(RADIATOR) Returning L2TP Setup Parameters

Claudio Lapidus c_lapidus at hotmail.com
Tue Apr 13 20:46:07 CDT 2004 

Hello Brian

This is what we use for the same situation:

<Handler Called-Station-Id="5092136">
        <AuthBy TEST>
                AddToReply      Service-Type = Outbound-User, \
                                Tunnel-Type = L2TP, \
                                Tunnel-Medium-Type = IP, \
                                Tunnel-Server-Endpoint = ww.xx.yy.zz, \
                                Tunnel-Password = "test-tunnel", \
                                Class = "VPDN service example"
        </AuthBy>
</Handler>

Auth by test is the fastest way to get an unconditional accept. You don't
really need the class attribute, we just use it to flag these sessions later
in accounting. However, service type set to outbound is critical with cisco
NASes in vpdn mode (so they call it).

hth
cl.


----- Original Message ----- 
From: "Brian Morris" <brian at netspeed.com.au>
To: "Hugh Irvine" <hugh at open.com.au>
Cc: <radiator at open.com.au>
Sent: Tuesday, April 13, 2004 9:31 PM
Subject: (RADIATOR) Returning L2TP Setup Parameters


> Hi All,
>
> We are trying to setup L2TP dial-in services with a 3rd party provider
here
> in oz.  They require us to send back to them certain cisco reply
attributes
> to establish the tunnel.  They only want those parameters and no other
> radius reply attributes.
>
> Is it possible for us to setup radiator to return an access accept for all
> request from that NAS ID / Called-Station-ID.
>
> Would something like this be close...
>
> <Handler Called-Station-Id=142320198333352>
>  <AuthBy SQL>
>   DBSource dbi:ODBC:RadiusDB
>   DBUsername xxxx
>   DBAuth yyyy
>   AuthSelect  select whatever from SUBSCRIBERS where 'y' = 'y'
>   AddToReplyIfNotExist cisco-avpair="vpdn:ip-addresses=210.9.xxx.yyy",
> cisco-avpair="vpdn:tunnel-type=l2tp",
> cisco-avpair="vpdn:l2tp-tunnel-password=xxxxx"
>  </AuthBy>
> </handler>
>
> The AuthSelect is a fudge to get it to accept everything - can this be
done
> more efficiently?
>
> Any help appreciated!
>
> Regards,  Brian,
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list