This documentation has been moved
VPDN Features Roadmap
Downloads: This chapterpdf (PDF - 162.0KB) The complete bookPDF (PDF - 2.9MB) | Feedback

VPDN Features Roadmap

Table Of Contents

VPDN Features Roadmap


VPDN Features Roadmap


First Published: September 25, 2005
Last Updated: June 15, 2010

This feature roadmap lists the Cisco software features documented in the Cisco IOS VPDN Configuration Guide and maps them to the documents in which they appear. The roadmap is organized so that you can select your release train and see the features in that release. Find the feature name you are searching for and click on the URL in the "Where Documented" column to access the document containing that feature.

Feature and Release Support

Table 1 lists Cisco IOS VPDN feature support for these Cisco software release trains:

Cisco IOS Releases 12.2T, 12.3, 12.3T, and 12.4T

Cisco IOS Release 12.2SB

Cisco IOS Release 12.2SR

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.


Note Table 1 lists only the Cisco software release that introduced support for a given feature in a given Cisco software release train. Unless noted otherwise, subsequent releases of that Cisco software release train also support that feature.


Table 1 lists the most recent release of each software train first and the features in alphabetical order within the release.

Table 1 Supported VPDN Features 

Release
Feature Name
Feature Description
Where Documented
Cisco IOS Releases 12.2T, 12.3, 12.3T, and 12.4T

12.4(20)T

VPDN Group Selection

The VPDN Group Selection feature allows you to configure customized, multiple VPDN tunnels with different VPDN group configurations between LAC and an LNS.

Configuring Additional VPDN Features

12.4(15)T

L2TP Forwarding of PPPoE Tagging Information

This feature allows you to identify and uniquely map subscribers to Point-to-Point Protocol over Ethernet (PPPoE) sessions through the subscriber's remote ID.

Configuring AAA for VPDNs

12.4(15)T

L2TP Congestion Avoidance

This feature provides packet flow control and congestion avoidance by throttling Layer 2 Transport Protocol (L2TP) control messages as described in RFC 2661.

VPDN Tunnel Management

12.4(11)T

Suppressing EXEC Accounting Record

This feature suppresses EXEC accounting records when you configure autoselection during-login for the dial-in clients.

Configuring AAA for VPDNs

12.4(4)T

Configurable Domain Name Prefix and Suffix Stripping

This feature allows the NAS to be configured to strip prefixes, suffixes, or both from the full username. The reformatted username is then forwarded to the remote AAA server.

Configuring AAA for VPDNs

12.4(4)T

L2TP Tunnel Selection Load Balancing with Random Algorithm

This feature introduces an improved algorithm for load balancing L2TP sessions using the RADIUS tunnel preference attribute.

Configuring AAA for VPDNs

12.4(2)T

L2TP Calling Station ID Suppression

This feature allows the NAS to suppress part or all of the calling station ID from the NAS in the L2TP AV pair 22, the Calling Number ID. Calling station ID suppression can be configured globally on the router, for individual VPDN groups on the router, or on the remote RADIUS server if one is configured.

Configuring NAS-Initiated Dial-In VPDN Tunneling

12.3(4)T

L2TP Tunnel Connection Speed Labeling

This feature introduces the ability to accept or deny an L2TP session based on the allowed connection speed that is configured on the Cisco AR RADIUS server for that user. The RADIUS server can authorize users based on their SLA.

Configuring AAA for VPDNs

12.3(4)T

RFC-2867 RADIUS Tunnel Accounting

This feature introduces six new RADIUS accounting types that are used with the RADIUS accounting attribute Acct-Status-Type (attribute 40), which indicates whether an accounting request marks the beginning of user service (start) or the end (stop).

Configuring AAA for VPDNs

12.3(4)T

Tunnel Authentication via RADIUS on LNS

This feature allows the L2TP tunnel server to perform remote authentication and authorization with RADIUS on incoming L2TP NAS dial-in connection requests. This feature also allows the L2TP NAS to perform remote authentication and authorization with RADIUS on incoming L2TP tunnel server dial-out connection requests.

Configuring AAA for VPDNs

12.3(2)T

L2TP Client-Initiated Tunneling

This feature introduces the ability to establish client-initiated L2TP tunnels. The client can initiate an L2TP or L2TPv3 tunnel to the tunnel server without the intermediate NAS participating in tunnel negotiation or establishment.

Configuring Client-Initiated Dial-In VPDN Tunneling

12.2(15)T

L2TP Dial-Out Load Balancing and Redundancy

This feature enables a tunnel server to dial out to multiple NASs. When the NAS with the highest priority goes down, it is possible for the tunnel server to fail over to another lower priority NAS. The tunnel server can also load balance sessions between multiple NASs that have the same priority settings.

Configuring Additional VPDN Features

12.2(15)T

VRF-Aware VPDN Tunnels

This feature enhances the support of VPDN tunnels by allowing VPDN tunnels to start outside an MPLS VPN and terminate within the MPLS VPN.

Configuring Additional VPDN Features

12.2(13)T

L2TP Extended Failover

This feature extends L2TP failover to occur if during tunnel establishment a router receives a StopCCN message from its peer, or if during session establishment a router receives a CDN message from its peer. In either case, the router selects an alternate peer to contact.

Configuring NAS-Initiated Dial-In VPDN Tunneling

12.2(13)T

L2TP Redirect

This feature allows a tunnel server participating in SGBP to send a redirect message to the NAS if another stack group member wins the SGBP bid. The NAS will then reinitiate the call to the newly redirected tunnel server.

Configuring Multihop VPDN

12.2(13)T

Per-VRF AAA

This feature allows AAA to be configured for VRF instances.

Configuring AAA for VPDNs

"Configuring RADIUS" section of the Cisco IOS Security Configuration Guide: Securing User Services

12.2(13)T

RADIUS Tunnel Attribute Extensions

This feature introduces RADIUS attribute 90 and RADIUS attribute 91. Both attributes help support the provision of compulsory tunneling in VPDNs by allowing the user to specify authentication names for the NAS and the RADIUS server.

Configuring AAA for VPDNs

12.2(13)T

Session Limit per VRF

This feature allows you to apply session limits on all VPDN groups associated with a common VPDN template. You can limit the number of VPDN sessions that terminate in a single VRF instance.

VPDN Tunnel Management

12.2(13)T

Subscriber Service Switch

This feature provides flexibility on where and how many subscribers are connected to available services and how those services are defined. The primary focus of SSS is to direct PPP from one point to another using a Layer 2 subscriber policy. The policy will manage tunneling of PPP in a policy-based bridging fashion. 

Configuring Multihop VPDN

"Configuring Cisco Subscriber Service Switch Policies" section of the Cisco IOS Broadband and DSL Configuration Guide

12.2(13)T

VPDN Multihop by DNIS

This feature allows DNIS-based multihop capability for VPDNs.

Configuring Multihop VPDN

12.2(8)T

VPDN Default Group Template

This feature introduces the ability to configure global default values for VPDN group parameters in a VPDN template. These global default values are applied to all VPDN groups, unless specific values are configured for individual VPDN groups.

Configuring Additional VPDN Features

12.2(4)T

L2TP Security

This feature allows the robust security features of IPSec to protect the L2TP tunnel and the PPP sessions within the tunnel. In addition, the L2TP Security feature provides built-in keepalives and standardized interfaces for user authentication and accounting to AAA servers.

Configuring Additional VPDN Features

12.2(4)T

RADIUS Attribute 82: Tunnel Assignment ID

This feature allows the L2TP NAS to group users from different per-user or domain RADIUS profiles into the same active tunnel if the tunnel endpoints, tunnel type, and Tunnel-Assignment-ID are identical.

Configuring AAA for VPDNs

12.2(4)T

RADIUS Tunnel Preference for Load Balancing and Fail-Over

This feature provides industry-standard load balancing and failover functionality for multivendor networks.

Configuring AAA for VPDNs

12.2(4)T

Timer and Retry Enhancements for L2TP and L2F

This feature allows the user to configure certain adjustable timers and counters for L2TP and L2F.

VPDN Tunnel Management

12.2(4)T

VPDN Group Session Limiting

This feature allows the user to configure a limit on the number of L2F or L2TP VPDN sessions allowed for each VPDN group.

VPDN Tunnel Management

12.2(2)T

Shell-Based Authentication of VPDN Users

This feature provides terminal services for VPDN users to support rollout of wholesale dial networks.

Configuring AAA for VPDNs

Cisco IOS Release 12.2SB

12.2(34)SB

LNS Address Checking

This feature allows an LAC, which is receiving data from a LNS, to check the IP address of the LNS prior to establishing an L2TP tunnel.

Configuring AAA for VPDNs

12.2(34)SB

Modified LNS Dead-Cache Handling

This feature displays and clears (restarts) any LNS entry in a dead-cache (DOWN) state.

Configuring AAA for VPDNs

12.2(31)SB2

L2TP Calling Station ID Suppression

This feature allows the NAS to suppress part or all of the calling station ID from the NAS in the L2TP AV pair 22, the Calling Number ID. Calling station ID suppression can be configured globally on the router, for individual VPDN groups on the router, or on the remote RADIUS server if one is configured.

Configuring NAS-Initiated Dial-In VPDN Tunneling

12.2(31)SB2

L2TP Domain Screening, Rules Based

This feature allows per-user L2TP tunnel setup by creating customized Policy Manager match rules.

Configuring AAA for VPDNs

12.2(31)SB2

L2TP Tunnel Selection Load Balancing with Random Algorithm

This feature allows the NAS to use a new tie-breaking algorithm and is transparent to any user. A random selection is made among all peer tunnel servers carrying the same session load. This improved algorithm results in a more even distribution of sessions across tunnel servers, reducing the occurrence of session bunching.

Configuring AAA for VPDNs

12.2(28)SB

L2TP Congestion Avoidance

This feature provides packet flow control and congestion avoidance by throttling L2TP control messages as described in RFC 2661.

VPDN Tunnel Management

12.2(28)SB

L2TP Dial-Out Load Balancing and Redundancy

This feature enables a tunnel server to dial out to multiple NASs. When the NAS with the highest priority goes down, it is possible for the tunnel server to fail over to another lower priority NAS. The tunnel server can also load balance sessions between multiple NASs that have the same priority settings.

Configuring Additional VPDN Features

12.2(28)SB

L2TP Domain Screening

This feature introduces the ability to modify the domain portion of the username seamlessly when you enter into a virtual private network (VPN) service.

Configuring AAA for VPDNs

12.2(28)SB
12.3(33)SB

L2TP Extended Failover

This feature extends L2TP failover to occur if during tunnel establishment a router receives a StopCCN message from its peer, or if during session establishment a router receives a CDN message from its peer. In either case, the router selects an alternate peer to contact.

Configuring NAS-Initiated Dial-In VPDN Tunneling

12.2(28)SB

L2TP Redirect

This feature allows a tunnel server participating in SGBP to send a redirect message to the NAS if another stack group member wins the SGBP bid. The NAS will then reinitiate the call to the newly redirected tunnel server.

Configuring Multihop VPDN

12.2(28)SB

L2TP Security

This feature allows the robust security features of IPSec to protect the L2TP tunnel and the PPP sessions within the tunnel. In addition, the L2TP Security feature provides built-in keepalives and standardized interfaces for user authentication and accounting to AAA servers.

Configuring Additional VPDN Features

12.2(28)SB

L2TP Tunnel Connection Speed Labeling

This feature introduces the ability to accept or deny a L2TP session based on the allowed connection speed that is configured on the Cisco AR RADIUS server for that user. The RADIUS server can authorize users based on their SLA.

Configuring AAA for VPDNs

12.2(28)SB

RADIUS Attribute 82: Tunnel Assignment ID

This feature allows the L2TP NAS to group users from different per-user or domain RADIUS profiles into the same active tunnel if the tunnel endpoints, tunnel type, and Tunnel-Assignment-ID are identical.

Configuring AAA for VPDNs

12.2(28)SB

RADIUS Tunnel Preference for Load Balancing and Fail-Over

This feature provides industry-standard load balancing and failover functionality for multivendor networks.

Configuring AAA for VPDNs

12.2(28)SB

RFC-2867 RADIUS Tunnel Accounting

This feature introduces six new RADIUS accounting types that are used with the RADIUS accounting attribute Acct-Status-Type (attribute 40), which indicates whether an accounting request marks the beginning of user service (start) or the end (stop).

Configuring AAA for VPDNs

12.2(28)SB

Shell-Based Authentication of VPDN Users

This feature provides terminal services for VPDN users to support rollout of wholesale dial networks.

Configuring AAA for VPDNs

12.2(28)SB

Timer and Retry Enhancements for L2TP and L2F

This feature allows the user to configure certain adjustable timers and counters for L2TP and L2F.

VPDN Tunnel Management

12.2(28)SB

Tunnel Authentication via RADIUS on LNS

This feature allows the L2TP tunnel server to perform remote authentication and authorization with RADIUS on incoming L2TP NAS dial-in connection requests. This feature also allows the L2TP NAS to perform remote authentication and authorization with RADIUS on incoming L2TP tunnel server dial-out connection requests.

Configuring AAA for VPDNs

12.2(28)SB

VPDN Default Group Template

This feature introduces the ability to configure global default values for VPDN group parameters in a VPDN template. These global default values are applied to all VPDN groups, unless specific values are configured for individual VPDN groups.

Configuring Additional VPDN Features

12.2(34)SB

VPDN Extended Failover

This feature enables a failover with an LNS, if the LNS receives a valid L2TP CDN or stopCNN message before the LNS establishes a session.

VPDN Tunnel Management

12.2(28)SB

VPDN Group Session Limiting

This feature allows the user to configure a limit on the number of L2F or L2TP VPDN sessions allowed for each VPDN group.

VPDN Tunnel Management

12.2(28)SB

VPDN Multihop by DNIS

This feature allows DNIS-based multihop capability for VPDNs.

Configuring Multihop VPDN

12.2(28)SB

VRF-Aware VPDN Tunnels

This feature enhances the support of VPDN tunnels by allowing VPDN tunnels to start outside an MPLS VPN and terminate within the MPLS VPN.

Configuring Additional VPDN Features

Cisco IOS Release 12.2SR

12.2(33)SRE

Configurable Domain Name Prefix and Suffix Stripping

This feature allows the NAS to be configured to strip prefixes, suffixes, or both from the full username. The reformatted username is then forwarded to the remote AAA server.

Configuring AAA for VPDNs

12.2(33)SRE

Suppressing EXEC Accounting Record

This feature suppresses EXEC accounting records when you configure autoselection during-login for the dial-in clients.

Configuring AAA for VPDNs

12.2(33)SRE

VPDN Extended Failover

This feature enables a failover with an LNS, if the LNS receives a valid L2TP CDN or stopCNN message before the LNS establishes a session.

VPDN Tunnel Management



Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)