Support User Manuals

Cisco Systems 10000 Network Router User Manual

Open as PDF

of 624

5-16

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Chapter 5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server

Layer 2 Access Concentrator

Configuring Sessions Per Tunnel Limiting in the RADIUS Service Profile

To use a RADIUS server to limit the number of sessions per tunnel, enter the following Cisco-AVpair

attributes in the RADIUS service profile:

• vpdn:ip-addresses

• vpdn:ip-address-limits

Note You can configure the RADIUS server or the LAC to limit the number of sessions per tunnel. For

information on using the LAC for sessions per tunnel limiting, see the

“Configuring Sessions Per Tunnel

Limiting on the LAC” section on page 5-12.

VPDN IP Addresses

The vpdn:ip-addresses attribute specifies the IP addresses of the LNS devices to receive the L2TP

connections. It has the following syntax:

Cisco-AVpair = “vpdn:ip-addresses=address1[<delimiter>address2][<delimiter>address3]...”

The address argument is the IP address of the LNS.

The <delimiter>, (comma) and <delimiter> (space) arguments select load sharing among IP addresses.

The <delimiter>/ (slash) argument groups IP addresses on the left side in higher priority than the right

side.

Example 5-10 VPDN IP Addresses—RADIUS Freeware Format

In the following example, the LAC sends the:

• First PPP session through a tunnel to 10.16.1.1

• Second PPP session to 10.16.2.2

• Third PPP session to 10.16.3.3

• Fourth PPP session to 10.16.1.1

If the LAC fails to establish a tunnel with any of the IP addresses in the first group, it attempts to connect

to the IP addresses in the second group (10.16.4.4 and 10.16.5.5).

Cisco-AVpair=”vpdn:ip-addresses=10.16.1.1,10.16.2.2,10.16.3.3/10.16.4.4,10.16.5.5”

VPDN IP Address Limits

The vpdn:ip-address-limits attribute specifies the maximum number of sessions in each tunnel to the IP

addresses listed with the attribute. It has the following syntax:

Cisco-AVpair = “vpdn:ip-address-limits=limit1[limit2][limit3]...”

The limit argument is the maximum number of sessions per tunnel to the corresponding IP address.

Example 5-11 VPDN IP Address Limits—RADIUS Freeware Format

Cisco-AVpair=”vpdn:ip-address-limits=10 20 30 40 50 “

.1.1.1,10.2.2.2,10.3.3.3/10.4.4.4,10.5.5.5”

Note You must enter a space between the final limit entry and the end quotation marks.

previous next