Cisco Cisco IOS Software Release 12.3(4)T

Both the LAC and the L2TP Network Server (LNS) must be running a Cisco IOS image that supports 
the PPPoE Session Limit Per NAS Port feature.

Do not configure the PPPoE per-NAS-port session limit to zero.

PPPoE Session Limit per NAS Port does not support TACACS+.

PPPoE Session Limit per NAS Port applies only to PVCs and VLANs.

To configure per-NAS-port session limits for PPPoE, you should understand the following concepts:

The PPPoE Session Limit per NAS Port feature limits the number of PPPoE sessions on a specific PVC 
or VLAN configured on an LAC. The NAS port is either an ATM PVC or a configured VLAN ID.

The PPPoE per-NAS-port session limit is maintained in a RADIUS server customer profile database. 
This customer profile database is connected to a LAC and is separate from the RADIUS server that the 
LAC and LNS use for the authentication and authorization of incoming users. See 

 for a sample 

network topology. When the customer profile database receives a preauthorization request from the 
LAC, it sends the PPPoE per-NAS-port session limit to the LAC.

The LAC sends a preauthorization request to the customer profile database when the LAC is configured 
for SSS preauthorization. When the LAC receives the PPPoE per-NAS-port session limit from the 
customer profile database, the LAC compares the PPPoE per-NAS-port session limit with the number of 
sessions currently on the NAS port. The LAC then decides whether to accept or reject the current call, 
depending upon the configured PPPoE per NAS port-session-limit and the number of calls currently on 
the NAS port.