Cisco LNS realm redirection

Richard Savage rich at quavey.co.uk
Mon Mar 13 17:49:45 CET 2017


Hi List

Im just looking to see if someone can point me in the right direction. I 
have a slight issue in that im trying to repoint a PPP session that is 
terminating on a cisco LNS(5.5.5.5) from a DSL carrier (TT/BTW) to 
another LNS (6.6.6.6) (but the carrier (TT/BTW) dont get to see the 
customer LNS direct).  We get the initial request from the carrier and 
send back an access accept to the carrier to land this on the LNS which 
is all fine, then we get the access request from our LNS which we then 
need to reply back with a different LNS IP (6.6.6.6) instead of itself 
(5.5.5.5) to tell the cisco LNS to forward the PPP session onto the 
other LNS.  Would be good if we can do this based on realm. Is this 
possible and whats the best way of achieving this as there seems little 
info on how to achieve this.

Im running freeradius 2.1.12

Many thanks in advance.  Radius output below:

Rich

==============================================================================
Access-Request Id 159    1.1.1.1:1812 -> 2.2.2.2:1812 +4237.896
     User-Name = "username at realm"
     CHAP-Password = 0x01d4aa02ffc6c1364cb2bf3ec9675019a2
     CHAP-Challenge = 0xa771f601cd1ffd8b376661995e5a4e09
     Service-Type = Framed-User
     Framed-Protocol = PPP
     NAS-Identifier = "lts001.hex"
     NAS-Port = 2432808109
     NAS-Port-Type = Virtual
     NAS-Port-Id = "L2TP LNS 111789"
     Medium-Type = DSL
     Connect-Info = "14144000/1057000"
     Platform-Type = SmartEdge-800
     OS-Version = "12.1.1.9"
     Tunnel-Type:0 = L2TP
     Tunnel-Medium-Type:0 = IPv4
     Tunnel-Server-Endpoint:0 = "10.177.255.128"
     Tunnel-Client-Endpoint:0 = "10.160.71.32"
     Tunnel-Server-Auth-Id:0 = "lts001.hex"
     Tunnel-Client-Auth-Id:0 = "nge001.sou-re0"
     Tunnel-Max-Sessions = 65535
     Tunnel-Max-Tunnels = 32767
     Redback-Attr-226 = 0x0000001e
     Tunnel-Function = LNS-Only
     Acct-Tunnel-Connection = "nge001.sou-re0/10.160.71.32:32009:29879"
     LAC-Port = 34699
     Calling-Station-Id = " eth 0/3/1:101 at FTTC"

Access-Accept Id 159    2.2.2.2:1812 -> 1.1.1.1:1812    +4237.934
     Tunnel-Server-Endpoint:0 = "5.5.5.5"
     Tunnel-Type:0 = L2TP
     Tunnel-Client-Auth-Id:0 = "XXXXXX-TT"
     Attr-69 = 0x00ba01f1c9da158a65f05e6965298b8b28548e
     Tunnel-Preference:0 = 1
     Cisco-AVPair = "ip:ip-unnumbered=Loopback 1"

==============================================================================

Access-Request Id 20    3.3.3.3:1645 -> 4.4.4.4:1812    +4238.251
     Framed-Protocol = PPP
     User-Name = "username at realm"
     CHAP-Password = 0x02fb4271c598e5b5f54f53d246c7afe7b3
     Calling-Station-Id = " eth 0/3/1:101 at FTTC"
     Connect-Info = "14144000/1057000"
     NAS-Port-Type = ISDN
     NAS-Port = 20035
     NAS-Port-Id = "Uniq-Sess-ID35"
     Service-Type = Framed-User
     NAS-IP-Address = 3.3.3.3

Access-Accept Id 20    4.4.4.4:1812 -> 3.3.3.3:1645    +4238.281
     Tunnel-Server-Endpoint:0 = "5.5.5.5"
     Tunnel-Type:0 = L2TP
     Tunnel-Client-Auth-Id:0 = "XXXXXX-TT"
     Attr-69 = 0x00c5f560efa721d0f0cd39b73e64ca1145004a
     Tunnel-Preference:0 = 1
     Cisco-AVPair = "ip:ip-unnumbered=Loopback 1"

-----------------------------------
*NEEDS TO SAY:*
     Tunnel-Server-Endpoint:0 = "6.6.6.6"
     Tunnel-Type:0 = L2TP
     Tunnel-Client-Auth-Id:0 = "XXXXXXX-TT"
     Attr-69 = 0x00c5f560efa721d0f0cd39b73e64ca1145004a
     Tunnel-Preference:0 = 1
==============================================================================


More information about the Freeradius-Users mailing list