IMPORTANT:
IMPORTANT:
Applicable Products and Relevant Sections
Supported LAC Service Configurations for PDSN Simple IP
Attribute-based Tunneling
How The Attribute-based L2TP Configuration Works
IMPORTANT:
PDSN Service-based Compulsory Tunneling
How PDSN Service-based Compulsory Tunneling Works
IMPORTANT:
Supported LAC Service Configurations for the GGSN and P-GW
Transparent IP PDP Context Processing with L2TP Support
Non-transparent IP PDP Context Processing with L2TP Support
PPP PDP Context Processing with L2TP Support
IMPORTANT:
IMPORTANT:
Supported LAC Service Configuration for Mobile IP
How The Attribute-based L2TP Configuration for MIP Works
IMPORTANT:
Configuring Subscriber Profiles for L2TP Support
IMPORTANT:
RADIUS and Subscriber Profile Attributes Used
RADIUS Attribute | Local Subscriber Attribute | Description | Variable |
---|---|---|---|
Tunnel-Type
|
tunnel l2tp
|
Specifies the type
of tunnel to be used for the subscriber session
|
L2TP
|
Tunnel-Server-Endpoint
|
tunnel l2tp peer-address
|
Specifies the IP address
of the peer LNS to connect tunnel to.
|
IPv4 address in dotted-decimal format,
enclosed in quotation marks
|
Tunnel-Password
|
tunnel l2tp secret
|
Specifies the shared
secret between the LAC and LNS.
|
Alpha and or numeric
string from 1 to 63 characters, enclosed in quotation marks
|
Tunnel-Private- Group-ID
|
tunnel l2tp tunnel-context
|
Specifies the name
of the destination context configured on the system in which the
LAC service(s) to be used are located.
|
Alpha and or numeric
string from 1 to 63 characters, enclosed in quotation marks
|
Tunnel-Preference
|
tunnel l2tp preference
|
Configures the priority
of each peer LNS when multiple LNS nodes are configured.
|
Integer from 1 to
65535
|
SN-Tunnel-Load- Balancing
|
loadbalance-tunnel- peer
|
A vendor-specific
attribute (VSA) used to provides a selection algorithm defining
how an LNS node is selected by the RADIUS server when multiple LNS
peers are configured within the subscriber profile.
|
|
Client-Endpoint
|
local-address
|
Specifies the IP address
of a specific LAC service configured on the system that to use to
facilitate the subscriber’s L2TP session.
This attribute is
used when multiple LAC services are configured.
|
IPv4 address in dotted
decimal notation. (xxx.xxx.xxx.xxx)
|
RADIUS Tagging Support
IMPORTANT:
IMPORTANT:
Configuring Local Subscriber
Tunneling All Subscribers in a Specific Context Without Using RADIUS Attributes
IMPORTANT:
IMPORTANT:
Configuring LAC Service
Configuring LNS Peer
configure
context
<dst_ctxt_name> [ -noconfirm ]
lac-service
<service_name>
tunnel
selection-key tunnel-server-auth-id
peer-lns
<ip_address> [encrypted] secret
<secret> [crypto-map <map_name> {[encrypted] isakmp-secret
<secret> }] [description
<text>] [ preference
<integer>]
load-balancing { random | balanced | prioritized }
end
IMPORTANT:
Modifying PDSN Service
configure
context
<source_ctxt_name> [ -noconfirm ]
pdsn-service
<pdsn_service_name>
ppp
tunnel-context <lac_context_name>
ppp
tunnel-type { l2tp | none }
end
show pdsn-service
name pdsn_service_name
The output of this
command is a concise listing of PDSN service parameter settings
as configured.
IMPORTANT:
Assigning LNS Peer Address in APN Template
configure
context
<dst_ctxt_name> [-noconfirm]
apn
<apn_name>
tunnel
l2tp [ peer-address <lns_address> [ [ encrypted ] secret <l2tp_secret> ] [ preference
<integer> ] [ tunnel-context
<l2tp_context_name> ] [ local-address
<local_ip_address> ] [ crypto-map
<map_name> { [ encrypted ] isakmp-secret
<crypto_secret> } ]
end
Configuring Outbound Authentication