Cisco Cisco Packet Data Gateway (PDG)
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
Service Configurations
PDSN Service Configuration for L2TP Support ▀
IPSec Reference, StarOS Release 18 ▄
91
RADIUS/Subscriber attributes.
RADIUS and Subscriber Attributes for L2TP Application IPSec Support
The table below lists the RADIUS and Subscriber attributes required to support IPSec for use with attribute-based L2TP
tunneling.
tunneling.
These attributes are contained in the following dictionaries:
Starent
Starent-835
Table 11. Subscriber Attributes for IPSec encrypted L2TP Support
RADIUS Attribute
Local Subscriber
Attribute
Attribute
Description
Variable
SN1-Tunnel-ISAKMP- Crypto-Map tunnel l2tp crypto-map
The name of a crypto
map configured on the
system.
map configured on the
system.
A salt-encrypted ASCII string
specifying the crypto-map to use
for this subscriber. It can be
tagged, in which case it is
treated as part of a tunnel group.
specifying the crypto-map to use
for this subscriber. It can be
tagged, in which case it is
treated as part of a tunnel group.
SN1 -Tunnel-ISAKMP- Secret
tunnel l2tp crypto-map
isakmp-secret
isakmp-secret
The pre-shared secret
that will be used as part
of the D-H exchange to
negotiate an IKE SA.
that will be used as part
of the D-H exchange to
negotiate an IKE SA.
A salt-encrypted string
specifying the IKE secret. It can
be tagged, in which case it is
treated as part of a tunnel group.
specifying the IKE secret. It can
be tagged, in which case it is
treated as part of a tunnel group.
Modifying PDSN Service to Support Compulsory L2TP Tunneling
Use the following example to modify an existing PDSN service to support compulsory L2TP tunneling on your system:
configure
context ctxt_name
pdsn-service pdsn_svc_name
ppp tunnel-context lac_ctxt_name
ppp tunnel-type l2tp
end
Notes:
ctxt_name is the destination context where the PDSN service is configured.
pdsn_svc_name is name of the PDSN service for which you are configuring attribute-based L2TP tunneling.
lac_ctxt_name is the name of the destination context where the LAC service is located.