R: Cisco VRF + Radius

Mon Jul 9 12:45:56 CEST 2007

> Putting a User into a certain VRF is quite simple:
> 
> vrfuser User-Password == "topsecret"
>         Cisco-AVPair += "lcp:interface-config#1=ip vrf forwarding \
>                                                            VRFNAME",

Thank you Gerald, this is what I need to do.

I tried using this method, but I end up with access-accept reply (from radiusd -X) like this:

Sending Access-Accept of id 20 to x.y.159.252 port 1645
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Framed-IP-Netmask = 255.255.255.255
        Ascend-Client-Primary-DNS = x.y.z.1
        Ascend-Client-Secondary-DNS = x.y.z.2
        Session-Timeout = 20000
        Cisco-AVPair = "lcp:interface-config#1=ip vrf forwarding Satcom"
        Framed-IP-Address = x.y.129.239

This seems correct to me, but the NAS ignores the Framed-IP-Address so the cpe never gets an Ip address.
The IP address is taken from an ippool, the other attributes are stored in sql, everything works fine without that cisco-avpair attribute.

Any hint?

Thanks in advance, 
	Francesco.