Routing

Expand all | Collapse all

LNS VSA Steering

Jump to Best Answer
  • 1.  LNS VSA Steering

     
    Posted 05-02-2018 05:44

    Hi,

     

    Urgent quesiton that I missed....

     

    From our downstream LAC ISP we have been given the following information for CPE steering (So our radius tells the CPE which LAC (LNS) to use..... Can someone urgently please let me know where this is placed and what the VSA's are?

    ERX-Tunnel-Virtual-Router

                   Vendor ID: 4874

                   Attribute ID: 8

                    Type: String

                    Tagged: True

    ERX-Tunnel-Switch-Profile

                    Vendor ID: 4874

                    Attribute ID: 91

                    Type: String

                    Tagged: False

     



  • 2.  RE: LNS VSA Steering

     
    Posted 05-02-2018 06:15

    Apologies, I have aske this quesiton before and Karand very kindly answered.... but with regards to the answer which was as follows:

     

    "

    On L2TP LAC, CPE/Subscriber is tunnel based on domain-map lookup(which is associated with username) or via radius return attributes. Domain-map is more simpler in that you know which username@test.com(domain) the LAC tunnels the subscriber towards but your perfer radius, these VSA should do:

     

    Tunnel-Client-Endpoint 

    Tunnel-Medium-Type   (IP)

    Tunnel-Server-Auth-ID.  (host name)

    Tunnel-Server-Endpoint 

    Tunnel-Type (L2TP)

    Tunnel-password (pw)"

     

    And the information we have been supplied - what is the best way forwards with regards to what VSA's to use? I am confused....... a little.... as it's great we have the actual VSA's but no idea what they mean.... For example... what is "tunnel-client-endpoint" etc etc



  • 3.  RE: LNS VSA Steering

     
    Posted 05-02-2018 06:24

    Let me try and word it differently....

     

    From the Juniper Site

     

     https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/subscriber-management-tunnel-profile-configuring.html

     

    It is telling me to set up a tunnel-profile...... I already have a fully working LNS that has been tested on site extensively and works fine. The CPE can see internet addressing etc.... but it seems the tunnel-profile would overwrite all of that..... that is no good, I cannot restart the config from scratch...... I believe the RADIUS should be able to take care of this but really don't know how...... 



  • 4.  RE: LNS VSA Steering
    Best Answer

     
    Posted 05-02-2018 07:05

    I really should investigate further first....

     

    It seems I have found most of the information. I do apologise for wasting your time again..... Karand's answers were correct, it just took a while to figure it out exactly..... but that's a good learning curve.....

     

    I have settled for the following:

     

    Tunnel-Password ---- Check

    Tunnel-medium-type - IP ---- Check

    Tunnel-Server-Auth-ID (If it's hostname, I have enterd the LNS hostname) ---- Check

    Tunnel-Type - L2TP ---- Check

    Framed-address - xxx.xxx.xxx.xxx ---- Reply

    Framed-Netmask - xxx.xxx.xxx.xxx ---- Reply

     

    If you can see anything wrong with that please let me know, otherwise I will close as accepted?

     

    Thank you