Cisco Cisco IOS Software Release 12.2(4)B
VPDN Group Session Limiting
Configuration Tasks
4
Cisco IOS Release: Multiple releases (see the Feature History Table)
Verifying VPDN Group Session Limiting
Follow the steps below to verify the successful configuration of VPDN group session limiting:
Step 1
Enter the session-limit 1 command in VPDN configuration mode.
Step 2
Establish a VPDN session by dialing in to the network access server (NAS) using an allowed username
and password.
and password.
Step 3
Attempt to establish another VPDN session by dialing in to the NAS using another allowed username
and password.
and password.
Step 4
A Syslog message similar to the following should appear on the console of the router:
00:11:17: %VPDN-6-MAZ_sESS_EXCD:L2F HGW great_went has exceeded configured local
session-limit and rejected user user@anywhere.com
Step 5
Enter the show vpdn history failure command on the router. If you see output similar to the following,
the group session limit was successful:
the group session limit was successful:
User: user@anywhere.com
Command
Purpose
Step 1
Router(config)# vpdn-group name
Select the VPDN group to configure.
name—Name of the VPDN group.
Step 2
Router(config-vpdn)# accept-dialin
or
Router(config-vpdn)# request-dialout
Enables the router to accept dial-in requests.
Enables the router to send L2TP dial-out requests.
Step 3
Router(config-vpdn-acc-in)# protocol [l2f | l2tp]
Specifies which tunneling protocol is to be used.
Step 4
Router(config-vpdn-acc-in)# virtual-template
template-number
Specifies the number of the virtual template that will
be used to clone the virtual access interface.
be used to clone the virtual access interface.
•
template-number—Number of the virtual
template that will be used to clone virtual-access
interfaces. Valid range is 1 to 200.
template that will be used to clone virtual-access
interfaces. Valid range is 1 to 200.
Step 5
Router(config-vpdn-acc-in)# exit
Exits VPDN accept-dialin interface mode.
Step 6
Router(config-vpdn)# terminate-from hostname
host-name
Accepts tunnels that have this host name configured
as a local name.
as a local name.
•
host-name—The host name that this VPDN
group will accept connections from.
group will accept connections from.
Step 7
Router(config-vpdn)# session-limit session-number
Limits the number of sessions allowed on the
specified VPDN group.
specified VPDN group.
•
session-number—The maximum number of
sessions allowed on the specified VPDN group
in the range of 0 to 32767. If session-limit is
configured to 0, no sessions are allowed on the
VPDN group.
sessions allowed on the specified VPDN group
in the range of 0 to 32767. If session-limit is
configured to 0, no sessions are allowed on the
VPDN group.