A: I have a set of "master" tunnel attributes that I always have to send to this Telco. i.e. Service-type, Tunnel-Type, Tunnel-Preference, Tunnel-password, Tunnel-Server-Endpoint..etc The way this Telco obtains these attributes is by sending the Username/Password combination my way. (i.e. I need to authenticate userxyz@telco.com). Once I see that user come through from their boxes (3 Static IPs) I have to send back to them the tunnel attributes above. Once the tunnel attributes were sent, they establish an L2TP tunnel to my LNS and my LNS now asks my Radius server again to authenticate the user. So I see the same userxyz@telco.com requesting to be authenticated. Since I currently cannot distinguish between NASes I am sending the same Tunnel Attributes to my LNS which causes my LNS to try to initiate a tunnel back to itself (because the Tunnel-Server-Endpoint attribute is the actual LNS). ++++++++++++++++++++++++++++++++++++++
This is very strange. That information should be on telco radius server, not yours. It should not have to proxy requests to you. They ought to know the tunnel endpoint - *they* gave you the IP to set on your router when they leased you the line. Simplest thing to do is to create a huntgroup caled LAC and place those static IPs there. Then put something like this i your users file: DEFAULT Huntgroup-Name == "LAC", Auth-Type := Accept Reply-Message = "You are one strange telco", and list other reply attributes that you need to send them. Ivan Kalik Kalik Informatika ISP