneling Protocol (L2TP) setup process through RADIUS attribute functionality. The ANI Suppression During L2TP Setup feature allows you to make part or all of the calling number anonymous. This document tells you how to configure the ANI Suppression During L2TP Setup feature on your RADIUS server.

Finding Feature Information in This Module

Your Cisco IOS software release may not support all of the features documented in this module. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the "Feature Information for ANI Suppression During L2TP Setup" section.

Finding Support Information for Platforms and Cisco IOS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.

Contents

Information About ANI Suppression During L2TP Setup

How to Configure ANI Suppression During L2TP Setup

Configuration Examples for ANI Suppression During L2TP Setup

Additional References

Command Reference

Feature Information for ANI Suppression During L2TP Setup

Glossary

Information About ANI Suppression During L2TP Setup

To configure the ANI Suppression During L2TP Setup feature, you must understand the following concepts:

Calling Number Suppression Levels

Benefits of ANI Suppression During L2TP Setup

Calling Number Suppression Levels

The calling number or calling line identification (CLID) is sent by the L2TP access concentrator (LAC) to the L2TP network server (LNS) as part of the Incoming Call ReQuest (ICRQ). The calling number is also part of the Call Detail Record (CDR). The calling number can be suppressed at three levels:

Complete suppression—The entire calling number is suppressed so that no part of it appears explicitly.

Partial suppression—A specified portion of the calling number is suppressed and the rest of it appears explicitly. For example, a calling number 5555550123 is sent as 5555550xxx so that the last three digits are suppressed.

No suppression—The entire calling number appears explicitly. No suppression is the default, which is equivalent to the behavior of your system when the ANI Suppression During L2TP Setup feature is not configured.

The level of suppression is configured through RADIUS attribute values. There is no command-line interface (CLI) to configure the ANI Suppression During L2TP Setup feature.

Benefits of ANI Suppression During L2TP Setup

The ANI Suppression During L2TP Setup feature allows the user to make a calling number in a CDR anonymous.

The levels of suppression allow more granular control for automatic number identification (ANI) applications.

The ANI Suppression During L2TP Setup feature can be configured on the RADIUS server without requiring a change to tunnel session accounting records.

How to Configure ANI Suppression During L2TP Setup

This section contains the following procedures:

Configuring ANI Suppression During L2TP Setup on the RADIUS Server (required)

Verifying ANI Suppression During L2TP Setup (optional)

Configuring ANI Suppression During L2TP Setup on the RADIUS Server

To configure the ANI Suppression During L2TP Setup feature, that is, to specify that all or part of the CLID be suppressed in the ICRQ, add the l2tp-clid-mask-method attribute to the user profile on the RADIUS server.

 
Command
Purpose
 

cisco generic 1 string vpdn:l2tp-clid-mask-method=right:<char>:<n>

Example:

cisco generic 1 string "vpdn:l2tp-clid-mask-method=right:X:5"

Configures the ANI Suppression During L2TP Setup feature.

right—Method name, specifies the masking will start from the right side of the CLID.

Method name is not case sensitive.

Any name other than "right" is treated as an unknown method, and the CLID is not masked.

<char>—One character to use for masking the digits in the CLID.

If more than one character is specified, it is treated as an unknown method, and the CLID is not masked.

<n>—Number of digits to mask, an integer value indicating how many digits in the CLID are to be masked.

For the right method, the maximum value for <n> is 255.

Entering a combination of digits and characters or a value greater than 255 for <n> is not recommended. These configurations are invalid and may produce unexpected results.

If the CLID length is less than <n>, all the digits of the CLID are masked.

If <n> is more than 255, it is not considered a valid integer. The method is treated as incomplete, and the CLID is not masked.

As in the example, note that the string must be enclosed in quotes.

Verifying ANI Suppression During L2TP Setup

To verify that the ANI Suppression During L2TP Setup feature is working, that is, that part or all of the CLID is being suppressed, use the following privileged EXEC command on the LNS.

 
Command
Purpose
 

debug vpdn ltx-packet

(Optional) Displays messages about Layer 2 Forwarding (L2F) and L2TP protocol headers and status.

In the example, the ANI Suppression During L2TP Setup feature is configured to mask the first five digits from the right of the CLID with X. When the ICRQ for the session is received, the CLID AV (attribute-value) pair is decoded and shown as in the following example.

Router# debug vpdn ltx-packet


02:02:34: Tnl 21550 L2TP:Calling Number 9876XXXXX

Configuration Examples for ANI Suppression During L2TP Setup

In the following example user profile, the last RADIUS attribute, shown in bold, configures the first five digits from the right of the CLID to be masked with X:

service outbound 
vsa cisco generic 1 string "vpdn:l2tp-tunnel-password=mypassword" 
vsa cisco generic 1 string "vpdn:tunnel-type=l2tp" 
vsa cisco generic 1 string "vpdn:ip-addresses=10.4.4.4" 
vsa cisco generic 1 string "vpdn:tunnel-id=mytunnel" 
vsa cisco generic 1 string "vpdn:l2tp-clid-mask-method=right:X:5" 

If the CLID is 987654321, the LAC masks the first five characters from the right side with X. The LNS receives the calling number (AV pair 22) of the ICRQ with CLID as 9876XXXXX.

In the following example user profile, the last RADIUS attribute, shown in bold, configures all digits of the CLID to be masked with X:

service outbound 
vsa cisco generic 1 string "vpdn:l2tp-tunnel-password=mypassword2" 
vsa cisco generic 1 string "vpdn:tunnel-type=l2tp" 
vsa cisco generic 1 string "vpdn:ip-addresses=10.10.3.2" 
vsa cisco generic 1 string "vpdn:tunnel-id=mytunnel2" 
vsa cisco generic 1 string "vpdn:l2tp-clid-mask-method=right:X:255" 

The LAC masks all characters of the CLID with X. The LNS receives the calling number (AV pair 22) of the ICRQ with CLID as XXXXXXXXX.

Additional References

The following sections provide references related to the ANI Suppression During L2TP Setup feature.

Related Documents

Related Topic
Document Title

RADIUS

Cisco IOS Security Configuration Guide, Release 12.4,
Part 2, "Security Server Protocols, Configuring RADIUS"


Standards

Standards
Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.


MIBs

MIBs
MIBs Link

No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs


RFCs

RFCs
Title

No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.


Technical Assistance

Description
Link

The Cisco Technical Support & Documentation website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/techsupport


Command Reference

This feature uses no new or modified commands.

Feature Information for ANI Suppression During L2TP Setup

Table 1 lists the release history for this feature.

Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.

Cisco IOS software images are specific to a Cisco IOS software release, a feature set, and a platform. Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.


Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.


Table 1 Feature Information for ANI Suppression During L2TP Setup 

Feature Name
Releases
Feature Information

ANI Suppression During L2TP Setup

12.3(7)YB
12.4(6)T

The ANI Suppression During L2TP Setup feature provides the ability to suppress all or some part of the calling number field in the Layer 2 Tunneling Protocol (L2TP) setup process through RADIUS attribute functionality.

In 12.3(7)YB, this feature was introduced as Calling Number Suppression for L2TP Setup.

In 12.4(6)T, this feature was integrated into Release 12.4(6)T as ANI Suppression During L2TP Setup.


Glossary

ANI—automatic number identification. SS7 (signaling system 7) feature in which a series of digits, either analog or digital, are included in the call, identifying the telephone number of the calling device. In other words, ANI identifies the number of the calling party.

CLID—calling line ID. Information about the billing telephone number from which a call originated. The CLID value might be the entire phone number, the area code, or the area code plus the local exchange. Also known as caller ID.

Layer 2 Tunnel Protocol (L2TP)—A Layer 2 tunneling protocol that enables an ISP or other access service to create a virtual tunnel to link customer remote sites or remote users with corporate home networks. In particular, a network access server (NAS) at the ISP point of presence (POP) exchanges PPP messages with the remote users and communicates by L2F or L2TP requests and responses with the customer tunnel server to set up tunnels.

L2TP access concentrator (LAC)—A network access server (NAS) to which the client directly connects and through which PPP frames are tunneled to the L2TP network server (LNS). The LAC need only implement the media over which L2TP is to operate to pass traffic to one or more LNSs. The LAC may tunnel any protocol carried within PPP. The LAC initiates incoming calls and receives outgoing calls. A LAC is analogous to an L2F network access server.

L2TP network server (LNS)—A termination point for L2TP tunnels, and an access point where PPP frames are processed and passed to higher-layer protocols. An LNS can operate on any platform that terminates PPP. The LNS handles the server side of the L2TP protocol. L2TP relies only on the single medium over which L2TP tunnels arrive. The LNS initiates outgoing calls and receives incoming calls. An LNS is analogous to a home gateway in L2F technology.


Note See Internetworking Terms and Acronyms for terms not included in this glossary.