Hello,
First of all, you'll have to check your Radius server configuration.
It seems your subscriber is trying to connect from LAC to LNS 5.5.5.5:
Sep 10 09:57:36.926657 radius-access-request: Service-Type added: 2
Sep 10 09:57:36.926700 radius-access-request: Framed-Protocol added: 1
Sep 10 09:57:36.926740 radius-access-request: Tunnel-Type added: Tag () 3
Sep 10 09:57:36.926777 radius-access-request: Tunnel-Medium-Type added: Tag () 1
Sep 10 09:57:36.926814 radius-access-request: Tunnel-Client-Endpoint added: 123.0.0.1
Sep 10 09:57:36.926849 radius-access-request: Tunnel-Server-Endpoint added: 5.5.5.5
Sep 10 09:57:36.926883 radius-access-request: Tunnel-Assignment-ID added: 33886
Sep 10 09:57:36.926919 radius-access-request: Tunnel-Client-Auth-ID added: lts.01
Sep 10 09:57:36.926953 radius-access-request: Tunnel-Server-Auth-ID added: Cust24
Sep 10 09:57:36.926987 radius-access-request: Chargeable-User-Identity added:
Sep 10 09:57:36.927024 radius-access-request: Acct-Tunnel-Connection added: 0018019557
Sep 10 09:57:36.927057 radius-access-request: Acct-Session-Id added: 4240
Sep 10 09:57:36.927092 radius-access-request: Calling-Station-Id added: BBEU07295297
Sep 10 09:57:36.927132 radius-access-request: DHCP-MAC-Address (Juniper-ERX-VSA) added: 0000.0000.0000
Sep 10 09:57:36.927172 radius-access-request: NAS-Identifier added: Cust24
Sep 10 09:57:36.927204 radius-access-request: NAS-Port added: 10 00 0f ff
Sep 10 09:57:36.927246 radius-access-request: NAS-Port-Id added: Ip:5.5.5.5:123.0.0.1:33886:8829:62417:1317:18019557
Sep 10 09:57:36.927275 radius-access-request: NAS-Port-Type added: 5
Sep 10 09:57:36.927311 radius-access-request: L2tp-Tx-connect-speed (Juniper-ERX-VSA) added: 1881000
Sep 10 09:57:36.927348 radius-access-request: L2tp-Rx-connect-speed (Juniper-ERX-VSA) added: 723000
Sep 10 09:57:36.947503 radius-access-request: Client-Profile-Name (Juniper-ERX-VSA) added: DYN-PROF-1:
Sep 10 09:57:36.947622 radius-access-request: PPPoE-Description (Juniper-ERX-VSA) added: pppoe 00:00:00:00:00:00
Then this subscriber is authenticated successfully, but Radius profile received on MX includes a set of tunnel attributes again, which instructs MX to tunnel this subscriber to LNS 5.5.5.5 (e.g. LTS scenario):
Sep 10 09:57:36.972143 Parsing RADIUS message for session-id:4240
Sep 10 09:57:36.976694 radius-access-accept: Tunnel-Password received: ""
Sep 10 09:57:36.976775 radius-access-accept: Tunnel-Server-Endpoint received: 5.5.5.5
Sep 10 09:57:36.976813 radius-access-accept: Framed-IP-Address received: 192.168.5.5
Sep 10 09:57:36.976843 radius-access-accept: Tunnel-Client-Auth-ID received: lts.01
Sep 10 09:57:36.976873 radius-access-accept: Tunnel-Type received: Tag () 3
Sep 10 09:57:36.976903 radius-access-accept: Framed-IP-Netmask received: 255.255.255.255
Sep 10 09:57:36.976934 radius-access-accept: Framed-Protocol received: 1
Sep 10 09:57:36.976962 radius-access-accept: Tunnel-Medium-Type received: Tag () 1
Sep 10 09:57:36.976991 radius-access-accept: Service-Type received: 2
If you want to terminate this subscriber locally, please remove all Tunnel-* attributes for this subscriber when it authenticates on this MX.
Please try and let us know the outcome.
Best regards,
Sergii
-------------------------------------------------------------------
Please accept the solution if your problem is resolved
-------------------------------------------------------------------